From no-reply at appveyor.com Thu Feb 1 03:06:19 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 01 Feb 2018 03:06:19 +0000
Subject: [openssl-commits] Build failed: openssl master.15309
Message-ID: <20180201030619.1.2FC1019E484A7181@appveyor.com>
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Thu Feb 1 06:12:47 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 01 Feb 2018 06:12:47 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517465567.548516.18086.nullmailer@dev.openssl.org>
The branch master has been updated
via 4e525a0b4db2b11bee15a485b6ed6622ca8948f1 (commit)
via 71bb86f0dc72c49d9efc098a71a6654004a2035a (commit)
via 39556e63ef6c079d144b07d7f492152abf9efe77 (commit)
from 3cb413da197c26c4520cbf08e5d4542637a90a4e (commit)
- Log -----------------------------------------------------------------
commit 4e525a0b4db2b11bee15a485b6ed6622ca8948f1
Author: Richard Levitte
Date: Wed Jan 31 22:08:12 2018 +0100
ocsp.c doesn't free the whole output chain, maybe causing a memory leak
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5224)
commit 71bb86f0dc72c49d9efc098a71a6654004a2035a
Author: Richard Levitte
Date: Sun Jan 28 09:49:46 2018 +0100
Make sure that apps/openssl prefixes its output with '# ' during tests
The reason to do this is that some output might start with an 'ok',
which TAP catches and takes for TAP output. The TAP compatible way is
to make all output it shouldn't catch look like comments.
We do this by setting the environment variable HARNESS_OSSL_PREFIX
during tests. When that is set, apps/openssl uses BIO_f_linebuffer
and sets its prefix to the content of that environment variable.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5224)
commit 39556e63ef6c079d144b07d7f492152abf9efe77
Author: Richard Levitte
Date: Tue Jan 30 22:03:27 2018 +0100
Add an apps internal BIO filter for prefixing output lines
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5224)
-----------------------------------------------------------------------
Summary of changes:
apps/apps.c | 20 +++++-
apps/apps.h | 16 ++++-
apps/bf_prefix.c | 176 ++++++++++++++++++++++++++++++++++++++++++++++
apps/build.info | 2 +-
apps/ocsp.c | 2 +-
apps/openssl.c | 1 +
util/perl/OpenSSL/Test.pm | 4 +-
7 files changed, 216 insertions(+), 5 deletions(-)
create mode 100644 apps/bf_prefix.c
diff --git a/apps/apps.c b/apps/apps.c
index 834cedd..0438bdb 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -2428,14 +2428,26 @@ BIO *dup_bio_in(int format)
BIO_NOCLOSE | (istext(format) ? BIO_FP_TEXT : 0));
}
+static BIO_METHOD *prefix_method = NULL;
+
BIO *dup_bio_out(int format)
{
BIO *b = BIO_new_fp(stdout,
BIO_NOCLOSE | (istext(format) ? BIO_FP_TEXT : 0));
+ void *prefix = NULL;
+
#ifdef OPENSSL_SYS_VMS
if (istext(format))
b = BIO_push(BIO_new(BIO_f_linebuffer()), b);
#endif
+
+ if (istext(format) && (prefix = getenv("HARNESS_OSSL_PREFIX")) != NULL) {
+ if (prefix_method == NULL)
+ prefix_method = apps_bf_prefix();
+ b = BIO_push(BIO_new(prefix_method), b);
+ BIO_ctrl(b, PREFIX_CTRL_SET_PREFIX, 0, prefix);
+ }
+
return b;
}
@@ -2450,6 +2462,12 @@ BIO *dup_bio_err(int format)
return b;
}
+void destroy_prefix_method()
+{
+ BIO_meth_free(prefix_method);
+ prefix_method = NULL;
+}
+
void unbuffer(FILE *fp)
{
/*
diff --git a/apps/apps.h b/apps/apps.h
index a740ad4..daaef36 100644
--- a/apps/apps.h
+++ b/apps/apps.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -48,6 +48,20 @@ extern const unsigned char tls13_aes128gcmsha256_id[];
extern const unsigned char tls13_aes256gcmsha384_id[];
extern BIO_ADDR *ourpeer;
+BIO_METHOD *apps_bf_prefix(void);
+/*
+ * The control used to set the prefix with BIO_ctrl()
+ * We make it high enough so the chance of ever clashing with the BIO library
+ * remains unlikely for the foreseeable future and beyond.
+ */
+#define PREFIX_CTRL_SET_PREFIX (1 << 15)
+/*
+ * apps_bf_prefix() returns a dynamically created BIO_METHOD, which we
+ * need to destroy at some point. When created internally, it's stored
+ * in an internal pointer which can be freed with the following function
+ */
+void destroy_prefix_method(void);
+
BIO *dup_bio_in(int format);
BIO *dup_bio_out(int format);
BIO *dup_bio_err(int format);
diff --git a/apps/bf_prefix.c b/apps/bf_prefix.c
new file mode 100644
index 0000000..4d5e3a3
--- /dev/null
+++ b/apps/bf_prefix.c
@@ -0,0 +1,176 @@
+/*
+ * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License"). You may not use
+ * this file except in compliance with the License. You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+
+#include
+#include
+#include
+#include
+#include "apps.h"
+
+static int prefix_write(BIO *b, const char *out, size_t outl,
+ size_t *numwritten);
+static int prefix_read(BIO *b, char *buf, size_t size, size_t *numread);
+static int prefix_puts(BIO *b, const char *str);
+static int prefix_gets(BIO *b, char *str, int size);
+static long prefix_ctrl(BIO *b, int cmd, long arg1, void *arg2);
+static int prefix_create(BIO *b);
+static int prefix_destroy(BIO *b);
+static long prefix_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp);
+
+static BIO_METHOD *prefix_meth = NULL;
+
+BIO_METHOD *apps_bf_prefix(void)
+{
+ if (prefix_meth == NULL) {
+ if ((prefix_meth =
+ BIO_meth_new(BIO_TYPE_FILTER, "Prefix filter")) == NULL
+ || !BIO_meth_set_create(prefix_meth, prefix_create)
+ || !BIO_meth_set_destroy(prefix_meth, prefix_destroy)
+ || !BIO_meth_set_write_ex(prefix_meth, prefix_write)
+ || !BIO_meth_set_read_ex(prefix_meth, prefix_read)
+ || !BIO_meth_set_puts(prefix_meth, prefix_puts)
+ || !BIO_meth_set_gets(prefix_meth, prefix_gets)
+ || !BIO_meth_set_ctrl(prefix_meth, prefix_ctrl)
+ || !BIO_meth_set_callback_ctrl(prefix_meth, prefix_callback_ctrl)) {
+ BIO_meth_free(prefix_meth);
+ prefix_meth = NULL;
+ }
+ }
+ return prefix_meth;
+}
+
+typedef struct prefix_ctx_st {
+ char *prefix;
+ int linestart; /* flag to indicate we're at the line start */
+} PREFIX_CTX;
+
+static int prefix_create(BIO *b)
+{
+ PREFIX_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
+
+ if (ctx == NULL)
+ return 0;
+
+ ctx->prefix = NULL;
+ ctx->linestart = 1;
+ BIO_set_data(b, ctx);
+ BIO_set_init(b, 1);
+ return 1;
+}
+
+static int prefix_destroy(BIO *b)
+{
+ PREFIX_CTX *ctx = BIO_get_data(b);
+
+ OPENSSL_free(ctx->prefix);
+ OPENSSL_free(ctx);
+ return 1;
+}
+
+static int prefix_read(BIO *b, char *in, size_t size, size_t *numread)
+{
+ return BIO_read_ex(BIO_next(b), in, size, numread);
+}
+
+static int prefix_write(BIO *b, const char *out, size_t outl,
+ size_t *numwritten)
+{
+ PREFIX_CTX *ctx = BIO_get_data(b);
+
+ if (ctx == NULL)
+ return 0;
+
+ /* If no prefix is set or if it's empty, we've got nothing to do here */
+ if (ctx->prefix == NULL || *ctx->prefix == '\0') {
+ /* We do note if what comes next will be a new line, though */
+ if (outl > 0)
+ ctx->linestart = (out[outl-1] == '\n');
+ return BIO_write_ex(BIO_next(b), out, outl, numwritten);
+ }
+
+ *numwritten = 0;
+
+ while (*out != '\0') {
+ size_t i;
+ char c;
+
+ /* If we know that we're at the start of the line, output the prefix */
+ if (ctx->linestart) {
+ size_t dontcare;
+
+ if (!BIO_write_ex(BIO_next(b), ctx->prefix, strlen(ctx->prefix),
+ &dontcare))
+ return 0;
+ ctx->linestart = 0;
+ }
+
+ /* Now, go look for the next LF, or the end of the string */
+ for (i = 0; (c = out[i]) != '\n' && c != '\0'; i++)
+ continue;
+ if (c == '\n')
+ i++;
+
+ /* Output what we found so far */
+ while (i > 0) {
+ size_t num = 0;
+
+ if (!BIO_write_ex(BIO_next(b), out, i, &num))
+ return 0;
+ out += num;
+ *numwritten += num;
+ i -= num;
+ }
+
+ /* If we found a LF, what follows is a new line, so take note */
+ if (c == '\n')
+ ctx->linestart = 1;
+ }
+
+ return 1;
+}
+
+static long prefix_ctrl(BIO *b, int cmd, long num, void *ptr)
+{
+ long ret = 0;
+
+ switch (cmd) {
+ case PREFIX_CTRL_SET_PREFIX:
+ {
+ PREFIX_CTX *ctx = BIO_get_data(b);
+
+ if (ctx == NULL)
+ break;
+
+ OPENSSL_free(ctx->prefix);
+ ctx->prefix = OPENSSL_strdup((const char *)ptr);
+ ret = ctx->prefix != NULL;
+ }
+ break;
+ default:
+ if (BIO_next(b) != NULL)
+ ret = BIO_ctrl(BIO_next(b), cmd, num, ptr);
+ break;
+ }
+ return ret;
+}
+
+static long prefix_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp)
+{
+ return BIO_callback_ctrl(BIO_next(b), cmd, fp);
+}
+
+static int prefix_gets(BIO *b, char *buf, int size)
+{
+ return BIO_gets(BIO_next(b), buf, size);
+}
+
+static int prefix_puts(BIO *b, const char *str)
+{
+ return BIO_write(b, str, strlen(str));
+}
diff --git a/apps/build.info b/apps/build.info
index 4a36ab5..e724373 100644
--- a/apps/build.info
+++ b/apps/build.info
@@ -8,7 +8,7 @@
s_client.c s_server.c s_time.c sess_id.c smime.c speed.c spkac.c
srp.c ts.c verify.c version.c x509.c rehash.c storeutl.c);
our @apps_lib_src =
- ( qw(apps.c opt.c s_cb.c s_socket.c app_rand.c),
+ ( qw(apps.c opt.c s_cb.c s_socket.c app_rand.c bf_prefix.c),
split(/\s+/, $target{apps_aux_src}) );
our @apps_init_src = split(/\s+/, $target{apps_init_src});
"" -}
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 122aee6..bd16a5b 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -730,7 +730,7 @@ redo_accept:
free_index(rdb);
BIO_free_all(cbio);
BIO_free_all(acbio);
- BIO_free(out);
+ BIO_free_all(out);
OCSP_REQUEST_free(req);
OCSP_RESPONSE_free(resp);
OCSP_BASICRESP_free(bs);
diff --git a/apps/openssl.c b/apps/openssl.c
index fe1eabd..fffa05e 100644
--- a/apps/openssl.c
+++ b/apps/openssl.c
@@ -93,6 +93,7 @@ static int apps_startup()
static void apps_shutdown()
{
destroy_ui_method();
+ destroy_prefix_method();
}
static char *make_config_name()
diff --git a/util/perl/OpenSSL/Test.pm b/util/perl/OpenSSL/Test.pm
index 4afbf85..e363a48 100644
--- a/util/perl/OpenSSL/Test.pm
+++ b/util/perl/OpenSSL/Test.pm
@@ -1,4 +1,4 @@
-# Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -476,7 +476,9 @@ sub run {
}
close $pipe;
} else {
+ $ENV{HARNESS_OSSL_PREFIX} = "# ";
system("$prefix$cmd");
+ delete $ENV{HARNESS_OSSL_PREFIX};
}
$e = ($? & 0x7f) ? ($? & 0x7f)|0x80 : ($? >> 8);
$r = $hooks{exit_checker}->($e);
From builds at travis-ci.org Thu Feb 1 06:46:17 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 06:46:17 +0000
Subject: [openssl-commits] Broken: openssl/openssl#16019 (master - 4e525a0)
In-Reply-To:
Message-ID: <5a72b7b96a71c_43fc6302ba56c772945@9cde2705-86f2-43ab-a9e0-15a89b8526cf.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16019
Status: Broken
Duration: 32 minutes and 42 seconds
Commit: 4e525a0 (master)
Author: Richard Levitte
Message: ocsp.c doesn't free the whole output chain, maybe causing a memory leak
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5224)
View the changeset: https://github.com/openssl/openssl/compare/3cb413da197c...4e525a0b4db2
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/335965776?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From osslsanity at gmail.com Thu Feb 1 09:19:45 2018
From: osslsanity at gmail.com (osslsanity at gmail.com)
Date: Thu, 1 Feb 2018 09:19:45 +0000 (UTC)
Subject: [openssl-commits] Jenkins build is back to normal : master_mips #365
In-Reply-To: <124278280.317.1517390295998.JavaMail.jenkins@ip-172-31-34-99>
References: <124278280.317.1517390295998.JavaMail.jenkins@ip-172-31-34-99>
Message-ID: <581252309.319.1517476785348.JavaMail.jenkins@ip-172-31-34-99>
See
From osslsanity at gmail.com Thu Feb 1 09:23:45 2018
From: osslsanity at gmail.com (osslsanity at gmail.com)
Date: Thu, 1 Feb 2018 09:23:45 +0000 (UTC)
Subject: [openssl-commits] Jenkins build is back to normal :
master_mips_noasm #365
In-Reply-To: <212967360.318.1517390488998.JavaMail.jenkins@ip-172-31-34-99>
References: <212967360.318.1517390488998.JavaMail.jenkins@ip-172-31-34-99>
Message-ID: <1379815588.320.1517477025737.JavaMail.jenkins@ip-172-31-34-99>
See
From matt at openssl.org Thu Feb 1 10:43:58 2018
From: matt at openssl.org (Matt Caswell)
Date: Thu, 01 Feb 2018 10:43:58 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517481838.084825.18118.nullmailer@dev.openssl.org>
The branch master has been updated
via 848a950b715fa73070a9d1638e7630acfb0dfa4d (commit)
from 4e525a0b4db2b11bee15a485b6ed6622ca8948f1 (commit)
- Log -----------------------------------------------------------------
commit 848a950b715fa73070a9d1638e7630acfb0dfa4d
Author: Matt Caswell
Date: Wed Jan 31 09:53:51 2018 +0000
Fix some instances of the wrong alert type being sent
In a few places we sent an internal_error alert instead of a decode_error.
Fixes #5213
Fixes #5214
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5219)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/extensions_clnt.c | 9 +++++++--
ssl/statem/statem_clnt.c | 4 ++--
2 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index dbb8812..5441e98 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1273,7 +1273,7 @@ int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx)
{
- unsigned int ecpointformats_len;
+ size_t ecpointformats_len;
PACKET ecptformatlist;
if (!PACKET_as_length_prefixed_1(pkt, &ecptformatlist)) {
@@ -1283,8 +1283,13 @@ int tls_parse_stoc_ec_pt_formats(SSL *s, PACKET *pkt, unsigned int context,
}
if (!s->hit) {
ecpointformats_len = PACKET_remaining(&ecptformatlist);
- s->session->ext.ecpointformats_len = 0;
+ if (ecpointformats_len == 0) {
+ SSLfatal(s, SSL_AD_DECODE_ERROR,
+ SSL_F_TLS_PARSE_STOC_EC_PT_FORMATS, SSL_R_BAD_LENGTH);
+ return 0;
+ }
+ s->session->ext.ecpointformats_len = 0;
OPENSSL_free(s->session->ext.ecpointformats);
s->session->ext.ecpointformats = OPENSSL_malloc(ecpointformats_len);
if (s->session->ext.ecpointformats == NULL) {
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index 8a33386..e79bd7b 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -2452,7 +2452,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
PACKET sigalgs;
if (!PACKET_get_length_prefixed_2(pkt, &sigalgs)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSLfatal(s, SSL_AD_DECODE_ERROR,
SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST,
SSL_R_LENGTH_MISMATCH);
return MSG_PROCESS_ERROR;
@@ -2484,7 +2484,7 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
}
if (PACKET_remaining(pkt) != 0) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSLfatal(s, SSL_AD_DECODE_ERROR,
SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST,
SSL_R_LENGTH_MISMATCH);
return MSG_PROCESS_ERROR;
From builds at travis-ci.org Thu Feb 1 11:19:25 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 11:19:25 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16021 (master -
848a950)
In-Reply-To:
Message-ID: <5a72f7bd92296_43f99fdf20f7c88176d@6f1e7807-ba31-4302-beba-07cf17cd0e30.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16021
Status: Still Failing
Duration: 34 minutes and 36 seconds
Commit: 848a950 (master)
Author: Matt Caswell
Message: Fix some instances of the wrong alert type being sent
In a few places we sent an internal_error alert instead of a decode_error.
Fixes #5213
Fixes #5214
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5219)
View the changeset: https://github.com/openssl/openssl/compare/4e525a0b4db2...848a950b715f
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336041110?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Thu Feb 1 16:39:35 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 01 Feb 2018 16:39:35 +0000
Subject: [openssl-commits] Build failed: openssl master.15316
Message-ID: <20180201163935.1.D594E03B6E8DA49F@appveyor.com>
An HTML attachment was scrubbed...
URL:
From matt at openssl.org Thu Feb 1 17:19:33 2018
From: matt at openssl.org (Matt Caswell)
Date: Thu, 01 Feb 2018 17:19:33 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517505573.209120.19402.nullmailer@dev.openssl.org>
The branch master has been updated
via e43e6b1951de931ca500c6964496e76651332f5e (commit)
via 658e4879c50dff23c040c681656843a50002e403 (commit)
via 88834998dda00a713abe3a17d6caebba2f70318d (commit)
via 9d75dce3e1f94be6006500089491cb3284f70d06 (commit)
via 633a8829ffc01952aed1f5040d481a5eeef1670c (commit)
from 848a950b715fa73070a9d1638e7630acfb0dfa4d (commit)
- Log -----------------------------------------------------------------
commit e43e6b1951de931ca500c6964496e76651332f5e
Author: Todd Short
Date: Wed Jan 31 16:36:27 2018 -0500
Fix some minor code nits
Reviewed-by: Ben Kaduk
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4964)
commit 658e4879c50dff23c040c681656843a50002e403
Author: Todd Short
Date: Wed Jan 31 16:34:20 2018 -0500
Fix doc nits
Reviewed-by: Ben Kaduk
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4964)
commit 88834998dda00a713abe3a17d6caebba2f70318d
Author: Todd Short
Date: Wed Jan 31 16:20:52 2018 -0500
Free pha_dgst in SSL_clear()
Reviewed-by: Ben Kaduk
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4964)
commit 9d75dce3e1f94be6006500089491cb3284f70d06
Author: Todd Short
Date: Mon Dec 18 16:52:28 2017 -0500
Add TLSv1.3 post-handshake authentication (PHA)
Add SSL_verify_client_post_handshake() for servers to initiate PHA
Add SSL_force_post_handshake_auth() for clients that don't have certificates
initially configured, but use a certificate callback.
Update SSL_CTX_set_verify()/SSL_set_verify() mode:
* Add SSL_VERIFY_POST_HANDSHAKE to postpone client authentication until after
the initial handshake.
* Update SSL_VERIFY_CLIENT_ONCE now only sends out one CertRequest regardless
of when the certificate authentication takes place; either initial handshake,
re-negotiation, or post-handshake authentication.
Add 'RequestPostHandshake' and 'RequirePostHandshake' SSL_CONF options that
add the SSL_VERIFY_POST_HANDSHAKE to the 'Request' and 'Require' options
Add support to s_client:
* Enabled automatically when cert is configured
* Can be forced enabled via -force_pha
Add support to s_server:
* Use 'c' to invoke PHA in s_server
* Remove some dead code
Update documentation
Update unit tests:
* Illegal use of PHA extension
* TLSv1.3 certificate tests
DTLS and TLS behave ever-so-slightly differently. So, when DTLS1.3 is
implemented, it's PHA support state machine may need to be different.
Add a TODO and a #error
Update handshake context to deal with PHA.
The handshake context for TLSv1.3 post-handshake auth is up through the
ClientFinish message, plus the CertificateRequest message. Subsequent
Certificate, CertificateVerify, and Finish messages are based on this
handshake context (not the Certificate message per se, but it's included
after the hash). KeyUpdate, NewSessionTicket, and prior Certificate
Request messages are not included in post-handshake authentication.
After the ClientFinished message is processed, save off the digest state
for future post-handshake authentication. When post-handshake auth occurs,
copy over the saved handshake context into the "main" handshake digest.
This effectively discards the any KeyUpdate or NewSessionTicket messages
and any prior post-handshake authentication.
This, of course, assumes that the ID-22 did not mean to include any
previous post-handshake authentication into the new handshake transcript.
This is implied by section 4.4.1 that lists messages only up to the
first ClientFinished.
Reviewed-by: Ben Kaduk
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4964)
commit 633a8829ffc01952aed1f5040d481a5eeef1670c
Author: Todd Short
Date: Fri Jan 19 10:43:19 2018 -0500
Remove bad comments
Reviewed-by: Ben Kaduk
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4964)
-----------------------------------------------------------------------
Summary of changes:
apps/s_cb.c | 1 +
apps/s_client.c | 9 +
apps/s_server.c | 24 +-
crypto/err/openssl.txt | 17 +-
doc/man1/s_client.pod | 6 +
doc/man3/SSL_CONF_cmd.pod | 12 +
doc/man3/SSL_CTX_set_verify.pod | 67 +++-
include/openssl/ssl.h | 5 +-
include/openssl/sslerr.h | 12 +
include/openssl/tls1.h | 1 +
ssl/ssl_conf.c | 7 +-
ssl/ssl_err.c | 19 ++
ssl/ssl_lib.c | 57 ++++
ssl/ssl_locl.h | 22 ++
ssl/statem/extensions.c | 16 +
ssl/statem/extensions_clnt.c | 42 +++
ssl/statem/extensions_cust.c | 1 +
ssl/statem/extensions_srvr.c | 14 +
ssl/statem/statem_clnt.c | 78 ++++-
ssl/statem/statem_lib.c | 111 +++++--
ssl/statem/statem_locl.h | 10 +-
ssl/statem/statem_srvr.c | 121 ++++++-
ssl/t1_trce.c | 3 +-
test/build.info | 2 +-
test/handshake_helper.c | 60 +++-
test/recipes/70-test_tls13messages.t | 7 +-
test/recipes/80-test_ssl_new.t | 3 +-
test/ssl-tests/26-tls13_client_auth.conf | 476 ++++++++++++++++++++++++++++
test/ssl-tests/26-tls13_client_auth.conf.in | 293 +++++++++++++++++
test/ssl_test_ctx.c | 8 +
test/ssl_test_ctx.h | 7 +-
test/sslapitest.c | 60 ++++
util/libssl.num | 2 +
util/perl/TLSProxy/Message.pm | 1 +
util/perl/checkhandshake.pm | 3 +-
35 files changed, 1489 insertions(+), 88 deletions(-)
create mode 100644 test/ssl-tests/26-tls13_client_auth.conf
create mode 100644 test/ssl-tests/26-tls13_client_auth.conf.in
diff --git a/apps/s_cb.c b/apps/s_cb.c
index 575fb04..8d51d74 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -666,6 +666,7 @@ static STRINT_PAIR tlsext_types[] = {
{"psk", TLSEXT_TYPE_psk},
{"psk kex modes", TLSEXT_TYPE_psk_kex_modes},
{"certificate authorities", TLSEXT_TYPE_certificate_authorities},
+ {"post handshake auth", TLSEXT_TYPE_post_handshake_auth},
{NULL}
};
diff --git a/apps/s_client.c b/apps/s_client.c
index 774345e..ca2bd0d 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -602,6 +602,7 @@ typedef enum OPTION_choice {
OPT_CT, OPT_NOCT, OPT_CTLOG_FILE,
#endif
OPT_DANE_TLSA_RRDATA, OPT_DANE_EE_NO_NAME,
+ OPT_FORCE_PHA,
OPT_R_ENUM
} OPTION_CHOICE;
@@ -788,6 +789,7 @@ const OPTIONS s_client_options[] = {
#endif
{"keylogfile", OPT_KEYLOG_FILE, '>', "Write TLS secrets to file"},
{"early_data", OPT_EARLY_DATA, '<', "File to send as early data"},
+ {"force_pha", OPT_FORCE_PHA, '-', "Force-enable post-handshake-authentication"},
{NULL, OPT_EOF, 0x00, NULL}
};
@@ -958,6 +960,7 @@ int s_client_main(int argc, char **argv)
int isdtls = 0;
#endif
char *psksessf = NULL;
+ int force_pha = 0;
FD_ZERO(&readfds);
FD_ZERO(&writefds);
@@ -1469,6 +1472,9 @@ int s_client_main(int argc, char **argv)
case OPT_EARLY_DATA:
early_data_file = opt_arg();
break;
+ case OPT_FORCE_PHA:
+ force_pha = 1;
+ break;
}
}
if (count4or6 >= 2) {
@@ -1904,6 +1910,9 @@ int s_client_main(int argc, char **argv)
if (con == NULL)
goto end;
+ if (force_pha)
+ SSL_force_post_handshake_auth(con);
+
if (sess_in != NULL) {
SSL_SESSION *sess;
BIO *stmp = BIO_new_file(sess_in, "r");
diff --git a/apps/s_server.c b/apps/s_server.c
index f124b12..a0e72b3 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2480,9 +2480,6 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
printf("SSL_do_handshake -> %d\n", i);
i = 0; /* 13; */
continue;
- /*
- * strcpy(buf,"server side RE-NEGOTIATE\n");
- */
}
if ((buf[0] == 'R') && ((buf[1] == '\n') || (buf[1] == '\r'))) {
SSL_set_verify(con,
@@ -2493,10 +2490,6 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
printf("SSL_do_handshake -> %d\n", i);
i = 0; /* 13; */
continue;
- /*
- * strcpy(buf,"server side RE-NEGOTIATE asking for client
- * cert\n");
- */
}
if ((buf[0] == 'K' || buf[0] == 'k')
&& ((buf[1] == '\n') || (buf[1] == '\r'))) {
@@ -2507,10 +2500,19 @@ static int sv_body(int s, int stype, int prot, unsigned char *context)
printf("SSL_do_handshake -> %d\n", i);
i = 0;
continue;
- /*
- * strcpy(buf,"server side RE-NEGOTIATE asking for client
- * cert\n");
- */
+ }
+ if (buf[0] == 'c' && ((buf[1] == '\n') || (buf[1] == '\r'))) {
+ SSL_set_verify(con, SSL_VERIFY_PEER, NULL);
+ i = SSL_verify_client_post_handshake(con);
+ if (i == 0) {
+ printf("Failed to initiate request\n");
+ ERR_print_errors(bio_err);
+ } else {
+ i = SSL_do_handshake(con);
+ printf("SSL_do_handshake -> %d\n", i);
+ i = 0;
+ }
+ continue;
}
if (buf[0] == 'P') {
static const char *str = "Lets print some clear text\n";
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index ed706da..fb3be57 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1,4 +1,4 @@
-# Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved.
+# Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved.
#
# Licensed under the OpenSSL license (the "License"). You may not use
# this file except in compliance with the License. You can obtain a copy
@@ -1192,6 +1192,7 @@ SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1:205:SSL_use_RSAPrivateKey_ASN1
SSL_F_SSL_USE_RSAPRIVATEKEY_FILE:206:SSL_use_RSAPrivateKey_file
SSL_F_SSL_VALIDATE_CT:400:ssl_validate_ct
SSL_F_SSL_VERIFY_CERT_CHAIN:207:ssl_verify_cert_chain
+SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE:616:SSL_verify_client_post_handshake
SSL_F_SSL_WRITE:208:SSL_write
SSL_F_SSL_WRITE_EARLY_DATA:526:SSL_write_early_data
SSL_F_SSL_WRITE_EARLY_FINISH:527:*
@@ -1205,6 +1206,10 @@ SSL_F_TLS13_ENC:609:tls13_enc
SSL_F_TLS13_FINAL_FINISH_MAC:605:tls13_final_finish_mac
SSL_F_TLS13_GENERATE_SECRET:591:tls13_generate_secret
SSL_F_TLS13_HKDF_EXPAND:561:tls13_hkdf_expand
+SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA:617:\
+ tls13_restore_handshake_digest_for_pha
+SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA:618:\
+ tls13_save_handshake_digest_for_pha
SSL_F_TLS13_SETUP_KEY_BLOCK:441:tls13_setup_key_block
SSL_F_TLS1_CHANGE_CIPHER_STATE:209:tls1_change_cipher_state
SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS:341:*
@@ -1247,6 +1252,8 @@ SSL_F_TLS_CONSTRUCT_CTOS_KEY_SHARE:470:tls_construct_ctos_key_share
SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN:549:tls_construct_ctos_maxfragmentlen
SSL_F_TLS_CONSTRUCT_CTOS_NPN:471:tls_construct_ctos_npn
SSL_F_TLS_CONSTRUCT_CTOS_PADDING:472:tls_construct_ctos_padding
+SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH:619:\
+ tls_construct_ctos_post_handshake_auth
SSL_F_TLS_CONSTRUCT_CTOS_PSK:501:tls_construct_ctos_psk
SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES:509:tls_construct_ctos_psk_kex_modes
SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE:473:tls_construct_ctos_renegotiate
@@ -1315,6 +1322,7 @@ SSL_F_TLS_PARSE_CTOS_EC_PT_FORMATS:569:tls_parse_ctos_ec_pt_formats
SSL_F_TLS_PARSE_CTOS_EMS:570:tls_parse_ctos_ems
SSL_F_TLS_PARSE_CTOS_KEY_SHARE:463:tls_parse_ctos_key_share
SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN:571:tls_parse_ctos_maxfragmentlen
+SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH:620:tls_parse_ctos_post_handshake_auth
SSL_F_TLS_PARSE_CTOS_PSK:505:tls_parse_ctos_psk
SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES:572:tls_parse_ctos_psk_kex_modes
SSL_F_TLS_PARSE_CTOS_RENEGOTIATE:464:tls_parse_ctos_renegotiate
@@ -2446,6 +2454,7 @@ SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST:151:error in received cipher list
SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN:204:error setting tlsa base domain
SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE:194:exceeds max fragment size
SSL_R_EXCESSIVE_MESSAGE_SIZE:152:excessive message size
+SSL_R_EXTENSION_NOT_RECEIVED:279:extension not received
SSL_R_EXTRA_DATA_IN_MESSAGE:153:extra data in message
SSL_R_EXT_LENGTH_MISMATCH:163:ext length mismatch
SSL_R_FAILED_TO_INIT_ASYNC:405:failed to init async
@@ -2466,7 +2475,9 @@ SSL_R_INVALID_CCS_MESSAGE:260:invalid ccs message
SSL_R_INVALID_CERTIFICATE_OR_ALG:238:invalid certificate or alg
SSL_R_INVALID_COMMAND:280:invalid command
SSL_R_INVALID_COMPRESSION_ALGORITHM:341:invalid compression algorithm
+SSL_R_INVALID_CONFIG:283:invalid config
SSL_R_INVALID_CONFIGURATION_NAME:113:invalid configuration name
+SSL_R_INVALID_CONTEXT:282:invalid context
SSL_R_INVALID_CT_VALIDATION_TYPE:212:invalid ct validation type
SSL_R_INVALID_KEY_UPDATE_TYPE:120:invalid key update type
SSL_R_INVALID_MAX_EARLY_DATA:174:invalid max early data
@@ -2495,6 +2506,7 @@ SSL_R_MISSING_SUPPORTED_GROUPS_EXTENSION:209:missing supported groups extension
SSL_R_MISSING_TMP_DH_KEY:171:missing tmp dh key
SSL_R_MISSING_TMP_ECDH_KEY:311:missing tmp ecdh key
SSL_R_NOT_ON_RECORD_BOUNDARY:182:not on record boundary
+SSL_R_NOT_SERVER:284:not server
SSL_R_NO_APPLICATION_PROTOCOL:235:no application protocol
SSL_R_NO_CERTIFICATES_RETURNED:176:no certificates returned
SSL_R_NO_CERTIFICATE_ASSIGNED:177:no certificate assigned
@@ -2534,6 +2546,7 @@ SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE:199:peer did not return a certificate
SSL_R_PEM_NAME_BAD_PREFIX:391:pem name bad prefix
SSL_R_PEM_NAME_TOO_SHORT:392:pem name too short
SSL_R_PIPELINE_FAILURE:406:pipeline failure
+SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR:278:post handshake auth encoding err
SSL_R_PROTOCOL_IS_SHUTDOWN:207:protocol is shutdown
SSL_R_PSK_IDENTITY_NOT_FOUND:223:psk identity not found
SSL_R_PSK_NO_CLIENT_CB:224:psk no client cb
@@ -2545,6 +2558,8 @@ SSL_R_RECORD_TOO_SMALL:298:record too small
SSL_R_RENEGOTIATE_EXT_TOO_LONG:335:renegotiate ext too long
SSL_R_RENEGOTIATION_ENCODING_ERR:336:renegotiation encoding err
SSL_R_RENEGOTIATION_MISMATCH:337:renegotiation mismatch
+SSL_R_REQUEST_PENDING:285:request pending
+SSL_R_REQUEST_SENT:286:request sent
SSL_R_REQUIRED_CIPHER_MISSING:215:required cipher missing
SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING:342:\
required compression algorithm missing
diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod
index 1d9dd39..4f0f01c 100644
--- a/doc/man1/s_client.pod
+++ b/doc/man1/s_client.pod
@@ -118,6 +118,7 @@ B B
[B<-ctlogfile>]
[B<-keylogfile file>]
[B<-early_data file>]
+[B<-force_pha>]
[B]
=head1 DESCRIPTION
@@ -621,6 +622,11 @@ Reads the contents of the specified file and attempts to send it as early data
to the server. This will only work with resumed sessions that support early
data and when the server accepts the early data.
+=item B<-force_pha>
+
+For TLSv1.3 only, always send the Post-Handshake Authentication extension,
+whether or not a certificate has been provided via B<-cert>.
+
=item B<[target]>
Rather than providing B<-connect>, the target hostname and optional port may
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index 06b98bd..27317e0 100644
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -435,6 +435,18 @@ occurs if the client does not present a certificate. Servers only.
B requests a certificate from a client only on the initial connection:
not when renegotiating. Servers only.
+B configures the connection to support requests but does
+not require a certificate from the client post-handshake. A certificate will
+not be requested during the initial handshake. The server application must
+provide a mechanism to request a certificate post-handshake. Servers only.
+TLSv1.3 only.
+
+B configures the connection to support requests and
+requires a certificate from the client post-handshake: an error occurs if the
+client does not present a certificate. A certificate will not be requested
+during the initial handshake. The server application must provide a mechanism
+to request a certificate post-handshake. Servers only. TLSv1.3 only.
+
=item B, B
A file or directory of certificates in PEM format whose names are used as the
diff --git a/doc/man3/SSL_CTX_set_verify.pod b/doc/man3/SSL_CTX_set_verify.pod
index 9e634dd..89760f4 100644
--- a/doc/man3/SSL_CTX_set_verify.pod
+++ b/doc/man3/SSL_CTX_set_verify.pod
@@ -5,7 +5,9 @@
SSL_get_ex_data_X509_STORE_CTX_idx,
SSL_CTX_set_verify, SSL_set_verify,
SSL_CTX_set_verify_depth, SSL_set_verify_depth,
-SSL_verify_cb
+SSL_verify_cb,
+SSL_verify_client_post_handshake,
+SSL_force_post_handshake_auth
- set peer certificate verification parameters
=head1 SYNOPSIS
@@ -15,11 +17,14 @@ SSL_verify_cb
typedef int (*SSL_verify_cb)(int preverify_ok, X509_STORE_CTX *x509_ctx);
void SSL_CTX_set_verify(SSL_CTX *ctx, int mode, SSL_verify_cb verify_callback);
- void SSL_set_verify(SSL *s, int mode, SSL_verify_cb verify_callback);
+ void SSL_set_verify(SSL *ssl, int mode, SSL_verify_cb verify_callback);
SSL_get_ex_data_X509_STORE_CTX_idx(void);
void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth);
- void SSL_set_verify_depth(SSL *s, int depth);
+ void SSL_set_verify_depth(SSL *ssl, int depth);
+
+ int SSL_verify_client_post_handshake(SSL *ssl);
+ void SSL_force_post_handshake_auth(SSL *ssl);
=head1 DESCRIPTION
@@ -43,6 +48,16 @@ verification that shall be allowed for B.
SSL_set_verify_depth() sets the maximum B for the certificate chain
verification that shall be allowed for B.
+SSL_force_post_handshake_auth() forces the Post-Handshake Authentication
+extension to be added to the ClientHello regardless of certificate configuration
+at the time of the initial handshake, such that post-handshake authentication
+can be requested by the server. A certificate callback will need to be set via
+SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization.
+
+SSL_verify_client_post_handshake() causes a CertificateRequest message to be
+sent by a server on the given B connection. The SSL_VERIFY_PEER flag must
+be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional.
+
=head1 NOTES
The verification of certificates can be controlled by a set of logically
@@ -69,7 +84,8 @@ fails, the TLS/SSL handshake is
immediately terminated with an alert message containing the reason for
the verification failure.
The behaviour can be controlled by the additional
-SSL_VERIFY_FAIL_IF_NO_PEER_CERT and SSL_VERIFY_CLIENT_ONCE flags.
+SSL_VERIFY_FAIL_IF_NO_PEER_CERT, SSL_VERIFY_CLIENT_ONCE and
+SSL_VERIFY_POST_HANDSHAKE flags.
B the server certificate is verified. If the verification process
fails, the TLS/SSL handshake is
@@ -87,9 +103,22 @@ B ignored
=item SSL_VERIFY_CLIENT_ONCE
-B only request a client certificate on the initial TLS/SSL
-handshake. Do not ask for a client certificate again in case of a
-renegotiation. This flag must be used together with SSL_VERIFY_PEER.
+B only request a client certificate once during the
+connection. Do not ask for a client certificate again during
+renegotiation or post-authentication if a certificate was requested
+during the initial handshake. This flag must be used together with
+SSL_VERIFY_PEER.
+
+B ignored
+
+=item SSL_VERIFY_POST_HANDSHAKE
+
+B the server will not send a client certificate request
+during the initial handshake, but will send the request via
+SSL_verify_client_post_handshake(). This allows the SSL_CTX or SSL
+to be configured for post-handshake peer verification before the
+handshake occurs. This flag must be used together with
+SSL_VERIFY_PEER. TLSv1.3 only; no effect on pre-TLSv1.3 connections.
B ignored
@@ -154,6 +183,20 @@ Its return value is identical to B, so that any verification
failure will lead to a termination of the TLS/SSL handshake with an
alert message, if SSL_VERIFY_PEER is set.
+After calling SSL_force_post_handshake_auth(), the client will need to add a
+certificate or certificate callback to its configuration before it can
+successfully authenticate. This must be called before SSL_connect().
+
+SSL_verify_client_post_handshake() requires that verify flags have been
+previously set, and that a client sent the post-handshake authentication
+extension. When the client returns a certificate the verify callback will be
+invoked. A write operation must take place for the Certificate Request to be
+sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex().
+Only one certificate request may be outstanding at any time.
+
+When post-handshake authentication occurs, a refreshed NewSessionTicket
+message is sent to the client.
+
=head1 BUGS
In client mode, it is not checked whether the SSL_VERIFY_PEER flag
@@ -165,6 +208,10 @@ required.
The SSL*_set_verify*() functions do not provide diagnostic information.
+The SSL_verify_client_post_handshake() function returns 1 if the request
+succeeded, and 0 if the request failed. The error stack can be examined
+to determine the failure reason.
+
=head1 EXAMPLES
The following code sequence realizes an example B function
@@ -288,8 +335,14 @@ L,
L,
L,
L,
+L,
L
+=head1 HISTORY
+
+The SSL_VERIFY_POST_HANDSHAKE option, and the SSL_verify_client_post_handshake()
+and SSL_force_post_handshake_auth() functions were added in OpenSSL 1.1.1.
+
=head1 COPYRIGHT
Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 97d2e46..9c45b90 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -1052,13 +1052,14 @@ size_t SSL_get_finished(const SSL *s, void *buf, size_t count);
size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count);
/*
- * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options are
+ * use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 3 options are
* 'ored' with SSL_VERIFY_PEER if they are desired
*/
# define SSL_VERIFY_NONE 0x00
# define SSL_VERIFY_PEER 0x01
# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
# define SSL_VERIFY_CLIENT_ONCE 0x04
+# define SSL_VERIFY_POST_HANDSHAKE 0x08
# define OpenSSL_add_ssl_algorithms() SSL_library_init()
# if OPENSSL_API_COMPAT < 0x10100000L
@@ -1850,6 +1851,8 @@ int SSL_renegotiate(SSL *s);
int SSL_renegotiate_abbreviated(SSL *s);
__owur int SSL_renegotiate_pending(SSL *s);
int SSL_shutdown(SSL *s);
+__owur int SSL_verify_client_post_handshake(SSL *s);
+void SSL_force_post_handshake_auth(SSL *s);
__owur const SSL_METHOD *SSL_CTX_get_ssl_method(SSL_CTX *ctx);
__owur const SSL_METHOD *SSL_get_ssl_method(SSL *s);
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index ec81ba3..a84a62d 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -241,6 +241,7 @@ int ERR_load_SSL_strings(void);
# define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 206
# define SSL_F_SSL_VALIDATE_CT 400
# define SSL_F_SSL_VERIFY_CERT_CHAIN 207
+# define SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE 616
# define SSL_F_SSL_WRITE 208
# define SSL_F_SSL_WRITE_EARLY_DATA 526
# define SSL_F_SSL_WRITE_EARLY_FINISH 527
@@ -254,6 +255,8 @@ int ERR_load_SSL_strings(void);
# define SSL_F_TLS13_FINAL_FINISH_MAC 605
# define SSL_F_TLS13_GENERATE_SECRET 591
# define SSL_F_TLS13_HKDF_EXPAND 561
+# define SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA 617
+# define SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA 618
# define SSL_F_TLS13_SETUP_KEY_BLOCK 441
# define SSL_F_TLS1_CHANGE_CIPHER_STATE 209
# define SSL_F_TLS1_CHECK_DUPLICATE_EXTENSIONS 341
@@ -295,6 +298,7 @@ int ERR_load_SSL_strings(void);
# define SSL_F_TLS_CONSTRUCT_CTOS_MAXFRAGMENTLEN 549
# define SSL_F_TLS_CONSTRUCT_CTOS_NPN 471
# define SSL_F_TLS_CONSTRUCT_CTOS_PADDING 472
+# define SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH 619
# define SSL_F_TLS_CONSTRUCT_CTOS_PSK 501
# define SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES 509
# define SSL_F_TLS_CONSTRUCT_CTOS_RENEGOTIATE 473
@@ -358,6 +362,7 @@ int ERR_load_SSL_strings(void);
# define SSL_F_TLS_PARSE_CTOS_EMS 570
# define SSL_F_TLS_PARSE_CTOS_KEY_SHARE 463
# define SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN 571
+# define SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH 620
# define SSL_F_TLS_PARSE_CTOS_PSK 505
# define SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES 572
# define SSL_F_TLS_PARSE_CTOS_RENEGOTIATE 464
@@ -522,6 +527,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_ERROR_SETTING_TLSA_BASE_DOMAIN 204
# define SSL_R_EXCEEDS_MAX_FRAGMENT_SIZE 194
# define SSL_R_EXCESSIVE_MESSAGE_SIZE 152
+# define SSL_R_EXTENSION_NOT_RECEIVED 279
# define SSL_R_EXTRA_DATA_IN_MESSAGE 153
# define SSL_R_EXT_LENGTH_MISMATCH 163
# define SSL_R_FAILED_TO_INIT_ASYNC 405
@@ -542,7 +548,9 @@ int ERR_load_SSL_strings(void);
# define SSL_R_INVALID_CERTIFICATE_OR_ALG 238
# define SSL_R_INVALID_COMMAND 280
# define SSL_R_INVALID_COMPRESSION_ALGORITHM 341
+# define SSL_R_INVALID_CONFIG 283
# define SSL_R_INVALID_CONFIGURATION_NAME 113
+# define SSL_R_INVALID_CONTEXT 282
# define SSL_R_INVALID_CT_VALIDATION_TYPE 212
# define SSL_R_INVALID_KEY_UPDATE_TYPE 120
# define SSL_R_INVALID_MAX_EARLY_DATA 174
@@ -571,6 +579,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_MISSING_TMP_DH_KEY 171
# define SSL_R_MISSING_TMP_ECDH_KEY 311
# define SSL_R_NOT_ON_RECORD_BOUNDARY 182
+# define SSL_R_NOT_SERVER 284
# define SSL_R_NO_APPLICATION_PROTOCOL 235
# define SSL_R_NO_CERTIFICATES_RETURNED 176
# define SSL_R_NO_CERTIFICATE_ASSIGNED 177
@@ -608,6 +617,7 @@ int ERR_load_SSL_strings(void);
# define SSL_R_PEM_NAME_BAD_PREFIX 391
# define SSL_R_PEM_NAME_TOO_SHORT 392
# define SSL_R_PIPELINE_FAILURE 406
+# define SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR 278
# define SSL_R_PROTOCOL_IS_SHUTDOWN 207
# define SSL_R_PSK_IDENTITY_NOT_FOUND 223
# define SSL_R_PSK_NO_CLIENT_CB 224
@@ -619,6 +629,8 @@ int ERR_load_SSL_strings(void);
# define SSL_R_RENEGOTIATE_EXT_TOO_LONG 335
# define SSL_R_RENEGOTIATION_ENCODING_ERR 336
# define SSL_R_RENEGOTIATION_MISMATCH 337
+# define SSL_R_REQUEST_PENDING 285
+# define SSL_R_REQUEST_SENT 286
# define SSL_R_REQUIRED_CIPHER_MISSING 215
# define SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING 342
# define SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING 345
diff --git a/include/openssl/tls1.h b/include/openssl/tls1.h
index 434e327..1253352 100644
--- a/include/openssl/tls1.h
+++ b/include/openssl/tls1.h
@@ -146,6 +146,7 @@ extern "C" {
# define TLSEXT_TYPE_cookie 44
# define TLSEXT_TYPE_psk_kex_modes 45
# define TLSEXT_TYPE_certificate_authorities 47
+# define TLSEXT_TYPE_post_handshake_auth 49
# define TLSEXT_TYPE_signature_algorithms_cert 50
# define TLSEXT_TYPE_key_share 51
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index 0cd8ace..cb4ff8d 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -386,7 +386,12 @@ static int cmd_VerifyMode(SSL_CONF_CTX *cctx, const char *value)
SSL_FLAG_VFY_SRV("Request", SSL_VERIFY_PEER),
SSL_FLAG_VFY_SRV("Require",
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT),
- SSL_FLAG_VFY_SRV("Once", SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE)
+ SSL_FLAG_VFY_SRV("Once", SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE),
+ SSL_FLAG_VFY_SRV("RequestPostHandshake",
+ SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE),
+ SSL_FLAG_VFY_SRV("RequirePostHandshake",
+ SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE |
+ SSL_VERIFY_FAIL_IF_NO_PEER_CERT),
};
if (value == NULL)
return -3;
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 746678c..f0bde60 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -351,6 +351,8 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
{ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_VALIDATE_CT, 0), "ssl_validate_ct"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_VERIFY_CERT_CHAIN, 0),
"ssl_verify_cert_chain"},
+ {ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, 0),
+ "SSL_verify_client_post_handshake"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_WRITE, 0), "SSL_write"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_SSL_WRITE_EARLY_DATA, 0),
"SSL_write_early_data"},
@@ -369,6 +371,10 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_GENERATE_SECRET, 0),
"tls13_generate_secret"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_HKDF_EXPAND, 0), "tls13_hkdf_expand"},
+ {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA, 0),
+ "tls13_restore_handshake_digest_for_pha"},
+ {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA, 0),
+ "tls13_save_handshake_digest_for_pha"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS13_SETUP_KEY_BLOCK, 0),
"tls13_setup_key_block"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS1_CHANGE_CIPHER_STATE, 0),
@@ -441,6 +447,8 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
"tls_construct_ctos_npn"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_PADDING, 0),
"tls_construct_ctos_padding"},
+ {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH, 0),
+ "tls_construct_ctos_post_handshake_auth"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_PSK, 0),
"tls_construct_ctos_psk"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_CONSTRUCT_CTOS_PSK_KEX_MODES, 0),
@@ -557,6 +565,8 @@ static const ERR_STRING_DATA SSL_str_functs[] = {
"tls_parse_ctos_key_share"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_MAXFRAGMENTLEN, 0),
"tls_parse_ctos_maxfragmentlen"},
+ {ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH, 0),
+ "tls_parse_ctos_post_handshake_auth"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_PSK, 0), "tls_parse_ctos_psk"},
{ERR_PACK(ERR_LIB_SSL, SSL_F_TLS_PARSE_CTOS_PSK_KEX_MODES, 0),
"tls_parse_ctos_psk_kex_modes"},
@@ -832,6 +842,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"exceeds max fragment size"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXCESSIVE_MESSAGE_SIZE),
"excessive message size"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXTENSION_NOT_RECEIVED),
+ "extension not received"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXTRA_DATA_IN_MESSAGE),
"extra data in message"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_EXT_LENGTH_MISMATCH),
@@ -868,8 +880,10 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_COMMAND), "invalid command"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_COMPRESSION_ALGORITHM),
"invalid compression algorithm"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_CONFIG), "invalid config"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_CONFIGURATION_NAME),
"invalid configuration name"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_CONTEXT), "invalid context"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_CT_VALIDATION_TYPE),
"invalid ct validation type"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_INVALID_KEY_UPDATE_TYPE),
@@ -919,6 +933,7 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"missing tmp ecdh key"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NOT_ON_RECORD_BOUNDARY),
"not on record boundary"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NOT_SERVER), "not server"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_APPLICATION_PROTOCOL),
"no application protocol"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_NO_CERTIFICATES_RETURNED),
@@ -978,6 +993,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"pem name bad prefix"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PEM_NAME_TOO_SHORT), "pem name too short"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PIPELINE_FAILURE), "pipeline failure"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR),
+ "post handshake auth encoding err"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PROTOCOL_IS_SHUTDOWN),
"protocol is shutdown"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_PSK_IDENTITY_NOT_FOUND),
@@ -996,6 +1013,8 @@ static const ERR_STRING_DATA SSL_str_reasons[] = {
"renegotiation encoding err"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_RENEGOTIATION_MISMATCH),
"renegotiation mismatch"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_REQUEST_PENDING), "request pending"},
+ {ERR_PACK(ERR_LIB_SSL, 0, SSL_R_REQUEST_SENT), "request sent"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_REQUIRED_CIPHER_MISSING),
"required cipher missing"},
{ERR_PACK(ERR_LIB_SSL, 0, SSL_R_REQUIRED_COMPRESSION_ALGORITHM_MISSING),
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 270d4de..68a9b19 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -614,6 +614,9 @@ int SSL_clear(SSL *s)
s->key_update = SSL_KEY_UPDATE_NONE;
+ EVP_MD_CTX_free(s->pha_dgst);
+ s->pha_dgst = NULL;
+
/* Reset DANE verification result state */
s->dane.mdpth = -1;
s->dane.pdpth = -1;
@@ -1186,6 +1189,8 @@ void SSL_free(SSL *s)
OPENSSL_free(s->ext.alpn);
OPENSSL_free(s->ext.tls13_cookie);
OPENSSL_free(s->clienthello);
+ OPENSSL_free(s->pha_context);
+ EVP_MD_CTX_free(s->pha_dgst);
sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free);
@@ -5318,3 +5323,55 @@ int SSL_stateless(SSL *s)
return 0;
}
+
+void SSL_force_post_handshake_auth(SSL *ssl)
+{
+ ssl->pha_forced = 1;
+}
+
+int SSL_verify_client_post_handshake(SSL *ssl)
+{
+ if (!SSL_IS_TLS13(ssl)) {
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_WRONG_SSL_VERSION);
+ return 0;
+ }
+ if (!ssl->server) {
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_NOT_SERVER);
+ return 0;
+ }
+
+ if (!SSL_is_init_finished(ssl)) {
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_STILL_IN_INIT);
+ return 0;
+ }
+
+ switch (ssl->post_handshake_auth) {
+ case SSL_PHA_NONE:
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_EXTENSION_NOT_RECEIVED);
+ return 0;
+ default:
+ case SSL_PHA_EXT_SENT:
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, ERR_R_INTERNAL_ERROR);
+ return 0;
+ case SSL_PHA_EXT_RECEIVED:
+ break;
+ case SSL_PHA_REQUEST_PENDING:
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_REQUEST_PENDING);
+ return 0;
+ case SSL_PHA_REQUESTED:
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_REQUEST_SENT);
+ return 0;
+ }
+
+ ssl->post_handshake_auth = SSL_PHA_REQUEST_PENDING;
+
+ /* checks verify_mode and algorithm_auth */
+ if (!send_certificate_request(ssl)) {
+ ssl->post_handshake_auth = SSL_PHA_EXT_RECEIVED; /* restore on error */
+ SSLerr(SSL_F_SSL_VERIFY_CLIENT_POST_HANDSHAKE, SSL_R_INVALID_CONFIG);
+ return 0;
+ }
+
+ ossl_statem_set_in_init(ssl, 1);
+ return 1;
+}
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 6afd009..221d5b9 100644
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -402,6 +402,15 @@
#define CERT_PRIVATE_KEY 2
*/
+/* Post-Handshake Authentication state */
+typedef enum {
+ SSL_PHA_NONE = 0,
+ SSL_PHA_EXT_SENT, /* client-side only: extension sent */
+ SSL_PHA_EXT_RECEIVED, /* server-side only: extension received */
+ SSL_PHA_REQUEST_PENDING, /* server-side only: request pending */
+ SSL_PHA_REQUESTED /* request received by client, or sent by server */
+} SSL_PHA_STATE;
+
/* CipherSuite length. SSLv3 and all TLS versions. */
# define TLS_CIPHER_LEN 2
/* used to hold info on the particular ciphers used */
@@ -702,6 +711,7 @@ typedef enum tlsext_index_en {
TLSEXT_IDX_signed_certificate_timestamp,
TLSEXT_IDX_extended_master_secret,
TLSEXT_IDX_signature_algorithms_cert,
+ TLSEXT_IDX_post_handshake_auth,
TLSEXT_IDX_signature_algorithms,
TLSEXT_IDX_supported_versions,
TLSEXT_IDX_psk_kex_modes,
@@ -1334,6 +1344,14 @@ struct ssl_st {
int renegotiate;
/* If sending a KeyUpdate is pending */
int key_update;
+ /* Post-handshake authentication state */
+ SSL_PHA_STATE post_handshake_auth;
+ int pha_forced;
+ uint8_t* pha_context;
+ size_t pha_context_len;
+ int certreqs_sent;
+ EVP_MD_CTX *pha_dgst; /* this is just the digest through ClientFinished */
+
# ifndef OPENSSL_NO_SRP
/* ctx for SRP authentication */
SRP_CTX srp_ctx;
@@ -2535,6 +2553,10 @@ __owur int srp_generate_server_master_secret(SSL *s);
__owur int srp_generate_client_master_secret(SSL *s);
__owur int srp_verify_server_param(SSL *s);
+/* statem/statem_srvr.c */
+
+__owur int send_certificate_request(SSL *s);
+
/* statem/extensions_cust.c */
custom_ext_method *custom_ext_find(const custom_ext_methods *exts,
diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c
index 5ad86f2..daf43c6 100644
--- a/ssl/statem/extensions.c
+++ b/ssl/statem/extensions.c
@@ -55,6 +55,7 @@ static int init_srtp(SSL *s, unsigned int context);
static int final_sig_algs(SSL *s, unsigned int context, int sent);
static int final_early_data(SSL *s, unsigned int context, int sent);
static int final_maxfragmentlen(SSL *s, unsigned int context, int sent);
+static int init_post_handshake_auth(SSL *s, unsigned int context);
/* Structure to define a built-in extension */
typedef struct extensions_definition_st {
@@ -290,6 +291,14 @@ static const EXTENSION_DEFINITION ext_defs[] = {
NULL, NULL, NULL
},
{
+ TLSEXT_TYPE_post_handshake_auth,
+ SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_ONLY,
+ init_post_handshake_auth,
+ tls_parse_ctos_post_handshake_auth, NULL,
+ NULL, tls_construct_ctos_post_handshake_auth,
+ NULL,
+ },
+ {
TLSEXT_TYPE_signature_algorithms,
SSL_EXT_CLIENT_HELLO | SSL_EXT_TLS1_3_CERTIFICATE_REQUEST,
init_sig_algs, tls_parse_ctos_sig_algs,
@@ -1653,3 +1662,10 @@ static int final_maxfragmentlen(SSL *s, unsigned int context, int sent)
return 1;
}
+
+static int init_post_handshake_auth(SSL *s, unsigned int context)
+{
+ s->post_handshake_auth = SSL_PHA_NONE;
+
+ return 1;
+}
diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c
index 5441e98..6286242 100644
--- a/ssl/statem/extensions_clnt.c
+++ b/ssl/statem/extensions_clnt.c
@@ -1133,6 +1133,48 @@ EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
#endif
}
+EXT_RETURN tls_construct_ctos_post_handshake_auth(SSL *s, WPACKET *pkt,
+ unsigned int context,
+ X509 *x, size_t chainidx)
+{
+#ifndef OPENSSL_NO_TLS1_3
+ if (!s->pha_forced) {
+ int i, n = 0;
+
+ /* check for cert, if present, we can do post-handshake auth */
+ if (s->cert == NULL)
+ return EXT_RETURN_NOT_SENT;
+
+ for (i = 0; i < SSL_PKEY_NUM; i++) {
+ if (s->cert->pkeys[i].x509 != NULL
+ && s->cert->pkeys[i].privatekey != NULL)
+ n++;
+ }
+
+ /* no identity certificates, so no extension */
+ if (n == 0)
+ return EXT_RETURN_NOT_SENT;
+ }
+
+ /* construct extension - 0 length, no contents */
+ if (!WPACKET_put_bytes_u16(pkt, TLSEXT_TYPE_post_handshake_auth)
+ || !WPACKET_start_sub_packet_u16(pkt)
+ || !WPACKET_close(pkt)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_CONSTRUCT_CTOS_POST_HANDSHAKE_AUTH,
+ ERR_R_INTERNAL_ERROR);
+ return EXT_RETURN_FAIL;
+ }
+
+ s->post_handshake_auth = SSL_PHA_EXT_SENT;
+
+ return EXT_RETURN_SENT;
+#else
+ return EXT_RETURN_NOT_SENT;
+#endif
+}
+
+
/*
* Parse the server's renegotiation binding and abort if it's not right
*/
diff --git a/ssl/statem/extensions_cust.c b/ssl/statem/extensions_cust.c
index 0a23630..60a7c37 100644
--- a/ssl/statem/extensions_cust.c
+++ b/ssl/statem/extensions_cust.c
@@ -525,6 +525,7 @@ int SSL_extension_supported(unsigned int ext_type)
case TLSEXT_TYPE_early_data:
case TLSEXT_TYPE_certificate_authorities:
case TLSEXT_TYPE_psk:
+ case TLSEXT_TYPE_post_handshake_auth:
return 1;
default:
return 0;
diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c
index 0a7bac4..27ff5a5 100644
--- a/ssl/statem/extensions_srvr.c
+++ b/ssl/statem/extensions_srvr.c
@@ -1161,6 +1161,20 @@ err:
return 0;
}
+int tls_parse_ctos_post_handshake_auth(SSL *s, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx)
+{
+ if (PACKET_remaining(pkt) != 0) {
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_CTOS_POST_HANDSHAKE_AUTH,
+ SSL_R_POST_HANDSHAKE_AUTH_ENCODING_ERR);
+ return 0;
+ }
+
+ s->post_handshake_auth = SSL_PHA_EXT_RECEIVED;
+
+ return 1;
+}
+
/*
* Add the server's renegotiation binding
*/
diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c
index e79bd7b..f224da6 100644
--- a/ssl/statem/statem_clnt.c
+++ b/ssl/statem/statem_clnt.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -160,6 +160,26 @@ static int ossl_statem_client13_read_transition(SSL *s, int mt)
st->hand_state = TLS_ST_CR_KEY_UPDATE;
return 1;
}
+ if (mt == SSL3_MT_CERTIFICATE_REQUEST) {
+#if DTLS_MAX_VERSION != DTLS1_2_VERSION
+# error TODO(DTLS1.3): Restore digest for PHA before adding message.
+#endif
+ if (!SSL_IS_DTLS(s) && s->post_handshake_auth == SSL_PHA_EXT_SENT) {
+ s->post_handshake_auth = SSL_PHA_REQUESTED;
+ /*
+ * In TLS, this is called before the message is added to the
+ * digest. In DTLS, this is expected to be called after adding
+ * to the digest. Either move the digest restore, or add the
+ * message here after the swap, or do it after the clientFinished?
+ */
+ if (!tls13_restore_handshake_digest_for_pha(s)) {
+ /* SSLfatal() already called */
+ return 0;
+ }
+ st->hand_state = TLS_ST_CR_CERT_REQ;
+ return 1;
+ }
+ }
break;
}
@@ -382,6 +402,17 @@ static WRITE_TRAN ossl_statem_client13_write_transition(SSL *s)
ERR_R_INTERNAL_ERROR);
return WRITE_TRAN_ERROR;
+ case TLS_ST_CR_CERT_REQ:
+ if (s->post_handshake_auth == SSL_PHA_REQUESTED) {
+ st->hand_state = TLS_ST_CW_CERT;
+ return WRITE_TRAN_CONTINUE;
+ }
+ /* Shouldn't happen - same as default case */
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_OSSL_STATEM_CLIENT13_WRITE_TRANSITION,
+ ERR_R_INTERNAL_ERROR);
+ return WRITE_TRAN_ERROR;
+
case TLS_ST_CR_FINISHED:
if (s->early_data_state == SSL_EARLY_DATA_WRITE_RETRY
|| s->early_data_state == SSL_EARLY_DATA_FINISHED_WRITING)
@@ -798,11 +829,17 @@ WORK_STATE ossl_statem_client_post_work(SSL *s, WORK_STATE wst)
return WORK_MORE_B;
if (SSL_IS_TLS13(s)) {
- if (!s->method->ssl3_enc->change_cipher_state(s,
- SSL3_CC_APPLICATION | SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
+ if (!tls13_save_handshake_digest_for_pha(s)) {
/* SSLfatal() already called */
return WORK_ERROR;
}
+ if (s->post_handshake_auth != SSL_PHA_REQUESTED) {
+ if (!s->method->ssl3_enc->change_cipher_state(s,
+ SSL3_CC_APPLICATION | SSL3_CHANGE_CIPHER_CLIENT_WRITE)) {
+ /* SSLfatal() already called */
+ return WORK_ERROR;
+ }
+ }
}
break;
@@ -2399,9 +2436,11 @@ MSG_PROCESS_RETURN tls_process_certificate_request(SSL *s, PACKET *pkt)
OPENSSL_free(s->s3->tmp.ctype);
s->s3->tmp.ctype = NULL;
s->s3->tmp.ctype_len = 0;
+ OPENSSL_free(s->pha_context);
+ s->pha_context = NULL;
- /* TODO(TLS1.3) need to process request context, for now ignore */
- if (!PACKET_get_length_prefixed_1(pkt, &reqctx)) {
+ if (!PACKET_get_length_prefixed_1(pkt, &reqctx) ||
+ !PACKET_memdup(&reqctx, &s->pha_context, &s->pha_context_len)) {
SSLfatal(s, SSL_AD_DECODE_ERROR,
SSL_F_TLS_PROCESS_CERTIFICATE_REQUEST,
SSL_R_LENGTH_MISMATCH);
@@ -3357,8 +3396,12 @@ WORK_STATE tls_prepare_client_certificate(SSL *s, WORK_STATE wst)
}
s->rwstate = SSL_NOTHING;
}
- if (ssl3_check_client_certificate(s))
+ if (ssl3_check_client_certificate(s)) {
+ if (s->post_handshake_auth == SSL_PHA_REQUESTED) {
+ return WORK_FINISHED_STOP;
+ }
return WORK_FINISHED_CONTINUE;
+ }
/* Fall through to WORK_MORE_B */
wst = WORK_MORE_B;
@@ -3403,6 +3446,8 @@ WORK_STATE tls_prepare_client_certificate(SSL *s, WORK_STATE wst)
}
}
+ if (s->post_handshake_auth == SSL_PHA_REQUESTED)
+ return WORK_FINISHED_STOP;
return WORK_FINISHED_CONTINUE;
}
@@ -3414,14 +3459,19 @@ WORK_STATE tls_prepare_client_certificate(SSL *s, WORK_STATE wst)
int tls_construct_client_certificate(SSL *s, WPACKET *pkt)
{
- /*
- * TODO(TLS1.3): For now we must put an empty context. Needs to be filled in
- * later
- */
- if (SSL_IS_TLS13(s) && !WPACKET_put_bytes_u8(pkt, 0)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
- return 0;
+ if (SSL_IS_TLS13(s)) {
+ if (s->pha_context == NULL) {
+ /* no context available, add 0-length context */
+ if (!WPACKET_put_bytes_u8(pkt, 0)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ } else if (!WPACKET_sub_memcpy_u8(pkt, s->pha_context, s->pha_context_len)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_CONSTRUCT_CLIENT_CERTIFICATE, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
}
if (!ssl3_output_cert_chain(s, pkt,
(s->s3->tmp.cert_req == 2) ? NULL
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 87ce280..f57f33c 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
*
* Licensed under the OpenSSL license (the "License"). You may not use
@@ -43,12 +43,15 @@ int ssl3_do_write(SSL *s, int type)
/*
* should not be done for 'Hello Request's, but in that case we'll
* ignore the result anyway
+ * TLS1.3 KeyUpdate and NewSessionTicket do not need to be added
*/
- if (!ssl3_finish_mac(s,
- (unsigned char *)&s->init_buf->data[s->init_off],
- written))
- return -1;
-
+ if (!SSL_IS_TLS13(s) || (s->statem.hand_state != TLS_ST_SW_SESSION_TICKET
+ && s->statem.hand_state != TLS_ST_CW_KEY_UPDATE
+ && s->statem.hand_state != TLS_ST_SW_KEY_UPDATE))
+ if (!ssl3_finish_mac(s,
+ (unsigned char *)&s->init_buf->data[s->init_off],
+ written))
+ return -1;
if (written == s->init_num) {
if (s->msg_callback)
s->msg_callback(1, s->version, type, s->init_buf->data,
@@ -504,7 +507,7 @@ int tls_construct_finished(SSL *s, WPACKET *pkt)
size_t slen;
/* This is a real handshake so make sure we clean it up at the end */
- if (!s->server)
+ if (!s->server && s->post_handshake_auth != SSL_PHA_REQUESTED)
s->statem.cleanuphand = 1;
/*
@@ -741,8 +744,14 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
/* This is a real handshake so make sure we clean it up at the end */
- if (s->server)
- s->statem.cleanuphand = 1;
+ if (s->server) {
+ if (s->post_handshake_auth != SSL_PHA_REQUESTED)
+ s->statem.cleanuphand = 1;
+ if (SSL_IS_TLS13(s) && !tls13_save_handshake_digest_for_pha(s)) {
+ /* SSLfatal() already called */
+ return MSG_PROCESS_ERROR;
+ }
+ }
/*
* In TLSv1.3 a Finished message signals a key change so the end of the
@@ -801,7 +810,8 @@ MSG_PROCESS_RETURN tls_process_finished(SSL *s, PACKET *pkt)
*/
if (SSL_IS_TLS13(s)) {
if (s->server) {
- if (!s->method->ssl3_enc->change_cipher_state(s,
+ if (s->post_handshake_auth != SSL_PHA_REQUESTED &&
+ !s->method->ssl3_enc->change_cipher_state(s,
SSL3_CC_APPLICATION | SSL3_CHANGE_CIPHER_SERVER_READ)) {
/* SSLfatal() already called */
return MSG_PROCESS_ERROR;
@@ -1021,6 +1031,10 @@ WORK_STATE tls_finish_handshake(SSL *s, WORK_STATE wst, int clearbufs, int stop)
s->init_num = 0;
}
+ if (SSL_IS_TLS13(s) && !s->server
+ && s->post_handshake_auth == SSL_PHA_REQUESTED)
+ s->post_handshake_auth = SSL_PHA_EXT_SENT;
+
if (s->statem.cleanuphand) {
/* skipped if we just sent a HelloRequest */
s->renegotiate = 0;
@@ -1237,18 +1251,24 @@ int tls_get_message_body(SSL *s, size_t *len)
/*
* We defer feeding in the HRR until later. We'll do it as part of
* processing the message
+ * The TLsv1.3 handshake transcript stops at the ClientFinished
+ * message.
*/
#define SERVER_HELLO_RANDOM_OFFSET (SSL3_HM_HEADER_LENGTH + 2)
- if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO
- || s->init_num < SERVER_HELLO_RANDOM_OFFSET + SSL3_RANDOM_SIZE
- || memcmp(hrrrandom,
- s->init_buf->data + SERVER_HELLO_RANDOM_OFFSET,
- SSL3_RANDOM_SIZE) != 0) {
- if (!ssl3_finish_mac(s, (unsigned char *)s->init_buf->data,
- s->init_num + SSL3_HM_HEADER_LENGTH)) {
- /* SSLfatal() already called */
- *len = 0;
- return 0;
+ /* KeyUpdate and NewSessionTicket do not need to be added */
+ if (!SSL_IS_TLS13(s) || (s->s3->tmp.message_type != SSL3_MT_NEWSESSION_TICKET
+ && s->s3->tmp.message_type != SSL3_MT_KEY_UPDATE)) {
+ if (s->s3->tmp.message_type != SSL3_MT_SERVER_HELLO
+ || s->init_num < SERVER_HELLO_RANDOM_OFFSET + SSL3_RANDOM_SIZE
+ || memcmp(hrrrandom,
+ s->init_buf->data + SERVER_HELLO_RANDOM_OFFSET,
+ SSL3_RANDOM_SIZE) != 0) {
+ if (!ssl3_finish_mac(s, (unsigned char *)s->init_buf->data,
+ s->init_num + SSL3_HM_HEADER_LENGTH)) {
+ /* SSLfatal() already called */
+ *len = 0;
+ return 0;
+ }
}
}
if (s->msg_callback)
@@ -2208,3 +2228,54 @@ size_t construct_key_exchange_tbs(SSL *s, unsigned char **ptbs,
*ptbs = tbs;
return tbslen;
}
+
+/*
+ * Saves the current handshake digest for Post-Handshake Auth,
+ * Done after ClientFinished is processed, done exactly once
+ */
+int tls13_save_handshake_digest_for_pha(SSL *s)
+{
+ if (s->pha_dgst == NULL) {
+ if (!ssl3_digest_cached_records(s, 1))
+ /* SSLfatal() already called */
+ return 0;
+
+ s->pha_dgst = EVP_MD_CTX_new();
+ if (s->pha_dgst == NULL) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ if (!EVP_MD_CTX_copy_ex(s->pha_dgst,
+ s->s3->handshake_dgst)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS13_SAVE_HANDSHAKE_DIGEST_FOR_PHA,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ }
+ return 1;
+}
+
+/*
+ * Restores the Post-Handshake Auth handshake digest
+ * Done just before sending/processing the Cert Request
+ */
+int tls13_restore_handshake_digest_for_pha(SSL *s)
+{
+ if (s->pha_dgst == NULL) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ if (!EVP_MD_CTX_copy_ex(s->s3->handshake_dgst,
+ s->pha_dgst)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS13_RESTORE_HANDSHAKE_DIGEST_FOR_PHA,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ return 1;
+}
diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h
index f16d3cb..af081eb 100644
--- a/ssl/statem/statem_locl.h
+++ b/ssl/statem/statem_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright 2015-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -235,6 +235,8 @@ int tls_parse_ctos_psk_kex_modes(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
int tls_parse_ctos_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
size_t chainidx);
+int tls_parse_ctos_post_handshake_auth(SSL *, PACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
EXT_RETURN tls_construct_stoc_renegotiate(SSL *s, WPACKET *pkt,
unsigned int context, X509 *x,
@@ -365,6 +367,9 @@ EXT_RETURN tls_construct_ctos_padding(SSL *s, WPACKET *pkt,
size_t chainidx);
EXT_RETURN tls_construct_ctos_psk(SSL *s, WPACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
+EXT_RETURN tls_construct_ctos_post_handshake_auth(SSL *s, WPACKET *pkt, unsigned int context,
+ X509 *x, size_t chainidx);
+
int tls_parse_stoc_renegotiate(SSL *s, PACKET *pkt, unsigned int context,
X509 *x, size_t chainidx);
int tls_parse_stoc_server_name(SSL *s, PACKET *pkt, unsigned int context,
@@ -411,3 +416,6 @@ int tls_parse_stoc_psk(SSL *s, PACKET *pkt, unsigned int context, X509 *x,
size_t chainidx);
int tls_handle_alpn(SSL *s);
+
+int tls13_save_handshake_digest_for_pha(SSL *s);
+int tls13_restore_handshake_digest_for_pha(SSL *s);
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
index 51b6ce9..812780a 100644
--- a/ssl/statem/statem_srvr.c
+++ b/ssl/statem/statem_srvr.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
* Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved
* Copyright 2005 Nokia. All rights reserved.
*
@@ -107,6 +107,13 @@ static int ossl_statem_server13_read_transition(SSL *s, int mt)
*/
if (s->early_data_state == SSL_EARLY_DATA_READING)
break;
+
+ if (mt == SSL3_MT_CERTIFICATE
+ && s->post_handshake_auth == SSL_PHA_REQUESTED) {
+ st->hand_state = TLS_ST_SR_CERT;
+ return 1;
+ }
+
if (mt == SSL3_MT_KEY_UPDATE) {
st->hand_state = TLS_ST_SR_KEY_UPDATE;
return 1;
@@ -325,16 +332,22 @@ static int send_server_key_exchange(SSL *s)
* 1: Yes
* 0: No
*/
-static int send_certificate_request(SSL *s)
+int send_certificate_request(SSL *s)
{
if (
/* don't request cert unless asked for it: */
s->verify_mode & SSL_VERIFY_PEER
/*
+ * don't request if post-handshake-only unless doing
+ * post-handshake in TLSv1.3:
+ */
+ && (!SSL_IS_TLS13(s) || !(s->verify_mode & SSL_VERIFY_POST_HANDSHAKE)
+ || s->post_handshake_auth == SSL_PHA_REQUEST_PENDING)
+ /*
* if SSL_VERIFY_CLIENT_ONCE is set, don't request cert
- * during re-negotiation:
+ * a second time:
*/
- && (s->s3->tmp.finish_md_len == 0 ||
+ && (s->certreqs_sent < 1 ||
!(s->verify_mode & SSL_VERIFY_CLIENT_ONCE))
/*
* never request cert in anonymous ciphersuites (see
@@ -388,6 +401,10 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
st->hand_state = TLS_ST_SW_KEY_UPDATE;
return WRITE_TRAN_CONTINUE;
}
+ if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
+ st->hand_state = TLS_ST_SW_CERT_REQ;
+ return WRITE_TRAN_CONTINUE;
+ }
/* Try to read from the client instead */
return WRITE_TRAN_FINISHED;
@@ -423,7 +440,12 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
return WRITE_TRAN_CONTINUE;
case TLS_ST_SW_CERT_REQ:
- st->hand_state = TLS_ST_SW_CERT;
+ if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
+ s->post_handshake_auth = SSL_PHA_REQUESTED;
+ st->hand_state = TLS_ST_OK;
+ } else {
+ st->hand_state = TLS_ST_SW_CERT;
+ }
return WRITE_TRAN_CONTINUE;
case TLS_ST_SW_CERT:
@@ -450,6 +472,8 @@ static WRITE_TRAN ossl_statem_server13_write_transition(SSL *s)
* and give the application the opportunity to delay sending the
* session ticket?
*/
+ if (s->post_handshake_auth == SSL_PHA_REQUESTED)
+ s->post_handshake_auth = SSL_PHA_EXT_RECEIVED;
st->hand_state = TLS_ST_SW_SESSION_TICKET;
return WRITE_TRAN_CONTINUE;
@@ -863,6 +887,13 @@ WORK_STATE ossl_statem_server_post_work(SSL *s, WORK_STATE wst)
}
break;
+ case TLS_ST_SW_CERT_REQ:
+ if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
+ if (statem_flush(s) != 1)
+ return WORK_MORE_A;
+ }
+ break;
+
case TLS_ST_SW_KEY_UPDATE:
if (statem_flush(s) != 1)
return WORK_MORE_A;
@@ -2702,12 +2733,30 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt)
int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
{
if (SSL_IS_TLS13(s)) {
- /* TODO(TLS1.3) for now send empty request context */
- if (!WPACKET_put_bytes_u8(pkt, 0)) {
- SSLfatal(s, SSL_AD_INTERNAL_ERROR,
- SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
- ERR_R_INTERNAL_ERROR);
- return 0;
+ /* Send random context when doing post-handshake auth */
+ if (s->post_handshake_auth == SSL_PHA_REQUEST_PENDING) {
+ OPENSSL_free(s->pha_context);
+ s->pha_context_len = 32;
+ if ((s->pha_context = OPENSSL_malloc(s->pha_context_len)) == NULL
+ || ssl_randbytes(s, s->pha_context, s->pha_context_len) <= 0
+ || !WPACKET_sub_memcpy_u8(pkt, s->pha_context, s->pha_context_len)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+ /* reset the handshake hash back to just after the ClientFinished */
+ if (!tls13_restore_handshake_digest_for_pha(s)) {
+ /* SSLfatal() already called */
+ return 0;
+ }
+ } else {
+ if (!WPACKET_put_bytes_u8(pkt, 0)) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_CONSTRUCT_CERTIFICATE_REQUEST,
+ ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
}
if (!tls_construct_extensions(s, pkt,
@@ -2748,6 +2797,7 @@ int tls_construct_certificate_request(SSL *s, WPACKET *pkt)
}
done:
+ s->certreqs_sent++;
s->s3->tmp.cert_request = 1;
return 1;
}
@@ -3396,11 +3446,12 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
int i;
MSG_PROCESS_RETURN ret = MSG_PROCESS_ERROR;
X509 *x = NULL;
- unsigned long l, llen;
+ unsigned long l;
const unsigned char *certstart, *certbytes;
STACK_OF(X509) *sk = NULL;
PACKET spkt, context;
size_t chainidx;
+ SSL_SESSION *new_sess = NULL;
if ((sk = sk_X509_new_null()) == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE,
@@ -3408,10 +3459,16 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
goto err;
}
- /* TODO(TLS1.3): For now we ignore the context. We need to verify this */
- if ((SSL_IS_TLS13(s) && !PACKET_get_length_prefixed_1(pkt, &context))
- || !PACKET_get_net_3(pkt, &llen)
- || !PACKET_get_sub_packet(pkt, &spkt, llen)
+ if (SSL_IS_TLS13(s) && (!PACKET_get_length_prefixed_1(pkt, &context)
+ || (s->pha_context == NULL && PACKET_remaining(&context) != 0)
+ || (s->pha_context != NULL &&
+ !PACKET_equal(&context, s->pha_context, s->pha_context_len)))) {
+ SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE,
+ SSL_R_INVALID_CONTEXT);
+ goto err;
+ }
+
+ if (!PACKET_get_length_prefixed_3(pkt, &spkt)
|| PACKET_remaining(pkt) != 0) {
SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE,
SSL_R_LENGTH_MISMATCH);
@@ -3516,6 +3573,35 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
}
}
+ /*
+ * Sessions must be immutable once they go into the session cache. Otherwise
+ * we can get multi-thread problems. Therefore we don't "update" sessions,
+ * we replace them with a duplicate. Here, we need to do this every time
+ * a new certificate is received via post-handshake authentication, as the
+ * session may have already gone into the session cache.
+ */
+
+ if (s->post_handshake_auth == SSL_PHA_REQUESTED) {
+ int m = s->session_ctx->session_cache_mode;
+
+ if ((new_sess = ssl_session_dup(s->session, 0)) == 0) {
+ SSLfatal(s, SSL_AD_INTERNAL_ERROR,
+ SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE,
+ ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (m & SSL_SESS_CACHE_SERVER) {
+ /*
+ * Remove the old session from the cache. We carry on if this fails
+ */
+ SSL_CTX_remove_session(s->session_ctx, s->session);
+ }
+
+ SSL_SESSION_free(s->session);
+ s->session = new_sess;
+ }
+
X509_free(s->session->peer);
s->session->peer = sk_X509_shift(sk);
s->session->verify_result = s->verify_result;
@@ -3523,6 +3609,9 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt)
sk_X509_pop_free(s->session->peer_chain, X509_free);
s->session->peer_chain = sk;
+ if (new_sess != NULL)
+ ssl_update_cache(s, SSL_SESS_CACHE_SERVER);
+
/*
* Freeze the handshake buffer. For
#endif
+#include "../ssl/ssl_locl.h"
#include "internal/sockets.h"
#include "internal/nelem.h"
#include "handshake_helper.h"
@@ -674,6 +675,8 @@ static void configure_handshake_ssl(SSL *server, SSL *client,
if (extra->client.servername != SSL_TEST_SERVERNAME_NONE)
SSL_set_tlsext_host_name(client,
ssl_servername_name(extra->client.servername));
+ if (extra->client.force_pha)
+ SSL_force_post_handshake_auth(client);
}
/* The status for each connection phase. */
@@ -848,7 +851,9 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer)
|| test_ctx->handshake_mode
== SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER
|| test_ctx->handshake_mode
- == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT)) {
+ == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT
+ || test_ctx->handshake_mode
+ == SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH)) {
peer->status = PEER_TEST_FAILURE;
return;
}
@@ -929,6 +934,25 @@ static void do_reneg_setup_step(const SSL_TEST_CTX *test_ctx, PEER *peer)
if (peer->status != PEER_SUCCESS)
peer->status = PEER_ERROR;
return;
+ } else if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH) {
+ if (SSL_is_server(peer->ssl)) {
+ /* Make the server believe it's received the extension */
+ if (test_ctx->extra.server.force_pha)
+ peer->ssl->post_handshake_auth = SSL_PHA_EXT_RECEIVED;
+ ret = SSL_verify_client_post_handshake(peer->ssl);
+ if (!ret) {
+ peer->status = PEER_ERROR;
+ return;
+ }
+ }
+ do_handshake_step(peer);
+ /*
+ * This is a one step handshake. We shouldn't get anything other than
+ * PEER_SUCCESS
+ */
+ if (peer->status != PEER_SUCCESS)
+ peer->status = PEER_ERROR;
+ return;
}
/*
@@ -1004,25 +1028,41 @@ typedef enum {
CONNECTION_DONE
} connect_phase_t;
+
+static int renegotiate_op(const SSL_TEST_CTX *test_ctx)
+{
+ switch (test_ctx->handshake_mode) {
+ case SSL_TEST_HANDSHAKE_RENEG_SERVER:
+ case SSL_TEST_HANDSHAKE_RENEG_CLIENT:
+ return 1;
+ default:
+ return 0;
+ }
+}
+static int post_handshake_op(const SSL_TEST_CTX *test_ctx)
+{
+ switch (test_ctx->handshake_mode) {
+ case SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT:
+ case SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER:
+ case SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
static connect_phase_t next_phase(const SSL_TEST_CTX *test_ctx,
connect_phase_t phase)
{
switch (phase) {
case HANDSHAKE:
- if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_SERVER
- || test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RENEG_CLIENT
- || test_ctx->handshake_mode
- == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT
- || test_ctx->handshake_mode
- == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER)
+ if (renegotiate_op(test_ctx) || post_handshake_op(test_ctx))
return RENEG_APPLICATION_DATA;
return APPLICATION_DATA;
case RENEG_APPLICATION_DATA:
return RENEG_SETUP;
case RENEG_SETUP:
- if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER
- || test_ctx->handshake_mode
- == SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT)
+ if (post_handshake_op(test_ctx))
return APPLICATION_DATA;
return RENEG_HANDSHAKE;
case RENEG_HANDSHAKE:
diff --git a/test/recipes/70-test_tls13messages.t b/test/recipes/70-test_tls13messages.t
index fc70b4f..4190ab5 100644
--- a/test/recipes/70-test_tls13messages.t
+++ b/test/recipes/70-test_tls13messages.t
@@ -89,6 +89,8 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
checkhandshake::PSK_CLI_EXTENSION],
+ [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH,
+ checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
checkhandshake::DEFAULT_EXTENSIONS],
@@ -123,6 +125,8 @@ $ENV{CTLOG_FILE} = srctop_file("test", "ct", "log_list.conf");
checkhandshake::DEFAULT_EXTENSIONS],
[TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_PSK,
checkhandshake::PSK_CLI_EXTENSION],
+ [TLSProxy::Message::MT_CLIENT_HELLO, TLSProxy::Message::EXT_POST_HANDSHAKE_AUTH,
+ checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION],
[TLSProxy::Message::MT_SERVER_HELLO, TLSProxy::Message::EXT_SUPPORTED_VERSIONS,
checkhandshake::DEFAULT_EXTENSIONS],
@@ -214,7 +218,8 @@ $proxy->clientflags("-cert ".srctop_file("apps", "server.pem"));
$proxy->serverflags("-Verify 5");
$proxy->start();
checkhandshake($proxy, checkhandshake::CLIENT_AUTH_HANDSHAKE,
- checkhandshake::DEFAULT_EXTENSIONS,
+ checkhandshake::DEFAULT_EXTENSIONS |
+ checkhandshake::POST_HANDSHAKE_AUTH_CLI_EXTENSION,
"Client auth handshake test");
#Test 7: Server name handshake (no client request)
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
index d1388d9..be03388 100644
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@@ -28,7 +28,7 @@ map { s/\^// } @conf_files if $^O eq "VMS";
# We hard-code the number of tests to double-check that the globbing above
# finds all files as expected.
-plan tests => 25; # = scalar @conf_srcs
+plan tests => 26; # = scalar @conf_srcs
# Some test results depend on the configuration of enabled protocols. We only
# verify generated sources in the default configuration.
@@ -96,6 +96,7 @@ my %skip = (
&& disabled("tls1_2")) || disabled("srp"),
"24-padding.conf" => disabled("tls1_3"),
"25-cipher.conf" => disabled("ec") || disabled("tls1_2"),
+ "26-tls13_client_auth.conf" => disabled("tls1_3"),
);
foreach my $conf (@conf_files) {
diff --git a/test/ssl-tests/26-tls13_client_auth.conf b/test/ssl-tests/26-tls13_client_auth.conf
new file mode 100644
index 0000000..f769b12
--- /dev/null
+++ b/test/ssl-tests/26-tls13_client_auth.conf
@@ -0,0 +1,476 @@
+# Generated with generate_ssl_tests.pl
+
+num_tests = 14
+
+test-0 = 0-server-auth-TLSv1.3
+test-1 = 1-client-auth-TLSv1.3-request
+test-2 = 2-client-auth-TLSv1.3-require-fail
+test-3 = 3-client-auth-TLSv1.3-require
+test-4 = 4-client-auth-TLSv1.3-require-non-empty-names
+test-5 = 5-client-auth-TLSv1.3-noroot
+test-6 = 6-client-auth-TLSv1.3-request-post-handshake
+test-7 = 7-client-auth-TLSv1.3-require-fail-post-handshake
+test-8 = 8-client-auth-TLSv1.3-require-post-handshake
+test-9 = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake
+test-10 = 10-client-auth-TLSv1.3-noroot-post-handshake
+test-11 = 11-client-auth-TLSv1.3-request-force-client-post-handshake
+test-12 = 12-client-auth-TLSv1.3-request-force-server-post-handshake
+test-13 = 13-client-auth-TLSv1.3-request-force-both-post-handshake
+# ===========================================================
+
+[0-server-auth-TLSv1.3]
+ssl_conf = 0-server-auth-TLSv1.3-ssl
+
+[0-server-auth-TLSv1.3-ssl]
+server = 0-server-auth-TLSv1.3-server
+client = 0-server-auth-TLSv1.3-client
+
+[0-server-auth-TLSv1.3-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[0-server-auth-TLSv1.3-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-0]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[1-client-auth-TLSv1.3-request]
+ssl_conf = 1-client-auth-TLSv1.3-request-ssl
+
+[1-client-auth-TLSv1.3-request-ssl]
+server = 1-client-auth-TLSv1.3-request-server
+client = 1-client-auth-TLSv1.3-request-client
+
+[1-client-auth-TLSv1.3-request-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyMode = Request
+
+[1-client-auth-TLSv1.3-request-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-1]
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[2-client-auth-TLSv1.3-require-fail]
+ssl_conf = 2-client-auth-TLSv1.3-require-fail-ssl
+
+[2-client-auth-TLSv1.3-require-fail-ssl]
+server = 2-client-auth-TLSv1.3-require-fail-server
+client = 2-client-auth-TLSv1.3-require-fail-client
+
+[2-client-auth-TLSv1.3-require-fail-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[2-client-auth-TLSv1.3-require-fail-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-2]
+ExpectedResult = ServerFail
+ExpectedServerAlert = HandshakeFailure
+
+
+# ===========================================================
+
+[3-client-auth-TLSv1.3-require]
+ssl_conf = 3-client-auth-TLSv1.3-require-ssl
+
+[3-client-auth-TLSv1.3-require-ssl]
+server = 3-client-auth-TLSv1.3-require-server
+client = 3-client-auth-TLSv1.3-require-client
+
+[3-client-auth-TLSv1.3-require-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = PSS+SHA256
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Request
+
+[3-client-auth-TLSv1.3-require-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-3]
+ExpectedClientCANames = empty
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[4-client-auth-TLSv1.3-require-non-empty-names]
+ssl_conf = 4-client-auth-TLSv1.3-require-non-empty-names-ssl
+
+[4-client-auth-TLSv1.3-require-non-empty-names-ssl]
+server = 4-client-auth-TLSv1.3-require-non-empty-names-server
+client = 4-client-auth-TLSv1.3-require-non-empty-names-client
+
+[4-client-auth-TLSv1.3-require-non-empty-names-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ClientSignatureAlgorithms = PSS+SHA256
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Request
+
+[4-client-auth-TLSv1.3-require-non-empty-names-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-4]
+ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[5-client-auth-TLSv1.3-noroot]
+ssl_conf = 5-client-auth-TLSv1.3-noroot-ssl
+
+[5-client-auth-TLSv1.3-noroot-ssl]
+server = 5-client-auth-TLSv1.3-noroot-server
+client = 5-client-auth-TLSv1.3-noroot-client
+
+[5-client-auth-TLSv1.3-noroot-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyMode = Require
+
+[5-client-auth-TLSv1.3-noroot-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-5]
+ExpectedResult = ServerFail
+ExpectedServerAlert = UnknownCA
+
+
+# ===========================================================
+
+[6-client-auth-TLSv1.3-request-post-handshake]
+ssl_conf = 6-client-auth-TLSv1.3-request-post-handshake-ssl
+
+[6-client-auth-TLSv1.3-request-post-handshake-ssl]
+server = 6-client-auth-TLSv1.3-request-post-handshake-server
+client = 6-client-auth-TLSv1.3-request-post-handshake-client
+
+[6-client-auth-TLSv1.3-request-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyMode = RequestPostHandshake
+
+[6-client-auth-TLSv1.3-request-post-handshake-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-6]
+ExpectedResult = ServerFail
+HandshakeMode = PostHandshakeAuth
+
+
+# ===========================================================
+
+[7-client-auth-TLSv1.3-require-fail-post-handshake]
+ssl_conf = 7-client-auth-TLSv1.3-require-fail-post-handshake-ssl
+
+[7-client-auth-TLSv1.3-require-fail-post-handshake-ssl]
+server = 7-client-auth-TLSv1.3-require-fail-post-handshake-server
+client = 7-client-auth-TLSv1.3-require-fail-post-handshake-client
+
+[7-client-auth-TLSv1.3-require-fail-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = RequirePostHandshake
+
+[7-client-auth-TLSv1.3-require-fail-post-handshake-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-7]
+ExpectedResult = ServerFail
+HandshakeMode = PostHandshakeAuth
+
+
+# ===========================================================
+
+[8-client-auth-TLSv1.3-require-post-handshake]
+ssl_conf = 8-client-auth-TLSv1.3-require-post-handshake-ssl
+
+[8-client-auth-TLSv1.3-require-post-handshake-ssl]
+server = 8-client-auth-TLSv1.3-require-post-handshake-server
+client = 8-client-auth-TLSv1.3-require-post-handshake-client
+
+[8-client-auth-TLSv1.3-require-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = PSS+SHA256
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = RequestPostHandshake
+
+[8-client-auth-TLSv1.3-require-post-handshake-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-8]
+ExpectedClientCANames = empty
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+HandshakeMode = PostHandshakeAuth
+
+
+# ===========================================================
+
+[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake]
+ssl_conf = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-ssl
+
+[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-ssl]
+server = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-server
+client = 9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-client
+
+[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ClientSignatureAlgorithms = PSS+SHA256
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = RequestPostHandshake
+
+[9-client-auth-TLSv1.3-require-non-empty-names-post-handshake-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-9]
+ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+HandshakeMode = PostHandshakeAuth
+
+
+# ===========================================================
+
+[10-client-auth-TLSv1.3-noroot-post-handshake]
+ssl_conf = 10-client-auth-TLSv1.3-noroot-post-handshake-ssl
+
+[10-client-auth-TLSv1.3-noroot-post-handshake-ssl]
+server = 10-client-auth-TLSv1.3-noroot-post-handshake-server
+client = 10-client-auth-TLSv1.3-noroot-post-handshake-client
+
+[10-client-auth-TLSv1.3-noroot-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyMode = RequirePostHandshake
+
+[10-client-auth-TLSv1.3-noroot-post-handshake-client]
+Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-10]
+ExpectedResult = ServerFail
+ExpectedServerAlert = UnknownCA
+HandshakeMode = PostHandshakeAuth
+
+
+# ===========================================================
+
+[11-client-auth-TLSv1.3-request-force-client-post-handshake]
+ssl_conf = 11-client-auth-TLSv1.3-request-force-client-post-handshake-ssl
+
+[11-client-auth-TLSv1.3-request-force-client-post-handshake-ssl]
+server = 11-client-auth-TLSv1.3-request-force-client-post-handshake-server
+client = 11-client-auth-TLSv1.3-request-force-client-post-handshake-client
+
+[11-client-auth-TLSv1.3-request-force-client-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyMode = RequestPostHandshake
+
+[11-client-auth-TLSv1.3-request-force-client-post-handshake-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-11]
+ExpectedResult = Success
+HandshakeMode = PostHandshakeAuth
+client = 11-client-auth-TLSv1.3-request-force-client-post-handshake-client-extra
+
+[11-client-auth-TLSv1.3-request-force-client-post-handshake-client-extra]
+ForcePHA = Yes
+
+
+# ===========================================================
+
+[12-client-auth-TLSv1.3-request-force-server-post-handshake]
+ssl_conf = 12-client-auth-TLSv1.3-request-force-server-post-handshake-ssl
+
+[12-client-auth-TLSv1.3-request-force-server-post-handshake-ssl]
+server = 12-client-auth-TLSv1.3-request-force-server-post-handshake-server
+client = 12-client-auth-TLSv1.3-request-force-server-post-handshake-client
+
+[12-client-auth-TLSv1.3-request-force-server-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyMode = RequestPostHandshake
+
+[12-client-auth-TLSv1.3-request-force-server-post-handshake-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-12]
+ExpectedResult = ClientFail
+HandshakeMode = PostHandshakeAuth
+server = 12-client-auth-TLSv1.3-request-force-server-post-handshake-server-extra
+
+[12-client-auth-TLSv1.3-request-force-server-post-handshake-server-extra]
+ForcePHA = Yes
+
+
+# ===========================================================
+
+[13-client-auth-TLSv1.3-request-force-both-post-handshake]
+ssl_conf = 13-client-auth-TLSv1.3-request-force-both-post-handshake-ssl
+
+[13-client-auth-TLSv1.3-request-force-both-post-handshake-ssl]
+server = 13-client-auth-TLSv1.3-request-force-both-post-handshake-server
+client = 13-client-auth-TLSv1.3-request-force-both-post-handshake-client
+
+[13-client-auth-TLSv1.3-request-force-both-post-handshake-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyMode = RequestPostHandshake
+
+[13-client-auth-TLSv1.3-request-force-both-post-handshake-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-13]
+ExpectedResult = Success
+HandshakeMode = PostHandshakeAuth
+server = 13-client-auth-TLSv1.3-request-force-both-post-handshake-server-extra
+client = 13-client-auth-TLSv1.3-request-force-both-post-handshake-client-extra
+
+[13-client-auth-TLSv1.3-request-force-both-post-handshake-server-extra]
+ForcePHA = Yes
+
+[13-client-auth-TLSv1.3-request-force-both-post-handshake-client-extra]
+ForcePHA = Yes
+
+
diff --git a/test/ssl-tests/26-tls13_client_auth.conf.in b/test/ssl-tests/26-tls13_client_auth.conf.in
new file mode 100644
index 0000000..6da4168
--- /dev/null
+++ b/test/ssl-tests/26-tls13_client_auth.conf.in
@@ -0,0 +1,293 @@
+# -*- mode: perl; -*-
+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+
+## Test TLSv1.3 certificate authentication
+## Similar to 04-client_auth.conf.in output, but specific for
+## TLSv1.3 and post-handshake authentication
+
+use strict;
+use warnings;
+
+package ssltests;
+use OpenSSL::Test::Utils;
+
+our @tests = (
+ {
+ name => "server-auth-TLSv1.3",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-request",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyMode" => "Request",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-require-fail",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "Require",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ },
+ test => {
+ "ExpectedResult" => "ServerFail",
+ "ExpectedServerAlert" => "HandshakeFailure",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-require",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "Request",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ "ExpectedClientCertType" => "RSA",
+ "ExpectedClientSignType" => "RSA-PSS",
+ "ExpectedClientSignHash" => "SHA256",
+ "ExpectedClientCANames" => "empty"
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-require-non-empty-names",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientCAFile" => test_pem("root-cert.pem"),
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "Request",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ "ExpectedClientCertType" => "RSA",
+ "ExpectedClientSignType" => "RSA-PSS",
+ "ExpectedClientSignHash" => "SHA256",
+ "ExpectedClientCANames" => test_pem("root-cert.pem"),
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-noroot",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyMode" => "Require",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "ExpectedResult" => "ServerFail",
+ "ExpectedServerAlert" => "UnknownCA",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-request-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyMode" => "RequestPostHandshake",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ },
+ test => {
+ "ExpectedResult" => "ServerFail",
+ "HandshakeMode" => "PostHandshakeAuth",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-require-fail-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "RequirePostHandshake",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ },
+ test => {
+ "ExpectedResult" => "ServerFail",
+ "HandshakeMode" => "PostHandshakeAuth",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-require-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "RequestPostHandshake",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ "HandshakeMode" => "PostHandshakeAuth",
+ "ExpectedClientCertType" => "RSA",
+ "ExpectedClientSignType" => "RSA-PSS",
+ "ExpectedClientSignHash" => "SHA256",
+ "ExpectedClientCANames" => "empty"
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-require-non-empty-names-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "ClientSignatureAlgorithms" => "PSS+SHA256",
+ "ClientCAFile" => test_pem("root-cert.pem"),
+ "VerifyCAFile" => test_pem("root-cert.pem"),
+ "VerifyMode" => "RequestPostHandshake",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ "HandshakeMode" => "PostHandshakeAuth",
+ "ExpectedClientCertType" => "RSA",
+ "ExpectedClientSignType" => "RSA-PSS",
+ "ExpectedClientSignHash" => "SHA256",
+ "ExpectedClientCANames" => test_pem("root-cert.pem"),
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-noroot-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyMode" => "RequirePostHandshake",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "Certificate" => test_pem("ee-client-chain.pem"),
+ "PrivateKey" => test_pem("ee-key.pem"),
+ },
+ test => {
+ "ExpectedResult" => "ServerFail",
+ "HandshakeMode" => "PostHandshakeAuth",
+ "ExpectedServerAlert" => "UnknownCA",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-request-force-client-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyMode" => "RequestPostHandshake",
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ extra => {
+ "ForcePHA" => "Yes",
+ },
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ "HandshakeMode" => "PostHandshakeAuth",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-request-force-server-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyMode" => "RequestPostHandshake",
+ extra => {
+ "ForcePHA" => "Yes",
+ },
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ },
+ test => {
+ "ExpectedResult" => "ClientFail",
+ "HandshakeMode" => "PostHandshakeAuth",
+ },
+ },
+ {
+ name => "client-auth-TLSv1.3-request-force-both-post-handshake",
+ server => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ "VerifyMode" => "RequestPostHandshake",
+ extra => {
+ "ForcePHA" => "Yes",
+ },
+ },
+ client => {
+ "MinProtocol" => "TLSv1.3",
+ "MaxProtocol" => "TLSv1.3",
+ extra => {
+ "ForcePHA" => "Yes",
+ },
+ },
+ test => {
+ "ExpectedResult" => "Success",
+ "HandshakeMode" => "PostHandshakeAuth",
+ },
+ },
+);
diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c
index 897b31e..1f7db2e 100644
--- a/test/ssl_test_ctx.c
+++ b/test/ssl_test_ctx.c
@@ -369,6 +369,7 @@ static const test_enum ssl_handshake_modes[] = {
{"RenegotiateClient", SSL_TEST_HANDSHAKE_RENEG_CLIENT},
{"KeyUpdateServer", SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER},
{"KeyUpdateClient", SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT},
+ {"PostHandshakeAuth", SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH},
};
__owur static int parse_handshake_mode(SSL_TEST_CTX *test_ctx, const char *value)
@@ -622,6 +623,11 @@ __owur static int parse_expected_client_ca_names(SSL_TEST_CTX *test_ctx,
IMPLEMENT_SSL_TEST_STRING_OPTION(SSL_TEST_CTX, test, expected_cipher)
+/* Client and Server ForcePHA */
+
+IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_CLIENT_CONF, client, force_pha)
+IMPLEMENT_SSL_TEST_BOOL_OPTION(SSL_TEST_SERVER_CONF, server, force_pha)
+
/* Known test options and their corresponding parse methods. */
/* Top-level options. */
@@ -676,6 +682,7 @@ static const ssl_test_client_option ssl_test_client_options[] = {
{ "SRPUser", &parse_client_srp_user },
{ "SRPPassword", &parse_client_srp_password },
{ "MaxFragmentLenExt", &parse_max_fragment_len_mode },
+ { "ForcePHA", &parse_client_force_pha },
};
/* Nested server options. */
@@ -692,6 +699,7 @@ static const ssl_test_server_option ssl_test_server_options[] = {
{ "CertStatus", &parse_certstatus },
{ "SRPUser", &parse_server_srp_user },
{ "SRPPassword", &parse_server_srp_password },
+ { "ForcePHA", &parse_server_force_pha },
};
SSL_TEST_CTX *SSL_TEST_CTX_new()
diff --git a/test/ssl_test_ctx.h b/test/ssl_test_ctx.h
index 2d7b0c2..0ec87ce 100644
--- a/test/ssl_test_ctx.h
+++ b/test/ssl_test_ctx.h
@@ -73,7 +73,8 @@ typedef enum {
SSL_TEST_HANDSHAKE_RENEG_SERVER,
SSL_TEST_HANDSHAKE_RENEG_CLIENT,
SSL_TEST_HANDSHAKE_KEY_UPDATE_SERVER,
- SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT
+ SSL_TEST_HANDSHAKE_KEY_UPDATE_CLIENT,
+ SSL_TEST_HANDSHAKE_POST_HANDSHAKE_AUTH
} ssl_handshake_mode_t;
typedef enum {
@@ -107,6 +108,8 @@ typedef struct {
char *reneg_ciphers;
char *srp_user;
char *srp_password;
+ /* Forced PHA */
+ int force_pha;
} SSL_TEST_CLIENT_CONF;
typedef struct {
@@ -122,6 +125,8 @@ typedef struct {
/* An SRP user known to the server. */
char *srp_user;
char *srp_password;
+ /* Forced PHA */
+ int force_pha;
} SSL_TEST_SERVER_CONF;
typedef struct {
diff --git a/test/sslapitest.c b/test/sslapitest.c
index a338578..b655fe7 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -3306,6 +3306,65 @@ end:
return testresult;
}
+#ifndef OPENSSL_NO_TLS1_3
+static int test_pha_key_update(void)
+{
+ SSL_CTX *cctx = NULL, *sctx = NULL;
+ SSL *clientssl = NULL, *serverssl = NULL;
+ int testresult = 0;
+
+ if (!TEST_true(create_ssl_ctx_pair(TLS_server_method(),
+ TLS_client_method(),
+ &sctx, &cctx, cert, privkey)))
+ return 0;
+
+ if (!TEST_true(SSL_CTX_set_min_proto_version(sctx, TLS1_3_VERSION))
+ || !TEST_true(SSL_CTX_set_max_proto_version(sctx, TLS1_3_VERSION))
+ || !TEST_true(SSL_CTX_set_min_proto_version(cctx, TLS1_3_VERSION))
+ || !TEST_true(SSL_CTX_set_max_proto_version(cctx, TLS1_3_VERSION)))
+ goto end;
+
+
+ if (!TEST_true(create_ssl_objects(sctx, cctx, &serverssl, &clientssl,
+ NULL, NULL)))
+ goto end;
+
+ SSL_force_post_handshake_auth(clientssl);
+
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl,
+ SSL_ERROR_NONE)))
+ goto end;
+
+ SSL_set_verify(serverssl, SSL_VERIFY_PEER, NULL);
+ if (!TEST_true(SSL_verify_client_post_handshake(serverssl)))
+ goto end;
+
+ if (!TEST_true(SSL_key_update(clientssl, SSL_KEY_UPDATE_NOT_REQUESTED)))
+ goto end;
+
+ /* Start handshake on the server */
+ if (!TEST_int_eq(SSL_do_handshake(serverssl), 1))
+ goto end;
+
+ /* Starts with SSL_connect(), but it's really just SSL_do_handshake() */
+ if (!TEST_true(create_ssl_connection(serverssl, clientssl,
+ SSL_ERROR_NONE)))
+ goto end;
+
+ SSL_shutdown(clientssl);
+ SSL_shutdown(serverssl);
+
+ testresult = 1;
+
+ end:
+ SSL_free(serverssl);
+ SSL_free(clientssl);
+ SSL_CTX_free(sctx);
+ SSL_CTX_free(cctx);
+ return testresult;
+}
+#endif
+
int setup_tests(void)
{
if (!TEST_ptr(cert = test_get_argument(0))
@@ -3352,6 +3411,7 @@ int setup_tests(void)
ADD_TEST(test_tls13_psk);
ADD_ALL_TESTS(test_custom_exts, 5);
ADD_TEST(test_stateless);
+ ADD_TEST(test_pha_key_update);
#else
ADD_ALL_TESTS(test_custom_exts, 3);
#endif
diff --git a/util/libssl.num b/util/libssl.num
index abaa5bf..866ff53 100644
--- a/util/libssl.num
+++ b/util/libssl.num
@@ -474,3 +474,5 @@ SSL_CTX_set_tlsext_max_fragment_length 474 1_1_1 EXIST::FUNCTION:
SSL_set_tlsext_max_fragment_length 475 1_1_1 EXIST::FUNCTION:
SSL_SESSION_get_max_fragment_length 476 1_1_1 EXIST::FUNCTION:
SSL_stateless 477 1_1_1 EXIST::FUNCTION:
+SSL_verify_client_post_handshake 478 1_1_1 EXIST::FUNCTION:
+SSL_force_post_handshake_auth 479 1_1_1 EXIST::FUNCTION:
diff --git a/util/perl/TLSProxy/Message.pm b/util/perl/TLSProxy/Message.pm
index eea272f..0311490 100644
--- a/util/perl/TLSProxy/Message.pm
+++ b/util/perl/TLSProxy/Message.pm
@@ -79,6 +79,7 @@ use constant {
EXT_SUPPORTED_VERSIONS => 43,
EXT_COOKIE => 44,
EXT_PSK_KEX_MODES => 45,
+ EXT_POST_HANDSHAKE_AUTH => 49,
EXT_SIG_ALGS_CERT => 50,
EXT_RENEGOTIATE => 65281,
EXT_NPN => 13172,
diff --git a/util/perl/checkhandshake.pm b/util/perl/checkhandshake.pm
index e1667d5..2f4a296 100644
--- a/util/perl/checkhandshake.pm
+++ b/util/perl/checkhandshake.pm
@@ -53,7 +53,8 @@ use constant {
KEY_SHARE_SRV_EXTENSION => 0x00020000,
PSK_KEX_MODES_EXTENSION => 0x00040000,
KEY_SHARE_HRR_EXTENSION => 0x00080000,
- SUPPORTED_GROUPS_SRV_EXTENSION => 0x00100000
+ SUPPORTED_GROUPS_SRV_EXTENSION => 0x00100000,
+ POST_HANDSHAKE_AUTH_CLI_EXTENSION => 0x00200000
};
our @handmessages = ();
From no-reply at appveyor.com Thu Feb 1 18:15:57 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 01 Feb 2018 18:15:57 +0000
Subject: [openssl-commits] Build completed: openssl master.15317
Message-ID: <20180201181557.1.331CCF3C25E4847F@appveyor.com>
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Thu Feb 1 18:17:31 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 01 Feb 2018 18:17:31 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517509051.246215.10490.nullmailer@dev.openssl.org>
The branch master has been updated
via 34544072e9bccd4dad958ebeb3caadbb5c5106d0 (commit)
from e43e6b1951de931ca500c6964496e76651332f5e (commit)
- Log -----------------------------------------------------------------
commit 34544072e9bccd4dad958ebeb3caadbb5c5106d0
Author: Richard Levitte
Date: Thu Feb 1 10:35:59 2018 +0100
VMS: MMS wants a space before the target / dependecies separator
So as not to be mixed up with a device specification...
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/openssl/pull/5234)
-----------------------------------------------------------------------
Summary of changes:
Configurations/descrip.mms.tmpl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
index 7d8b348..bfeee77 100644
--- a/Configurations/descrip.mms.tmpl
+++ b/Configurations/descrip.mms.tmpl
@@ -553,7 +553,7 @@ configdata.pm : $(SRCDIR)Configure $(SRCDIR)config.com {- join(" ", @{$config{bu
@ WRITE SYS$OUTPUT "*************************************************"
@ PIPE ( EXIT %X10000000 )
-reconfigure reconf:
+reconfigure reconf :
perl configdata.pm -r -v
{-
From rsalz at openssl.org Thu Feb 1 18:18:51 2018
From: rsalz at openssl.org (Rich Salz)
Date: Thu, 01 Feb 2018 18:18:51 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517509131.425188.12569.nullmailer@dev.openssl.org>
The branch master has been updated
via 67c836e860c735cf1b039ef52973237fd26b74d6 (commit)
from 34544072e9bccd4dad958ebeb3caadbb5c5106d0 (commit)
- Log -----------------------------------------------------------------
commit 67c836e860c735cf1b039ef52973237fd26b74d6
Author: Rich Salz
Date: Thu Feb 1 13:18:32 2018 -0500
Shorten output by a line
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5238)
-----------------------------------------------------------------------
Summary of changes:
Configure | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Configure b/Configure
index cad25bb..a994876 100755
--- a/Configure
+++ b/Configure
@@ -939,7 +939,7 @@ if ($target eq "HASH") {
exit 0;
}
-print "Configuring OpenSSL version $config{version} ($config{version_num})\n";
+print "Configuring OpenSSL version $config{version} ($config{version_num}) ";
print "for $target\n";
# Backward compatibility?
From rsalz at openssl.org Thu Feb 1 18:23:21 2018
From: rsalz at openssl.org (Rich Salz)
Date: Thu, 01 Feb 2018 18:23:21 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517509401.196692.17544.nullmailer@dev.openssl.org>
The branch master has been updated
via 3c5a61dd0f9d9a9eac098419bcaf47d1c296ca81 (commit)
from 67c836e860c735cf1b039ef52973237fd26b74d6 (commit)
- Log -----------------------------------------------------------------
commit 3c5a61dd0f9d9a9eac098419bcaf47d1c296ca81
Author: Michael Richardson
Date: Thu Feb 1 13:22:48 2018 -0500
Add OPENSSL_VERSION_AT_LEAST
added macro to create version number
use the macro to build OPENSSL_VERSION_AT_LEAST(maj,min,fix) so that
customers of libssl (such as ruby-openssl) do not need to be so aware of
openssl version numbers.
includes updates to ssl(7) and OPENSSL_VERSION_NUMBER(3) man page
Reviewed-by: Richard Levitte
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5212)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/OPENSSL_VERSION_NUMBER.pod | 5 +++++
doc/man7/ssl.pod | 6 ++++++
include/openssl/opensslv.h | 5 +++++
3 files changed, 16 insertions(+)
diff --git a/doc/man3/OPENSSL_VERSION_NUMBER.pod b/doc/man3/OPENSSL_VERSION_NUMBER.pod
index 6eca113..d5842c0 100644
--- a/doc/man3/OPENSSL_VERSION_NUMBER.pod
+++ b/doc/man3/OPENSSL_VERSION_NUMBER.pod
@@ -47,6 +47,11 @@ number was therefore 0x0090581f.
OpenSSL_version_num() returns the version number.
+The macro OPENSSL_VERSION_AT_LEAST(major,minor) can be used at compile
+time test if the current version is at least as new as the version provided.
+The arguments major, minor and fix correspond to the version information
+as given above.
+
OpenSSL_version() returns different strings depending on B:
=over 4
diff --git a/doc/man7/ssl.pod b/doc/man7/ssl.pod
index 724fc78..066b325 100644
--- a/doc/man7/ssl.pod
+++ b/doc/man7/ssl.pod
@@ -89,6 +89,12 @@ includes both more private SSL headers and headers from the B library.
Whenever you need hard-core details on the internals of the SSL API, look
inside this header file.
+OPENSSL_VERSION_AT_LEAST(major,minor) can be
+used in C<#if> statements in order to determine which version of the library is
+being used. This can be used to either enable optional features at compile
+time, or work around issues with a previous version.
+See L.
+
=item B
Unused. Present for backwards compatibility only.
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index c6e15a5..420a1c9 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h
@@ -42,6 +42,11 @@ extern "C" {
# define OPENSSL_VERSION_NUMBER 0x10101000L
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1-dev xx XXX xxxx"
+#define OPENSSL_MAKE_VERSION(maj,min,fix,patch) ((0x10000000L)+((maj&0xff)<<20)+((min&0xff)<<12)+((fix&0xff)<<4)+patch)
+
+/* use this for #if tests, should never depend upon fix/patch */
+#define OPENSSL_VERSION_AT_LEAST(maj,min) (OPENSSL_MAKE_VERSION(maj,min, 0, 0) >= OPENSSL_VERSION_NUMBER)
+
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
* versioning. That kind of versioning works a bit differently between
From builds at travis-ci.org Thu Feb 1 17:53:47 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 17:53:47 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16024 (master -
e43e6b1)
In-Reply-To:
Message-ID: <5a73542b210cf_43f99ee3fba70146079@6f1e7807-ba31-4302-beba-07cf17cd0e30.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16024
Status: Still Failing
Duration: 33 minutes and 21 seconds
Commit: e43e6b1 (master)
Author: Todd Short
Message: Fix some minor code nits
Reviewed-by: Ben Kaduk
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4964)
View the changeset: https://github.com/openssl/openssl/compare/848a950b715f...e43e6b1951de
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336201545?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From rsalz at openssl.org Thu Feb 1 18:27:43 2018
From: rsalz at openssl.org (Rich Salz)
Date: Thu, 01 Feb 2018 18:27:43 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1517509663.057882.22619.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via d8adfdcd2e5de23f3e1d1a1d10c2fda6f4a65c4a (commit)
from d4577a1474cd67afbfa5a48729c979180144b9d6 (commit)
- Log -----------------------------------------------------------------
commit d8adfdcd2e5de23f3e1d1a1d10c2fda6f4a65c4a
Author: Michael Richardson
Date: Thu Feb 1 13:22:48 2018 -0500
Add OPENSSL_VERSION_AT_LEAST
added macro to create version number
use the macro to build OPENSSL_VERSION_AT_LEAST(maj,min,fix) so that
customers of libssl (such as ruby-openssl) do not need to be so aware of
openssl version numbers.
includes updates to ssl(7) and OPENSSL_VERSION_NUMBER(3) man page
Reviewed-by: Richard Levitte
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5212)
(cherry picked from commit 3c5a61dd0f9d9a9eac098419bcaf47d1c296ca81)
-----------------------------------------------------------------------
Summary of changes:
doc/crypto/OPENSSL_VERSION_NUMBER.pod | 5 +++++
doc/ssl/ssl.pod | 6 ++++++
include/openssl/opensslv.h | 5 +++++
3 files changed, 16 insertions(+)
diff --git a/doc/crypto/OPENSSL_VERSION_NUMBER.pod b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
index 9cc1ed1..6e23abf 100644
--- a/doc/crypto/OPENSSL_VERSION_NUMBER.pod
+++ b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
@@ -47,6 +47,11 @@ number was therefore 0x0090581f.
OpenSSL_version_num() returns the version number.
+The macro OPENSSL_VERSION_AT_LEAST(major,minor) can be used at compile
+time test if the current version is at least as new as the version provided.
+The arguments major, minor and fix correspond to the version information
+as given above.
+
OpenSSL_version() returns different strings depending on B:
=over 4
diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index daee30d..3b17ec1 100644
--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@@ -91,6 +91,12 @@ includes both more private SSL headers and headers from the B library.
Whenever you need hard-core details on the internals of the SSL API, look
inside this header file.
+OPENSSL_VERSION_AT_LEAST(major,minor) can be
+used in C<#if> statements in order to determine which version of the library is
+being used. This can be used to either enable optional features at compile
+time, or work around issues with a previous version.
+See L.
+
=item B
Unused. Present for backwards compatibility only.
diff --git a/include/openssl/opensslv.h b/include/openssl/opensslv.h
index 47cb0bf..a7a0136 100644
--- a/include/openssl/opensslv.h
+++ b/include/openssl/opensslv.h
@@ -46,6 +46,11 @@ extern "C" {
# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.0h-dev xx XXX xxxx"
# endif
+#define OPENSSL_MAKE_VERSION(maj,min,fix,patch) ((0x10000000L)+((maj&0xff)<<20)+((min&0xff)<<12)+((fix&0xff)<<4)+patch)
+
+/* use this for #if tests, should never depend upon fix/patch */
+#define OPENSSL_VERSION_AT_LEAST(maj,min) (OPENSSL_MAKE_VERSION(maj,min, 0, 0) >= OPENSSL_VERSION_NUMBER)
+
/*-
* The macros below are to be used for shared library (.so, .dll, ...)
* versioning. That kind of versioning works a bit differently between
From builds at travis-ci.org Thu Feb 1 18:48:26 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 18:48:26 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16027 (master -
3454407)
In-Reply-To:
Message-ID: <5a7360fa7a8be_43f99ee3fba701544139@6f1e7807-ba31-4302-beba-07cf17cd0e30.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16027
Status: Still Failing
Duration: 30 minutes and 3 seconds
Commit: 3454407 (master)
Author: Richard Levitte
Message: VMS: MMS wants a space before the target / dependecies separator
So as not to be mixed up with a device specification...
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/openssl/pull/5234)
View the changeset: https://github.com/openssl/openssl/compare/e43e6b1951de...34544072e9bc
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336224446?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Thu Feb 1 19:03:12 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 19:03:12 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16028 (master -
67c836e)
In-Reply-To:
Message-ID: <5a73647067208_43f99f0a24468156613e@6f1e7807-ba31-4302-beba-07cf17cd0e30.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16028
Status: Still Failing
Duration: 38 minutes and 36 seconds
Commit: 67c836e (master)
Author: Rich Salz
Message: Shorten output by a line
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5238)
View the changeset: https://github.com/openssl/openssl/compare/34544072e9bc...67c836e860c7
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336224843?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Thu Feb 1 19:17:05 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 19:17:05 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16029 (master -
3c5a61d)
In-Reply-To:
Message-ID: <5a7367b1c4b72_43fc62c152070182417@9cde2705-86f2-43ab-a9e0-15a89b8526cf.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16029
Status: Still Failing
Duration: 37 minutes and 32 seconds
Commit: 3c5a61d (master)
Author: Michael Richardson
Message: Add OPENSSL_VERSION_AT_LEAST
added macro to create version number
use the macro to build OPENSSL_VERSION_AT_LEAST(maj,min,fix) so that
customers of libssl (such as ruby-openssl) do not need to be so aware of
openssl version numbers.
includes updates to ssl(7) and OPENSSL_VERSION_NUMBER(3) man page
Reviewed-by: Richard Levitte
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5212)
View the changeset: https://github.com/openssl/openssl/compare/67c836e860c7...3c5a61dd0f9d
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336226632?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From appro at openssl.org Thu Feb 1 20:46:11 2018
From: appro at openssl.org (Andy Polyakov)
Date: Thu, 01 Feb 2018 20:46:11 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1517517971.036272.31057.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via 723183b5640e9b047acac189c7c7fb78575522d4 (commit)
via 0b9373ce3c2d39d9a88634913b8191ad4f7a453c (commit)
from d8adfdcd2e5de23f3e1d1a1d10c2fda6f4a65c4a (commit)
- Log -----------------------------------------------------------------
commit 723183b5640e9b047acac189c7c7fb78575522d4
Author: David Benjamin
Date: Tue Jan 23 13:57:10 2018 -0500
Don't leak the exponent bit width in BN_mod_exp_mont_consttime.
The exponent here is one of d, dmp1, or dmq1 for RSA. This value and its
bit length are both secret. The only public upper bound is the bit width
of the corresponding modulus (RSA n, p, and q, respectively).
Although BN_num_bits is constant-time (sort of; see bn_correct_top notes
in preceding patch), this does not fix the root problem, which is that
the windows are based on the minimal bit width, not the upper bound. We
could use BN_num_bits(m), but BN_mod_exp_mont_consttime is public API
and may be called with larger exponents. Instead, use all top*BN_BITS2
bits in the BIGNUM. This is still sensitive to the long-standing
bn_correct_top leak, but we need to fix that regardless.
This may cause us to do a handful of extra multiplications for RSA keys
which are just above a whole number of words, but that is not a standard
RSA key size.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5154)
(cherry picked from commit 39eeb64f59ff838f976ad305de7d15747d47a41c)
commit 0b9373ce3c2d39d9a88634913b8191ad4f7a453c
Author: David Benjamin
Date: Tue Jan 23 13:46:53 2018 -0500
Make BN_num_bits_word constant-time.
(This patch was written by Andy Polyakov. I only wrote the commit
message. Mistakes in the analysis are my fault.)
BN_num_bits, by way of BN_num_bits_word, currently leaks the
most-significant word of its argument via branching and memory access
pattern.
BN_num_bits is called on RSA prime factors in various places. These have
public bit lengths, but all bits beyond the high bit are secret. This
fully resolves those cases.
There are a few places where BN_num_bits is called on an input where the
bit length is also secret. This does *not* fully resolve those cases as
we still only look at the top word. Today, that is guaranteed to be
non-zero, but only because of the long-standing bn_correct_top timing
leak. Once that is fixed, a constant-time BN_num_bits on such inputs
must count bits on each word.
Instead, those cases should not call BN_num_bits at all. In particular,
BN_mod_exp_mont_consttime uses the exponent bit width to pick windows,
but it should be using the maximum bit width. The next patch will fix
this.
Thanks to Dinghao Wu, Danfeng Zhang, Shuai Wang, Pei Wang, and Xiao Liu
for reporting this issue.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5154)
(cherry picked from commit 972c87dfc7e765bd28a4964519c362f0d3a58ca4)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_exp.c | 6 ++-
crypto/bn/bn_lib.c | 107 ++++++++++++++++++++---------------------------------
2 files changed, 45 insertions(+), 68 deletions(-)
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 7ebaeb0..8073368 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -633,7 +633,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
top = m->top;
- bits = BN_num_bits(p);
+ /*
+ * Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
+ * whether the top bits are zero.
+ */
+ bits = p->top * BN_BITS2;
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index b8d4468..6081e88 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -88,74 +88,47 @@ const BIGNUM *BN_value_one(void)
int BN_num_bits_word(BN_ULONG l)
{
- static const unsigned char bits[256] = {
- 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
- 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- };
-
-#if defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffffffff00000000L) {
- if (l & 0xffff000000000000L) {
- if (l & 0xff00000000000000L) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000L) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-#else
-# ifdef SIXTY_FOUR_BIT
- if (l & 0xffffffff00000000LL) {
- if (l & 0xffff000000000000LL) {
- if (l & 0xff00000000000000LL) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000LL) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-# endif
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffff0000L) {
- if (l & 0xff000000L)
- return (bits[(int)(l >> 24L)] + 24);
- else
- return (bits[(int)(l >> 16L)] + 16);
- } else
+ BN_ULONG x, mask;
+ int bits = (l != 0);
+
+#if BN_BITS2 > 32
+ x = l >> 32;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 32 & mask;
+ l ^= (x ^ l) & mask;
#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xff00L)
- return (bits[(int)(l >> 8)] + 8);
- else
-#endif
- return (bits[(int)(l)]);
- }
- }
+
+ x = l >> 16;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 16 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 8;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 8 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 4;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 4 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 2;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 2 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 1;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 1 & mask;
+
+ return bits;
}
int BN_num_bits(const BIGNUM *a)
From appro at openssl.org Thu Feb 1 20:46:11 2018
From: appro at openssl.org (Andy Polyakov)
Date: Thu, 01 Feb 2018 20:46:11 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517517971.131544.31080.nullmailer@dev.openssl.org>
The branch master has been updated
via 39eeb64f59ff838f976ad305de7d15747d47a41c (commit)
via 972c87dfc7e765bd28a4964519c362f0d3a58ca4 (commit)
from 3c5a61dd0f9d9a9eac098419bcaf47d1c296ca81 (commit)
- Log -----------------------------------------------------------------
commit 39eeb64f59ff838f976ad305de7d15747d47a41c
Author: David Benjamin
Date: Tue Jan 23 13:57:10 2018 -0500
Don't leak the exponent bit width in BN_mod_exp_mont_consttime.
The exponent here is one of d, dmp1, or dmq1 for RSA. This value and its
bit length are both secret. The only public upper bound is the bit width
of the corresponding modulus (RSA n, p, and q, respectively).
Although BN_num_bits is constant-time (sort of; see bn_correct_top notes
in preceding patch), this does not fix the root problem, which is that
the windows are based on the minimal bit width, not the upper bound. We
could use BN_num_bits(m), but BN_mod_exp_mont_consttime is public API
and may be called with larger exponents. Instead, use all top*BN_BITS2
bits in the BIGNUM. This is still sensitive to the long-standing
bn_correct_top leak, but we need to fix that regardless.
This may cause us to do a handful of extra multiplications for RSA keys
which are just above a whole number of words, but that is not a standard
RSA key size.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5154)
commit 972c87dfc7e765bd28a4964519c362f0d3a58ca4
Author: David Benjamin
Date: Tue Jan 23 13:46:53 2018 -0500
Make BN_num_bits_word constant-time.
(This patch was written by Andy Polyakov. I only wrote the commit
message. Mistakes in the analysis are my fault.)
BN_num_bits, by way of BN_num_bits_word, currently leaks the
most-significant word of its argument via branching and memory access
pattern.
BN_num_bits is called on RSA prime factors in various places. These have
public bit lengths, but all bits beyond the high bit are secret. This
fully resolves those cases.
There are a few places where BN_num_bits is called on an input where the
bit length is also secret. This does *not* fully resolve those cases as
we still only look at the top word. Today, that is guaranteed to be
non-zero, but only because of the long-standing bn_correct_top timing
leak. Once that is fixed, a constant-time BN_num_bits on such inputs
must count bits on each word.
Instead, those cases should not call BN_num_bits at all. In particular,
BN_mod_exp_mont_consttime uses the exponent bit width to pick windows,
but it should be using the maximum bit width. The next patch will fix
this.
Thanks to Dinghao Wu, Danfeng Zhang, Shuai Wang, Pei Wang, and Xiao Liu
for reporting this issue.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5154)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_exp.c | 6 ++-
crypto/bn/bn_lib.c | 107 ++++++++++++++++++++---------------------------------
2 files changed, 45 insertions(+), 68 deletions(-)
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index 69970e6..b786bf0 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -623,7 +623,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
top = m->top;
- bits = BN_num_bits(p);
+ /*
+ * Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
+ * whether the top bits are zero.
+ */
+ bits = p->top * BN_BITS2;
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index b9f19d8..57fe452 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -88,74 +88,47 @@ const BIGNUM *BN_value_one(void)
int BN_num_bits_word(BN_ULONG l)
{
- static const unsigned char bits[256] = {
- 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
- 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- };
-
-#if defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffffffff00000000L) {
- if (l & 0xffff000000000000L) {
- if (l & 0xff00000000000000L) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000L) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-#else
-# ifdef SIXTY_FOUR_BIT
- if (l & 0xffffffff00000000LL) {
- if (l & 0xffff000000000000LL) {
- if (l & 0xff00000000000000LL) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000LL) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-# endif
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffff0000L) {
- if (l & 0xff000000L)
- return (bits[(int)(l >> 24L)] + 24);
- else
- return (bits[(int)(l >> 16L)] + 16);
- } else
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xff00L)
- return (bits[(int)(l >> 8)] + 8);
- else
+ BN_ULONG x, mask;
+ int bits = (l != 0);
+
+#if BN_BITS2 > 32
+ x = l >> 32;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 32 & mask;
+ l ^= (x ^ l) & mask;
#endif
- return (bits[(int)(l)]);
- }
- }
+
+ x = l >> 16;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 16 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 8;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 8 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 4;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 4 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 2;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 2 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 1;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 1 & mask;
+
+ return bits;
}
int BN_num_bits(const BIGNUM *a)
From appro at openssl.org Thu Feb 1 20:48:11 2018
From: appro at openssl.org (Andy Polyakov)
Date: Thu, 01 Feb 2018 20:48:11 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Message-ID: <1517518091.502376.2105.nullmailer@dev.openssl.org>
The branch OpenSSL_1_0_2-stable has been updated
via 4981e6fc1da4aec6775fc248643c91dd1e87e0b7 (commit)
via 66509ddbd00179e8be58d54cf5576fb6b74d0131 (commit)
from d498e526832bd6c50238f3dc0bcac9375179926e (commit)
- Log -----------------------------------------------------------------
commit 4981e6fc1da4aec6775fc248643c91dd1e87e0b7
Author: David Benjamin
Date: Tue Jan 23 13:57:10 2018 -0500
Don't leak the exponent bit width in BN_mod_exp_mont_consttime.
The exponent here is one of d, dmp1, or dmq1 for RSA. This value and its
bit length are both secret. The only public upper bound is the bit width
of the corresponding modulus (RSA n, p, and q, respectively).
Although BN_num_bits is constant-time (sort of; see bn_correct_top notes
in preceding patch), this does not fix the root problem, which is that
the windows are based on the minimal bit width, not the upper bound. We
could use BN_num_bits(m), but BN_mod_exp_mont_consttime is public API
and may be called with larger exponents. Instead, use all top*BN_BITS2
bits in the BIGNUM. This is still sensitive to the long-standing
bn_correct_top leak, but we need to fix that regardless.
This may cause us to do a handful of extra multiplications for RSA keys
which are just above a whole number of words, but that is not a standard
RSA key size.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5154)
(cherry picked from commit 39eeb64f59ff838f976ad305de7d15747d47a41c)
commit 66509ddbd00179e8be58d54cf5576fb6b74d0131
Author: David Benjamin
Date: Tue Jan 23 13:46:53 2018 -0500
Make BN_num_bits_word constant-time.
(This patch was written by Andy Polyakov. I only wrote the commit
message. Mistakes in the analysis are my fault.)
BN_num_bits, by way of BN_num_bits_word, currently leaks the
most-significant word of its argument via branching and memory access
pattern.
BN_num_bits is called on RSA prime factors in various places. These have
public bit lengths, but all bits beyond the high bit are secret. This
fully resolves those cases.
There are a few places where BN_num_bits is called on an input where the
bit length is also secret. This does *not* fully resolve those cases as
we still only look at the top word. Today, that is guaranteed to be
non-zero, but only because of the long-standing bn_correct_top timing
leak. Once that is fixed, a constant-time BN_num_bits on such inputs
must count bits on each word.
Instead, those cases should not call BN_num_bits at all. In particular,
BN_mod_exp_mont_consttime uses the exponent bit width to pick windows,
but it should be using the maximum bit width. The next patch will fix
this.
Thanks to Dinghao Wu, Danfeng Zhang, Shuai Wang, Pei Wang, and Xiao Liu
for reporting this issue.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5154)
(cherry picked from commit 972c87dfc7e765bd28a4964519c362f0d3a58ca4)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_exp.c | 6 ++-
crypto/bn/bn_lib.c | 107 ++++++++++++++++++++---------------------------------
2 files changed, 45 insertions(+), 68 deletions(-)
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
index c4b63e4..9fc545a 100644
--- a/crypto/bn/bn_exp.c
+++ b/crypto/bn/bn_exp.c
@@ -727,7 +727,11 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
top = m->top;
- bits = BN_num_bits(p);
+ /*
+ * Use all bits stored in |p|, rather than |BN_num_bits|, so we do not leak
+ * whether the top bits are zero.
+ */
+ bits = p->top * BN_BITS2;
if (bits == 0) {
/* x**0 mod 1 is still zero. */
if (BN_is_one(m)) {
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 10b78f5..27b9bdb 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -144,74 +144,47 @@ const BIGNUM *BN_value_one(void)
int BN_num_bits_word(BN_ULONG l)
{
- static const unsigned char bits[256] = {
- 0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
- 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
- };
-
-#if defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffffffff00000000L) {
- if (l & 0xffff000000000000L) {
- if (l & 0xff00000000000000L) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000L) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-#else
-# ifdef SIXTY_FOUR_BIT
- if (l & 0xffffffff00000000LL) {
- if (l & 0xffff000000000000LL) {
- if (l & 0xff00000000000000LL) {
- return (bits[(int)(l >> 56)] + 56);
- } else
- return (bits[(int)(l >> 48)] + 48);
- } else {
- if (l & 0x0000ff0000000000LL) {
- return (bits[(int)(l >> 40)] + 40);
- } else
- return (bits[(int)(l >> 32)] + 32);
- }
- } else
-# endif
-#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xffff0000L) {
- if (l & 0xff000000L)
- return (bits[(int)(l >> 24L)] + 24);
- else
- return (bits[(int)(l >> 16L)] + 16);
- } else
+ BN_ULONG x, mask;
+ int bits = (l != 0);
+
+#if BN_BITS2 > 32
+ x = l >> 32;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 32 & mask;
+ l ^= (x ^ l) & mask;
#endif
- {
-#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
- if (l & 0xff00L)
- return (bits[(int)(l >> 8)] + 8);
- else
-#endif
- return (bits[(int)(l)]);
- }
- }
+
+ x = l >> 16;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 16 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 8;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 8 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 4;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 4 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 2;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 2 & mask;
+ l ^= (x ^ l) & mask;
+
+ x = l >> 1;
+ mask = (0 - x) & BN_MASK2;
+ mask = (0 - (mask >> (BN_BITS2 - 1)));
+ bits += 1 & mask;
+
+ return bits;
}
int BN_num_bits(const BIGNUM *a)
From appro at openssl.org Thu Feb 1 20:53:10 2018
From: appro at openssl.org (Andy Polyakov)
Date: Thu, 01 Feb 2018 20:53:10 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517518390.319396.7805.nullmailer@dev.openssl.org>
The branch master has been updated
via f345b1f39d9b4e4c9ef07e7522e9b2a870c9ca09 (commit)
from 39eeb64f59ff838f976ad305de7d15747d47a41c (commit)
- Log -----------------------------------------------------------------
commit f345b1f39d9b4e4c9ef07e7522e9b2a870c9ca09
Author: David Benjamin
Date: Wed Jan 31 14:47:41 2018 -0500
Fix timing leak in BN_from_montgomery_word.
BN_from_montgomery_word doesn't have a constant memory access pattern.
Replace the pointer trick with a constant-time select. There is, of
course, still the bn_correct_top leak pervasive in BIGNUM itself.
See also https://boringssl-review.googlesource.com/22904 from BoringSSL.
Reviewed-by: Andy Polyakov
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5228)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_mont.c | 57 +++++++++++++++++++----------------------------------
1 file changed, 20 insertions(+), 37 deletions(-)
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 2119bfa..6357c60 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -101,6 +101,11 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
r->top = max;
n0 = mont->n0[0];
+ /*
+ * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
+ * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
+ * includes |carry| which is stored separately.
+ */
for (carry = 0, i = 0; i < nl; i++, rp++) {
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
v = (v + carry + rp[nl]) & BN_MASK2;
@@ -115,46 +120,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
ret->neg = r->neg;
rp = ret->d;
- ap = &(r->d[nl]);
-# define BRANCH_FREE 1
-# if BRANCH_FREE
- {
- BN_ULONG *nrp;
- size_t m;
+ /*
+ * Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
+ * includes |carry| which is stored separately.
+ */
+ ap = &(r->d[nl]);
- v = bn_sub_words(rp, ap, np, nl) - carry;
- /*
- * if subtraction result is real, then trick unconditional memcpy
- * below to perform in-place "refresh" instead of actual copy.
- */
- m = (0 - (size_t)v);
- nrp =
- (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
-
- for (i = 0, nl -= 4; i < nl; i += 4) {
- BN_ULONG t1, t2, t3, t4;
-
- t1 = nrp[i + 0];
- t2 = nrp[i + 1];
- t3 = nrp[i + 2];
- ap[i + 0] = 0;
- t4 = nrp[i + 3];
- ap[i + 1] = 0;
- rp[i + 0] = t1;
- ap[i + 2] = 0;
- rp[i + 1] = t2;
- ap[i + 3] = 0;
- rp[i + 2] = t3;
- rp[i + 3] = t4;
- }
- for (nl += 4; i < nl; i++)
- rp[i] = nrp[i], ap[i] = 0;
+ /*
+ * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
+ * cannot be -1. That would imply the subtraction did not fit in |nl| words,
+ * and we know at most one subtraction is needed.
+ */
+ v = bn_sub_words(rp, ap, np, nl) - carry;
+ v = 0 - v;
+ for (i = 0; i < nl; i++) {
+ rp[i] = (v & ap[i]) | (~v & rp[i]);
+ ap[i] = 0;
}
-# else
- if (bn_sub_words(rp, ap, np, nl) - carry)
- memcpy(rp, ap, nl * sizeof(BN_ULONG));
-# endif
bn_correct_top(r);
bn_correct_top(ret);
bn_check_top(ret);
From appro at openssl.org Thu Feb 1 20:54:06 2018
From: appro at openssl.org (Andy Polyakov)
Date: Thu, 01 Feb 2018 20:54:06 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1517518446.382803.9324.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via db91094a49b370acf03cf6adfcacf2256b8bd153 (commit)
from 723183b5640e9b047acac189c7c7fb78575522d4 (commit)
- Log -----------------------------------------------------------------
commit db91094a49b370acf03cf6adfcacf2256b8bd153
Author: David Benjamin
Date: Wed Jan 31 14:47:41 2018 -0500
Fix timing leak in BN_from_montgomery_word.
BN_from_montgomery_word doesn't have a constant memory access pattern.
Replace the pointer trick with a constant-time select. There is, of
course, still the bn_correct_top leak pervasive in BIGNUM itself.
See also https://boringssl-review.googlesource.com/22904 from BoringSSL.
Reviewed-by: Andy Polyakov
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5228)
(cherry picked from commit f345b1f39d9b4e4c9ef07e7522e9b2a870c9ca09)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_mont.c | 57 +++++++++++++++++++----------------------------------
1 file changed, 20 insertions(+), 37 deletions(-)
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 90e1ba2..65889bf 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -101,6 +101,11 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
r->top = max;
n0 = mont->n0[0];
+ /*
+ * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
+ * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
+ * includes |carry| which is stored separately.
+ */
for (carry = 0, i = 0; i < nl; i++, rp++) {
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
v = (v + carry + rp[nl]) & BN_MASK2;
@@ -115,46 +120,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
ret->neg = r->neg;
rp = ret->d;
- ap = &(r->d[nl]);
-# define BRANCH_FREE 1
-# if BRANCH_FREE
- {
- BN_ULONG *nrp;
- size_t m;
+ /*
+ * Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
+ * includes |carry| which is stored separately.
+ */
+ ap = &(r->d[nl]);
- v = bn_sub_words(rp, ap, np, nl) - carry;
- /*
- * if subtraction result is real, then trick unconditional memcpy
- * below to perform in-place "refresh" instead of actual copy.
- */
- m = (0 - (size_t)v);
- nrp =
- (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
-
- for (i = 0, nl -= 4; i < nl; i += 4) {
- BN_ULONG t1, t2, t3, t4;
-
- t1 = nrp[i + 0];
- t2 = nrp[i + 1];
- t3 = nrp[i + 2];
- ap[i + 0] = 0;
- t4 = nrp[i + 3];
- ap[i + 1] = 0;
- rp[i + 0] = t1;
- ap[i + 2] = 0;
- rp[i + 1] = t2;
- ap[i + 3] = 0;
- rp[i + 2] = t3;
- rp[i + 3] = t4;
- }
- for (nl += 4; i < nl; i++)
- rp[i] = nrp[i], ap[i] = 0;
+ /*
+ * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
+ * cannot be -1. That would imply the subtraction did not fit in |nl| words,
+ * and we know at most one subtraction is needed.
+ */
+ v = bn_sub_words(rp, ap, np, nl) - carry;
+ v = 0 - v;
+ for (i = 0; i < nl; i++) {
+ rp[i] = (v & ap[i]) | (~v & rp[i]);
+ ap[i] = 0;
}
-# else
- if (bn_sub_words(rp, ap, np, nl) - carry)
- memcpy(rp, ap, nl * sizeof(BN_ULONG));
-# endif
bn_correct_top(r);
bn_correct_top(ret);
bn_check_top(ret);
From levitte at openssl.org Thu Feb 1 21:09:45 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 01 Feb 2018 21:09:45 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517519385.037469.25934.nullmailer@dev.openssl.org>
The branch master has been updated
via 03cb2cc9e53f7ca7539069a388d2767fffa7cf66 (commit)
from f345b1f39d9b4e4c9ef07e7522e9b2a870c9ca09 (commit)
- Log -----------------------------------------------------------------
commit 03cb2cc9e53f7ca7539069a388d2767fffa7cf66
Author: Richard Levitte
Date: Thu Feb 1 21:28:59 2018 +0100
Fix of prefix bio filter (bf_prefix.c): rely on the given length
The assumption that the received buffer has to be NUL-terminated was
faulty.
Fault found in #5224
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5239)
-----------------------------------------------------------------------
Summary of changes:
apps/bf_prefix.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/apps/bf_prefix.c b/apps/bf_prefix.c
index 4d5e3a3..bae3c91 100644
--- a/apps/bf_prefix.c
+++ b/apps/bf_prefix.c
@@ -96,7 +96,7 @@ static int prefix_write(BIO *b, const char *out, size_t outl,
*numwritten = 0;
- while (*out != '\0') {
+ while (outl > 0) {
size_t i;
char c;
@@ -111,7 +111,7 @@ static int prefix_write(BIO *b, const char *out, size_t outl,
}
/* Now, go look for the next LF, or the end of the string */
- for (i = 0; (c = out[i]) != '\n' && c != '\0'; i++)
+ for (i = 0, c = '\0'; i < outl && (c = out[i]) != '\n'; i++)
continue;
if (c == '\n')
i++;
@@ -123,6 +123,7 @@ static int prefix_write(BIO *b, const char *out, size_t outl,
if (!BIO_write_ex(BIO_next(b), out, i, &num))
return 0;
out += num;
+ outl -= num;
*numwritten += num;
i -= num;
}
From builds at travis-ci.org Thu Feb 1 21:17:58 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 21:17:58 +0000
Subject: [openssl-commits] Errored: openssl/openssl#16033 (master - 39eeb64)
In-Reply-To:
Message-ID: <5a738404abf0a_43f99f4c6d1f81777512@6f1e7807-ba31-4302-beba-07cf17cd0e30.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16033
Status: Errored
Duration: 24 minutes and 13 seconds
Commit: 39eeb64 (master)
Author: David Benjamin
Message: Don't leak the exponent bit width in BN_mod_exp_mont_consttime.
The exponent here is one of d, dmp1, or dmq1 for RSA. This value and its
bit length are both secret. The only public upper bound is the bit width
of the corresponding modulus (RSA n, p, and q, respectively).
Although BN_num_bits is constant-time (sort of; see bn_correct_top notes
in preceding patch), this does not fix the root problem, which is that
the windows are based on the minimal bit width, not the upper bound. We
could use BN_num_bits(m), but BN_mod_exp_mont_consttime is public API
and may be called with larger exponents. Instead, use all top*BN_BITS2
bits in the BIGNUM. This is still sensitive to the long-standing
bn_correct_top leak, but we need to fix that regardless.
This may cause us to do a handful of extra multiplications for RSA keys
which are just above a whole number of words, but that is not a standard
RSA key size.
Reviewed-by: Paul Dale
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5154)
View the changeset: https://github.com/openssl/openssl/compare/3c5a61dd0f9d...39eeb64f59ff
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336282420?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Thu Feb 1 21:34:37 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 21:34:37 +0000
Subject: [openssl-commits] Errored: openssl/openssl#16036
(OpenSSL_1_1_0-stable - db91094)
In-Reply-To:
Message-ID: <5a73887ade5e4_43f89e30efeb41801074@e51d55cc-c6be-4a36-be0f-ddf49f2909b7.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16036
Status: Errored
Duration: 19 minutes and 18 seconds
Commit: db91094 (OpenSSL_1_1_0-stable)
Author: David Benjamin
Message: Fix timing leak in BN_from_montgomery_word.
BN_from_montgomery_word doesn't have a constant memory access pattern.
Replace the pointer trick with a constant-time select. There is, of
course, still the bn_correct_top leak pervasive in BIGNUM itself.
See also https://boringssl-review.googlesource.com/22904 from BoringSSL.
Reviewed-by: Andy Polyakov
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5228)
(cherry picked from commit f345b1f39d9b4e4c9ef07e7522e9b2a870c9ca09)
View the changeset: https://github.com/openssl/openssl/compare/723183b5640e...db91094a49b3
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336285391?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Thu Feb 1 21:40:37 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 21:40:37 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16035 (master -
f345b1f)
In-Reply-To:
Message-ID: <5a7389e2d8d68_43f89ed5174101811263@e51d55cc-c6be-4a36-be0f-ddf49f2909b7.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16035
Status: Still Failing
Duration: 34 minutes and 25 seconds
Commit: f345b1f (master)
Author: David Benjamin
Message: Fix timing leak in BN_from_montgomery_word.
BN_from_montgomery_word doesn't have a constant memory access pattern.
Replace the pointer trick with a constant-time select. There is, of
course, still the bn_correct_top leak pervasive in BIGNUM itself.
See also https://boringssl-review.googlesource.com/22904 from BoringSSL.
Reviewed-by: Andy Polyakov
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5228)
View the changeset: https://github.com/openssl/openssl/compare/39eeb64f59ff...f345b1f39d9b
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336285052?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Thu Feb 1 22:18:23 2018
From: builds at travis-ci.org (Travis CI)
Date: Thu, 01 Feb 2018 22:18:23 +0000
Subject: [openssl-commits] Errored: openssl/openssl#16038 (master - 03cb2cc)
In-Reply-To:
Message-ID: <5a73922f2af99_43fcf7691c064114080@ddecd48c-d6f6-40cf-986a-99b8fb90cde8.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16038
Status: Errored
Duration: 39 minutes and 30 seconds
Commit: 03cb2cc (master)
Author: Richard Levitte
Message: Fix of prefix bio filter (bf_prefix.c): rely on the given length
The assumption that the received buffer has to be NUL-terminated was
faulty.
Fault found in #5224
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5239)
View the changeset: https://github.com/openssl/openssl/compare/f345b1f39d9b...03cb2cc9e53f
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336291165?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From matt at openssl.org Fri Feb 2 10:06:37 2018
From: matt at openssl.org (Matt Caswell)
Date: Fri, 02 Feb 2018 10:06:37 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517565997.863123.30763.nullmailer@dev.openssl.org>
The branch master has been updated
via 22da44fce9ca198d9115e2852e6f9a0183e56886 (commit)
from 03cb2cc9e53f7ca7539069a388d2767fffa7cf66 (commit)
- Log -----------------------------------------------------------------
commit 22da44fce9ca198d9115e2852e6f9a0183e56886
Author: Matt Caswell
Date: Thu Feb 1 17:40:17 2018 +0000
Document SSL_OP_ENABLE_MIDDLEBOX_COMPAT
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5237)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/SSL_CTX_set_options.pod | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/doc/man3/SSL_CTX_set_options.pod b/doc/man3/SSL_CTX_set_options.pod
index ba9a95f..0d51077 100644
--- a/doc/man3/SSL_CTX_set_options.pod
+++ b/doc/man3/SSL_CTX_set_options.pod
@@ -189,6 +189,15 @@ those clients (e.g. mobile) use ChaCha20-Poly1305 if that cipher is anywhere
in the server cipher list; but still allows other clients to use AES and other
ciphers. Requires B.
+=item SSL_OP_ENABLE_MIDDLEBOX_COMPAT
+
+If set then dummy Change Cipher Spec (CCS) messages are sent in TLSv1.3. This
+has the effect of making TLSv1.3 look more like TLSv1.2 so that middleboxes that
+do not understand TLSv1.3 will not drop the connection. Regardless of whether
+this option is set or not CCS messages received from the peer will always be
+ignored in TLSv1.3. This option is set by default. To switch it off use
+SSL_clear_options(). A future version of OpenSSL may not set this by default.
+
=back
The following options no longer have any effect but their identifiers are
From builds at travis-ci.org Fri Feb 2 10:39:01 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 02 Feb 2018 10:39:01 +0000
Subject: [openssl-commits] Passed: openssl/openssl#16047 (master - 22da44f)
In-Reply-To:
Message-ID: <5a743fc44317e_43fa28f04b6606897b2@e3a217df-7e6b-497f-9547-ac4ea8da33a1.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16047
Status: Passed
Duration: 31 minutes and 27 seconds
Commit: 22da44f (master)
Author: Matt Caswell
Message: Document SSL_OP_ENABLE_MIDDLEBOX_COMPAT
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5237)
View the changeset: https://github.com/openssl/openssl/compare/03cb2cc9e53f...22da44fce9ca
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/336485681?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Fri Feb 2 11:43:40 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 02 Feb 2018 11:43:40 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517571820.789431.20831.nullmailer@dev.openssl.org>
The branch master has been updated
via 50ea9d2b3521467a11559be41dcf05ee05feabd6 (commit)
from 22da44fce9ca198d9115e2852e6f9a0183e56886 (commit)
- Log -----------------------------------------------------------------
commit 50ea9d2b3521467a11559be41dcf05ee05feabd6
Author: Richard Levitte
Date: Fri Feb 2 10:33:41 2018 +0100
Have configdata.pm also display the contents of %target
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5243)
-----------------------------------------------------------------------
Summary of changes:
Configure | 26 ++++++++++++++++++++++++--
1 file changed, 24 insertions(+), 2 deletions(-)
diff --git a/Configure b/Configure
index a994876..22d42fb 100755
--- a/Configure
+++ b/Configure
@@ -2331,6 +2331,7 @@ unless (caller) {
my $dump = undef;
my $cmdline = undef;
my $options = undef;
+ my $target = undef;
my $envvars = undef;
my $makevars = undef;
my $buildparams = undef;
@@ -2341,6 +2342,7 @@ unless (caller) {
GetOptions('dump|d' => \$dump,
'command-line|c' => \$cmdline,
'options|o' => \$options,
+ 'target|t' => \$target,
'environment|e' => \$envvars,
'make-variables|m' => \$makevars,
'build-parameters|b' => \$buildparams,
@@ -2350,7 +2352,7 @@ unless (caller) {
'man' => \$man)
or die "Errors in command line arguments\n";
- unless ($dump || $cmdline || $options || $envvars || $makevars
+ unless ($dump || $cmdline || $options || $target || $envvars || $makevars
|| $buildparams || $reconf || $verbose || $help || $man) {
print STDERR <<"_____";
You must give at least one option.
@@ -2399,6 +2401,21 @@ _____
}
}
}
+ if ($dump || $target) {
+ print "\nConfig target attributes:\n\n";
+ foreach (sort keys %target) {
+ next if $_ =~ m|^_| || $_ eq 'template';
+ my $quotify = sub {
+ map { (my $x = $_) =~ s|([\\\$\@"])|\\$1|g; "\"$x\""} @_;
+ };
+ print ' ', $_, ' => ';
+ if (ref($target{$_}) eq "ARRAY") {
+ print '[ ', join(', ', $quotify->(@{$target{$_}})), " ],\n";
+ } else {
+ print $quotify->($target{$_}), ",\n"
+ }
+ }
+ }
if ($dump || $envvars) {
print "\nRecorded environment:\n\n";
foreach (sort keys %{$config{perlenv}}) {
@@ -2509,7 +2526,8 @@ Print the manual page and exit.
=item B<--dump> | B<-d>
Print all relevant configuration data. This is equivalent to B<--command-line>
-B<--options> B<--environment> B<--make-variables> B<--build-parameters>.
+B<--options> B<--target> B<--environment> B<--make-variables>
+B<--build-parameters>.
=item B<--command-line> | B<-c>
@@ -2520,6 +2538,10 @@ Print the current configuration command line.
Print the features, both enabled and disabled, and display defined macro and
skipped directories where applicable.
+=item B<--target> | B<-t>
+
+Print the config attributes for this config target.
+
=item B<--environment> | B<-e>
Print the environment variables and their values at the time of configuration.
From appro at openssl.org Fri Feb 2 22:15:41 2018
From: appro at openssl.org (Andy Polyakov)
Date: Fri, 02 Feb 2018 22:15:41 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_0_2-stable update
Message-ID: <1517609741.295032.12721.nullmailer@dev.openssl.org>
The branch OpenSSL_1_0_2-stable has been updated
via 48081cf988fc8f50215a2b18babd6a7859defd36 (commit)
from 4981e6fc1da4aec6775fc248643c91dd1e87e0b7 (commit)
- Log -----------------------------------------------------------------
commit 48081cf988fc8f50215a2b18babd6a7859defd36
Author: Andy Polyakov
Date: Thu Feb 1 22:03:59 2018 +0100
Fix timing leak in BN_from_montgomery_word.
BN_from_montgomery_word doesn't have a constant memory access pattern.
Replace the pointer trick with a constant-time select. There is, of
course, still the bn_correct_top leak pervasive in BIGNUM itself.
See also https://boringssl-review.googlesource.com/22904 from BoringSSL.
(backport from f345b1f39d9b4e4c9ef07e7522e9b2a870c9ca09 signed off by
David Benjamin )
Reviewed-by: Kurt Roeckx
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_mont.c | 75 ++++++++++++++---------------------------------------
1 file changed, 20 insertions(+), 55 deletions(-)
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
index 94e7a8f..49cf51a 100644
--- a/crypto/bn/bn_mont.c
+++ b/crypto/bn/bn_mont.c
@@ -207,26 +207,13 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
r->top = max;
n0 = mont->n0[0];
-# ifdef BN_COUNT
- fprintf(stderr, "word BN_from_montgomery_word %d * %d\n", nl, nl);
-# endif
+ /*
+ * Add multiples of |n| to |r| until R = 2^(nl * BN_BITS2) divides it. On
+ * input, we had |r| < |n| * R, so now |r| < 2 * |n| * R. Note that |r|
+ * includes |carry| which is stored separately.
+ */
for (carry = 0, i = 0; i < nl; i++, rp++) {
-# ifdef __TANDEM
- {
- long long t1;
- long long t2;
- long long t3;
- t1 = rp[0] * (n0 & 0177777);
- t2 = 037777600000l;
- t2 = n0 & t2;
- t3 = rp[0] & 0177777;
- t2 = (t3 * t2) & BN_MASK2;
- t1 = t1 + t2;
- v = bn_mul_add_words(rp, np, nl, (BN_ULONG)t1);
- }
-# else
v = bn_mul_add_words(rp, np, nl, (rp[0] * n0) & BN_MASK2);
-# endif
v = (v + carry + rp[nl]) & BN_MASK2;
carry |= (v != rp[nl]);
carry &= (v <= rp[nl]);
@@ -239,46 +226,24 @@ static int BN_from_montgomery_word(BIGNUM *ret, BIGNUM *r, BN_MONT_CTX *mont)
ret->neg = r->neg;
rp = ret->d;
- ap = &(r->d[nl]);
-# define BRANCH_FREE 1
-# if BRANCH_FREE
- {
- BN_ULONG *nrp;
- size_t m;
+ /*
+ * Shift |nl| words to divide by R. We have |ap| < 2 * |n|. Note that |ap|
+ * includes |carry| which is stored separately.
+ */
+ ap = &(r->d[nl]);
- v = bn_sub_words(rp, ap, np, nl) - carry;
- /*
- * if subtraction result is real, then trick unconditional memcpy
- * below to perform in-place "refresh" instead of actual copy.
- */
- m = (0 - (size_t)v);
- nrp =
- (BN_ULONG *)(((PTR_SIZE_INT) rp & ~m) | ((PTR_SIZE_INT) ap & m));
-
- for (i = 0, nl -= 4; i < nl; i += 4) {
- BN_ULONG t1, t2, t3, t4;
-
- t1 = nrp[i + 0];
- t2 = nrp[i + 1];
- t3 = nrp[i + 2];
- ap[i + 0] = 0;
- t4 = nrp[i + 3];
- ap[i + 1] = 0;
- rp[i + 0] = t1;
- ap[i + 2] = 0;
- rp[i + 1] = t2;
- ap[i + 3] = 0;
- rp[i + 2] = t3;
- rp[i + 3] = t4;
- }
- for (nl += 4; i < nl; i++)
- rp[i] = nrp[i], ap[i] = 0;
+ /*
+ * |v| is one if |ap| - |np| underflowed or zero if it did not. Note |v|
+ * cannot be -1. That would imply the subtraction did not fit in |nl| words,
+ * and we know at most one subtraction is needed.
+ */
+ v = bn_sub_words(rp, ap, np, nl) - carry;
+ v = 0 - v;
+ for (i = 0; i < nl; i++) {
+ rp[i] = (v & ap[i]) | (~v & rp[i]);
+ ap[i] = 0;
}
-# else
- if (bn_sub_words(rp, ap, np, nl) - carry)
- memcpy(rp, ap, nl * sizeof(BN_ULONG));
-# endif
bn_correct_top(r);
bn_correct_top(ret);
bn_check_top(ret);
From matt at openssl.org Sat Feb 3 00:01:38 2018
From: matt at openssl.org (Matt Caswell)
Date: Sat, 03 Feb 2018 00:01:38 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517616098.230569.17667.nullmailer@dev.openssl.org>
The branch master has been updated
via 1f5878b8e25a785dde330bf485e6ed5a6ae09a1a (commit)
via b1a51abb935163cbb0b0089ad9ee8ff174341bbd (commit)
via 2221ec10ab2771d7effad839392c88f35cde04a3 (commit)
from 50ea9d2b3521467a11559be41dcf05ee05feabd6 (commit)
- Log -----------------------------------------------------------------
commit 1f5878b8e25a785dde330bf485e6ed5a6ae09a1a
Author: Tatsuhiro Tsujikawa
Date: Sun Jan 21 11:30:36 2018 +0900
Make sure that exporting keying material is allowed
Reviewed-by: Rich Salz
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4944)
commit b1a51abb935163cbb0b0089ad9ee8ff174341bbd
Author: Tatsuhiro Tsujikawa
Date: Thu Jan 18 15:39:45 2018 +0900
Remove generation of exporter master secret on client application traffic
Reviewed-by: Rich Salz
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4944)
commit 2221ec10ab2771d7effad839392c88f35cde04a3
Author: Tatsuhiro Tsujikawa
Date: Sat Dec 16 16:46:18 2017 +0900
Generate exporter_master_secret after server Finished
Reviewed-by: Rich Salz
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/4944)
-----------------------------------------------------------------------
Summary of changes:
ssl/statem/statem.c | 10 ++++++++++
ssl/statem/statem.h | 1 +
ssl/tls13_enc.c | 25 ++++++++++++-------------
test/tls13secretstest.c | 5 +++++
4 files changed, 28 insertions(+), 13 deletions(-)
diff --git a/ssl/statem/statem.c b/ssl/statem/statem.c
index 45cb9ab..95c369a 100644
--- a/ssl/statem/statem.c
+++ b/ssl/statem/statem.c
@@ -941,3 +941,13 @@ int ossl_statem_app_data_allowed(SSL *s)
return 0;
}
+
+/*
+ * This function returns 1 if TLS exporter is ready to export keying
+ * material, or 0 if otherwise.
+ */
+int ossl_statem_export_allowed(SSL *s)
+{
+ return s->s3->previous_server_finished_len != 0
+ && s->statem.hand_state != TLS_ST_SW_FINISHED;
+}
diff --git a/ssl/statem/statem.h b/ssl/statem/statem.h
index e8d9174..3242c78 100644
--- a/ssl/statem/statem.h
+++ b/ssl/statem/statem.h
@@ -132,6 +132,7 @@ __owur int ossl_statem_skip_early_data(SSL *s);
void ossl_statem_check_finish_init(SSL *s, int send);
void ossl_statem_set_hello_verify_done(SSL *s);
__owur int ossl_statem_app_data_allowed(SSL *s);
+__owur int ossl_statem_export_allowed(SSL *s);
/* Flush the write BIO */
int statem_flush(SSL *s);
diff --git a/ssl/tls13_enc.c b/ssl/tls13_enc.c
index fe817f8..05355fb 100644
--- a/ssl/tls13_enc.c
+++ b/ssl/tls13_enc.c
@@ -562,16 +562,6 @@ int tls13_change_cipher_state(SSL *s, int which)
goto err;
}
s->session->master_key_length = hashlen;
-
- /* Now we create the exporter master secret */
- if (!tls13_hkdf_expand(s, ssl_handshake_md(s), insecret,
- exporter_master_secret,
- sizeof(exporter_master_secret) - 1,
- hash, hashlen, s->exporter_master_secret,
- hashlen)) {
- /* SSLfatal() already called */
- goto err;
- }
}
if (!derive_secret_key_and_iv(s, which & SSL3_CC_WRITE, md, cipher,
@@ -581,9 +571,18 @@ int tls13_change_cipher_state(SSL *s, int which)
goto err;
}
- if (label == server_application_traffic)
+ if (label == server_application_traffic) {
memcpy(s->server_app_traffic_secret, secret, hashlen);
- else if (label == client_application_traffic)
+ /* Now we create the exporter master secret */
+ if (!tls13_hkdf_expand(s, ssl_handshake_md(s), insecret,
+ exporter_master_secret,
+ sizeof(exporter_master_secret) - 1,
+ hash, hashlen, s->exporter_master_secret,
+ hashlen)) {
+ /* SSLfatal() already called */
+ goto err;
+ }
+ } else if (label == client_application_traffic)
memcpy(s->client_app_traffic_secret, secret, hashlen);
if (!ssl_log_secret(s, log_label, secret, hashlen)) {
@@ -667,7 +666,7 @@ int tls13_export_keying_material(SSL *s, unsigned char *out, size_t olen,
unsigned int hashsize, datalen;
int ret = 0;
- if (ctx == NULL || !SSL_is_init_finished(s))
+ if (ctx == NULL || !ossl_statem_export_allowed(s))
goto err;
if (!use_context)
diff --git a/test/tls13secretstest.c b/test/tls13secretstest.c
index 16542c4..f08b5d3 100644
--- a/test/tls13secretstest.c
+++ b/test/tls13secretstest.c
@@ -212,6 +212,11 @@ void ossl_statem_fatal(SSL *s, int al, int func, int reason, const char *file,
{
}
+int ossl_statem_export_allowed(SSL *s)
+{
+ return 1;
+}
+
/* End of mocked out code */
static int test_secret(SSL *s, unsigned char *prk,
From rsalz at openssl.org Sat Feb 3 23:24:09 2018
From: rsalz at openssl.org (Rich Salz)
Date: Sat, 03 Feb 2018 23:24:09 +0000
Subject: [openssl-commits] [tools] master update
Message-ID: <1517700249.074535.13354.nullmailer@dev.openssl.org>
The branch master has been updated
via 27296557068a17464f17533d89d4fa6f3555b909 (commit)
from bb40e3e6bcd68b3ba9ba4e71751d9f8e630f63cf (commit)
- Log -----------------------------------------------------------------
commit 27296557068a17464f17533d89d4fa6f3555b909
Author: Rich Salz
Date: Sat Feb 3 18:23:50 2018 -0500
Add our release tools
-----------------------------------------------------------------------
Summary of changes:
release-tools/MKRELEASE.md | 168 +++++++++++++++
release-tools/README.md | 320 +++++++++++++++++++++++++++++
release-tools/do-copyright-year | 40 ++++
release-tools/do-release.pl | 209 +++++++++++++++++++
release-tools/mkrelease.pl | 427 +++++++++++++++++++++++++++++++++++++++
release-tools/release-check.pl | 215 ++++++++++++++++++++
release-tools/release-date.pl | 64 ++++++
release-tools/release-git.pl | 164 +++++++++++++++
release-tools/release-update.pl | 153 ++++++++++++++
release-tools/release-version.pl | 179 ++++++++++++++++
10 files changed, 1939 insertions(+)
create mode 100644 release-tools/MKRELEASE.md
create mode 100644 release-tools/README.md
create mode 100755 release-tools/do-copyright-year
create mode 100644 release-tools/do-release.pl
create mode 100644 release-tools/mkrelease.pl
create mode 100644 release-tools/release-check.pl
create mode 100644 release-tools/release-date.pl
create mode 100644 release-tools/release-git.pl
create mode 100644 release-tools/release-update.pl
create mode 100644 release-tools/release-version.pl
diff --git a/release-tools/MKRELEASE.md b/release-tools/MKRELEASE.md
new file mode 100644
index 0000000..04d6dc7
--- /dev/null
+++ b/release-tools/MKRELEASE.md
@@ -0,0 +1,168 @@
+# Documentation on the mkrelease.pl script
+
+This file provides an overview of the mkrelease.pl script, and how to
+configure some of its parameters (by setting environment variables).
+It is normally run by following the process in README.md and should be
+run in a pristine directgory of the branch to be released, which must
+be a stable branch.
+
+The script handles most of the processes involved in making a release
+including:
+
+1. Doing `make update`
+2. Changing version numbers in various files
+3. Tagging release
+4. Making the tarballs, .md5, .sha1, .sha256 and .gpg files
+5. Creating the signed email announcement, including hashes of release
+6. Uploading files to dev.openssl.org
+7. Updating the version for next release
+
+If you plan to make an actual release make sure your GPG key is included
+in the [OMC list](https://www.openssl.org/community/omc.html) on the website
+and in the file doc/fingerprints.txt of *all* active branches.
+
+The script mkrelease.pl calls the files release-check.pl, release-date.pl,
+release-git.pl, release-update.pl and release-version.pl, which are expected
+to all be in the same directory.
+
+You are advised to clone a fresh repository. Unless you specify `--no-clean`
+the release process will run `git clean -x -d -f`
+*WARNING* this will delete ALL untracked files from the current branch.
+
+From the branch directory if you run:
+
+ perl /path/to/mkrelease.pl --reviewer=name
+
+It should perform all of the above steps and commit changes locally. You can
+then sanity check these with `git log` before pushing them to the public repo.
+
+## Environment Variables
+
+- OPENSSL
+ Path to openssl utility to use. Default is `openssl`.
+
+- OPENSSL_TAR
+ The tar command to use when creating the tarball. Default is `tar`.
+
+- OPENSSL_GPG
+ The gpg command to use when signing a tarball or announcement.
+ The default is `gpg` which will use gpg with the default key.
+ If you wish to use a different, key set OPENSSL_GPG to include
+ appropriate options.
+
+- OPENSSL_GPG_TAR
+ Command to use to sign a tarball.
+ The default is: `$OPENSSL_GPG --use-agent -sba`
+
+- OPENSSL_GPG_ANNOUNCE
+ The command to use to sign a tarball.
+ The default is: `$OPENSSL_GPG --use-agent -sta --clearsign`
+
+- OPENSSL_SCP
+ The command to use to upload files.
+ The default is `scp`
+
+- OPENSSL_SCP_HOST
+ The host (and optional username) needed to upload files.
+ The default is `dev.openssl.org`, but you might want to change this to
+ `username at dev.openssl.org`
+
+- OPENSSL_SCP_DIR
+ The directory to upload files to.
+ Normally this wont be changed from the default which is
+ `$OPENSSL_SCP_HOST:~openssl/dist/new`
+ This is a holding area on dev.openssl.org where distributions are uploaded
+ temporarily before being moved to the web and ftp directories.
+
+For local testing, you can do something like this:
+
+ export OPENSSL_SCP=cp
+ export OPENSSL_SCP_DIR="$HOME/testdir"
+
+## Options
+
+- `--revert`
+ Remove all local changes from repository and delete any release tag. This
+ returns the local tree to the same state as before a release attempt was
+ made.
+
+- `--reviewer=name`
+ Add reviewer `name` to list of reviewers in commit message. Any valid
+ name for checking OMC membership will work.
+ This option may be used multiple times; at least one is required.
+
+- `--enter-pre`
+ Instead of making a full release enter pre-release state. This by itself
+ will not produce a release it will just change version numbers and commit
+ the changes. Subsequent releases on this branch will be pre-release
+ versions. This option should NOT be used if the branch is already in
+ pre-release state.
+
+- `--leave-pre`
+ For a branch in pre-release state, leave pre-release and make a full release.
+
+- `--label=label`
+ Add the textual label `label` to the version string, where `label` must be
+ one of `alpha` or `beta`. While in pre-release state a label *must* be
+ provided.
+
+- `--no-upload`
+ Do not attempt to upload release files to dev.openssl.org
+
+- `--no-clean`
+ Do not clean untracked files from directory. Warning: if you use this option
+ you can end up with extraneous files in the distribution tarball.
+
+- `--no-update`
+ Do not perform a `make update`.
+
+- `--verbose`
+ Be more verbose at what is going on
+
+- `--debug`
+ Include debug output to describe all actions in detail
+
+- `--git-info`
+ Just print out details of all git branch information and exit
+
+- `--git-branch-info`
+ Print out details of the currently detected branch and exit
+
+- `--branch-version=version`
+ Use branch `version` instead of the one autodetected for the current branch.
+ This option is not normally needed.
+
+# The do-release script
+
+The do-release.pl script copies distributions from the temporary holding area
+to the http and ftp areas. It it intended to be run as the `openssl` user on
+dev.openssl.org.
+
+It does the following:
+
+1. Copy OpenSSL release files from the holding area to the http and ftp
+ locations: currently /v/openssl/www/source and /v/openssl/ftp/source
+2. Move OpenSSL release files from holding area to ~openssl/dist/old By
+ doing this the script wont try and make a release again with old files.
+3. Mail the release message. This is sent to openssl-dev openssl-users and
+ openssl-announce (it needs to be approved in openssl-announce). The
+ subject line is `OpenSSL version xxx released`.
+
+## do-release options
+
+- `--copy`
+ Copy files to http and ftp directories. **You will have to manually move
+ the OLD files to old/ directories.**
+
+- `--move`
+ Move files from holding area to ~openssl/dist/old
+
+- `--mail`
+ Send out announcement email: if this option is not given, the command you
+ need to call to send the release mail will be printed out.
+
+- `--full-release`
+ Perform all operations for a release (copy, move and mail).
+
+Note: because several of these options are irreversible they have to be
+explicitly included.
diff --git a/release-tools/README.md b/release-tools/README.md
new file mode 100644
index 0000000..7b3767e
--- /dev/null
+++ b/release-tools/README.md
@@ -0,0 +1,320 @@
+# HOW TO MAKE A RELEASE
+
+This file documents how to make an OpenSSL release. Please fix any
+errors you find while doing, or just after, your next release!
+
+Releases are done by one person, with a second person acting as the
+reviewer and additional tester.
+
+## Pre-requisites
+
+Have a local clone of the website repo:
+
+ openssl-git at git.openssl.org:openssl-web.git
+
+Make sure you can sudo to the openssl user on dev.openssl.org; this is
+usually done by being in the openssl group. For example, ssh to the
+server and run this command:
+
+ sudo -u openssl id
+
+## Setup
+
+The day before the release, freeze the main repository. This locks out
+everyone but the named user, who is doing the release, from doing any pushes.
+Someone other than the person doing the release should run the command.
+For example:
+
+ ssh openssl-git at git.openssl.org freeze openssl NAME
+
+## Making the tarball and announcements
+
+This section generates the tarball and announcements locally. It makes
+no changes which cannot be easily undone. You will have to repeat this
+section for each version being released, so it is often easier to have
+separate copies:
+
+ git clone openssl-git at git.openssl.org:openssl.git rel-102
+ cd rel-102
+ git branch --track OpenSSL_1_0_2-stable origin/OpenSSL_1_0_2-stable
+ git checkout OpenSSL_1_0_2-stable
+
+Make sure that the CHANGES and NEWS files have been updated and reviewed.
+NEWS should contain a summary of any changes for the release, and for a
+security release is (often just a list of the CVEs addressed. You should also
+update NEWS in the master branch to include details of all releases. Just
+update the NEWS bullet points - do not change the release date, keep it as
+**under development**.
+
+Add any security fixes to the tree. Commit them but *do not push*.
+
+Make sure that the copyrights are updated. This script will update
+the copyright markers and commit the changes (where $HERE stands for
+the directory where this README is):
+
+ $HERE/do-copyright-year
+
+Perform the local automated release steps. This can normally be done with:
+
+ perl $HERE/mkrelease.pl --reviewer=NAME
+
+Alternatively, to use the openssl-team PGP key:
+
+ export OPENSSL_GPG_KEYID=8B3D79F5
+ perl $HERE/mkrelease.pl --reviewer=NAME
+
+See $HERE/MKRELEASE.md for details of the options to mkrelease.pl.
+This will leave a handful of files in the parent directory of where
+you extracted the release.
+See below for details of how to do perform this step manually if you want
+to or have to.
+
+Verify that the results of the script are sensible. Check
+the commits the automated release process has performed, using for example
+`git log`. Check the signed announcement RELEASE.asc file. Maybe check
+that the tarball length and hashes match in the .md5, .sha1, and review
+the announcment file. *Do not push* changes to the public repo at this stage.
+
+Both the person doing the release and the reviewer should sanity-check the
+release at this point. Checks to consider include the following:
+
+- Builds and make test passes on multiple plaforms - Linux, Windows, etc.
+- Builds from tarball
+
+Send the auto-generated commits to the reviewer and await their +1.
+Repeat from the begining of this section if you need to release
+multiple versions.
+
+## Website updates
+
+The changes in this section should be made in your copy of the web repo.
+
+Update the news/newsflash.txt file. This normally is one or two lines. Just
+copy and paste existing announcements making minor changes for the date and
+version number as necessary.
+
+Update the news/vulnerabilities.xml file if appropriate.
+
+If there is a Security Advisory then copy it into the news/secadv directory.
+
+Commit your changes, but *do not push* them to the website.
+
+## Publishing the release
+
+*BE CAREFUL* This section makes everything visible and is therefore
+largely irreversible. If you are performing a dry run then DO NOT
+perform any steps in this section.
+
+Check that release has been uploaded properly. The release tarballs and
+associated files should be in ~openssl/dist/new. They should be owned by the
+openssl userid and world-readable.
+
+Copy the tarballs to appropriate directories. This can be
+done using the do-release.pl script. See MKRELEASE.md for a description of
+the options. For example:
+
+ sudo -u openssl perl ~openssl/do-release.pl --copy --move
+
+This will copy the relevant files to the website and move them from
+~openssl/dist/new to ~openssl/dist/old so they will not seen by a subsequent
+release. Alternatively if you want to perform one release at a time or copy/move
+the files manually, see below.
+
+The do-release.pl script will display the commands you will need to issue to
+send the announcement emails later. Keep a note of those commands for future
+reference.
+
+Verify that the tarballs are available via FTP:
+
+ ftp://ftp.openssl.org/source/
+
+And that they are ready for the website:
+
+ ls /var/www/openssl/source
+
+Push your local changes made above to the public repo. You will
+typically want to sanity check this with:
+
+ git push -n
+
+Push new tags to public repo. Again sanity check with:
+
+ git push --tags -n
+
+to make sure no local tags were pushed.
+
+## Updating the website
+
+Push the website changes you made earlier to the OpenSSL website repo. When
+you do this, the website will get updated and a script to flush the Akamai CDN
+cache will be run. You can look at things on www-origin.openssl.org; the
+CDN-hosted www.openssl.org should only be a few minutes delayed.
+
+Verify that the release notes, which are built from the CHANGES file in the
+release, have been updated. This is done automatically by the commit-hook, but
+if you see a problem, try the following steps:
+
+ cd /var/www/openssl
+ sudo -u openssl -H make relupd
+ sudo -u openssl ./bin/purge-one-hour
+
+Wait for a while for the Akamai flush to work (normally within a few minutes).
+Have a look at the website and news announcement at:
+
+ https://www.openssl.org/
+ https://www.openssl.org/news/
+
+Check the download page has updated properly:
+
+ https://www.openssl.org/source/
+
+Check the notes look sensible at:
+
+ https://www.openssl.org/news/news.html
+
+Also check the notes here:
+
+ https://www.openssl.org/news/openssl-1.0.2-notes.html
+ https://www.openssl.org/news/openssl-1.1.0-notes.html
+
+## Send the announcement mail
+
+Send out the announcements. Generic release announcement messages will be
+created automatically by the build script and the commands you need to use to
+send them were displayed when you executed do-release.pl above.
+These should normally be sent from the openssl account. These are sent to
+openssl-users, openssl-project, and openssl-announce.
+
+If do-release.pl was used with `--move` be sure to move the
+announcement text files away from the staging directory after they have been
+sent. This is done as follows (with VERSION replaced with the version of
+OpenSSL to announce):
+
+ sudo -u openssl \
+ mv ~openssl/dist/new/openssl-VERSION.txt.asc ~openssl/dist/old
+
+Send out the Security Advisory if there is one. Copy the file to the
+openssl user home directory, and then do the following
+
+ sudo -u openssl gpg -u 8B3D79F5 --clearsign secadv_FILENAME
+ sudo -u openssl mutt -s "OpenSSL Security Advisory" \
+ openssl-project openssl-users openssl-announce
+ <~openssl/secadv_FILENAME.txt.asc
+
+Approve the openssl-announce email. Go to
+
+and approve the messages.
+The administration password needed for approval is held in /opt/mailman/README
+on mta.openssl.org
+
+Check the mailing list messages have arrived.
+
+## Finish
+
+Unfreeze the repository.
+
+ ssh openssl-git at git.openssl.org unfreeze openssl
+
+If this release includes security fixes with a CVE then you should inform
+MITRE about them. See the instructions at the top of cvepool.txt in bureau.
+
+Check mailing lists over the next few hours for reports of any success
+or failure. If necessary fix these and in the worst case make another
+release.
+
+# MANUAL PROCESS
+
+If for some reason you cannot use, or do not trust, release script
+mkrelease.pl then you can perform the release manually. This is difficult to
+get right so you should avoid it if possible.
+
+Check what the automated release did for previous releases. This is the best
+way to get a feel for what happens. You can do this by checking the commit
+logs before a release tag for example:
+
+ git log --reverse 0d7717f..ebe2219
+
+The first two commits are security fixes. The third commit is (as the log
+message implies) an update of the NEWS file. The next commit which has the
+automated log message "Prepare for 1.0.1g release" includes the steps
+necessary to make the release.
+
+## Manually building the release files
+
+Do a `make update`. If necessary commit. You can push this commit to
+the repo so you have as few local changes as possible. Note that even if
+"make update" does not make any visible changes it can still update timestamps
+on some files which avoid some problems with builds (e.g. if the source files
+are all made read only).
+
+Update NEWS, README and CHANGES. These should contain the date and
+the correct version in the appropriate format.
+
+Update crypto/opensslv.h which contains the version. This contains the
+version number in the appropriate formats. For OPENSSL_VERSION_NUMBER and
+normal (not pre) releases you change the last digit from 0 (meaning -dev)
+to f (meaning release). Change the text forms in OPENSSL_VERSION_TEXT for
+normal and FIPS builds.
+
+Double-check that the version is right. If you mess up the syntax you can end
+up with the wrong release number or worse break compilation.
+
+Commit the changes you made so far, and check that the logs look sensible.
+
+Make a local tag; the public repo requires annotated tags:
+
+ git tag -s -m "OpenSSL 1.0.2L release tag" OpenSSL_1_0_2L
+
+or if you want to use the openssl-team key:
+
+ git tag -u 8B3D79F5 -m "OpenSSL 1.0.2L release tag" OpenSSL_1_0_2L
+
+Make the release tarball. You do this with:
+
+ make dist
+
+Create .sha1, .sha256 and .asc files manually. You can use:
+
+ openssl sha1
+ openssl sha256
+
+Create .sha1, .sha256 and .asc files manually. You can use the openssl sha1 and
+sha256 commands, obviously. Sign the tarball:
+
+ gpg -sba opensslversion.tar.gz
+
+or if you want to use the openssl-team key:
+
+ gpg -u 8B3D79F5 -sba opensslversion.tar.gz
+
+Create an announcement file. You can use an existing one as a
+template for example something in ~openssl/dist/old/ update the version
+numbers, tarball size and hashes. Sign announcement with:
+
+ gpg -sta --clearsign announce.txt
+
+or if you want to use the openssl-team key:
+
+ gpg -u 8B3D79F5 -sta --clearsign announce.txt
+
+Prepare for next development version by updating CHANGES, NEWS, README
+crypto/opensslv.h and openssl.spec. The automated scripts use the comment
+message `Prepare for 1.0.1h-dev`.
+
+Be absolutely *certain* you did not make any mistakes, so check
+several times preferably by different people.
+
+Upload tarballs to dev.openssl.org
+
+## Manually releasing the files
+
+If you do not want to use do-release.pl, you can manually perform
+the steps necessary for the release. This is (fortunately) much simpler
+than the manual release process above.
+
+Copy release files to web source directory. The four files (tarball,
+sha1, .sha256 and .asc) need to be manually copied to /var/www/openssl/source
+Also move any outdated releases to /var/www/openssl/source/old/SUBDIR
+
+Copy files to ftp source directory, /srv/ftp/source.
+Also move any oudated releases to /srv/ftp/source/old/SUBDIR
diff --git a/release-tools/do-copyright-year b/release-tools/do-copyright-year
new file mode 100755
index 0000000..59b9235
--- /dev/null
+++ b/release-tools/do-copyright-year
@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+#
+# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+this_year=`date +%Y`
+some_year="[12][0-9][0-9][0-9]"
+year_range="(${some_year})(-${some_year})?"
+
+copyright_owner="The OpenSSL Project"
+copyright="Copyright .*${year_range} .*${copyright_owner}"
+
+# sed_script:
+# for all lines that contain ${copyright} : {
+# replace years yyyy-zzzz (or year yyyy) by yyyy-${this_year}
+# replace repeated years yyyy-yyyy by yyyy
+# }
+ss=/tmp/sed$$
+cat <$ss
+/${copyright}/ {
+s|${year_range}|\1-${this_year}|
+s|(${some_year})-\1|\1|
+}
+EOF
+
+NYD=`date +%Y-01-01`
+echo Updating copryight
+git diff-tree -r --name-only `git rev-list -1 --before=$NYD HEAD`..HEAD \
+ | while read FILE ; do
+ sed -E -f /tmp/sed$$ "$FILE" >/tmp/$$
+ mv /tmp/$$ "$FILE"
+ git add "$FILE"
+done
+echo Committing change locally.
+git commit -m 'Update copyright year'
+rm -f $ss
diff --git a/release-tools/do-release.pl b/release-tools/do-release.pl
new file mode 100644
index 0000000..1725055
--- /dev/null
+++ b/release-tools/do-release.pl
@@ -0,0 +1,209 @@
+#! /usr/bin/env perl
+# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+my $homedir = glob("~openssl");
+my $tmpdir = $ENV{"OPENSSL_TMP_DIR"} // $homedir . "/dist/new";
+my $olddir = $ENV{"OPENSSL_OLD_DIR"} // $homedir . "/dist/old";
+my $srcdir = $ENV{"OPENSSL_SRC_DIR"} // "/var/www/openssl/source";
+my $ftpdir = $ENV{"OPENSSL_FTP_DIR"} // "/srv/ftp/source";
+my $mail = $ENV{"OPENSSL_MAIL"} // "mutt -s SUBJECT RECIP < BODY";
+
+my $do_mail = 0;
+my $do_copy = 0;
+my $do_move = 0;
+my $mail_only = 0;
+
+foreach (@ARGV) {
+ if (/--tmpdir=(.*)$/) {
+ $tmpdir = $1;
+ } elsif (/^--copy$/) {
+ $do_copy = 1;
+ }
+ elsif (/^--move$/) {
+ $do_move = 1;
+ } elsif (/^--mail$/) {
+ $do_mail = 1;
+ } elsif (/^--mail-only$/) {
+ $mail_only = 1;
+ $do_mail = 1;
+ } elsif (/^--full-release$/) {
+ $do_mail = 1;
+ $do_copy = 1;
+ $do_move = 1;
+ } else {
+ print STDERR "Unknown command line argument $_";
+ exit 1;
+ }
+}
+
+if ( getpwuid($<) ne "openssl" && !exists $ENV{"OPENSSL_RELEASE_TEST"} ) {
+ print "This script must be run as the \"openssl\" user\n";
+ exit 1;
+}
+
+die "Can't find distribution directory $tmpdir" unless -d $tmpdir;
+die "Can't find old distribution directory $olddir" unless -d $olddir;
+die "Can't find source directory $srcdir" unless -d $srcdir;
+die "Can't find ftp directory $ftpdir" unless -d $ftpdir;
+
+my @versions;
+my @series;
+my @files = glob("$tmpdir/*.txt.asc");
+
+foreach (@files) {
+ if (/^.*\/openssl-(\d+\.\d+\.\d+[a-z]*-pre\d+)\..*$/) {
+ push @versions, $1;
+ } elsif (/^.*\/openssl-(\d+\.\d+\.\d+[a-z]*)\..*$/) {
+ push @versions, $1;
+ } else {
+ die "Unexpected filename $_";
+ }
+}
+foreach (@versions) {
+ if (/^(\d+\.\d+\.\d+)[a-z]*$/) {
+ my $serie = $1;
+ push @series, $serie unless grep /^$serie/, @series;
+ }
+}
+die "No distribution in temp directory!" if ( scalar @versions == 0 );
+print "OpenSSL versions to be released:\n";
+foreach (@versions) {
+ print "$_\n";
+}
+print "OK? (y/n)\n";
+$_ = ;
+exit 1 unless /^y/i;
+
+my @distfiles;
+my @announce;
+
+foreach (@versions) {
+ push @distfiles, "openssl-$_.tar.gz";
+ push @distfiles, "openssl-$_.tar.gz.sha1";
+ push @distfiles, "openssl-$_.tar.gz.sha256";
+ push @distfiles, "openssl-$_.tar.gz.asc";
+ push @announce, "openssl-$_.txt.asc";
+}
+
+$do_copy = 0 if $mail_only;
+
+my $bad = 0;
+if ($do_copy) {
+ foreach (@distfiles) {
+ if ( !-f "$tmpdir/$_" ) {
+ print STDERR "File $_ not found in temp directory!\n";
+ $bad = 1;
+ }
+ if ( -e "$srcdir/$_" ) {
+ print STDERR "File $_ already present in source directory!\n";
+ $bad = 1;
+ }
+ if ( -e "$ftpdir/$_" ) {
+ print STDERR "File $_ already present in ftp directory!\n";
+ $bad = 1;
+ }
+ if ( -e "$olddir/$_" ) {
+ print STDERR
+ "File $_ already present in old distributions directory!\n";
+ $bad = 1;
+ }
+ }
+}
+
+exit 1 if $bad;
+
+print "Directory sanity check OK\n";
+
+print "Starting release for OpenSSL @versions\n";
+
+if ($do_copy) {
+ foreach (@distfiles) {
+ system("cp $tmpdir/$_ $srcdir/$_");
+ die "Error copying $_ to source directory!" if $?;
+ system("cp $tmpdir/$_ $ftpdir/$_");
+ die "Error copying $_ to ftp directory!" if $?;
+ }
+ print "Copied distributions files to source and ftp directories\n";
+ foreach my $serie (@series) {
+ my $tomove_oldsrc = "$srcdir/old/$serie";
+ my @tomove_src =
+ map {
+ my $x = $_;
+ $x =~ s|.*/||g;
+ grep( /^$x$/, @distfiles ) ? () : $x
+ }
+ grep { -f $_ }
+ glob("$srcdir/openssl-$serie.tar.gz $srcdir/openssl-$serie?.tar.gz");
+ my $tomove_oldftp = "$ftpdir/old/$serie";
+ my @tomove_ftp =
+ map {
+ my $x = $_;
+ $x =~ s|.*/||g;
+ grep( /^$x$/, @distfiles ) ? () : $x
+ }
+ grep { -f $_ }
+ glob("$ftpdir/openssl-$serie.tar.gz $ftpdir/openssl-$serie?.tar.gz");
+
+ mkdir $tomove_oldsrc
+ or die "Couldn't mkdir $tomove_oldsrc : $!"
+ if !-d $tomove_oldsrc;
+ mkdir $tomove_oldftp
+ or die "Couldn't mkdir $tomove_oldftp : $!"
+ if !-d $tomove_oldftp;
+ foreach (@tomove_src) {
+ system("mv $srcdir/$_* $tomove_oldsrc/");
+ die "Error moving $_* to old source directory!" if $?;
+ }
+ foreach (@tomove_ftp) {
+ system("mv $ftpdir/$_* $tomove_oldftp/");
+ die "Error moving $_* to old ftp directory!" if $?;
+ }
+ }
+ print
+ "Moved old distributions files to source/old and ftp/old directories\n";
+}
+else {
+ print "Test mode: no files copied\n";
+}
+
+foreach (@versions) {
+ my $announce = "openssl-$_.txt.asc";
+ my $annversion = $_;
+ $annversion =~ s/-pre(\d+$)/ pre release $1/;
+ my $annmail = $mail;
+ $annmail =~ s/SUBJECT/"OpenSSL version $annversion published"/;
+ $annmail =~ s/RECIP/openssl-project openssl-users openssl-announce/;
+ $annmail =~ s|BODY|$tmpdir/$announce|;
+
+ if ($do_mail) {
+ print "Sending announcement email for OpenSSL $_...\n";
+ system("$annmail");
+ die "Error sending announcement email!" if $?;
+ print "Don't forget to authorise the openssl-announce email.\n";
+ push @distfiles, $announce if $do_move;
+ } else {
+ print "Announcement email not sent automatically\n";
+ print "\nSend announcement mail manually with command:\n\n$annmail\n\n";
+ print
+"When done, move the announcement file away with command:\n\nmv $tmpdir/$announce $olddir/$announce\n\n"
+ if $do_move;
+ }
+}
+
+if ($do_move) {
+ foreach (@distfiles) {
+ rename( "$tmpdir/$_", "$olddir/$_" ) || die "Can't move $_: $!";
+ }
+ print "Moved distribution files to old directory\n";
+}
+
+print "Successful!\n";
+
diff --git a/release-tools/mkrelease.pl b/release-tools/mkrelease.pl
new file mode 100644
index 0000000..4012e4d
--- /dev/null
+++ b/release-tools/mkrelease.pl
@@ -0,0 +1,427 @@
+#! /usr/bin/env perl
+# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# OpenSSL release generation script.
+
+use strict;
+use warnings;
+use File::Basename;
+use lib dirname(__FILE__);
+use Module::Load::Conditional qw(can_load);
+can_load(modules => { 'OpenSSL::Query::DB' => undef });
+use OpenSSL::Query::REST;
+
+require "release-check.pl";
+require "release-date.pl";
+require "release-git.pl";
+require "release-update.pl";
+require "release-version.pl";
+
+our $debug = 0;
+our $verbose = 0;
+my @reviewers;
+my @openssl_branches;
+my $revert;
+my $pre;
+my $info_only;
+my $branch_info_only;
+my $no_clean;
+my $no_update;
+my $no_release;
+my $no_upload;
+my $bversion;
+my $ok;
+my $label;
+
+#Determine include path
+our $includepath;
+if ( -e "crypto/opensslv.h" ) {
+ $includepath = "crypto";
+}
+else {
+ $includepath = "include/openssl";
+}
+
+sub print_git_info {
+ my ( $rinfo, $branch, $s ) = @_;
+ my $version = openssl_git_expected_version( $rinfo, $branch );
+ my $last = openssl_git_last_release( $rinfo, $branch );
+ my $last_full = openssl_git_last_release( $rinfo, $branch, 1, 1 );
+
+ # Auto detect pre release if we haven't forced it.
+ $pre = $version =~ /-pre/ unless defined $pre;
+ my $next = openssl_version_next( $version, $pre );
+
+ print "${s}Branch version: $branch\n";
+ print "${s}Last release: $last\n";
+ print "${s}Last full release: $last_full\n";
+ print "${s}Current version: $version\n";
+ print "${s}Next release: $next\n";
+}
+
+sub print_branch_info {
+ my ($rinfo) = @_;
+ my ( $rtags, $rbranches ) = @$rinfo;
+ print "All Branch details:\n";
+ foreach (@$rbranches) {
+ print "\n";
+ print_git_info( $rinfo, $_, "\t" );
+ }
+ print "\n";
+}
+
+# Initialise git version tables, OMC database.
+my $gitinfo = openssl_git_init();
+my $query = OpenSSL::Query->new();
+
+foreach (@ARGV) {
+ if (/^--git-info$/) {
+ $info_only = 1;
+ } elsif (/^--branch-version=(.*)$/) {
+ $bversion = $1;
+ } elsif (/^--git-branch-info/) {
+ $branch_info_only = 1;
+ } elsif (/^--no-clean/) {
+ $no_clean = 1;
+ } elsif (/^--no-release/) {
+ $no_release = 1;
+ } elsif (/^--no-update/) {
+ $no_update = 1;
+ } elsif (/^--no-upload/) {
+ $no_upload = 1;
+ } elsif (/^--revert/) {
+ $revert = 1;
+ } elsif (/^--leave-pre/) {
+ $pre = 0;
+ } elsif (/^--enter-pre/) {
+ $pre = 1;
+ } elsif (/^--debug/) {
+ $debug = 1;
+ $verbose = 1;
+ } elsif (/^--verbose/) {
+ $verbose = 1;
+ } elsif (/^--reviewer=(.*)$/) {
+ my $r = $1;
+ my $rname = $query->find_person_tag($r, 'rev');
+ die "Unknown reviewer $1" unless $rname;
+ push @reviewers, $rname;
+ } elsif (/^--label=(.*)$/) {
+ $label = $1;
+ if ( $label ne "alpha" && $label ne "beta" ) {
+ die "Invalid label";
+ }
+ } else {
+ print "Uknown option $_\n";
+ exit 1;
+ }
+}
+
+if ($revert) {
+ $_ = openssl_git_current_branch();
+ print "Reverting to repository version for $_\n";
+ system("git reset --hard origin/$_");
+ die "Error reverting!!" if $?;
+ openssl_git_delete_local_tags($_);
+ exit 0;
+}
+
+$bversion = openssl_git_branch_version() unless defined $bversion;
+
+if ($info_only) {
+ print_git_info( $gitinfo, $bversion, "" );
+ exit 0;
+}
+
+if ($branch_info_only) {
+ print_branch_info($gitinfo);
+ exit 0;
+}
+
+die "No reviewer set!" unless @reviewers;
+
+print "Current branch version is $bversion\n";
+
+if ( openssl_git_check_changes() ) {
+ print "ERROR: unstaged changes in current branch!\n";
+ exit 1;
+}
+
+my $expected_version = openssl_git_expected_version( $gitinfo, $bversion );
+
+# If this is first pre release there will be no releases from this branch
+# So set expected version to pre1-dev as we can't detect this from
+# tags.
+
+if ( $expected_version !~ /-pre/ && openssl_check_first_pre() ) {
+ $expected_version =~ s/-dev/-pre1-dev/;
+}
+
+# Auto detect pre release if we haven't forced it.
+$pre = $expected_version =~ /-pre/ unless defined $pre;
+
+if ( !$pre && defined $label ) {
+ die "Not a pre-release but a label has been defined";
+}
+if ( $pre && !defined $label ) {
+ die "This is a pre-release but a label has not been defined";
+}
+
+my $last_version = openssl_git_last_release( $gitinfo, $bversion, 1, 1 );
+my $last_branch_release = openssl_git_last_release( $gitinfo, $bversion, 1 );
+my $next_version = openssl_version_next( $expected_version, $pre );
+
+print "Branch feature version: $bversion\n";
+print "Last release on this branch: $last_branch_release\n";
+print "Current branch version $expected_version\n";
+print "Next release version $next_version\n";
+print "Last full release version $last_version\n";
+
+$ok = openssl_check_all( $expected_version, $last_version );
+
+print "Branch sanity check: " . ( $ok ? "OK" : "NOT OK" ) . "\n";
+
+if ( $ok == 0 ) {
+ print "Sanity check failed, cannot continue\n";
+ exit 1;
+}
+
+if ( !$no_clean ) {
+ print "Cleaning directory\n";
+ system("git clean -x -d -f");
+ die "Error cleaning directory" if $?;
+}
+
+openssl_git_make_update(@reviewers) unless $no_update;
+
+$expected_version = openssl_version_next( $expected_version, $pre );
+
+my $date = openssl_current_date() unless $expected_version =~ /-pre1-dev/;
+
+print "Updating versions to $expected_version\n";
+
+openssl_update_all( $expected_version, $date, $label );
+
+$ok = openssl_check_all( $expected_version, $last_version, $date );
+
+print "Changes sanity check: " . ( $ok ? "OK" : "NOT OK" ) . "\n";
+
+if ( $ok == 0 ) {
+ print "Release sanity check failed, cannot continue\n";
+ exit 1;
+}
+
+print "Committing changes:\n";
+
+# If we changed from -dev to -pre1-dev a dev version is
+# entering pre release. Just commit changes without a release.
+
+if ( $expected_version =~ /pre1-dev/ ) {
+ my $main_version = $expected_version;
+ $main_version =~ s/-pre1-dev//;
+ openssl_git_commit( "OpenSSL $main_version is now in pre release",
+ @reviewers );
+ die "Error comitting changes!" if $?;
+ print "Version set to $expected_version, exiting\n";
+ exit 0;
+}
+
+openssl_git_commit( "Prepare for $expected_version release", @reviewers );
+die "Error comitting release changes!" if $?;
+
+my $tag = "OpenSSL_$expected_version";
+my $tagkey =
+ defined( $ENV{OPENSSL_GPG_KEYID} ) ? " -u $ENV{OPENSSL_GPG_KEYID}" : " -s";
+
+$tag =~ tr/\./_/;
+
+print
+ "Tagging release with tag $tag (you will need to provide a pass phrase)\n";
+
+system("git tag$tagkey -m \"OpenSSL $expected_version release tag\" $tag");
+die "Error tagging release!" if $?;
+
+my $TAR = defined( $ENV{OPENSSL_TAR} ) ? "TAR=$ENV{OPENSSL_TAR}" : "";
+
+if ( !$no_release ) {
+ print "Generating release tarball.\n";
+ my $openssl = $ENV{"OPENSSL"} // "openssl";
+ my $gpgkeyid =
+ defined( $ENV{OPENSSL_GPG_KEYID} ) ? " -u $ENV{OPENSSL_GPG_KEYID}" : "";
+ my $gpg = $ENV{"OPENSSL_GPG"} // "gpg$gpgkeyid";
+ my $gpgtar = $ENV{"OPENSSL_GPG_TAR"} // "$gpg --use-agent -sba";
+ my $gpgann = $ENV{"OPENSSL_GPG_ANNOUNCE"}
+ // "$gpg --use-agent -sta --clearsign";
+ my $tarfile = "openssl-${expected_version}.tar.gz";
+ system("(./config; make $TAR dist) >../$tarfile.log 2>&1");
+ die "Error generating release!" if $?;
+ die "Can't find tarball!!" unless -f "../$tarfile";
+
+ my $length = -s "../$tarfile";
+ print "Creating hash files\n";
+ my $sha1hash = `$openssl sha1 < ../$tarfile`;
+ chomp $sha1hash;
+ $sha1hash =~ s/^.*=\s//;
+ die "invalid hash" unless $sha1hash =~ /[0-9a-f]{20}/;
+ my $sha256hash = `$openssl sha256 < ../$tarfile`;
+ chomp $sha256hash;
+ $sha256hash =~ s/^.*=\s//;
+ die "invalid hash" unless $sha256hash =~ /[0-9a-f]{20}/;
+ open OUT, ">../$tarfile.sha1";
+ print OUT $sha1hash . "\n";
+ close OUT;
+ open OUT, ">../$tarfile.sha256";
+ print OUT $sha256hash . "\n";
+ close OUT;
+ print "Creating PGP signature:\n";
+ unlink("../${tarfile}.asc");
+ system("$gpgtar ../$tarfile");
+ die "Error creating signature" if $?;
+
+ my $anntxt = "../openssl-${expected_version}.txt";
+
+ open OUT, ">$anntxt";
+ if ( $expected_version =~ /-pre/ ) {
+
+ # Note the variable name is the same length as the real
+ # version so the announcement can be made to look pretty.
+ # If we ever go to pre10 it will be one character longer...
+ my $openssl_ver = $expected_version;
+ $openssl_ver =~ s/^(.*)-pre(\d+)$/$1 pre release $2/;
+ my $fvers = $expected_version;
+ $fvers =~ s/-pre\d+//;
+ print OUT <) {
+ if (/^.*OpenSSL\s+(\S+)\s+(\([[:alpha:]]+\)\s+)?(.*)$/) {
+ check_str( "README version", $version, $1, \$ok );
+ if ( defined $indate ) {
+ check_str( "README date", $date, $3, \$ok );
+ }
+ close IN;
+ return $ok;
+ }
+ }
+ close IN;
+ print STDERR "Invalid syntax in README\n";
+ return 0;
+}
+
+sub openssl_check_NEWS {
+ my ( $version, $prev, $indate ) = @_;
+ my $date = openssl_date( $version =~ /-pre/ ? undef : $indate );
+ my $ok = 1;
+ if ( $date =~ /XXX/ ) {
+ if ( $version =~ /-pre/ ) {
+ $date = "in pre-release";
+ } else {
+ $date = "under development";
+ }
+ }
+ $version =~ s/-dev$//;
+ $version =~ s/-pre.*$//;
+ open( IN, "NEWS" ) || die "Can't open NEWS";
+
+ while () {
+ if (
+/^ Major changes between OpenSSL (\S+) and OpenSSL (\S+)\s+\[0?(.*)\]/
+ )
+ {
+ check_str( "NEWS previous version", $prev, $1, \$ok );
+ check_str( "NEWS version", $version, $2, \$ok );
+ check_str( "NEWS date", $date, $3, \$ok );
+ close IN;
+ return $ok;
+ }
+ }
+ close IN;
+ print STDERR "Invalid syntax in NEWS\n";
+ return 0;
+}
+
+sub openssl_check_CHANGES {
+ my ( $version, $prev, $indate ) = @_;
+ my $date = openssl_date( $version =~ /-pre/ ? undef : $indate );
+ my $ok = 1;
+ $version =~ s/-dev$//;
+ $version =~ s/-pre.*$//;
+ open( IN, "CHANGES" ) || die "Can't open CHANGES";
+
+ while () {
+ if (/^ Changes between (\S+) and (\S+)\s+\[0?(.*)\]/) {
+ check_str( "CHANGES previous version", $prev, $1, \$ok );
+ check_str( "CHANGES version", $version, $2, \$ok );
+ check_str( "CHANGES date", $date, $3, \$ok );
+ close IN;
+ return $ok;
+ }
+ }
+ close IN;
+ print STDERR "Invalid syntax in CHANGES\n";
+ return 0;
+}
+
+sub openssl_check_version_h {
+ my ( $version, $indate ) = @_;
+ my ( $hex_done, $fips_done, $version_done );
+ my $hexversion = openssl_version_hex($version);
+ my $ok = 1;
+ my $version_fips = $version . "-fips";
+ $version_fips =~ s/-dev-fips/-fips-dev/;
+ my $date = openssl_date($indate);
+ open( IN, "$main::includepath/opensslv.h" ) || die "Can't open opensslv.h";
+
+ while () {
+ if (/OPENSSL_VERSION_NUMBER\s+(0x[0-9a-f]+)L/) {
+ check_str( "opensslv.h: HEX version", $hexversion, $1, \$ok );
+ $hex_done = 1;
+ } elsif (
+/OPENSSL_VERSION_TEXT\s+\"OpenSSL (\S*fips\S*)\s+(\([[:alpha:]]+\)\s+)?(.*)\"/
+ )
+ {
+ check_str( "opensslv.h: FIPS version", $version_fips, $1, \$ok );
+ check_str( "opensslv.h: FIPS date", $date, $3, \$ok );
+ $fips_done = 1;
+ } elsif (
+/OPENSSL_VERSION_TEXT\s+\"OpenSSL (\S*)\s+(\([[:alpha:]]+\)\s+)?(.*)\"/
+ )
+ {
+ check_str( "opensslv.h: version", $version, $1, \$ok );
+ check_str( "opensslv.h: date", $date, $3, \$ok );
+ $version_done = 1;
+ }
+ if ( $hex_done && $fips_done && $version_done ) {
+ close IN;
+ return $ok;
+ }
+ }
+ print STDERR "Invalid syntax in opensslv.h\n";
+ close IN;
+ return 0;
+}
+
+sub openssl_check_spec {
+ my ($version) = @_;
+ my $ok = 1;
+ $version =~ s/-dev$//;
+ $version =~ s/-pre.*$//;
+ open( IN, "openssl.spec" ) || die "Can't open openssl.spec";
+ while () {
+ if (/^Version:\s+(\S+)$/) {
+ check_str( "openssl.spec version", $version, $1, \$ok );
+ close IN;
+ return $ok;
+ }
+ }
+ close IN;
+ print STDERR "Invalid syntax in README\n";
+ return 0;
+}
+
+sub print_ok {
+ my ( $file, $ok ) = @_;
+ print "File: $file " . ( $ok ? "OK" : "NOT OK!!" ) . "\n"
+ if ($main::verbose);
+}
+
+sub openssl_check_all {
+ my ( $version, $last_version, $date ) = @_;
+
+ my $readme_ok = openssl_check_README( $version, $date );
+
+ print_ok( "README", $readme_ok );
+
+ my $changes_ok = openssl_check_CHANGES( $version, $last_version, $date );
+
+ print_ok( "CHANGES", $changes_ok );
+
+ my $news_ok = openssl_check_NEWS( $version, $last_version, $date );
+
+ print_ok( "NEWS", $news_ok );
+
+ my $v_h_ok = openssl_check_version_h( $version, $date );
+
+ print_ok( "opensslv.h", $v_h_ok );
+
+ # Newer versions don't have openssl.spec
+ my $spec_ok = 1;
+ if ( -f "openssl.spec" ) {
+ $spec_ok = openssl_check_spec($version);
+
+ print_ok( "openssl.spec", $spec_ok );
+ }
+
+ return $readme_ok && $changes_ok && $news_ok && $v_h_ok && $spec_ok;
+}
+
+# If there are no tagged releases for the current version
+# and we are in pre release mode then either we are just entering
+# pre release and the next version will be pre1-dev or we are already
+# at pre1-dev and we need to do a release of pre1.
+# Check opensslv.h to determine which
+
+sub openssl_check_first_pre {
+ open( IN, "$main::includepath/opensslv.h" ) || die "Can't open opensslv.h";
+
+ while () {
+ if (/OPENSSL_VERSION_TEXT\s+\"OpenSSL \S*\s+.*\"/) {
+ close IN;
+
+ # Ignore -fips in string
+ s/-fips//;
+ return /pre1-dev/;
+ }
+ }
+ close IN;
+ die "Invalid sysntax in opensslv.h";
+}
+
+return 1;
diff --git a/release-tools/release-date.pl b/release-tools/release-date.pl
new file mode 100644
index 0000000..c5b5c38
--- /dev/null
+++ b/release-tools/release-date.pl
@@ -0,0 +1,64 @@
+#! /usr/bin/env perl
+# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+# Return date into a form suitable for the FAQ, version file and
+# CHANGES file entries. Optionally can be passed date in the form
+# mm/dd/yyyy
+
+sub openssl_date {
+ my ($datestr) = @_;
+ my ( $mday, $mon, $year );
+
+ if ( defined $datestr ) {
+ if ( $datestr =~ /(\d+)\/(\d+)\/(\d+)/ ) {
+ $mday = $1;
+ $mon = $2;
+ $year = $3;
+ $mon--;
+ } else {
+ die "Invalid date syntax $datestr, expecting mm/dd/yyyy";
+ }
+ } else {
+ return ( "xx XXX xxxx", undef, undef ) if wantarray;
+ return "xx XXX xxxx";
+ }
+
+ my $mdsuff;
+ if ( $mday % 10 > 0 && $mday % 10 <= 3 && ( $mday < 10 || $mday > 20 ) ) {
+ my @mday_ord = qw(st nd rd);
+ $mdsuff = $mday_ord[ $mday % 10 - 1 ];
+ } else {
+ $mdsuff = "th";
+ }
+
+ my @mnames =
+ qw(January February March April May June July August September October November December);
+
+ my $mname = $mnames[$mon];
+ my $mname_short = substr $mname, 0, 3;
+
+ my $date_ch = sprintf "%d %s %d", $mday, $mname_short, $year;
+ return $date_ch unless wantarray;
+ my $date_ab = sprintf "%s %d%s, %d", $mname_short, $mday, $mdsuff, $year;
+ my $date_full = sprintf "%-9s %2d%s, %d", $mname, $mday, $mdsuff, $year;
+
+ return ( $date_ch, $date_ab, $date_full );
+
+}
+
+# Return current date in dd/mm/yyyy format suitable to passing into
+# openssl_date().
+
+sub openssl_current_date {
+ my ( $mday, $mon, $year ) = (localtime)[ 3 .. 5 ];
+ $year += 1900;
+ $mon++;
+ return "$mday/$mon/$year";
+}
+
+return 1;
diff --git a/release-tools/release-git.pl b/release-tools/release-git.pl
new file mode 100644
index 0000000..2b6ac1a
--- /dev/null
+++ b/release-tools/release-git.pl
@@ -0,0 +1,164 @@
+#! /usr/bin/env perl
+# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+# OpenSSL git version utilities.
+
+# Retrieve list of branches and release tags in a reference usable by other
+# functions.
+
+sub openssl_git_init {
+ my @tmpbranches =
+ grep { chomp; s|^\s+origin/OpenSSL_(\w*\d)-stable$|$1|; } `git branch -r`;
+ die "Error retrieving branch details!" if $?;
+
+ # Create initial dev version entry: lowest possible version for
+ # branch which will be accurate if no releases have take place.
+ my @branches;
+ foreach ( sort @tmpbranches ) {
+ tr/_/\./;
+ next if /^0/ && $_ ne "0.9.8";
+ push @branches, $_;
+ }
+
+ # Create list of tags
+ my @rtags = grep { chomp; s/OpenSSL_(\d.*)$/$1/; } `git tag`;
+ die "Error retrieving tag details!" if $?;
+ my @tags;
+ foreach (@rtags) {
+
+ # Skip if tag has - and it isn't pre
+ next if ( /-/ && !/-pre\d+$/ );
+ tr/_/\./;
+ next if /^0/ && !/^0.9.8/;
+ push @tags, $_;
+ }
+ my $aref = [ \@tags, \@branches ];
+ return $aref;
+}
+
+# Return last release number on supplied branch.
+# If $nopre is set, skip pre releases, if $prev set
+# return last release on previous branch if no release
+# on current branch.
+
+sub openssl_git_last_release {
+ my ( $rinfo, $branch, $nopre, $prev ) = @_;
+ my ( $rtag, $rbranch ) = @$rinfo;
+ my $brhex = openssl_version_branch_hex($branch);
+ my $rv = "";
+ my $rvhex = "";
+ foreach (@$rtag) {
+ next if ( $nopre && /-pre/ );
+ my $taghex = openssl_version_hex($_);
+ my $tagbhex = openssl_version_branch_hex($_);
+
+ # Is tag for current branch?
+ if ( $tagbhex ne $brhex ) {
+
+ # Discard if only want current branch or greater
+ # than current branch
+ next if ( !$prev || $tagbhex gt $brhex );
+ }
+
+ # If release is later than last value replace.
+ if ( $taghex gt $rvhex ) {
+ $rv = $_;
+ $rvhex = openssl_version_hex($rv);
+ }
+ }
+ return $rv eq "" ? "none" : $rv;
+}
+
+sub openssl_git_current_branch {
+
+ # Current branch
+ $_ = `git rev-parse --abbrev-ref HEAD`;
+ die "Can't get current branch!" if $?;
+ chomp;
+ return $_;
+}
+
+sub openssl_git_branch_version {
+ ($_) = @_;
+ $_ = openssl_git_current_branch() unless defined $_;
+ die "Unexpected branch name $_" unless s/OpenSSL_//;
+ tr /_/\./;
+ die "Unexpected branch name $_" unless s/-stable$//;
+ return $_;
+}
+
+sub openssl_git_expected_version {
+ my ( $rinfo, $branch ) = @_;
+ $branch = openssl_git_major_version() unless defined $branch;
+ my $rv = openssl_git_last_release( $rinfo, $branch );
+ return $branch .= "-dev" if $rv eq "none";
+ return openssl_version_next($rv);
+}
+
+sub openssl_git_check_changes {
+
+ # For some reason this is unreliable if you use --quiet ...
+ system("git diff --exit-code >/dev/null");
+ return 0 if $? == 0;
+ return 1 if $? == 256;
+ die "Unexpected status $?";
+}
+
+sub openssl_git_make_update {
+ print "Configuring system\n";
+ system("perl Configure gcc >/dev/null 2>&1");
+ die "Error configuring system" if $?;
+
+ print "Doing make update\n";
+ system("make update >/dev/null 2>&1");
+ die "make update error" if $?;
+ if ( openssl_git_check_changes() ) {
+ print "Source modified, committing changes\n";
+ openssl_git_commit( "make update", @_ );
+ die "Error committing update" if $?;
+ } else {
+ print "No changes\n";
+ }
+ system("find . -name Makefile.save -exec rm \\\{\\\} \\\;");
+ die "Error removing Makefile.save files" if $?;
+}
+
+sub openssl_git_delete_local_tags {
+ my ($branch) = @_;
+ $branch =~ s/-stable//;
+ my @tags = grep { chomp; } `git tag -l $branch\*`;
+ my @rtags =
+ grep { chomp; s|^.*refs/tags/||; } `git ls-remote --tags origin`;
+ my %rtaghash;
+ foreach (@rtags) {
+ $rtaghash{$_} = 1;
+ }
+ foreach (@tags) {
+ if ( !defined $rtaghash{$_} ) {
+ print "Deleting local tag $_\n" if $main::verbose;
+ system("git tag -d $_");
+ }
+ }
+}
+
+sub openssl_git_commit {
+ my @args = ( "git", "commit", "-a" );
+ my ( $message, @reviewers ) = @_;
+ $message .= "\n\n";
+ foreach (@reviewers) {
+ $message .= "Reviewed-by: $_\n";
+ }
+ push @args, "-m", "$message";
+ system(@args);
+ die "Error committing update" if $?;
+}
+
+return 1;
diff --git a/release-tools/release-update.pl b/release-tools/release-update.pl
new file mode 100644
index 0000000..a8d5687
--- /dev/null
+++ b/release-tools/release-update.pl
@@ -0,0 +1,153 @@
+#! /usr/bin/env perl
+# Copyright 2010-2018 The OpenSSL Project Authors. All Rights Reserved.
+#
+# Licensed under the OpenSSL license (the "License"). You may not use
+# this file except in compliance with the License. You can obtain a copy
+# in the file LICENSE in the source distribution or at
+# https://www.openssl.org/source/license.html
+
+use strict;
+use warnings;
+
+sub openssl_update_file {
+ my $fref = pop @_;
+ my $file = pop @_;
+ my $file_new = $file . ".new";
+ my $finished = 0;
+ open( IN, "$file" ) || die "Can't open $file";
+ open( OUT, ">$file_new" ) || die "Can't open $file_new";
+ while () {
+ $finished = &$fref(@_) unless $finished;
+ print OUT;
+ }
+ close IN;
+ close OUT;
+ unlink $file;
+ rename $file_new, $file;
+ print "Updated $file\n" if $main::verbose;
+}
+
+sub openssl_update_README {
+ my ( $version, $indate, $label ) = @_;
+ my $date = openssl_date($indate);
+ my $update = sub {
+ if (/^.*OpenSSL/) {
+ $_ = " OpenSSL $version";
+ $_ .= " $label" if ( defined $label );
+ $_ .= " $date" if ( defined $indate );
+ $_ .= "\n";
+ return 1;
+ }
+ return 0;
+ };
+ openssl_update_file( @_, "README", $update );
+}
+
+sub openssl_update_CHANGES {
+ my ( $version, $indate ) = @_;
+ my $date = openssl_date($indate);
+ $version =~ s/-dev//;
+ my $update = sub {
+ if (/^ Changes between \S+ and (\S+)\s+\[0?(.*)\]/) {
+ my $chversion = $1;
+ my $chdate = $2;
+ if ( defined $indate ) {
+ s/$chdate/$date/;
+ } else {
+ my $newchanges = < 1 || length $NN > 2 || length $FF > 2 ) {
+ die "Invalid version syntax";
+ }
+
+ my ( $PP, $S );
+
+ if ( $rest eq "" ) {
+ $PP = "00";
+ $S = "f";
+ } else {
+ $S = "";
+ if ( $rest =~ s/-dev$// ) {
+ $S = "0";
+ }
+
+ # Note pre release development versions of the form -preX-dev
+ # version is same for pre release and development versions
+ # So check for -preX after we have stripped off any
+ # -dev above.
+ if ( $rest =~ s/-pre([\d]+)$// ) {
+ $S = sprintf "%x", $1;
+ }
+
+ # No -dev or -pre, must be release
+ $S = "f" if $S eq "";
+
+ if ( $rest eq "" ) {
+ $PP = "00";
+ } elsif ( $rest =~ /^z([a-z]$)/ ) {
+ $PP = sprintf "%02x", ord($1) - ord("a") + 26;
+ } elsif ( $rest =~ /(^[a-z]$)/ ) {
+ $PP = sprintf "%02x", ord($1) - ord("a") + 1;
+ } else {
+ die "Invalid version syntax: \"$ov\"";
+ }
+ }
+
+ if ( length $S > 1 || length $PP > 2 ) {
+ die "Invalid version syntax";
+ }
+
+ return "0x$M$NN$FF$PP$S";
+
+}
+
+# Convert hex format to string
+# Usage is version_str($hex_version), returns version as a string.
+
+sub openssl_version_str {
+ my ($hexversion) = @_;
+ my ( $chk, $M, $NN, $FF, $PP, $S ) = unpack "A2AA2A2A2A", $hexversion;
+ die "Bad hex version $hexversion" if $chk ne "0x" || $S eq "";
+ my $version_str = hex($M) . "." . hex($NN) . "." . hex($FF);
+
+ if ( $PP ne "00" ) {
+ my $hex_PP = hex($PP);
+ if ( $hex_PP > 25 ) {
+ $version_str .= "z";
+ $hex_PP -= 25;
+ }
+ $version_str .= chr( $hex_PP + ord("a") - 1 );
+ }
+
+ if ( $S eq "0" ) {
+ $version_str .= "-dev";
+ } elsif ( $S ne "f" ) {
+ $version_str .= "-pre" . hex($S);
+ }
+
+ return $version_str;
+
+}
+
+# Given a hex number work out the next version.
+# Usage is openssl_next_version($version, $pre, $dev)
+# $pre indicates whether we should use pre releases
+# $dev indicates we should use a development version.
+
+sub openssl_version_next {
+ my ( $version, $pre, $dev ) = @_;
+ my $hexversion = openssl_version_hex($version);
+ my ( $chk, $M, $NN, $FF, $PP, $S ) = unpack "A2AA2A2A2A", $hexversion;
+ die "Invalid syntax $version" if $S eq "";
+
+ # If $pre or $dev not set work out what we want.
+ $dev = $version !~ /-dev/ unless defined $dev;
+ $pre = $version =~ /-pre/ unless defined $pre;
+
+ # If we want a release then just need to get rid of "-dev" part.
+ #
+ if ( $dev == 0 ) {
+ die "Expecting a development version!!" if $version !~ /-dev/;
+
+ # NB version number is identical for pre and pre development.
+ # So just strip out "-dev" part.
+ $version =~ s/-dev//;
+
+ # Special case: if we are going from X.Y.Z-dev and using pre releases
+ # next version is X.Y.Z-pre1-dev and this wont be a release,
+ # just changing version numbers for beginning of pre releases.
+ $version .= "-pre1-dev" if $pre && $S eq "0";
+
+ # If moving out of pre release return full release
+ $version =~ s/-pre.*$// unless $pre;
+ return $version;
+ }
+ die "Not expecting a development version!!" if $version =~ /-dev/;
+
+ # If a pre release we need to increment the pre release portion
+ if ( $pre != 0 ) {
+
+ # Hex version can only handle 14 pre releases.
+ die "Can't go past pre release 14!!" if ( $S eq "e" );
+
+ # Must be a pre release or development version.
+ die "Can't go from release to pre release!!" if $S eq "f";
+ $S = sprintf "%x", hex($S) + 1;
+ $hexversion =~ s/.$/$S/;
+ $version = openssl_version_str($hexversion);
+ $version .= "-dev" if $dev;
+ return $version;
+ }
+
+ # If last version pre release and not doing pre releases any more then switch
+ # to full release.
+ return openssl_version_str("0x$M$NN$FF${PP}f") if ( $version =~ /pre/ );
+
+ # Otherwise need to increment letter value if not a pre release.
+ $PP = sprintf "%02x", hex($PP) + 1;
+ die "Invalid letter version!!" if ( length $PP > 2 );
+ return openssl_version_str("0x$M$NN$FF${PP}0");
+}
+
+# Return hex branch version belongs to.
+# So "1.0.1a-pre2-dev" returns hex of "1.0.1" for example.
+
+sub openssl_version_branch_hex {
+ my ($version) = @_;
+ my $hexversion = openssl_version_hex($version);
+ my ( $chk, $M, $NN, $FF, $PP, $S ) = unpack "A2AA2A2A2A", $hexversion;
+ die "Invalid syntax $version" if $S eq "";
+ return "0x$M$NN${FF}00F";
+}
+
+return 1;
From scan-admin at coverity.com Sun Feb 4 07:19:07 2018
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 04 Feb 2018 07:19:07 +0000 (UTC)
Subject: [openssl-commits] Coverity Scan: Analysis completed for
openssl/openssl
Message-ID: <5a76b3eac0e58_24b4eed4f1898287@node1.mail>
Your request for analysis of openssl/openssl has been completed successfully.
The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEcf-2B75FkFkxwwFKGZV8c1xA-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I3xqTV-2FmJ0QLslqpaRYLBAT1W7vvWtl5tODhabX6C7NaR7tTQAIK-2BbNsWEjbIF2CQjiOl1VwDRVsdE16NH-2BlF2myNiFWe8TbHA2yAwz5H-2BcEmGc451voUb0GPWFUTj0V0s09j1z-2FigzJcQ7V36kIKk9JaxOa2EYAPAUslw9PTt3SRBnj7ByBqqBROoLnLaY-2BzY-3D
Build ID: 198977
Analysis Summary:
New defects found: 0
Defects eliminated: 0
From scan-admin at coverity.com Sun Feb 4 07:46:00 2018
From: scan-admin at coverity.com (scan-admin at coverity.com)
Date: Sun, 04 Feb 2018 07:46:00 +0000 (UTC)
Subject: [openssl-commits] Coverity Scan: Analysis completed for
OpenSSL-1.0.2
Message-ID: <5a76ba37cd704_25a07ed4f18982a5@node1.mail>
Your request for analysis of OpenSSL-1.0.2 has been completed successfully.
The results are available at https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRakUl6QyjujEohY7rPpoYUEeuRTZVWU4ku8PUBnVPw8PQ-3D-3D_19DGMz38yO7VfzGQuXkecdlEmzBoDG4v8Dvyanv-2F1I2yRVzD6q7CfeDpKdxq0kyGp9zeN-2Bp1P2tla476FyCX5K1iS-2FUSx-2BYg67N0bBTFP7OlIW1NVyxZAR1jtEe9U1vN6BvcArqKgcTPvwGCSy4ZR57hpjB5FlYMrtDvAfxMwWEkJzxfXO-2FxSraJvmngb-2BKOsO9zWFVpgkJ8lG-2BpLgBc6KHXekWu82SWxGvQvKNGdCM-3D
Build ID: 198982
Analysis Summary:
New defects found: 0
Defects eliminated: 0
From no-reply at appveyor.com Sun Feb 4 10:28:52 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 04 Feb 2018 10:28:52 +0000
Subject: [openssl-commits] Build failed: openssl master.15362
Message-ID: <20180204102852.1.69C36AAA1620DDFF@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Feb 4 14:59:15 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 04 Feb 2018 14:59:15 +0000
Subject: [openssl-commits] Build completed: openssl master.15363
Message-ID: <20180204145915.1.A5506B04FD5E11D2@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Feb 4 19:17:45 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 04 Feb 2018 19:17:45 +0000
Subject: [openssl-commits] Build failed: openssl master.15370
Message-ID: <20180204191745.1.7D909CB181DF89E1@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Sun Feb 4 19:50:57 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Sun, 04 Feb 2018 19:50:57 +0000
Subject: [openssl-commits] Build completed: openssl master.15371
Message-ID: <20180204195057.1.1B6D6122C221DD61@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Mon Feb 5 06:16:13 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 06:16:13 +0000
Subject: [openssl-commits] Build failed: openssl master.15375
Message-ID: <20180205061613.1.F0CD97C635B9C615@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Mon Feb 5 09:33:34 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 09:33:34 +0000
Subject: [openssl-commits] Build failed: openssl master.15376
Message-ID: <20180205093334.1.D1EC5552B2439AF3@appveyor.com>
An HTML attachment was scrubbed...
URL:
From matt at openssl.org Mon Feb 5 10:10:56 2018
From: matt at openssl.org (Matt Caswell)
Date: Mon, 05 Feb 2018 10:10:56 +0000
Subject: [openssl-commits] [tools] master update
Message-ID: <1517825456.039972.31067.nullmailer@dev.openssl.org>
The branch master has been updated
via 7823d374c6841eac48a7baf1f2955eb962b5305d (commit)
from 27296557068a17464f17533d89d4fa6f3555b909 (commit)
- Log -----------------------------------------------------------------
commit 7823d374c6841eac48a7baf1f2955eb962b5305d
Author: Matt Caswell
Date: Fri Dec 8 10:13:21 2017 +0000
Add an option to not add yourself as a reviewer
Every now and then I need to merge a commit that I did not author or
review (someone else has done those things). This adds an option to addrev
to enable you to add the "Reviewed by" headers without also adding
yourself.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/6)
-----------------------------------------------------------------------
Summary of changes:
review-tools/addrev | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/review-tools/addrev b/review-tools/addrev
index 6b3d64a..fdf2aa5 100755
--- a/review-tools/addrev
+++ b/review-tools/addrev
@@ -9,6 +9,7 @@ my $list_reviewers = 0;
my $help = 0;
my $haveprnum = 0;
my $trivial = 0;
+my $useself = 1;
my $my_email;
@@ -23,6 +24,8 @@ foreach (@ARGV) {
$args .= "--trivial ";
} elsif (/^--verbose$/) {
$args .= "--verbose ";
+ } elsif (/^--noself$/) {
+ $useself = 0;
} elsif (/^--myemail=(.+)$/) {
$my_email = $1;
} elsif (/^--nopr$/) {
@@ -56,11 +59,13 @@ if ($help) {
die "Need either --prnum or --nopr flag" unless $haveprnum;
-if (!defined $my_email) {
- $my_email = `git config --get user.email`;
-}
+if ($useself) {
+ if (!defined $my_email) {
+ $my_email = `git config --get user.email`;
+ }
-$args .= "--myemail=$my_email ";
+ $args .= "--myemail=$my_email ";
+}
system("git filter-branch -f --tag-name-filter cat --msg-filter \"gitaddrev $args\" $filterargs");
From matt at openssl.org Mon Feb 5 10:57:32 2018
From: matt at openssl.org (Matt Caswell)
Date: Mon, 05 Feb 2018 10:57:32 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517828252.679241.3214.nullmailer@dev.openssl.org>
The branch master has been updated
via 1c4b15458670aea5d3849d4b57b8c0ce34a54fbe (commit)
from 1f5878b8e25a785dde330bf485e6ed5a6ae09a1a (commit)
- Log -----------------------------------------------------------------
commit 1c4b15458670aea5d3849d4b57b8c0ce34a54fbe
Author: Matt Caswell
Date: Fri Feb 2 10:17:06 2018 +0000
Add MiddleboxCompat option to SSL_CONF_cmd man page
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5244)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/SSL_CONF_cmd.pod | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/doc/man3/SSL_CONF_cmd.pod b/doc/man3/SSL_CONF_cmd.pod
index 27317e0..5179e29 100644
--- a/doc/man3/SSL_CONF_cmd.pod
+++ b/doc/man3/SSL_CONF_cmd.pod
@@ -420,6 +420,12 @@ B: In TLSv1.3 allow a non-(ec)dhe based key exchange mode on
resumption. This means that there will be no forward secrecy for the resumed
session. Equivalent to B.
+B: If set then dummy Change Cipher Spec (CCS) messages are sent
+in TLSv1.3. This has the effect of making TLSv1.3 look more like TLSv1.2 so that
+middleboxes that do not understand TLSv1.3 will not drop the connection. This
+option is set by default. A future version of OpenSSL may not set this by
+default. Equivalent to B.
+
=item B
The B argument is a comma separated list of flags to set.
From no-reply at appveyor.com Mon Feb 5 11:54:26 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 11:54:26 +0000
Subject: [openssl-commits] Build completed: openssl master.15377
Message-ID: <20180205115426.1.4A82B649A0AE5A09@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Mon Feb 5 13:14:28 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 13:14:28 +0000
Subject: [openssl-commits] Build failed: openssl master.15379
Message-ID: <20180205131428.1.908951674F5CDE5B@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Mon Feb 5 14:21:19 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 14:21:19 +0000
Subject: [openssl-commits] Build completed: openssl master.15380
Message-ID: <20180205142119.1.895793A33B863565@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Mon Feb 5 14:45:24 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 14:45:24 +0000
Subject: [openssl-commits] Build failed: openssl master.15381
Message-ID: <20180205144524.1.7BB37C6D9FED2049@appveyor.com>
An HTML attachment was scrubbed...
URL:
From mark at openssl.org Mon Feb 5 15:01:34 2018
From: mark at openssl.org (Mark J. Cox)
Date: Mon, 05 Feb 2018 15:01:34 +0000
Subject: [openssl-commits] [web] master update
Message-ID: <1517842894.308333.3284.nullmailer@dev.openssl.org>
The branch master has been updated
via 8ba74cf7cecf400ff776874e4165e5c66653095a (commit)
via 11b53fcc49c27a3adaa5282fb2567d084fae8f09 (commit)
from f7d3fb4dbadf9235d05d806b974b21b5a8f96487 (commit)
- Log -----------------------------------------------------------------
commit 8ba74cf7cecf400ff776874e4165e5c66653095a
Author: Mark J. Cox
Date: Mon Feb 5 15:00:47 2018 +0000
Based on discussions with Mitre, over this field that isn't yet defined, but is unlikely
to be machine parsable (looking at all the published ones to date). They'd like "Fixed in"
and "Affects", so let's give that both in a nice text format for the description and the
vulnerability affects sections.
commit 11b53fcc49c27a3adaa5282fb2567d084fae8f09
Author: Mark J. Cox
Date: Mon Feb 5 14:57:10 2018 +0000
CVE-2004-0081 was missing the 'fixed in 0.9.6d' line, causing it to not get included on the list of 0.9.6 issues
and fail json validation.
-----------------------------------------------------------------------
Summary of changes:
bin/vulnxml2json.py | 23 ++++++++++++-----------
news/vulnerabilities.xml | 2 ++
2 files changed, 14 insertions(+), 11 deletions(-)
diff --git a/bin/vulnxml2json.py b/bin/vulnxml2json.py
index 41afbf8..b905da1 100755
--- a/bin/vulnxml2json.py
+++ b/bin/vulnxml2json.py
@@ -23,14 +23,16 @@ neverreleased = "1.0.0h,";
# Location of CVE JSON schema (default, can use local file etc)
default_cve_schema = "https://raw.githubusercontent.com/CVEProject/automation-working-group/master/cve_json_schema/CVE_JSON_4.0_min_public.schema"
-def merge_affects(issue):
+def merge_affects(issue,base):
# let's merge the affects into a nice list which is better for Mitre text but we have to take into account our stange lettering scheme
prev = ""
anext = ""
alist = list()
vlist = list()
for affects in issue.getElementsByTagName('affects'): # so we can sort them
- vlist.append(affects.getAttribute("version"))
+ version = affects.getAttribute("version")
+ if (not base or base in version):
+ vlist.append(version)
for ver in sorted(vlist):
# print "version %s (last was %s, next was %s)" %(ver,prev,anext)
if (ver != anext):
@@ -110,18 +112,17 @@ for issue in issues:
if refs:
cve['references'] = { "reference_data": refs }
- allaffects = list()
- for affects in issue.getElementsByTagName('affects'):
- allaffects.append({ "version_value":"openssl-"+affects.getAttribute("version")})
+ vv = list()
+ for affects in issue.getElementsByTagName('fixed'):
+ text = "Fixed in OpenSSL %s (Affected %s)" %(affects.getAttribute('version'),merge_affects(issue,affects.getAttribute("base")))
+ # Let's condense into a list form since the format of this field is 'free text' at the moment, not machine readable (as per mail with George Theall)
+ vv.append({"version_value":text})
+ # Mitre want the fixed/affected versions in the text too
+ desc += " "+text+"."
- cve['affects'] = { "vendor" : { "vendor_data" : [ { "vendor_name": "OpenSSL", "product": { "product_data" : [ { "product_name": "OpenSSL", "version": { "version_data" : allaffects}}]}}]}}
-
- # Mitre want the fixed/affected versions in the text too
-
- desc += " (Affects "+merge_affects(issue)+")."
+ cve['affects'] = { "vendor" : { "vendor_data" : [ { "vendor_name": "OpenSSL", "product": { "product_data" : [ { "product_name": "OpenSSL", "version": { "version_data" : vv}}]}}]}}
# Mitre want newlines and excess spaces stripped
-
desc = re.sub('[\n ]+',' ', desc)
cve['description'] = { "description_data": [ { "lang":"eng", "value": desc} ] }
diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index 80786e1..6e4c717 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -4638,6 +4638,8 @@ OpenSSL library in such a way as to cause a crash.
+
+
From no-reply at appveyor.com Mon Feb 5 16:30:42 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 16:30:42 +0000
Subject: [openssl-commits] Build failed: openssl OpenSSL_1_1_0-stable.15382
Message-ID: <20180205163042.1.84CB08C361BDB9C8@appveyor.com>
An HTML attachment was scrubbed...
URL:
From rsalz at openssl.org Mon Feb 5 16:38:02 2018
From: rsalz at openssl.org (Rich Salz)
Date: Mon, 05 Feb 2018 16:38:02 +0000
Subject: [openssl-commits] [web] master update
Message-ID: <1517848682.997083.17849.nullmailer@dev.openssl.org>
The branch master has been updated
via 2cef09be2a43e95dcd9f35695716a797e12cce3b (commit)
from 8ba74cf7cecf400ff776874e4165e5c66653095a (commit)
- Log -----------------------------------------------------------------
commit 2cef09be2a43e95dcd9f35695716a797e12cce3b
Author: Rich Salz
Date: Mon Feb 5 11:37:59 2018 -0500
Typo in directory name
-----------------------------------------------------------------------
Summary of changes:
{.well_known => .well-known}/security.txt | 0
{.well_known => .well-known}/security.txt.asc | 0
2 files changed, 0 insertions(+), 0 deletions(-)
rename {.well_known => .well-known}/security.txt (100%)
rename {.well_known => .well-known}/security.txt.asc (100%)
diff --git a/.well_known/security.txt b/.well-known/security.txt
similarity index 100%
rename from .well_known/security.txt
rename to .well-known/security.txt
diff --git a/.well_known/security.txt.asc b/.well-known/security.txt.asc
similarity index 100%
rename from .well_known/security.txt.asc
rename to .well-known/security.txt.asc
From no-reply at appveyor.com Mon Feb 5 16:54:32 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Mon, 05 Feb 2018 16:54:32 +0000
Subject: [openssl-commits] Build completed: openssl master.15383
Message-ID: <20180205165432.1.76F0D3D02130A647@appveyor.com>
An HTML attachment was scrubbed...
URL:
From matthias.st.pierre at ncp-e.com Mon Feb 5 19:06:27 2018
From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com)
Date: Mon, 05 Feb 2018 19:06:27 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517857587.830646.5928.nullmailer@dev.openssl.org>
The branch master has been updated
via f61f62ea13470a00ae8be691d62abec97f94f0ee (commit)
via 1648338ba1a63c19c7bae32170cd1d825b48eaee (commit)
via 58351fbd02e9960af199df99f6f003419c1487a4 (commit)
from 1c4b15458670aea5d3849d4b57b8c0ce34a54fbe (commit)
- Log -----------------------------------------------------------------
commit f61f62ea13470a00ae8be691d62abec97f94f0ee
Author: Dr. Matthias St. Pierre
Date: Sat Feb 3 22:33:19 2018 +0100
Use RAND_DRBG_bytes() for RAND_bytes() and RAND_priv_bytes()
The functions RAND_bytes() and RAND_priv_bytes() are now both based
on a common implementation using RAND_DRBG_bytes() (if the default
OpenSSL rand method is active). This not only simplifies the code
but also has the advantage that additional input from a high precision
timer is added on every generate call if the timer is available.
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5251)
commit 1648338ba1a63c19c7bae32170cd1d825b48eaee
Author: Dr. Matthias St. Pierre
Date: Sat Feb 3 22:32:47 2018 +0100
Fix size limitation of RAND_DRBG_bytes()
When comparing the implementations of drbg_bytes() and RAND_DRBG_bytes(),
it was noticed that the former split the buffer into chunks when calling
RAND_DRBG_generate() to circumvent the size limitation of the buffer
to outlen <= drb->max_request. This loop was missing in RAND_DRBG_bytes(),
so it was adopted from drbg_bytes().
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5251)
commit 58351fbd02e9960af199df99f6f003419c1487a4
Author: Dr. Matthias St. Pierre
Date: Sat Feb 3 21:13:19 2018 +0100
drbg_bytes: remove check for DRBG_UNINITIALIZED state
This check not only prevented the automatic reinstantiation of the
DRBG, which is implemented in RAND_DRBG_generate(), but also prevented
an error message from being generated in the case of failure.
Reviewed-by: Kurt Roeckx
(Merged from https://github.com/openssl/openssl/pull/5251)
-----------------------------------------------------------------------
Summary of changes:
crypto/rand/drbg_lib.c | 33 ++++++++++++++++-----------------
crypto/rand/rand_lib.c | 4 ++--
2 files changed, 18 insertions(+), 19 deletions(-)
diff --git a/crypto/rand/drbg_lib.c b/crypto/rand/drbg_lib.c
index cb2f9e8..4404e4f 100644
--- a/crypto/rand/drbg_lib.c
+++ b/crypto/rand/drbg_lib.c
@@ -546,10 +546,22 @@ int RAND_DRBG_bytes(RAND_DRBG *drbg, unsigned char *out, size_t outlen)
{
unsigned char *additional = NULL;
size_t additional_len;
+ size_t chunk;
size_t ret;
additional_len = rand_drbg_get_additional_data(&additional, drbg->max_adinlen);
- ret = RAND_DRBG_generate(drbg, out, outlen, 0, additional, additional_len);
+
+ for ( ; outlen > 0; outlen -= chunk, out += chunk) {
+ chunk = outlen;
+ if (chunk > drbg->max_request)
+ chunk = drbg->max_request;
+ ret = RAND_DRBG_generate(drbg, out, chunk, 0, additional, additional_len);
+ if (!ret)
+ goto err;
+ }
+ ret = 1;
+
+err:
if (additional_len != 0)
OPENSSL_secure_clear_free(additional, additional_len);
@@ -764,29 +776,16 @@ void rand_drbg_cleanup_int(void)
/* Implements the default OpenSSL RAND_bytes() method */
static int drbg_bytes(unsigned char *out, int count)
{
- int ret = 0;
- size_t chunk;
+ int ret;
RAND_DRBG *drbg = RAND_DRBG_get0_public();
if (drbg == NULL)
return 0;
CRYPTO_THREAD_write_lock(drbg->lock);
- if (drbg->state == DRBG_UNINITIALISED)
- goto err;
-
- for ( ; count > 0; count -= chunk, out += chunk) {
- chunk = count;
- if (chunk > drbg->max_request)
- chunk = drbg->max_request;
- ret = RAND_DRBG_generate(drbg, out, chunk, 0, NULL, 0);
- if (!ret)
- goto err;
- }
- ret = 1;
-
-err:
+ ret = RAND_DRBG_bytes(drbg, out, count);
CRYPTO_THREAD_unlock(drbg->lock);
+
return ret;
}
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 20ac583..e82a63e 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -719,7 +719,7 @@ int RAND_priv_bytes(unsigned char *buf, int num)
/* We have to lock the DRBG before generating bits from it. */
CRYPTO_THREAD_write_lock(drbg->lock);
- ret = RAND_DRBG_generate(drbg, buf, num, 0, NULL, 0);
+ ret = RAND_DRBG_bytes(drbg, buf, num);
CRYPTO_THREAD_unlock(drbg->lock);
return ret;
}
From no-reply at appveyor.com Tue Feb 6 01:53:48 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 06 Feb 2018 01:53:48 +0000
Subject: [openssl-commits] Build failed: openssl master.15389
Message-ID: <20180206015348.1.DE293A829AED39C5@appveyor.com>
An HTML attachment was scrubbed...
URL:
From mark at openssl.org Tue Feb 6 09:01:34 2018
From: mark at openssl.org (Mark J. Cox)
Date: Tue, 06 Feb 2018 09:01:34 +0000
Subject: [openssl-commits] [web] master update
Message-ID: <1517907694.623038.24207.nullmailer@dev.openssl.org>
The branch master has been updated
via 93624a912c2c58b247062aed08492ef988df292e (commit)
via e18f270d1a141d407f43cc6eea82d860210180e7 (commit)
from 2cef09be2a43e95dcd9f35695716a797e12cce3b (commit)
- Log -----------------------------------------------------------------
commit 93624a912c2c58b247062aed08492ef988df292e
Merge: e18f270 2cef09b
Author: Mark J. Cox
Date: Tue Feb 6 09:01:10 2018 +0000
Merge branch 'master' of git.openssl.org:openssl-web
commit e18f270d1a141d407f43cc6eea82d860210180e7
Author: Mark J. Cox
Date: Tue Feb 6 09:00:32 2018 +0000
When an issue affects more than one release list the releases latest first
-----------------------------------------------------------------------
Summary of changes:
bin/mk-cvepage | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bin/mk-cvepage b/bin/mk-cvepage
index 4a6f942..8dbb864 100755
--- a/bin/mk-cvepage
+++ b/bin/mk-cvepage
@@ -115,7 +115,7 @@ for issue in sorted(issues, key=lambda x: (x.getAttribute('public'), x.getElemen
allissues += ""
also = []
- for affects in issue.getElementsByTagName('fixed'):
+ for affects in sorted(issue.getElementsByTagName('fixed'), key=lambda x: (x.getAttribute("base")), reverse=True):
if options.base:
if (affects.getAttribute("base") not in options.base):
also.append("OpenSSL %s " %( affects.getAttribute('base'), cve, affects.getAttribute('version')))
From mark at openssl.org Tue Feb 6 09:40:06 2018
From: mark at openssl.org (Mark J. Cox)
Date: Tue, 06 Feb 2018 09:40:06 +0000
Subject: [openssl-commits] [web] master update
Message-ID: <1517910006.399866.28477.nullmailer@dev.openssl.org>
The branch master has been updated
via 2e6c180201d8859df3dd8c303894963030b3121a (commit)
from 93624a912c2c58b247062aed08492ef988df292e (commit)
- Log -----------------------------------------------------------------
commit 2e6c180201d8859df3dd8c303894963030b3121a
Author: Mark J. Cox
Date: Tue Feb 6 09:39:00 2018 +0000
Update the git commit links to use the right trees and add some missing
commit links (20160819 to date is complete)
-----------------------------------------------------------------------
Summary of changes:
news/vulnerabilities.xml | 61 +++++++++++++++++++++++++++++++++++-------------
1 file changed, 45 insertions(+), 16 deletions(-)
diff --git a/news/vulnerabilities.xml b/news/vulnerabilities.xml
index 6e4c717..c81332c 100644
--- a/news/vulnerabilities.xml
+++ b/news/vulnerabilities.xml
@@ -73,7 +73,9 @@
-
+
+
+
@@ -128,7 +130,9 @@
-
+
+
+
@@ -176,7 +180,9 @@
-
+
+
+
@@ -234,7 +240,7 @@
-
+
out-of-bounds read
Truncated packet could crash via OOB read
@@ -294,7 +300,9 @@
-
+
+
+
carry-propagating bug
BN_mod_exp may produce incorrect results on x86_64
@@ -377,7 +385,9 @@
-
+
+
+
carry propagating bug
Montgomery multiplication may produce incorrect results
@@ -427,7 +437,7 @@
-
+
NULL pointer exception
@@ -474,8 +484,12 @@
-
-
+
+
+
+
+
+
@@ -545,7 +559,9 @@
-
+
+
+
@@ -596,8 +612,12 @@
-
-
+
+
+
+
+
+
If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
@@ -838,7 +858,9 @@
-
+
+
+
@@ -891,8 +913,13 @@
-
-
+
+
+
+
+
+
+
A flaw in the DTLS replay attack protection mechanism means that records that
@@ -939,7 +966,9 @@
-
+
+
+
From matt at openssl.org Tue Feb 6 10:31:51 2018
From: matt at openssl.org (Matt Caswell)
Date: Tue, 06 Feb 2018 10:31:51 +0000
Subject: [openssl-commits] [web] master update
Message-ID: <1517913111.081928.3741.nullmailer@dev.openssl.org>
The branch master has been updated
via 367e9e231647cde13f9c37d65b2e28bbf85d3a84 (commit)
from 2e6c180201d8859df3dd8c303894963030b3121a (commit)
- Log -----------------------------------------------------------------
commit 367e9e231647cde13f9c37d65b2e28bbf85d3a84
Author: Matt Caswell
Date: Thu Jan 25 18:59:48 2018 +0000
Update release strategy for 1.1.1
Reviewed-by: Richard Levitte
Reviewed-by: Rich Salz
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/41)
-----------------------------------------------------------------------
Summary of changes:
policies/releasestrat.html | 61 ++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 59 insertions(+), 2 deletions(-)
diff --git a/policies/releasestrat.html b/policies/releasestrat.html
index 13cd0e9..36eb4b2 100644
--- a/policies/releasestrat.html
+++ b/policies/releasestrat.html
@@ -13,7 +13,7 @@
Release Strategy
First issued 23rd December 2014
- Last modified 6th September 2016
+ Last modified 6th February 2018
@@ -52,7 +52,7 @@
project has adopted the following policy:
- Version 1.1.0 will be supported until 2018-08-31.
+ Version 1.1.0 will be supported until one year after the release of 1.1.1
Version 1.0.2 will be supported until 2019-12-31 (LTS).
Version 1.0.1 is no longer supported.
Version 1.0.0 is no longer supported.
@@ -69,6 +69,63 @@
fixes. Before that, bug and security fixes will be applied
as appropriate.
+ The next version of OpenSSL will be 1.1.1. This is currently in
+ development and has a primary focus of implementing TLSv1.3. The
+ RFC for TLSv1.3 has not yet been published by the IETF. OpenSSL 1.1.1
+ will not have its final release until that has happened.
+
+ The draft release timetable for 1.1.1 is as follows. This may be
+ amended at any time as the need arises.
+
+
+ 13th February 2018, alpha release 1 (pre1)
+ 27th February 2018, alpha release 2 (pre2)
+ 13th March 2018, beta release 1 (pre3)
+
+ OpenSSL_1_1_1-stable created (feature freeze)
+ master becomes basis for 1.1.2 or 1.2.0 (TBD)
+
+ 27th March 2018, beta release 2 (pre4)
+ 10th April 2018, beta release 3 (pre5)
+ 24th April 2018, beta release 4 (pre6)
+ 1st May 2018, release readiness check (new release cycles added if
+ required, first possible final release date: 8th May 2018)
+
+
+ An alpha release means:
+
+ Not (necessarily) feature complete
+ Not necessarily all new APIs in place yet
+
+
+ A beta release means:
+
+ Feature complete/Feature freeze (but may include a non-final implementation of the TLSv1.3 specification)
+ Bug fixes only
+
+
+ We have defined the following release criteria for 1.1.1:
+
+ All open github issues/PRs older than 2 weeks at the time of release
+ to be assessed for relevance to 1.1.1. Any flagged with the 1.1.1
+ milestone to be closed (see below)
+ Clean builds in Travis and Appveyor for two days
+ run-checker.sh to be showing as clean 2 days before release
+ No open Coverity issues (not flagged as "False Positive" or "Ignore")
+ TLSv1.3 RFC published
+
+
+ Valid reasons for closing an issue/PR with a 1.1.1 milestone might be:
+
+ We have just now or sometime in the past fixed the issue
+ Unable to reproduce (following discussion with original reporter if
+ possible)
+ Working as intended
+ Deliberate decision not to fix until a later release (this wouldn't
+ actually close the issue/PR but change the milestone instead)
+ Not enough information and unable to contact reporter
+ etc
+
You are here: Home
From levitte at openssl.org Tue Feb 6 12:31:43 2018
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 06 Feb 2018 12:31:43 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517920303.923859.17700.nullmailer@dev.openssl.org>
The branch master has been updated
via 54f3b7d2f5a313e5c702f75ee030f8a08e6bf6aa (commit)
from f61f62ea13470a00ae8be691d62abec97f94f0ee (commit)
- Log -----------------------------------------------------------------
commit 54f3b7d2f5a313e5c702f75ee030f8a08e6bf6aa
Author: Richard Levitte
Date: Wed Jan 24 14:17:39 2018 +0100
util/mkdef.pl: Trust configdata.pm
This script kept its own database of disablable algorithms, which is a
maintenance problem, as it's not always perfectly in sync with what
Configure does. However, we do have all the data in configdata.pm,
produced by Configure, so let's use that instead.
Also, make sure to parse the *err.h header files, as they contain
function declarations that might not be present elsewhere.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5157)
-----------------------------------------------------------------------
Summary of changes:
util/mkdef.pl | 84 +++++++++--------------------------------------------------
1 file changed, 13 insertions(+), 71 deletions(-)
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 98cdae5..72d1c8f 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -133,73 +133,23 @@ my @known_platforms = ( "__FreeBSD__", "PERL5",
"EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32"
);
my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" );
-my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
- "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
- "SHA256", "SHA512", "RMD160",
- "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M",
- "HMAC", "AES", "CAMELLIA", "SEED", "GOST", "ARIA", "SM4",
- "SCRYPT", "CHACHA", "POLY1305", "BLAKE2",
- "SIPHASH", "SM3",
- # EC_NISTP_64_GCC_128
- "EC_NISTP_64_GCC_128",
- # Envelope "algorithms"
- "EVP", "X509", "ASN1_TYPEDEFS",
- # Helper "algorithms"
- "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
- "LOCKING",
- # External "algorithms"
- "FP_API", "STDIO", "SOCK", "DGRAM",
- "CRYPTO_MDEBUG",
- # Engines
- "STATIC_ENGINE", "ENGINE", "HW", "GMP",
- # Entropy Gathering
- "EGD",
- # Certificate Transparency
- "CT",
- # RFC3779
- "RFC3779",
- # TLS
- "PSK", "SRP", "HEARTBEATS",
- # CMS
- "CMS",
- "OCSP",
- # CryptoAPI Engine
- "CAPIENG",
- # SSL methods
- "SSL3_METHOD", "TLS1_METHOD", "TLS1_1_METHOD", "TLS1_2_METHOD", "DTLS1_METHOD", "DTLS1_2_METHOD",
- # NEXTPROTONEG
- "NEXTPROTONEG",
- # Deprecated functions
+my @known_algorithms = ( # These are algorithms we know are guarded in relevant
+ # header files, but aren't actually disablable.
+ # Without these, this script will warn a lot.
+ "RSA", "MD5",
+ # @disablables comes from configdata.pm
+ map { (my $x = uc $_) =~ s|-|_|g; $x; } @disablables,
+ # Deprecated functions. Not really algorithmss, but
+ # treated as such here for the sake of simplicity
"DEPRECATEDIN_0_9_8",
"DEPRECATEDIN_1_0_0",
"DEPRECATEDIN_1_1_0",
"DEPRECATEDIN_1_2_0",
- # SCTP
- "SCTP",
- # SRTP
- "SRTP",
- # SSL TRACE
- "SSL_TRACE",
- # Unit testing
- "UNIT_TEST",
- # User Interface
- "UI_CONSOLE",
- #
- "TS",
- # OCB mode
- "OCB",
- "CMAC",
- # APPLINK (win build feature?)
- "APPLINK"
);
-my %disabled_algorithms;
-
-foreach (@known_algorithms) {
- $disabled_algorithms{$_} = 0;
-}
-# disabled by default
-$disabled_algorithms{"STATIC_ENGINE"} = 1;
+# %disabled comes from configdata.pm
+my %disabled_algorithms =
+ map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled;
my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api});
foreach (keys %disabled_algorithms) {
@@ -240,14 +190,6 @@ foreach (@ARGV, split(/ /, $config{options}))
$do_ctest=1 if $_ eq "ctest";
$do_ctestall=1 if $_ eq "ctestall";
$do_checkexist=1 if $_ eq "exist";
- if (/^(enable|disable|no)-(.*)$/) {
- my $alg = uc $2;
- $alg =~ tr/-/_/;
- if (exists $disabled_algorithms{$alg}) {
- $disabled_algorithms{$alg} = $1 eq "enable" ? 0 : 1;
- }
- }
-
}
$libname = $unified_info{sharednames}->{libcrypto} if $do_crypto;
$libname = $unified_info{sharednames}->{libssl} if $do_ssl;
@@ -302,7 +244,7 @@ $crypto.=" include/internal/err.h";
$crypto.=" include/internal/rand.h";
foreach my $f ( glob(catfile($config{sourcedir},'include/openssl/*.h')) ) {
my $fn = "include/openssl/" . lc(basename($f));
- $crypto .= " $fn" if !defined $skipthese{$fn} && $f !~ m@/[a-z]+err\.h$@;
+ $crypto .= " $fn" if !defined $skipthese{$fn};
}
my $symhacks="include/openssl/symhacks.h";
@@ -1138,7 +1080,7 @@ sub is_valid
return 0;
} else {
# algorithms
- if ($disabled_algorithms{$keyword} == 1) { return 0;}
+ if ($disabled_algorithms{$keyword}) { return 0;}
# Nothing recognise as true
return 1;
From no-reply at appveyor.com Tue Feb 6 13:25:24 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 06 Feb 2018 13:25:24 +0000
Subject: [openssl-commits] Build completed: openssl master.15390
Message-ID: <20180206132524.1.EF60DF722E5B0F61@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Tue Feb 6 16:39:57 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 06 Feb 2018 16:39:57 +0000
Subject: [openssl-commits] Build failed: openssl master.15394
Message-ID: <20180206163957.1.C5AA20AEC50D7708@appveyor.com>
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Tue Feb 6 18:35:31 2018
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 06 Feb 2018 18:35:31 +0000
Subject: [openssl-commits] [web] master update
Message-ID: <1517942131.153200.28307.nullmailer@dev.openssl.org>
The branch master has been updated
via 39fcb89f6c9c55b9c5862451ea111c1888e88c14 (commit)
from 367e9e231647cde13f9c37d65b2e28bbf85d3a84 (commit)
- Log -----------------------------------------------------------------
commit 39fcb89f6c9c55b9c5862451ea111c1888e88c14
Author: Richard Levitte
Date: Tue Feb 6 19:34:48 2018 +0100
Correct signature file name
-----------------------------------------------------------------------
Summary of changes:
.well-known/security.txt | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.well-known/security.txt b/.well-known/security.txt
index 714a431..d56daa5 100644
--- a/.well-known/security.txt
+++ b/.well-known/security.txt
@@ -2,4 +2,4 @@ Contact: openssl-security at openssl.org
Encryption: https://www.openssl.org/news/openssl-security.asc
Acknowledgement: https://www.openssl.org/news/vulnerabilities.html
Policy: https://www.openssl.org/policies/secpolicy.html
-signature: https://www.openssl.org/.well-known/security.txt.sig
+Signature: https://www.openssl.org/.well-known/security.txt.asc
From no-reply at appveyor.com Tue Feb 6 18:39:07 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 06 Feb 2018 18:39:07 +0000
Subject: [openssl-commits] Build failed: openssl master.15396
Message-ID: <20180206183907.1.3D09D366C1665CFE@appveyor.com>
An HTML attachment was scrubbed...
URL:
From appro at openssl.org Tue Feb 6 18:41:45 2018
From: appro at openssl.org (Andy Polyakov)
Date: Tue, 06 Feb 2018 18:41:45 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517942505.721670.29396.nullmailer@dev.openssl.org>
The branch master has been updated
via 5d2a6f4b71769e45d9c65ae071dc8221590cf14e (commit)
via 39f5b069ac4b0ccd953f2237b7a6c2018230726d (commit)
from 54f3b7d2f5a313e5c702f75ee030f8a08e6bf6aa (commit)
- Log -----------------------------------------------------------------
commit 5d2a6f4b71769e45d9c65ae071dc8221590cf14e
Author: Patrick Steuer
Date: Sat Feb 3 17:46:34 2018 +0100
crypto/evp/e_aes.c: add comments to s390x aes gcm implementation
Signed-off-by: Patrick Steuer
Reviewed-by: Andy Polyakov
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5230)
commit 39f5b069ac4b0ccd953f2237b7a6c2018230726d
Author: Patrick Steuer
Date: Thu Jan 18 10:14:30 2018 +0100
s390x assembly pack: add KMAC code path for aes-ccm
Signed-off-by: Patrick Steuer
Reviewed-by: Andy Polyakov
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5230)
-----------------------------------------------------------------------
Summary of changes:
crypto/evp/e_aes.c | 570 +++++++++++++++++++++++++++++++++++++++++++++++++--
crypto/s390x_arch.h | 2 +
crypto/s390xcpuid.pl | 21 ++
3 files changed, 581 insertions(+), 12 deletions(-)
diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c
index 0c717a8..e56be16 100644
--- a/crypto/evp/e_aes.c
+++ b/crypto/evp/e_aes.c
@@ -960,8 +960,8 @@ typedef struct {
union {
double align;
/*-
- * KMA-GCM-AES parameter block
- * (see z/Architecture Principles of Operation SA22-7832-11)
+ * KMA-GCM-AES parameter block - begin
+ * (see z/Architecture Principles of Operation >= SA22-7832-11)
*/
struct {
unsigned char reserved[12];
@@ -982,6 +982,7 @@ typedef struct {
} j0;
unsigned char k[32];
} param;
+ /* KMA-GCM-AES parameter block - end */
} kma;
unsigned int fc;
int key_set;
@@ -1003,6 +1004,58 @@ typedef struct {
int tls_aad_len;
} S390X_AES_GCM_CTX;
+typedef struct {
+ union {
+ double align;
+ /*-
+ * Padding is chosen so that ccm.kmac_param.k overlaps with key.k and
+ * ccm.fc with key.k.rounds. Remember that on s390x, an AES_KEY's
+ * rounds field is used to store the function code and that the key
+ * schedule is not stored (if aes hardware support is detected).
+ */
+ struct {
+ unsigned char pad[16];
+ AES_KEY k;
+ } key;
+
+ struct {
+ /*-
+ * KMAC-AES parameter block - begin
+ * (see z/Architecture Principles of Operation >= SA22-7832-08)
+ */
+ struct {
+ union {
+ unsigned long long g[2];
+ unsigned char b[16];
+ } icv;
+ unsigned char k[32];
+ } kmac_param;
+ /* KMAC-AES paramater block - end */
+
+ union {
+ unsigned long long g[2];
+ unsigned char b[16];
+ } nonce;
+ union {
+ unsigned long long g[2];
+ unsigned char b[16];
+ } buf;
+
+ unsigned long long blocks;
+ int l;
+ int m;
+ int tls_aad_len;
+ int iv_set;
+ int tag_set;
+ int len_set;
+ int key_set;
+
+ unsigned char pad[140];
+ unsigned int fc;
+ } ccm;
+ } aes;
+} S390X_AES_CCM_CTX;
+
# define S390X_aes_128_CAPABLE ((OPENSSL_s390xcap_P.km[0] & \
S390X_CAPBIT(S390X_AES_128)) &&\
(OPENSSL_s390xcap_P.kmc[0] & \
@@ -1089,6 +1142,10 @@ static int s390x_aes_ctr_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
/* iv + padding length for iv lenghts != 12 */
# define S390X_gcm_ivpadlen(i) ((((i) + 15) >> 4 << 4) + 16)
+/*-
+ * Process additional authenticated data. Returns 0 on success. Code is
+ * big-endian.
+ */
static int s390x_aes_gcm_aad(S390X_AES_GCM_CTX *ctx, const unsigned char *aad,
size_t len)
{
@@ -1139,6 +1196,10 @@ static int s390x_aes_gcm_aad(S390X_AES_GCM_CTX *ctx, const unsigned char *aad,
return 0;
}
+/*-
+ * En/de-crypt plain/cipher-text and authenticate ciphertext. Returns 0 for
+ * success. Code is big-endian.
+ */
static int s390x_aes_gcm(S390X_AES_GCM_CTX *ctx, const unsigned char *in,
unsigned char *out, size_t len)
{
@@ -1224,6 +1285,9 @@ static int s390x_aes_gcm(S390X_AES_GCM_CTX *ctx, const unsigned char *in,
return 0;
}
+/*-
+ * Initialize context structure. Code is big-endian.
+ */
static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx,
const unsigned char *iv)
{
@@ -1254,6 +1318,11 @@ static void s390x_aes_gcm_setiv(S390X_AES_GCM_CTX *ctx,
}
}
+/*-
+ * Performs various operations on the context structure depending on control
+ * type. Returns 1 for success, 0 for failure and -1 for unknown control type.
+ * Code is big-endian.
+ */
static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
{
S390X_AES_GCM_CTX *gctx = EVP_C_DATA(S390X_AES_GCM_CTX, c);
@@ -1419,6 +1488,9 @@ static int s390x_aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
}
}
+/*-
+ * Set key and/or iv. Returns 1 on success. Otherwise 0 is returned.
+ */
static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *key,
const unsigned char *iv, int enc)
@@ -1458,6 +1530,10 @@ static int s390x_aes_gcm_init_key(EVP_CIPHER_CTX *ctx,
return 1;
}
+/*-
+ * En/de-crypt and authenticate TLS packet. Returns the number of bytes written
+ * if successful. Otherwise -1 is returned. Code is big-endian.
+ */
static int s390x_aes_gcm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
@@ -1500,6 +1576,12 @@ err:
return rv;
}
+/*-
+ * Called from EVP layer to initialize context, process additional
+ * authenticated data, en/de-crypt plain/cipher-text and authenticate
+ * ciphertext or process a TLS packet, depending on context. Returns bytes
+ * written on success. Otherwise -1 is returned. Code is big-endian.
+ */
static int s390x_aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
const unsigned char *in, size_t len)
{
@@ -1581,20 +1663,484 @@ static int s390x_aes_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
static int s390x_aes_xts_ctrl(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
# define s390x_aes_xts_cleanup aes_xts_cleanup
-# define S390X_AES_CCM_CTX EVP_AES_CCM_CTX
-# define S390X_aes_128_ccm_CAPABLE 0
-# define S390X_aes_192_ccm_CAPABLE 0
-# define S390X_aes_256_ccm_CAPABLE 0
+# define S390X_aes_128_ccm_CAPABLE (S390X_aes_128_CAPABLE && \
+ (OPENSSL_s390xcap_P.kmac[0] & \
+ S390X_CAPBIT(S390X_AES_128)))
+# define S390X_aes_192_ccm_CAPABLE (S390X_aes_192_CAPABLE && \
+ (OPENSSL_s390xcap_P.kmac[0] & \
+ S390X_CAPBIT(S390X_AES_192)))
+# define S390X_aes_256_ccm_CAPABLE (S390X_aes_256_CAPABLE && \
+ (OPENSSL_s390xcap_P.kmac[0] & \
+ S390X_CAPBIT(S390X_AES_256)))
+
+# define S390X_CCM_AAD_FLAG 0x40
+
+/*-
+ * Set nonce and length fields. Code is big-endian.
+ */
+static inline void s390x_aes_ccm_setiv(S390X_AES_CCM_CTX *ctx,
+ const unsigned char *nonce,
+ size_t mlen)
+{
+ ctx->aes.ccm.nonce.b[0] &= ~S390X_CCM_AAD_FLAG;
+ ctx->aes.ccm.nonce.g[1] = mlen;
+ memcpy(ctx->aes.ccm.nonce.b + 1, nonce, 15 - ctx->aes.ccm.l);
+}
+
+/*-
+ * Process additional authenticated data. Code is big-endian.
+ */
+static void s390x_aes_ccm_aad(S390X_AES_CCM_CTX *ctx, const unsigned char *aad,
+ size_t alen)
+{
+ unsigned char *ptr;
+ int i, rem;
+
+ if (!alen)
+ return;
+
+ ctx->aes.ccm.nonce.b[0] |= S390X_CCM_AAD_FLAG;
+
+ /* Suppress 'type-punned pointer dereference' warning. */
+ ptr = ctx->aes.ccm.buf.b;
+
+ if (alen < ((1 << 16) - (1 << 8))) {
+ *(uint16_t *)ptr = alen;
+ i = 2;
+ } else if (sizeof(alen) == 8
+ && alen >= (size_t)1 << (32 % (sizeof(alen) * 8))) {
+ *(uint16_t *)ptr = 0xffff;
+ *(uint64_t *)(ptr + 2) = alen;
+ i = 10;
+ } else {
+ *(uint16_t *)ptr = 0xfffe;
+ *(uint32_t *)(ptr + 2) = alen;
+ i = 6;
+ }
+
+ while (i < 16 && alen) {
+ ctx->aes.ccm.buf.b[i] = *aad;
+ ++aad;
+ --alen;
+ ++i;
+ }
+ while (i < 16) {
+ ctx->aes.ccm.buf.b[i] = 0;
+ ++i;
+ }
+
+ ctx->aes.ccm.kmac_param.icv.g[0] = 0;
+ ctx->aes.ccm.kmac_param.icv.g[1] = 0;
+ s390x_kmac(ctx->aes.ccm.nonce.b, 32, ctx->aes.ccm.fc,
+ &ctx->aes.ccm.kmac_param);
+ ctx->aes.ccm.blocks += 2;
+
+ rem = alen & 0xf;
+ alen &= ~0xf;
+ if (alen) {
+ s390x_kmac(aad, alen, ctx->aes.ccm.fc, &ctx->aes.ccm.kmac_param);
+ ctx->aes.ccm.blocks += alen >> 4;
+ aad += alen;
+ }
+ if (rem) {
+ for (i = 0; i < rem; i++)
+ ctx->aes.ccm.kmac_param.icv.b[i] ^= aad[i];
+
+ s390x_km(ctx->aes.ccm.kmac_param.icv.b, 16,
+ ctx->aes.ccm.kmac_param.icv.b, ctx->aes.ccm.fc,
+ ctx->aes.ccm.kmac_param.k);
+ ctx->aes.ccm.blocks++;
+ }
+}
+
+/*-
+ * En/de-crypt plain/cipher-text. Compute tag from plaintext. Returns 0 for
+ * success.
+ */
+static int s390x_aes_ccm(S390X_AES_CCM_CTX *ctx, const unsigned char *in,
+ unsigned char *out, size_t len, int enc)
+{
+ size_t n, rem;
+ unsigned int i, l, num;
+ unsigned char flags;
+
+ flags = ctx->aes.ccm.nonce.b[0];
+ if (!(flags & S390X_CCM_AAD_FLAG)) {
+ s390x_km(ctx->aes.ccm.nonce.b, 16, ctx->aes.ccm.kmac_param.icv.b,
+ ctx->aes.ccm.fc, ctx->aes.ccm.kmac_param.k);
+ ctx->aes.ccm.blocks++;
+ }
+ l = flags & 0x7;
+ ctx->aes.ccm.nonce.b[0] = l;
+
+ /*-
+ * Reconstruct length from encoded length field
+ * and initialize it with counter value.
+ */
+ n = 0;
+ for (i = 15 - l; i < 15; i++) {
+ n |= ctx->aes.ccm.nonce.b[i];
+ ctx->aes.ccm.nonce.b[i] = 0;
+ n <<= 8;
+ }
+ n |= ctx->aes.ccm.nonce.b[15];
+ ctx->aes.ccm.nonce.b[15] = 1;
+
+ if (n != len)
+ return -1; /* length mismatch */
+
+ if (enc) {
+ /* Two operations per block plus one for tag encryption */
+ ctx->aes.ccm.blocks += (((len + 15) >> 4) << 1) + 1;
+ if (ctx->aes.ccm.blocks > (1ULL << 61))
+ return -2; /* too much data */
+ }
+
+ num = 0;
+ rem = len & 0xf;
+ len &= ~0xf;
+
+ if (enc) {
+ /* mac-then-encrypt */
+ if (len)
+ s390x_kmac(in, len, ctx->aes.ccm.fc, &ctx->aes.ccm.kmac_param);
+ if (rem) {
+ for (i = 0; i < rem; i++)
+ ctx->aes.ccm.kmac_param.icv.b[i] ^= in[len + i];
+
+ s390x_km(ctx->aes.ccm.kmac_param.icv.b, 16,
+ ctx->aes.ccm.kmac_param.icv.b, ctx->aes.ccm.fc,
+ ctx->aes.ccm.kmac_param.k);
+ }
+
+ CRYPTO_ctr128_encrypt_ctr32(in, out, len + rem, &ctx->aes.key.k,
+ ctx->aes.ccm.nonce.b, ctx->aes.ccm.buf.b,
+ &num, (ctr128_f)AES_ctr32_encrypt);
+ } else {
+ /* decrypt-then-mac */
+ CRYPTO_ctr128_encrypt_ctr32(in, out, len + rem, &ctx->aes.key.k,
+ ctx->aes.ccm.nonce.b, ctx->aes.ccm.buf.b,
+ &num, (ctr128_f)AES_ctr32_encrypt);
+
+ if (len)
+ s390x_kmac(out, len, ctx->aes.ccm.fc, &ctx->aes.ccm.kmac_param);
+ if (rem) {
+ for (i = 0; i < rem; i++)
+ ctx->aes.ccm.kmac_param.icv.b[i] ^= out[len + i];
+
+ s390x_km(ctx->aes.ccm.kmac_param.icv.b, 16,
+ ctx->aes.ccm.kmac_param.icv.b, ctx->aes.ccm.fc,
+ ctx->aes.ccm.kmac_param.k);
+ }
+ }
+ /* encrypt tag */
+ for (i = 15 - l; i < 16; i++)
+ ctx->aes.ccm.nonce.b[i] = 0;
+
+ s390x_km(ctx->aes.ccm.nonce.b, 16, ctx->aes.ccm.buf.b, ctx->aes.ccm.fc,
+ ctx->aes.ccm.kmac_param.k);
+ ctx->aes.ccm.kmac_param.icv.g[0] ^= ctx->aes.ccm.buf.g[0];
+ ctx->aes.ccm.kmac_param.icv.g[1] ^= ctx->aes.ccm.buf.g[1];
+
+ ctx->aes.ccm.nonce.b[0] = flags; /* restore flags field */
+ return 0;
+}
+
+/*-
+ * En/de-crypt and authenticate TLS packet. Returns the number of bytes written
+ * if successful. Otherwise -1 is returned.
+ */
+static int s390x_aes_ccm_tls_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ const unsigned char *in, size_t len)
+{
+ S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
+ unsigned char *ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
+ unsigned char *buf = EVP_CIPHER_CTX_buf_noconst(ctx);
+ const int enc = EVP_CIPHER_CTX_encrypting(ctx);
+
+ if (out != in
+ || len < (EVP_CCM_TLS_EXPLICIT_IV_LEN + (size_t)cctx->aes.ccm.m))
+ return -1;
+
+ if (enc) {
+ /* Set explicit iv (sequence number). */
+ memcpy(out, buf, EVP_CCM_TLS_EXPLICIT_IV_LEN);
+ }
+
+ len -= EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->aes.ccm.m;
+ /*-
+ * Get explicit iv (sequence number). We already have fixed iv
+ * (server/client_write_iv) here.
+ */
+ memcpy(ivec + EVP_CCM_TLS_FIXED_IV_LEN, in, EVP_CCM_TLS_EXPLICIT_IV_LEN);
+ s390x_aes_ccm_setiv(cctx, ivec, len);
+
+ /* Process aad (sequence number|type|version|length) */
+ s390x_aes_ccm_aad(cctx, buf, cctx->aes.ccm.tls_aad_len);
+
+ in += EVP_CCM_TLS_EXPLICIT_IV_LEN;
+ out += EVP_CCM_TLS_EXPLICIT_IV_LEN;
+
+ if (enc) {
+ if (s390x_aes_ccm(cctx, in, out, len, enc))
+ return -1;
+
+ memcpy(out + len, cctx->aes.ccm.kmac_param.icv.b, cctx->aes.ccm.m);
+ return len + EVP_CCM_TLS_EXPLICIT_IV_LEN + cctx->aes.ccm.m;
+ } else {
+ if (!s390x_aes_ccm(cctx, in, out, len, enc)) {
+ if (!CRYPTO_memcmp(cctx->aes.ccm.kmac_param.icv.b, in + len,
+ cctx->aes.ccm.m))
+ return len;
+ }
+
+ OPENSSL_cleanse(out, len);
+ return -1;
+ }
+}
-# define s390x_aes_ccm_init_key aes_ccm_init_key
+/*-
+ * Set key and flag field and/or iv. Returns 1 if successful. Otherwise 0 is
+ * returned.
+ */
static int s390x_aes_ccm_init_key(EVP_CIPHER_CTX *ctx,
const unsigned char *key,
- const unsigned char *iv, int enc);
-# define s390x_aes_ccm_cipher aes_ccm_cipher
+ const unsigned char *iv, int enc)
+{
+ S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
+ unsigned char *ivec;
+ int keylen;
+
+ if (iv == NULL && key == NULL)
+ return 1;
+
+ if (key != NULL) {
+ keylen = EVP_CIPHER_CTX_key_length(ctx);
+ /* Convert key size to function code. */
+ cctx->aes.ccm.fc = S390X_AES_128 + (((keylen << 3) - 128) >> 6);
+ memcpy(cctx->aes.ccm.kmac_param.k, key, keylen);
+
+ /* Store encoded m and l. */
+ cctx->aes.ccm.nonce.b[0] = ((cctx->aes.ccm.l - 1) & 0x7)
+ | (((cctx->aes.ccm.m - 2) >> 1) & 0x7) << 3;
+ memset(cctx->aes.ccm.nonce.b + 1, 0,
+ sizeof(cctx->aes.ccm.nonce.b));
+ cctx->aes.ccm.blocks = 0;
+
+ cctx->aes.ccm.key_set = 1;
+ }
+
+ if (iv != NULL) {
+ ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
+ memcpy(ivec, iv, 15 - cctx->aes.ccm.l);
+
+ cctx->aes.ccm.iv_set = 1;
+ }
+
+ return 1;
+}
+
+/*-
+ * Called from EVP layer to initialize context, process additional
+ * authenticated data, en/de-crypt plain/cipher-text and authenticate
+ * plaintext or process a TLS packet, depending on context. Returns bytes
+ * written on success. Otherwise -1 is returned.
+ */
static int s390x_aes_ccm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t len);
-# define s390x_aes_ccm_ctrl aes_ccm_ctrl
-static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *, int type, int arg, void *ptr);
+ const unsigned char *in, size_t len)
+{
+ S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, ctx);
+ const int enc = EVP_CIPHER_CTX_encrypting(ctx);
+ int rv;
+ unsigned char *buf, *ivec;
+
+ if (!cctx->aes.ccm.key_set)
+ return -1;
+
+ if (cctx->aes.ccm.tls_aad_len >= 0)
+ return s390x_aes_ccm_tls_cipher(ctx, out, in, len);
+
+ /*-
+ * Final(): Does not return any data. Recall that ccm is mac-then-encrypt
+ * so integrity must be checked already at Update() i.e., before
+ * potentially corrupted data is output.
+ */
+ if (in == NULL && out != NULL)
+ return 0;
+
+ if (!cctx->aes.ccm.iv_set)
+ return -1;
+
+ if (!enc && !cctx->aes.ccm.tag_set)
+ return -1;
+
+ if (out == NULL) {
+ /* Update(): Pass message length. */
+ if (in == NULL) {
+ ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
+ s390x_aes_ccm_setiv(cctx, ivec, len);
+
+ cctx->aes.ccm.len_set = 1;
+ return len;
+ }
+
+ /* Update(): Process aad. */
+ if (!cctx->aes.ccm.len_set && len)
+ return -1;
+
+ s390x_aes_ccm_aad(cctx, in, len);
+ return len;
+ }
+
+ /* Update(): Process message. */
+
+ if (!cctx->aes.ccm.len_set) {
+ /*-
+ * In case message length was not previously set explicitely via
+ * Update(), set it now.
+ */
+ ivec = EVP_CIPHER_CTX_iv_noconst(ctx);
+ s390x_aes_ccm_setiv(cctx, ivec, len);
+
+ cctx->aes.ccm.len_set = 1;
+ }
+
+ if (enc) {
+ if (s390x_aes_ccm(cctx, in, out, len, enc))
+ return -1;
+
+ cctx->aes.ccm.tag_set = 1;
+ return len;
+ } else {
+ rv = -1;
+
+ if (!s390x_aes_ccm(cctx, in, out, len, enc)) {
+ buf = EVP_CIPHER_CTX_buf_noconst(ctx);
+ if (!CRYPTO_memcmp(cctx->aes.ccm.kmac_param.icv.b, buf,
+ cctx->aes.ccm.m))
+ rv = len;
+ }
+
+ if (rv == -1)
+ OPENSSL_cleanse(out, len);
+
+ cctx->aes.ccm.iv_set = 0;
+ cctx->aes.ccm.tag_set = 0;
+ cctx->aes.ccm.len_set = 0;
+ return rv;
+ }
+}
+
+/*-
+ * Performs various operations on the context structure depending on control
+ * type. Returns 1 for success, 0 for failure and -1 for unknown control type.
+ * Code is big-endian.
+ */
+static int s390x_aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
+{
+ S390X_AES_CCM_CTX *cctx = EVP_C_DATA(S390X_AES_CCM_CTX, c);
+ unsigned char *buf, *iv;
+ int enc, len;
+
+ switch (type) {
+ case EVP_CTRL_INIT:
+ cctx->aes.ccm.key_set = 0;
+ cctx->aes.ccm.iv_set = 0;
+ cctx->aes.ccm.l = 8;
+ cctx->aes.ccm.m = 12;
+ cctx->aes.ccm.tag_set = 0;
+ cctx->aes.ccm.len_set = 0;
+ cctx->aes.ccm.tls_aad_len = -1;
+ return 1;
+
+ case EVP_CTRL_AEAD_TLS1_AAD:
+ if (arg != EVP_AEAD_TLS1_AAD_LEN)
+ return 0;
+
+ /* Save the aad for later use. */
+ buf = EVP_CIPHER_CTX_buf_noconst(c);
+ memcpy(buf, ptr, arg);
+ cctx->aes.ccm.tls_aad_len = arg;
+
+ len = *(uint16_t *)(buf + arg - 2);
+ if (len < EVP_CCM_TLS_EXPLICIT_IV_LEN)
+ return 0;
+
+ /* Correct length for explicit iv. */
+ len -= EVP_CCM_TLS_EXPLICIT_IV_LEN;
+
+ enc = EVP_CIPHER_CTX_encrypting(c);
+ if (!enc) {
+ if (len < cctx->aes.ccm.m)
+ return 0;
+
+ /* Correct length for tag. */
+ len -= cctx->aes.ccm.m;
+ }
+
+ *(uint16_t *)(buf + arg - 2) = len;
+ /* Extra padding: tag appended to record. */
+ return cctx->aes.ccm.m;
+
+ case EVP_CTRL_CCM_SET_IV_FIXED:
+ if (arg != EVP_CCM_TLS_FIXED_IV_LEN)
+ return 0;
+
+ /* Copy to first part of the iv. */
+ iv = EVP_CIPHER_CTX_iv_noconst(c);
+ memcpy(iv, ptr, arg);
+ return 1;
+
+ case EVP_CTRL_AEAD_SET_IVLEN:
+ arg = 15 - arg;
+ /* fall-through */
+
+ case EVP_CTRL_CCM_SET_L:
+ if (arg < 2 || arg > 8)
+ return 0;
+
+ cctx->aes.ccm.l = arg;
+ return 1;
+
+ case EVP_CTRL_AEAD_SET_TAG:
+ if ((arg & 1) || arg < 4 || arg > 16)
+ return 0;
+
+ enc = EVP_CIPHER_CTX_encrypting(c);
+ if (enc && ptr)
+ return 0;
+
+ if (ptr) {
+ cctx->aes.ccm.tag_set = 1;
+ buf = EVP_CIPHER_CTX_buf_noconst(c);
+ memcpy(buf, ptr, arg);
+ }
+
+ cctx->aes.ccm.m = arg;
+ return 1;
+
+ case EVP_CTRL_AEAD_GET_TAG:
+ enc = EVP_CIPHER_CTX_encrypting(c);
+ if (!enc || !cctx->aes.ccm.tag_set)
+ return 0;
+
+ if(arg < cctx->aes.ccm.m)
+ return 0;
+
+ memcpy(ptr, cctx->aes.ccm.kmac_param.icv.b, cctx->aes.ccm.m);
+ cctx->aes.ccm.tag_set = 0;
+ cctx->aes.ccm.iv_set = 0;
+ cctx->aes.ccm.len_set = 0;
+ return 1;
+
+ case EVP_CTRL_COPY:
+ return 1;
+
+ default:
+ return -1;
+ }
+}
+
# define s390x_aes_ccm_cleanup aes_ccm_cleanup
# ifndef OPENSSL_NO_OCB
diff --git a/crypto/s390x_arch.h b/crypto/s390x_arch.h
index a5a9dee..5744318 100644
--- a/crypto/s390x_arch.h
+++ b/crypto/s390x_arch.h
@@ -14,6 +14,8 @@
void s390x_km(const unsigned char *in, size_t len, unsigned char *out,
unsigned int fc, void *param);
+void s390x_kmac(const unsigned char *in, size_t len, unsigned int fc,
+ void *param);
void s390x_kma(const unsigned char *aad, size_t alen, const unsigned char *in,
size_t len, unsigned char *out, unsigned int fc, void *param);
diff --git a/crypto/s390xcpuid.pl b/crypto/s390xcpuid.pl
index ea95dd2..5f6ffc6 100755
--- a/crypto/s390xcpuid.pl
+++ b/crypto/s390xcpuid.pl
@@ -276,6 +276,27 @@ ___
}
################
+# void s390x_kmac(const unsigned char *in, size_t len, unsigned int fc,
+# void *param)
+{
+my ($in,$len,$fc,$param) = map("%r$_",(2..5));
+$code.=<<___;
+.globl s390x_kmac
+.type s390x_kmac,\@function
+.align 16
+s390x_kmac:
+ lr %r0,$fc
+ l${g}r %r1,$param
+
+ .long 0xb91e0002 # kmac %r0,$in
+ brc 1,.-4 # pay attention to "partial completion"
+
+ br $ra
+.size s390x_kmac,.-s390x_kmac
+___
+}
+
+################
# void s390x_kma(const unsigned char *aad, size_t alen,
# const unsigned char *in, size_t len,
# unsigned char *out, unsigned int fc, void *param)
From builds at travis-ci.org Tue Feb 6 19:13:10 2018
From: builds at travis-ci.org (Travis CI)
Date: Tue, 06 Feb 2018 19:13:10 +0000
Subject: [openssl-commits] Errored: openssl/openssl#16104 (master - 5d2a6f4)
In-Reply-To:
Message-ID: <5a79fe464e57f_43fc1cc797570192099e@8987a2b8-bc46-4e39-94ff-dcf75b205098.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16104
Status: Errored
Duration: 30 minutes and 35 seconds
Commit: 5d2a6f4 (master)
Author: Patrick Steuer
Message: crypto/evp/e_aes.c: add comments to s390x aes gcm implementation
Signed-off-by: Patrick Steuer
Reviewed-by: Andy Polyakov
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5230)
View the changeset: https://github.com/openssl/openssl/compare/54f3b7d2f5a3...5d2a6f4b7176
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/338142959?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Tue Feb 6 19:37:26 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Tue, 06 Feb 2018 19:37:26 +0000
Subject: [openssl-commits] Build completed: openssl master.15397
Message-ID: <20180206193726.1.B0D2CDFE141326ED@appveyor.com>
An HTML attachment was scrubbed...
URL:
From rsalz at openssl.org Tue Feb 6 20:27:29 2018
From: rsalz at openssl.org (Rich Salz)
Date: Tue, 06 Feb 2018 20:27:29 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517948849.226167.10093.nullmailer@dev.openssl.org>
The branch master has been updated
via a3a5d1b73db46274e2cdedaad42fda5ce5cfb2da (commit)
from 5d2a6f4b71769e45d9c65ae071dc8221590cf14e (commit)
- Log -----------------------------------------------------------------
commit a3a5d1b73db46274e2cdedaad42fda5ce5cfb2da
Author: Rich Salz
Date: Tue Feb 6 15:27:03 2018 -0500
Remove unused file
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5267)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/asm/x86.pl | 38 --------------------------------------
1 file changed, 38 deletions(-)
delete mode 100644 crypto/bn/asm/x86.pl
diff --git a/crypto/bn/asm/x86.pl b/crypto/bn/asm/x86.pl
deleted file mode 100644
index 274099f..0000000
--- a/crypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,38 +0,0 @@
-#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the OpenSSL license (the "License"). You may not use
-# this file except in compliance with the License. You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-require("x86/mul_add.pl");
-require("x86/mul.pl");
-require("x86/sqr.pl");
-require("x86/div.pl");
-require("x86/add.pl");
-require("x86/sub.pl");
-require("x86/comba.pl");
-
-$output = pop;
-open STDOUT,">$output";
-
-&asm_init($ARGV[0]);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
-close STDOUT;
From rsalz at openssl.org Tue Feb 6 20:28:08 2018
From: rsalz at openssl.org (Rich Salz)
Date: Tue, 06 Feb 2018 20:28:08 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1517948888.586288.10840.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via 4bcc6a1f5557ceb1e335d39bac308b9cd64f40cd (commit)
from db91094a49b370acf03cf6adfcacf2256b8bd153 (commit)
- Log -----------------------------------------------------------------
commit 4bcc6a1f5557ceb1e335d39bac308b9cd64f40cd
Author: Rich Salz
Date: Tue Feb 6 15:27:03 2018 -0500
Remove unused file
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5267)
(cherry picked from commit a3a5d1b73db46274e2cdedaad42fda5ce5cfb2da)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/asm/x86.pl | 38 --------------------------------------
1 file changed, 38 deletions(-)
delete mode 100644 crypto/bn/asm/x86.pl
diff --git a/crypto/bn/asm/x86.pl b/crypto/bn/asm/x86.pl
deleted file mode 100644
index d57571d..0000000
--- a/crypto/bn/asm/x86.pl
+++ /dev/null
@@ -1,38 +0,0 @@
-#! /usr/bin/env perl
-# Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
-#
-# Licensed under the OpenSSL license (the "License"). You may not use
-# this file except in compliance with the License. You can obtain a copy
-# in the file LICENSE in the source distribution or at
-# https://www.openssl.org/source/license.html
-
-push(@INC,"perlasm","../../perlasm");
-require "x86asm.pl";
-
-require("x86/mul_add.pl");
-require("x86/mul.pl");
-require("x86/sqr.pl");
-require("x86/div.pl");
-require("x86/add.pl");
-require("x86/sub.pl");
-require("x86/comba.pl");
-
-$output = pop;
-open STDOUT,">$output";
-
-&asm_init($ARGV[0],$0);
-
-&bn_mul_add_words("bn_mul_add_words");
-&bn_mul_words("bn_mul_words");
-&bn_sqr_words("bn_sqr_words");
-&bn_div_words("bn_div_words");
-&bn_add_words("bn_add_words");
-&bn_sub_words("bn_sub_words");
-&bn_mul_comba("bn_mul_comba8",8);
-&bn_mul_comba("bn_mul_comba4",4);
-&bn_sqr_comba("bn_sqr_comba8",8);
-&bn_sqr_comba("bn_sqr_comba4",4);
-
-&asm_finish();
-
-close STDOUT;
From builds at travis-ci.org Tue Feb 6 20:52:54 2018
From: builds at travis-ci.org (Travis CI)
Date: Tue, 06 Feb 2018 20:52:54 +0000
Subject: [openssl-commits] Passed: openssl/openssl#16109
(OpenSSL_1_1_0-stable - 4bcc6a1)
In-Reply-To:
Message-ID: <5a7a163e97786_43ffbfdc55d08125398b@6bc52b31-db87-4128-9313-917376cb4e0b.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16109
Status: Passed
Duration: 20 minutes and 59 seconds
Commit: 4bcc6a1 (OpenSSL_1_1_0-stable)
Author: Rich Salz
Message: Remove unused file
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5267)
(cherry picked from commit a3a5d1b73db46274e2cdedaad42fda5ce5cfb2da)
View the changeset: https://github.com/openssl/openssl/compare/db91094a49b3...4bcc6a1f5557
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/338189853?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Tue Feb 6 20:54:34 2018
From: builds at travis-ci.org (Travis CI)
Date: Tue, 06 Feb 2018 20:54:34 +0000
Subject: [openssl-commits] Passed: openssl/openssl#16108 (master - a3a5d1b)
In-Reply-To:
Message-ID: <5a7a16a347d61_43ffbfddac530125556c@6bc52b31-db87-4128-9313-917376cb4e0b.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16108
Status: Passed
Duration: 28 minutes and 54 seconds
Commit: a3a5d1b (master)
Author: Rich Salz
Message: Remove unused file
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5267)
View the changeset: https://github.com/openssl/openssl/compare/5d2a6f4b7176...a3a5d1b73db4
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/338189593?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Tue Feb 6 21:54:22 2018
From: levitte at openssl.org (Richard Levitte)
Date: Tue, 06 Feb 2018 21:54:22 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517954062.844500.21878.nullmailer@dev.openssl.org>
The branch master has been updated
via 7ff3a3b9e98104e3d080e652712c42b0dff915dd (commit)
from a3a5d1b73db46274e2cdedaad42fda5ce5cfb2da (commit)
- Log -----------------------------------------------------------------
commit 7ff3a3b9e98104e3d080e652712c42b0dff915dd
Author: Richard Levitte
Date: Tue Feb 6 20:01:19 2018 +0100
Code cleanup: remove benchmark code from internal tests
Reviewed-by: Paul Dale
(Merged from https://github.com/openssl/openssl/pull/5268)
-----------------------------------------------------------------------
Summary of changes:
test/modes_internal_test.c | 66 -------------------------------------------
test/poly1305_internal_test.c | 52 ----------------------------------
test/siphash_internal_test.c | 65 ------------------------------------------
3 files changed, 183 deletions(-)
diff --git a/test/modes_internal_test.c b/test/modes_internal_test.c
index 6b02fd0..5f48bc1 100644
--- a/test/modes_internal_test.c
+++ b/test/modes_internal_test.c
@@ -17,7 +17,6 @@
#include "../crypto/modes/modes_lcl.h"
#include "testutil.h"
#include "internal/nelem.h"
-#include "internal/cryptlib.h"
typedef struct {
size_t size;
@@ -884,75 +883,10 @@ static int test_gcm128(int idx)
return 1;
}
-static void benchmark_gcm128(const unsigned char *K, size_t Klen,
- const unsigned char *IV, size_t IVlen)
-{
-#ifdef OPENSSL_CPUID_OBJ
- GCM128_CONTEXT ctx;
- AES_KEY key;
- uint32_t start, gcm_t, ctr_t;
- union {
- u64 u;
- u8 c[1024];
- } buf;
-
- AES_set_encrypt_key(K, Klen * 8, &key);
- CRYPTO_gcm128_init(&ctx, &key, (block128_f) AES_encrypt);
- CRYPTO_gcm128_setiv(&ctx, IV, IVlen);
-
- CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
- start = OPENSSL_rdtsc();
- CRYPTO_gcm128_encrypt(&ctx, buf.c, buf.c, sizeof(buf));
- gcm_t = OPENSSL_rdtsc() - start;
-
- CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
- &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
- (block128_f) AES_encrypt);
- start = OPENSSL_rdtsc();
- CRYPTO_ctr128_encrypt(buf.c, buf.c, sizeof(buf),
- &key, ctx.Yi.c, ctx.EKi.c, &ctx.mres,
- (block128_f) AES_encrypt);
- ctr_t = OPENSSL_rdtsc() - start;
-
- printf("%.2f-%.2f=%.2f\n",
- gcm_t / (double)sizeof(buf),
- ctr_t / (double)sizeof(buf),
- (gcm_t - ctr_t) / (double)sizeof(buf));
-# ifdef GHASH
- {
- void (*gcm_ghash_p) (u64 Xi[2], const u128 Htable[16],
- const u8 *inp, size_t len) = ctx.ghash;
-
- GHASH((&ctx), buf.c, sizeof(buf));
- start = OPENSSL_rdtsc();
- for (i = 0; i < 100; ++i)
- GHASH((&ctx), buf.c, sizeof(buf));
- gcm_t = OPENSSL_rdtsc() - start;
- printf("%.2f\n", gcm_t / (double)sizeof(buf) / (double)i);
- }
-# endif
-#else
- fprintf(stderr,
- "Benchmarking of modes isn't available on this platform\n");
-#endif
-}
-
int setup_tests(void)
{
- if (test_has_option("-h")) {
- printf("-h\tThis help\n");
- printf("-b\tBenchmark gcm128 in addition to the tests\n");
- return 1;
- }
-
ADD_ALL_TESTS(test_aes_cts128, OSSL_NELEM(aes_cts128_vectors));
ADD_ALL_TESTS(test_aes_cts128_nist, OSSL_NELEM(aes_cts128_vectors));
ADD_ALL_TESTS(test_gcm128, OSSL_NELEM(gcm128_vectors));
return 1;
}
-
-void cleanup_tests(void)
-{
- if (test_has_option("-b"))
- benchmark_gcm128(K1, sizeof(K1), IV1, sizeof(IV1));
-}
diff --git a/test/poly1305_internal_test.c b/test/poly1305_internal_test.c
index 3631f34..106e108 100644
--- a/test/poly1305_internal_test.c
+++ b/test/poly1305_internal_test.c
@@ -16,7 +16,6 @@
#include "internal/poly1305.h"
#include "../crypto/poly1305/poly1305_local.h"
#include "internal/nelem.h"
-#include "internal/cryptlib.h"
typedef struct {
size_t size;
@@ -35,45 +34,6 @@ typedef struct {
*
***/
-static void benchmark_poly1305()
-{
-# ifdef OPENSSL_CPUID_OBJ
- POLY1305 poly1305;
- unsigned char key[32];
- unsigned char buf[8192];
- uint32_t stopwatch;
- unsigned int i;
-
- memset (buf,0x55,sizeof(buf));
- memset (key,0xAA,sizeof(key));
-
- Poly1305_Init(&poly1305, key);
-
- for (i=0;i<100000;i++)
- Poly1305_Update(&poly1305,buf,sizeof(buf));
-
- stopwatch = OPENSSL_rdtsc();
- for (i=0;i<10000;i++)
- Poly1305_Update(&poly1305,buf,sizeof(buf));
- stopwatch = OPENSSL_rdtsc() - stopwatch;
-
- printf("%g\n",stopwatch/(double)(i*sizeof(buf)));
-
- stopwatch = OPENSSL_rdtsc();
- for (i=0;i<10000;i++) {
- Poly1305_Init(&poly1305, key);
- Poly1305_Update(&poly1305,buf,16);
- Poly1305_Final(&poly1305,buf);
- }
- stopwatch = OPENSSL_rdtsc() - stopwatch;
-
- printf("%g\n",stopwatch/(double)(i));
-# else
- fprintf(stderr,
- "Benchmarking of poly1305 isn't available on this platform\n");
-# endif
-}
-
static TESTDATA tests[] = {
/*
* RFC7539
@@ -1611,18 +1571,6 @@ static int test_poly1305(int idx)
int setup_tests(void)
{
- if (test_has_option("-h")) {
- printf("-h\tThis help\n");
- printf("-b\tBenchmark in addition to the tests\n");
- return 1;
- }
-
ADD_ALL_TESTS(test_poly1305, OSSL_NELEM(tests));
return 1;
}
-
-void cleanup_tests(void)
-{
- if (test_has_option("-b"))
- benchmark_poly1305();
-}
diff --git a/test/siphash_internal_test.c b/test/siphash_internal_test.c
index fe20762..d5602d9 100644
--- a/test/siphash_internal_test.c
+++ b/test/siphash_internal_test.c
@@ -17,10 +17,6 @@
#include "internal/siphash.h"
#include "../crypto/siphash/siphash_local.h"
#include "internal/nelem.h"
-#include "internal/cryptlib.h"
-
-static BIO* b_stderr = NULL;
-static BIO* b_stdout = NULL;
typedef struct {
size_t size;
@@ -38,46 +34,6 @@ typedef struct {
*
***/
-static int benchmark_siphash(void)
-{
-# ifdef OPENSSL_CPUID_OBJ
- SIPHASH siphash;
- unsigned char key[SIPHASH_KEY_SIZE];
- unsigned char buf[8192];
- uint32_t stopwatch;
- unsigned int i;
-
- memset (buf,0x55,sizeof(buf));
- memset (key,0xAA,sizeof(key));
-
- (void)SipHash_Init(&siphash, key, 0, 0, 0);
-
- for (i=0;i<100000;i++)
- SipHash_Update(&siphash, buf, sizeof(buf));
-
- stopwatch = OPENSSL_rdtsc();
- for (i=0;i<10000;i++)
- SipHash_Update(&siphash, buf, sizeof(buf));
- stopwatch = OPENSSL_rdtsc() - stopwatch;
-
- BIO_printf(b_stdout, "%g\n",stopwatch/(double)(i*sizeof(buf)));
-
- stopwatch = OPENSSL_rdtsc();
- for (i=0;i<10000;i++) {
- (void)SipHash_Init(&siphash, key, 0, 0, 0);
- SipHash_Update(&siphash, buf, 16);
- (void)SipHash_Final(&siphash, buf, SIPHASH_MAX_DIGEST_SIZE);
- }
- stopwatch = OPENSSL_rdtsc() - stopwatch;
-
- BIO_printf(b_stdout, "%g\n",stopwatch/(double)(i));
-# else
- BIO_printf(b_stderr,
- "Benchmarking of siphash isn't available on this platform\n");
-# endif
- return 1;
-}
-
/* From C reference: https://131002.net/siphash/ */
static TESTDATA tests[] = {
@@ -321,28 +277,7 @@ static int test_siphash_basic(void)
int setup_tests(void)
{
- if (test_has_option("-h")) {
- BIO_printf(bio_out, "-h\tThis help\n");
- BIO_printf(bio_out, "-b\tBenchmark in addition to the tests\n");
- return 1;
- }
-
- b_stderr = BIO_new_fp(stderr, BIO_NOCLOSE | BIO_FP_TEXT);
- b_stdout = BIO_new_fp(stdout, BIO_NOCLOSE | BIO_FP_TEXT);
-#ifdef OPENSSL_SYS_VMS
- b_stderr = BIO_push(BIO_new(BIO_f_linebuffer()), b_stderr);
- b_stdout = BIO_push(BIO_new(BIO_f_linebuffer()), b_stdout);
-#endif
-
ADD_TEST(test_siphash_basic);
ADD_ALL_TESTS(test_siphash, OSSL_NELEM(tests));
- if (test_has_option("-b"))
- ADD_TEST(benchmark_siphash);
return 1;
}
-
-void cleanup_tests(void)
-{
- BIO_free(b_stdout);
- BIO_free(b_stderr);
-}
From paul.dale at oracle.com Wed Feb 7 00:09:48 2018
From: paul.dale at oracle.com (paul.dale at oracle.com)
Date: Wed, 07 Feb 2018 00:09:48 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517962188.655769.6042.nullmailer@dev.openssl.org>
The branch master has been updated
via 2b66fd5720c38c6e89f9cd00d36d2c828ed4cd4b (commit)
via 360fc9f412f1f60a4644228d9b6d386161aad406 (commit)
via 2ad2281a8005dbc9046059693995c78a04ed9e37 (commit)
from 7ff3a3b9e98104e3d080e652712c42b0dff915dd (commit)
- Log -----------------------------------------------------------------
commit 2b66fd5720c38c6e89f9cd00d36d2c828ed4cd4b
Author: Pauli
Date: Tue Feb 6 07:17:31 2018 +1000
Unify timer code
Remove the timer and TSC additional input code and instead provide a single
routine that attempts to use the "best" timer/counter available on the
system. It attempts to use TSC, then various OS dependent resources and
finally several tries to obtain the date. If any of these timer/counters
is successful, the rest are skipped.
No randomness is credited for this.
Reviewed-by: Richard Levitte
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5231)
commit 360fc9f412f1f60a4644228d9b6d386161aad406
Author: Pauli
Date: Tue Feb 6 07:16:26 2018 +1000
Make OPENSSL_rdtsc universally available.
If such a timer/counter register is not available, the return value is always
zero. This matches the assembly implementations' behaviour.
Reviewed-by: Richard Levitte
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5231)
commit 2ad2281a8005dbc9046059693995c78a04ed9e37
Author: Pauli
Date: Tue Feb 6 07:15:53 2018 +1000
Make the OPENSSL_CPUID_OBJ define internal.
Patch by @levitte.
Reviewed-by: Richard Levitte
Reviewed-by: Matthias St. Pierre
(Merged from https://github.com/openssl/openssl/pull/5231)
-----------------------------------------------------------------------
Summary of changes:
Configure | 2 +
crypto/cryptlib.c | 8 ++++
crypto/rand/rand_lib.c | 92 +++++++++++++++++++++++++++++++---------
include/internal/cryptlib.h | 6 +--
include/openssl/opensslconf.h.in | 4 +-
5 files changed, 84 insertions(+), 28 deletions(-)
diff --git a/Configure b/Configure
index 22d42fb..a6f5a31 100755
--- a/Configure
+++ b/Configure
@@ -1292,6 +1292,8 @@ if ($target{sys_id} ne "")
unless ($disabled{asm}) {
$target{cpuid_asm_src}=$table{DEFAULTS}->{cpuid_asm_src} if ($config{processor} eq "386");
+ push @{$config{defines}}, "OPENSSL_CPUID_OBJ" if ($target{cpuid_asm_src} ne "mem_clr.o");
+
$target{bn_asm_src} =~ s/\w+-gf2m.c// if (defined($disabled{ec2m}));
# bn-586 is the only one implementing bn_*_part_words
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
index a4f2fb8..a4d96d8 100644
--- a/crypto/cryptlib.c
+++ b/crypto/cryptlib.c
@@ -355,4 +355,12 @@ int CRYPTO_memcmp(const void * in_a, const void * in_b, size_t len)
return x;
}
+
+/*
+ * For systems that don't provide an instruction counter register or equivalent.
+ */
+uint32_t OPENSSL_rdtsc(void)
+{
+ return 0;
+}
#endif
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index e82a63e..810677b 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -22,6 +22,9 @@
#endif
#include "e_os.h"
+/* Macro to convert two thirty two bit values into a sixty four bit one */
+#define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b))
+
#ifndef OPENSSL_NO_ENGINE
/* non-NULL if default_RAND_meth is ENGINE-provided */
static ENGINE *funct_ref;
@@ -194,6 +197,71 @@ size_t rand_drbg_get_entropy(RAND_DRBG *drbg,
}
/*
+ * Find a suitable system time. Start with the highest resolution source
+ * and work down to the slower ones. This is added as additional data and
+ * isn't counted as randomness, so any result is acceptable.
+ */
+static uint64_t get_timer_bits(void)
+{
+ uint64_t res = OPENSSL_rdtsc();
+
+ if (res != 0)
+ return res;
+#if defined(_WIN32)
+ {
+ LARGE_INTEGER t;
+ FILETIME ft;
+
+ if (QueryPerformanceCounter(&t) != 0)
+ return t.QuadPart;
+ GetSystemTimeAsFileTime(&ft);
+ return TWO32TO64(ft.dwHighDateTime, ft.dwLowDateTime);
+ }
+#elif defined(__sun) || defined(__hpux)
+ return gethrtime();
+#elif defined(_AIX)
+ {
+ timebasestruct_t t;
+
+ read_wall_time(&t, TIMEBASE_SZ);
+ return TWO32TO64(t.tb_high, t.tb_low);
+ }
+#else
+
+# if defined(_POSIX_C_SOURCE) \
+ && defined(_POSIX_TIMERS) \
+ && _POSIX_C_SOURCE >= 199309L \
+ && (!defined(__GLIBC__) || __GLIBC_PREREQ(2, 17))
+ {
+ struct timespec ts;
+ clockid_t cid;
+
+# ifdef CLOCK_BOOTTIME
+ cid = CLOCK_BOOTTIME;
+# elif defined(_POSIX_MONOTONIC_CLOCK)
+ cid = CLOCK_MONOTONIC;
+# else
+ cid = CLOCK_REALTIME;
+# endif
+
+ if (clock_gettime(cid, &ts) == 0)
+ return TWO32TO64(ts.tv_sec, ts.tv_nsec);
+ }
+# endif
+# if defined(__unix__) \
+ || (defined(_POSIX_C_SOURCE) && _POSIX_C_SOURCE >= 200112L)
+ {
+ struct timeval tv;
+
+ if (gettimeofday(&tv, NULL) == 0)
+ return TWO32TO64(tv.tv_sec, tv.tv_usec);
+ }
+# endif
+ return time(NULL);
+#endif
+}
+
+/*
* Generate additional data that can be used for the drbg. The data does
* not need to contain entropy, but it's useful if it contains at least
* some bits that are unpredictable.
@@ -210,15 +278,10 @@ size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len)
size_t len;
#ifdef OPENSSL_SYS_UNIX
pid_t pid;
- struct timeval tv;
#elif defined(OPENSSL_SYS_WIN32)
DWORD pid;
- FILETIME ft;
- LARGE_INTEGER pc;
-#endif
-#ifdef OPENSSL_CPUID_OBJ
- uint32_t tsc = 0;
#endif
+ uint64_t tbits;
pool = RAND_POOL_new(0, 0, max_len);
if (pool == NULL)
@@ -236,21 +299,8 @@ size_t rand_drbg_get_additional_data(unsigned char **pout, size_t max_len)
if (thread_id != 0)
RAND_POOL_add(pool, (unsigned char *)&thread_id, sizeof(thread_id), 0);
-#ifdef OPENSSL_CPUID_OBJ
- tsc = OPENSSL_rdtsc();
- if (tsc != 0)
- RAND_POOL_add(pool, (unsigned char *)&tsc, sizeof(tsc), 0);
-#endif
-
-#ifdef OPENSSL_SYS_UNIX
- if (gettimeofday(&tv, NULL) == 0)
- RAND_POOL_add(pool, (unsigned char *)&tv, sizeof(tv), 0);
-#elif defined(OPENSSL_SYS_WIN32)
- if (QueryPerformanceCounter(&pc) != 0)
- RAND_POOL_add(pool, (unsigned char *)&pc, sizeof(pc), 0);
- GetSystemTimeAsFileTime(&ft);
- RAND_POOL_add(pool, (unsigned char *)&ft, sizeof(ft), 0);
-#endif
+ tbits = get_timer_bits();
+ RAND_POOL_add(pool, (unsigned char *)&tbits, sizeof(tbits), 0);
/* TODO: Use RDSEED? */
diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h
index 25ccdb1..8a96de9 100644
--- a/include/internal/cryptlib.h
+++ b/include/internal/cryptlib.h
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -94,9 +94,7 @@ FILE *openssl_fopen(const char *filename, const char *mode);
void *openssl_fopen(const char *filename, const char *mode);
# endif
-#ifdef OPENSSL_CPUID_OBJ
-uint32_t OPENSSL_rdtsc();
-#endif
+uint32_t OPENSSL_rdtsc(void);
#ifdef __cplusplus
}
diff --git a/include/openssl/opensslconf.h.in b/include/openssl/opensslconf.h.in
index 2603247..16aa82e 100644
--- a/include/openssl/opensslconf.h.in
+++ b/include/openssl/opensslconf.h.in
@@ -1,7 +1,7 @@
/*
* {- join("\n * ", @autowarntext) -}
*
- * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -119,8 +119,6 @@ extern "C" {
# define DEPRECATEDIN_0_9_8(f)
#endif
-{- $target{cpuid_obj} ne "mem_clr.o" ? "#define OPENSSL_CPUID_OBJ" : "" -}
-
/* Generate 80386 code? */
{- $config{processor} eq "386" ? "#define" : "#undef" -} I386_ONLY
From openssl at openssl.org Wed Feb 7 01:03:03 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Wed, 07 Feb 2018 01:03:03 +0000
Subject: [openssl-commits] FAILED build of OpenSSL branch master with
options -d --strict-warnings no-deprecated
Message-ID: <1517965383.163315.23825.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-deprecated
Commit log since last time:
7ff3a3b Code cleanup: remove benchmark code from internal tests
a3a5d1b Remove unused file
5d2a6f4 crypto/evp/e_aes.c: add comments to s390x aes gcm implementation
39f5b06 s390x assembly pack: add KMAC code path for aes-ccm
54f3b7d util/mkdef.pl: Trust configdata.pm
Build log ended with (last 100 lines):
../../openssl/test/recipes/25-test_verify.t ................... ok
../../openssl/test/recipes/25-test_x509.t ..................... ok
../../openssl/test/recipes/30-test_afalg.t .................... ok
../../openssl/test/recipes/30-test_engine.t ................... ok
../../openssl/test/recipes/30-test_evp.t ...................... ok
../../openssl/test/recipes/30-test_evp_extra.t ................ ok
../../openssl/test/recipes/30-test_pbelu.t .................... ok
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t .................. ok
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t .............. ok
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................ skipped: test_key_share needs TLS1.3 enabled
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................ ok
../../openssl/test/recipes/70-test_renegotiation.t ............ ok
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok
../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok
../../openssl/test/recipes/70-test_sslextension.t ............. ok
../../openssl/test/recipes/70-test_sslmessages.t .............. ok
../../openssl/test/recipes/70-test_sslrecords.t ............... ok
../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok
../../openssl/test/recipes/70-test_sslsignature.t ............. ok
../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok
../../openssl/test/recipes/70-test_sslversions.t .............. skipped: test_sslversions needs TLS1.3, TLS1.2 and TLS1.1 enabled
../../openssl/test/recipes/70-test_sslvertol.t ................ ok
../../openssl/test/recipes/70-test_tls13cookie.t .............. skipped: test_tls13cookie needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade needs TLS1.3 and TLS1.2 enabled
../../openssl/test/recipes/70-test_tls13hrr.t ................. skipped: test_tls13hrr needs TLS1.3 enabled
../../openssl/test/recipes/70-test_tls13kexmodes.t ............ skipped: test_tls13kexmodes needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13messages.t ............ skipped: test_tls13messages needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tls13psk.t ................. skipped: test_tls13psk needs TLSv1.3 enabled
../../openssl/test/recipes/70-test_tlsextms.t ................. ok
../../openssl/test/recipes/70-test_verify_extra.t ............. ok
../../openssl/test/recipes/70-test_wpacket.t .................. ok
../../openssl/test/recipes/80-test_ca.t ....................... ok
../../openssl/test/recipes/80-test_cipherbytes.t .............. ok
../../openssl/test/recipes/80-test_cipherlist.t ............... ok
../../openssl/test/recipes/80-test_ciphername.t ............... ok
../../openssl/test/recipes/80-test_cms.t ...................... ok
../../openssl/test/recipes/80-test_ct.t ....................... ok
../../openssl/test/recipes/80-test_dane.t ..................... ok
../../openssl/test/recipes/80-test_dtls.t ..................... ok
../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok
../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok
../../openssl/test/recipes/80-test_ocsp.t ..................... ok
../../openssl/test/recipes/80-test_pkcs12.t ................... ok
../../openssl/test/recipes/80-test_ssl_new.t .................. ok
../../openssl/test/recipes/80-test_ssl_old.t .................. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok
../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok
../../openssl/test/recipes/80-test_tsa.t ...................... ok
../../openssl/test/recipes/80-test_x509aux.t .................. ok
../../openssl/test/recipes/90-test_asn1_time.t ................ ok
../../openssl/test/recipes/90-test_async.t .................... ok
../../openssl/test/recipes/90-test_bio_enc.t .................. ok
../../openssl/test/recipes/90-test_constant_time.t ............ ok
../../openssl/test/recipes/90-test_fatalerr.t ................. ok
../../openssl/test/recipes/90-test_gmdiff.t ................... ok
../../openssl/test/recipes/90-test_ige.t ...................... ok
../../openssl/test/recipes/90-test_memleak.t .................. ok
../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds
../../openssl/test/recipes/90-test_secmem.t ................... ok
../../openssl/test/recipes/90-test_shlibload.t ................ ok
../../openssl/test/recipes/90-test_srp.t ...................... ok
../../openssl/test/recipes/90-test_sslapi.t ................... ok
../../openssl/test/recipes/90-test_sslbuffers.t ............... ok
../../openssl/test/recipes/90-test_store.t .................... ok
../../openssl/test/recipes/90-test_threads.t .................. ok
../../openssl/test/recipes/90-test_time_offset.t .............. ok
../../openssl/test/recipes/90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build
../../openssl/test/recipes/90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build
../../openssl/test/recipes/90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build
../../openssl/test/recipes/90-test_v3name.t ................... ok
../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/99-test_ecstress.t ................. ok
../../openssl/test/recipes/99-test_fuzz.t ..................... ok
Test Summary Report
-------------------
../../openssl/test/recipes/01-test_symbol_presence.t (Wstat: 512 Tests: 4 Failed: 2)
Failed tests: 2, 4
Non-zero exit status: 2
Files=140, Tests=1243, 361 wallclock secs ( 2.90 usr 0.36 sys + 174.14 cusr 23.83 csys = 201.23 CPU)
Result: FAIL
Makefile:171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-deprecated'
Makefile:169: recipe for target 'tests' failed
make: *** [tests] Error 2
From paul.dale at oracle.com Wed Feb 7 04:14:21 2018
From: paul.dale at oracle.com (paul.dale at oracle.com)
Date: Wed, 07 Feb 2018 04:14:21 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1517976861.111902.32403.nullmailer@dev.openssl.org>
The branch master has been updated
via bed4afa81b9c94596cae44226e7506d9b07fe5a5 (commit)
from 2b66fd5720c38c6e89f9cd00d36d2c828ed4cd4b (commit)
- Log -----------------------------------------------------------------
commit bed4afa81b9c94596cae44226e7506d9b07fe5a5
Author: Pauli
Date: Wed Feb 7 11:46:15 2018 +1000
Fix glibc specific conditional for Mac OS/X
MacOS seems to define __GLIBC__ but not __GLIBC_PREREQ.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5269)
-----------------------------------------------------------------------
Summary of changes:
crypto/rand/rand_lib.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 810677b..69c3c79 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -231,7 +231,8 @@ static uint64_t get_timer_bits(void)
# if defined(_POSIX_C_SOURCE) \
&& defined(_POSIX_TIMERS) \
&& _POSIX_C_SOURCE >= 199309L \
- && (!defined(__GLIBC__) || __GLIBC_PREREQ(2, 17))
+ && (!defined(__GLIBC__) \
+ || (defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 17)))
{
struct timespec ts;
clockid_t cid;
From osslsanity at gmail.com Wed Feb 7 09:18:22 2018
From: osslsanity at gmail.com (osslsanity at gmail.com)
Date: Wed, 7 Feb 2018 09:18:22 +0000 (UTC)
Subject: [openssl-commits] Build failed in Jenkins: master_mips #374
Message-ID: <1037560288.321.1517995102352.JavaMail.jenkins@ip-172-31-34-99>
See
Changes:
[appro] s390x assembly pack: add KMAC code path for aes-ccm
[appro] crypto/evp/e_aes.c: add comments to s390x aes gcm implementation
[rsalz] Remove unused file
[levitte] Code cleanup: remove benchmark code from internal tests
[paul.dale] Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
[paul.dale] Make OPENSSL_rdtsc universally available.
[paul.dale] Unify timer code
[paul.dale] Fix glibc specific conditional for Mac OS/X
------------------------------------------
[...truncated 281.85 KB...]
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_err.d.tmp -MT crypto/ui/ui_err.o -c -o crypto/ui/ui_err.o crypto/ui/ui_err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_lib.d.tmp -MT crypto/ui/ui_lib.o -c -o crypto/ui/ui_lib.o crypto/ui/ui_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_null.d.tmp -MT crypto/ui/ui_null.o -c -o crypto/ui/ui_null.o crypto/ui/ui_null.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_openssl.d.tmp -MT crypto/ui/ui_openssl.o -c -o crypto/ui/ui_openssl.o crypto/ui/ui_openssl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_util.d.tmp -MT crypto/ui/ui_util.o -c -o crypto/ui/ui_util.o crypto/ui/ui_util.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/uid.d.tmp -MT crypto/uid.o -c -o crypto/uid.o crypto/uid.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/whrlpool/wp_block.d.tmp -MT crypto/whrlpool/wp_block.o -c -o crypto/whrlpool/wp_block.o crypto/whrlpool/wp_block.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/whrlpool/wp_dgst.d.tmp -MT crypto/whrlpool/wp_dgst.o -c -o crypto/whrlpool/wp_dgst.o crypto/whrlpool/wp_dgst.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/by_dir.d.tmp -MT crypto/x509/by_dir.o -c -o crypto/x509/by_dir.o crypto/x509/by_dir.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/by_file.d.tmp -MT crypto/x509/by_file.o -c -o crypto/x509/by_file.o crypto/x509/by_file.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_crl.d.tmp -MT crypto/x509/t_crl.o -c -o crypto/x509/t_crl.o crypto/x509/t_crl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_req.d.tmp -MT crypto/x509/t_req.o -c -o crypto/x509/t_req.o crypto/x509/t_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_x509.d.tmp -MT crypto/x509/t_x509.o -c -o crypto/x509/t_x509.o crypto/x509/t_x509.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_att.d.tmp -MT crypto/x509/x509_att.o -c -o crypto/x509/x509_att.o crypto/x509/x509_att.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_cmp.d.tmp -MT crypto/x509/x509_cmp.o -c -o crypto/x509/x509_cmp.o crypto/x509/x509_cmp.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_d2.d.tmp -MT crypto/x509/x509_d2.o -c -o crypto/x509/x509_d2.o crypto/x509/x509_d2.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_def.d.tmp -MT crypto/x509/x509_def.o -c -o crypto/x509/x509_def.o crypto/x509/x509_def.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_err.d.tmp -MT crypto/x509/x509_err.o -c -o crypto/x509/x509_err.o crypto/x509/x509_err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_ext.d.tmp -MT crypto/x509/x509_ext.o -c -o crypto/x509/x509_ext.o crypto/x509/x509_ext.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_lu.d.tmp -MT crypto/x509/x509_lu.o -c -o crypto/x509/x509_lu.o crypto/x509/x509_lu.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_obj.d.tmp -MT crypto/x509/x509_obj.o -c -o crypto/x509/x509_obj.o crypto/x509/x509_obj.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_r2x.d.tmp -MT crypto/x509/x509_r2x.o -c -o crypto/x509/x509_r2x.o crypto/x509/x509_r2x.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_req.d.tmp -MT crypto/x509/x509_req.o -c -o crypto/x509/x509_req.o crypto/x509/x509_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_set.d.tmp -MT crypto/x509/x509_set.o -c -o crypto/x509/x509_set.o crypto/x509/x509_set.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_trs.d.tmp -MT crypto/x509/x509_trs.o -c -o crypto/x509/x509_trs.o crypto/x509/x509_trs.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_txt.d.tmp -MT crypto/x509/x509_txt.o -c -o crypto/x509/x509_txt.o crypto/x509/x509_txt.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_v3.d.tmp -MT crypto/x509/x509_v3.o -c -o crypto/x509/x509_v3.o crypto/x509/x509_v3.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_vfy.d.tmp -MT crypto/x509/x509_vfy.o -c -o crypto/x509/x509_vfy.o crypto/x509/x509_vfy.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_vpm.d.tmp -MT crypto/x509/x509_vpm.o -c -o crypto/x509/x509_vpm.o crypto/x509/x509_vpm.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509cset.d.tmp -MT crypto/x509/x509cset.o -c -o crypto/x509/x509cset.o crypto/x509/x509cset.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509name.d.tmp -MT crypto/x509/x509name.o -c -o crypto/x509/x509name.o crypto/x509/x509name.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509rset.d.tmp -MT crypto/x509/x509rset.o -c -o crypto/x509/x509rset.o crypto/x509/x509rset.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509spki.d.tmp -MT crypto/x509/x509spki.o -c -o crypto/x509/x509spki.o crypto/x509/x509spki.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509type.d.tmp -MT crypto/x509/x509type.o -c -o crypto/x509/x509type.o crypto/x509/x509type.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_all.d.tmp -MT crypto/x509/x_all.o -c -o crypto/x509/x_all.o crypto/x509/x_all.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_attrib.d.tmp -MT crypto/x509/x_attrib.o -c -o crypto/x509/x_attrib.o crypto/x509/x_attrib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_crl.d.tmp -MT crypto/x509/x_crl.o -c -o crypto/x509/x_crl.o crypto/x509/x_crl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_exten.d.tmp -MT crypto/x509/x_exten.o -c -o crypto/x509/x_exten.o crypto/x509/x_exten.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_name.d.tmp -MT crypto/x509/x_name.o -c -o crypto/x509/x_name.o crypto/x509/x_name.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_pubkey.d.tmp -MT crypto/x509/x_pubkey.o -c -o crypto/x509/x_pubkey.o crypto/x509/x_pubkey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_req.d.tmp -MT crypto/x509/x_req.o -c -o crypto/x509/x_req.o crypto/x509/x_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_x509.d.tmp -MT crypto/x509/x_x509.o -c -o crypto/x509/x_x509.o crypto/x509/x_x509.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_x509a.d.tmp -MT crypto/x509/x_x509a.o -c -o crypto/x509/x_x509a.o crypto/x509/x_x509a.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_cache.d.tmp -MT crypto/x509v3/pcy_cache.o -c -o crypto/x509v3/pcy_cache.o crypto/x509v3/pcy_cache.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_data.d.tmp -MT crypto/x509v3/pcy_data.o -c -o crypto/x509v3/pcy_data.o crypto/x509v3/pcy_data.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_lib.d.tmp -MT crypto/x509v3/pcy_lib.o -c -o crypto/x509v3/pcy_lib.o crypto/x509v3/pcy_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_map.d.tmp -MT crypto/x509v3/pcy_map.o -c -o crypto/x509v3/pcy_map.o crypto/x509v3/pcy_map.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_node.d.tmp -MT crypto/x509v3/pcy_node.o -c -o crypto/x509v3/pcy_node.o crypto/x509v3/pcy_node.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_tree.d.tmp -MT crypto/x509v3/pcy_tree.o -c -o crypto/x509v3/pcy_tree.o crypto/x509v3/pcy_tree.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_addr.d.tmp -MT crypto/x509v3/v3_addr.o -c -o crypto/x509v3/v3_addr.o crypto/x509v3/v3_addr.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_admis.d.tmp -MT crypto/x509v3/v3_admis.o -c -o crypto/x509v3/v3_admis.o crypto/x509v3/v3_admis.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_akey.d.tmp -MT crypto/x509v3/v3_akey.o -c -o crypto/x509v3/v3_akey.o crypto/x509v3/v3_akey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_akeya.d.tmp -MT crypto/x509v3/v3_akeya.o -c -o crypto/x509v3/v3_akeya.o crypto/x509v3/v3_akeya.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_alt.d.tmp -MT crypto/x509v3/v3_alt.o -c -o crypto/x509v3/v3_alt.o crypto/x509v3/v3_alt.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_asid.d.tmp -MT crypto/x509v3/v3_asid.o -c -o crypto/x509v3/v3_asid.o crypto/x509v3/v3_asid.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_bcons.d.tmp -MT crypto/x509v3/v3_bcons.o -c -o crypto/x509v3/v3_bcons.o crypto/x509v3/v3_bcons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_bitst.d.tmp -MT crypto/x509v3/v3_bitst.o -c -o crypto/x509v3/v3_bitst.o crypto/x509v3/v3_bitst.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_conf.d.tmp -MT crypto/x509v3/v3_conf.o -c -o crypto/x509v3/v3_conf.o crypto/x509v3/v3_conf.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_cpols.d.tmp -MT crypto/x509v3/v3_cpols.o -c -o crypto/x509v3/v3_cpols.o crypto/x509v3/v3_cpols.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_crld.d.tmp -MT crypto/x509v3/v3_crld.o -c -o crypto/x509v3/v3_crld.o crypto/x509v3/v3_crld.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_enum.d.tmp -MT crypto/x509v3/v3_enum.o -c -o crypto/x509v3/v3_enum.o crypto/x509v3/v3_enum.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_extku.d.tmp -MT crypto/x509v3/v3_extku.o -c -o crypto/x509v3/v3_extku.o crypto/x509v3/v3_extku.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_genn.d.tmp -MT crypto/x509v3/v3_genn.o -c -o crypto/x509v3/v3_genn.o crypto/x509v3/v3_genn.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_ia5.d.tmp -MT crypto/x509v3/v3_ia5.o -c -o crypto/x509v3/v3_ia5.o crypto/x509v3/v3_ia5.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_info.d.tmp -MT crypto/x509v3/v3_info.o -c -o crypto/x509v3/v3_info.o crypto/x509v3/v3_info.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_int.d.tmp -MT crypto/x509v3/v3_int.o -c -o crypto/x509v3/v3_int.o crypto/x509v3/v3_int.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_lib.d.tmp -MT crypto/x509v3/v3_lib.o -c -o crypto/x509v3/v3_lib.o crypto/x509v3/v3_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_ncons.d.tmp -MT crypto/x509v3/v3_ncons.o -c -o crypto/x509v3/v3_ncons.o crypto/x509v3/v3_ncons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pci.d.tmp -MT crypto/x509v3/v3_pci.o -c -o crypto/x509v3/v3_pci.o crypto/x509v3/v3_pci.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pcia.d.tmp -MT crypto/x509v3/v3_pcia.o -c -o crypto/x509v3/v3_pcia.o crypto/x509v3/v3_pcia.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pcons.d.tmp -MT crypto/x509v3/v3_pcons.o -c -o crypto/x509v3/v3_pcons.o crypto/x509v3/v3_pcons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pku.d.tmp -MT crypto/x509v3/v3_pku.o -c -o crypto/x509v3/v3_pku.o crypto/x509v3/v3_pku.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pmaps.d.tmp -MT crypto/x509v3/v3_pmaps.o -c -o crypto/x509v3/v3_pmaps.o crypto/x509v3/v3_pmaps.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_prn.d.tmp -MT crypto/x509v3/v3_prn.o -c -o crypto/x509v3/v3_prn.o crypto/x509v3/v3_prn.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_purp.d.tmp -MT crypto/x509v3/v3_purp.o -c -o crypto/x509v3/v3_purp.o crypto/x509v3/v3_purp.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_skey.d.tmp -MT crypto/x509v3/v3_skey.o -c -o crypto/x509v3/v3_skey.o crypto/x509v3/v3_skey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_sxnet.d.tmp -MT crypto/x509v3/v3_sxnet.o -c -o crypto/x509v3/v3_sxnet.o crypto/x509v3/v3_sxnet.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_tlsf.d.tmp -MT crypto/x509v3/v3_tlsf.o -c -o crypto/x509v3/v3_tlsf.o crypto/x509v3/v3_tlsf.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_utl.d.tmp -MT crypto/x509v3/v3_utl.o -c -o crypto/x509v3/v3_utl.o crypto/x509v3/v3_utl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3err.d.tmp -MT crypto/x509v3/v3err.o -c -o crypto/x509v3/v3err.o crypto/x509v3/v3err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF engines/e_capi.d.tmp -MT engines/e_capi.o -c -o engines/e_capi.o engines/e_capi.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF engines/e_padlock.d.tmp -MT engines/e_padlock.o -c -o engines/e_padlock.o engines/e_padlock.c
mips64-octeon-linux-gnu-ar r libcrypto.a crypto/aes/aes-mips.o crypto/aes/aes_cbc.o crypto/aes/aes_cfb.o crypto/aes/aes_ecb.o crypto/aes/aes_ige.o crypto/aes/aes_misc.o crypto/aes/aes_ofb.o crypto/aes/aes_wrap.o crypto/aria/aria.o crypto/asn1/a_bitstr.o crypto/asn1/a_d2i_fp.o crypto/asn1/a_digest.o crypto/asn1/a_dup.o crypto/asn1/a_gentm.o crypto/asn1/a_i2d_fp.o crypto/asn1/a_int.o crypto/asn1/a_mbstr.o crypto/asn1/a_object.o crypto/asn1/a_octet.o crypto/asn1/a_print.o crypto/asn1/a_sign.o crypto/asn1/a_strex.o crypto/asn1/a_strnid.o crypto/asn1/a_time.o crypto/asn1/a_type.o crypto/asn1/a_utctm.o crypto/asn1/a_utf8.o crypto/asn1/a_verify.o crypto/asn1/ameth_lib.o crypto/asn1/asn1_err.o crypto/asn1/asn1_gen.o crypto/asn1/asn1_item_list.o crypto/asn1/asn1_lib.o crypto/asn1/asn1_par.o crypto/asn1/asn_mime.o crypto/asn1/asn_moid.o crypto/asn1/asn_mstbl.o crypto/asn1/asn_pack.o crypto/asn1/bio_asn1.o crypto/asn1/bio_ndef.o crypto/asn1/d2i_pr.o crypto/asn1/d2i_pu.o crypto/asn1/evp_asn1.o crypto/asn1/f_int.o crypto/asn1/f_string.o crypto/asn1/i2d_pr.o crypto/asn1/i2d_pu.o crypto/asn1/n_pkey.o crypto/asn1/nsseq.o crypto/asn1/p5_pbe.o crypto/asn1/p5_pbev2.o crypto/asn1/p5_scrypt.o crypto/asn1/p8_pkey.o crypto/asn1/t_bitst.o crypto/asn1/t_pkey.o crypto/asn1/t_spki.o crypto/asn1/tasn_dec.o crypto/asn1/tasn_enc.o crypto/asn1/tasn_fre.o crypto/asn1/tasn_new.o crypto/asn1/tasn_prn.o crypto/asn1/tasn_scn.o crypto/asn1/tasn_typ.o crypto/asn1/tasn_utl.o crypto/asn1/x_algor.o crypto/asn1/x_bignum.o crypto/asn1/x_info.o crypto/asn1/x_int64.o crypto/asn1/x_long.o crypto/asn1/x_pkey.o crypto/asn1/x_sig.o crypto/asn1/x_spki.o crypto/asn1/x_val.o crypto/async/arch/async_null.o crypto/async/arch/async_posix.o crypto/async/arch/async_win.o crypto/async/async.o crypto/async/async_err.o crypto/async/async_wait.o crypto/bf/bf_cfb64.o crypto/bf/bf_ecb.o crypto/bf/bf_enc.o crypto/bf/bf_ofb64.o crypto/bf/bf_skey.o crypto/bio/b_addr.o crypto/bio/b_dump.o crypto/bio/b_print.o crypto/bio/b_sock.o crypto/bio/b_sock2.o crypto/bio/bf_buff.o crypto/bio/bf_lbuf.o crypto/bio/bf_nbio.o crypto/bio/bf_null.o crypto/bio/bio_cb.o crypto/bio/bio_err.o crypto/bio/bio_lib.o crypto/bio/bio_meth.o crypto/bio/bss_acpt.o crypto/bio/bss_bio.o crypto/bio/bss_conn.o crypto/bio/bss_dgram.o crypto/bio/bss_fd.o crypto/bio/bss_file.o crypto/bio/bss_log.o crypto/bio/bss_mem.o crypto/bio/bss_null.o crypto/bio/bss_sock.o crypto/blake2/blake2b.o crypto/blake2/blake2s.o crypto/blake2/m_blake2b.o crypto/blake2/m_blake2s.o crypto/bn/bn-mips.o crypto/bn/bn_add.o crypto/bn/bn_blind.o crypto/bn/bn_const.o crypto/bn/bn_ctx.o crypto/bn/bn_depr.o crypto/bn/bn_dh.o crypto/bn/bn_div.o crypto/bn/bn_err.o crypto/bn/bn_exp.o crypto/bn/bn_exp2.o crypto/bn/bn_gcd.o crypto/bn/bn_gf2m.o crypto/bn/bn_intern.o crypto/bn/bn_kron.o crypto/bn/bn_lib.o crypto/bn/bn_mod.o crypto/bn/bn_mont.o crypto/bn/bn_mpi.o crypto/bn/bn_mul.o crypto/bn/bn_nist.o crypto/bn/bn_prime.o crypto/bn/bn_print.o crypto/bn/bn_rand.o crypto/bn/bn_recp.o crypto/bn/bn_shift.o crypto/bn/bn_sqr.o crypto/bn/bn_sqrt.o crypto/bn/bn_srp.o crypto/bn/bn_word.o crypto/bn/bn_x931p.o crypto/bn/mips-mont.o crypto/buffer/buf_err.o crypto/buffer/buffer.o crypto/camellia/camellia.o crypto/camellia/cmll_cbc.o crypto/camellia/cmll_cfb.o crypto/camellia/cmll_ctr.o crypto/camellia/cmll_ecb.o crypto/camellia/cmll_misc.o crypto/camellia/cmll_ofb.o crypto/cast/c_cfb64.o crypto/cast/c_ecb.o crypto/cast/c_enc.o crypto/cast/c_ofb64.o crypto/cast/c_skey.o crypto/chacha/chacha_enc.o crypto/cmac/cm_ameth.o crypto/cmac/cm_pmeth.o crypto/cmac/cmac.o crypto/cms/cms_asn1.o crypto/cms/cms_att.o crypto/cms/cms_cd.o crypto/cms/cms_dd.o crypto/cms/cms_enc.o crypto/cms/cms_env.o crypto/cms/cms_err.o crypto/cms/cms_ess.o crypto/cms/cms_io.o crypto/cms/cms_kari.o crypto/cms/cms_lib.o crypto/cms/cms_pwri.o crypto/cms/cms_sd.o crypto/cms/cms_smime.o crypto/comp/c_zlib.o crypto/comp/comp_err.o crypto/comp/comp_lib.o crypto/conf/conf_api.o crypto/conf/conf_def.o crypto/conf/conf_err.o crypto/conf/conf_lib.o crypto/conf/conf_mall.o crypto/conf/conf_mod.o crypto/conf/conf_sap.o crypto/cpt_err.o crypto/cryptlib.o crypto/ct/ct_b64.o crypto/ct/ct_err.o crypto/ct/ct_log.o crypto/ct/ct_oct.o crypto/ct/ct_policy.o crypto/ct/ct_prn.o crypto/ct/ct_sct.o crypto/ct/ct_sct_ctx.o crypto/ct/ct_vfy.o crypto/ct/ct_x509v3.o crypto/ctype.o crypto/cversion.o crypto/des/cbc_cksm.o crypto/des/cbc_enc.o crypto/des/cfb64ede.o crypto/des/cfb64enc.o crypto/des/cfb_enc.o crypto/des/des_enc.o crypto/des/ecb3_enc.o crypto/des/ecb_enc.o crypto/des/fcrypt.o crypto/des/fcrypt_b.o crypto/des/ofb64ede.o crypto/des/ofb64enc.o crypto/des/ofb_enc.o crypto/des/pcbc_enc.o crypto/des/qud_cksm.o crypto/des/rand_key.o crypto/des/set_key.o crypto/des/str2key.o crypto/des/xcbc_enc.o crypto/dh/dh_ameth.o crypto/dh/dh_asn1.o crypto/dh/dh_check.o crypto/dh/dh_depr.o crypto/dh/dh_err.o crypto/dh/dh_gen.o crypto/dh/dh_kdf.o crypto/dh/dh_key.o crypto/dh/dh_lib.o crypto/dh/dh_meth.o crypto/dh/dh_pmeth.o crypto/dh/dh_prn.o crypto/dh/dh_rfc5114.o crypto/dh/dh_rfc7919.o crypto/dsa/dsa_ameth.o crypto/dsa/dsa_asn1.o crypto/dsa/dsa_depr.o crypto/dsa/dsa_err.o crypto/dsa/dsa_gen.o crypto/dsa/dsa_key.o crypto/dsa/dsa_lib.o crypto/dsa/dsa_meth.o crypto/dsa/dsa_ossl.o crypto/dsa/dsa_pmeth.o crypto/dsa/dsa_prn.o crypto/dsa/dsa_sign.o crypto/dsa/dsa_vrf.o crypto/dso/dso_dl.o crypto/dso/dso_dlfcn.o crypto/dso/dso_err.o crypto/dso/dso_lib.o crypto/dso/dso_openssl.o crypto/dso/dso_vms.o crypto/dso/dso_win32.o crypto/ebcdic.o crypto/ec/curve25519.o crypto/ec/ec2_mult.o crypto/ec/ec2_oct.o crypto/ec/ec2_smpl.o crypto/ec/ec_ameth.o crypto/ec/ec_asn1.o crypto/ec/ec_check.o crypto/ec/ec_curve.o crypto/ec/ec_cvt.o crypto/ec/ec_err.o crypto/ec/ec_key.o crypto/ec/ec_kmeth.o crypto/ec/ec_lib.o crypto/ec/ec_mult.o crypto/ec/ec_oct.o crypto/ec/ec_pmeth.o crypto/ec/ec_print.o crypto/ec/ecdh_kdf.o crypto/ec/ecdh_ossl.o crypto/ec/ecdsa_ossl.o crypto/ec/ecdsa_sign.o crypto/ec/ecdsa_vrf.o crypto/ec/eck_prn.o crypto/ec/ecp_mont.o crypto/ec/ecp_nist.o crypto/ec/ecp_nistp224.o crypto/ec/ecp_nistp256.o crypto/ec/ecp_nistp521.o crypto/ec/ecp_nistputil.o crypto/ec/ecp_oct.o crypto/ec/ecp_smpl.o crypto/ec/ecx_meth.o crypto/engine/eng_all.o crypto/engine/eng_cnf.o crypto/engine/eng_ctrl.o crypto/engine/eng_dyn.o crypto/engine/eng_err.o crypto/engine/eng_fat.o crypto/engine/eng_init.o crypto/engine/eng_lib.o crypto/engine/eng_list.o crypto/engine/eng_openssl.o crypto/engine/eng_pkey.o crypto/engine/eng_rdrand.o crypto/engine/eng_table.o crypto/engine/tb_asnmth.o crypto/engine/tb_cipher.o crypto/engine/tb_dh.o crypto/engine/tb_digest.o crypto/engine/tb_dsa.o crypto/engine/tb_eckey.o crypto/engine/tb_pkmeth.o crypto/engine/tb_rand.o crypto/engine/tb_rsa.o crypto/err/err.o crypto/err/err_all.o crypto/err/err_prn.o crypto/evp/bio_b64.o crypto/evp/bio_enc.o crypto/evp/bio_md.o crypto/evp/bio_ok.o crypto/evp/c_allc.o crypto/evp/c_alld.o crypto/evp/cmeth_lib.o crypto/evp/digest.o crypto/evp/e_aes.o crypto/evp/e_aes_cbc_hmac_sha1.o crypto/evp/e_aes_cbc_hmac_sha256.o crypto/evp/e_aria.o crypto/evp/e_bf.o crypto/evp/e_camellia.o crypto/evp/e_cast.o crypto/evp/e_chacha20_poly1305.o crypto/evp/e_des.o crypto/evp/e_des3.o crypto/evp/e_idea.o crypto/evp/e_null.o crypto/evp/e_old.o crypto/evp/e_rc2.o crypto/evp/e_rc4.o crypto/evp/e_rc4_hmac_md5.o crypto/evp/e_rc5.o crypto/evp/e_seed.o crypto/evp/e_sm4.o crypto/evp/e_xcbc_d.o crypto/evp/encode.o crypto/evp/evp_cnf.o crypto/evp/evp_enc.o crypto/evp/evp_err.o crypto/evp/evp_key.o crypto/evp/evp_lib.o crypto/evp/evp_pbe.o crypto/evp/evp_pkey.o crypto/evp/m_md2.o crypto/evp/m_md4.o crypto/evp/m_md5.o crypto/evp/m_md5_sha1.o crypto/evp/m_mdc2.o crypto/evp/m_null.o crypto/evp/m_ripemd.o crypto/evp/m_sha1.o crypto/evp/m_sha3.o crypto/evp/m_sigver.o crypto/evp/m_wp.o crypto/evp/names.o crypto/evp/p5_crpt.o crypto/evp/p5_crpt2.o crypto/evp/p_dec.o crypto/evp/p_enc.o crypto/evp/p_lib.o crypto/evp/p_open.o crypto/evp/p_seal.o crypto/evp/p_sign.o crypto/evp/p_verify.o crypto/evp/pbe_scrypt.o crypto/evp/pmeth_fn.o crypto/evp/pmeth_gn.o crypto/evp/pmeth_lib.o crypto/ex_data.o crypto/hmac/hm_ameth.o crypto/hmac/hm_pmeth.o crypto/hmac/hmac.o crypto/idea/i_cbc.o crypto/idea/i_cfb64.o crypto/idea/i_ecb.o crypto/idea/i_ofb64.o crypto/idea/i_skey.o crypto/init.o crypto/kdf/hkdf.o crypto/kdf/kdf_err.o crypto/kdf/scrypt.o crypto/kdf/tls1_prf.o crypto/lhash/lh_stats.o crypto/lhash/lhash.o crypto/md4/md4_dgst.o crypto/md4/md4_one.o crypto/md5/md5_dgst.o crypto/md5/md5_one.o crypto/mdc2/mdc2_one.o crypto/mdc2/mdc2dgst.o crypto/mem.o crypto/mem_clr.o crypto/mem_dbg.o crypto/mem_sec.o crypto/modes/cbc128.o crypto/modes/ccm128.o crypto/modes/cfb128.o crypto/modes/ctr128.o crypto/modes/cts128.o crypto/modes/gcm128.o crypto/modes/ocb128.o crypto/modes/ofb128.o crypto/modes/wrap128.o crypto/modes/xts128.o crypto/o_dir.o crypto/o_fips.o crypto/o_fopen.o crypto/o_init.o crypto/o_str.o crypto/o_time.o crypto/objects/o_names.o crypto/objects/obj_dat.o crypto/objects/obj_err.o crypto/objects/obj_lib.o crypto/objects/obj_xref.o crypto/ocsp/ocsp_asn.o crypto/ocsp/ocsp_cl.o crypto/ocsp/ocsp_err.o crypto/ocsp/ocsp_ext.o crypto/ocsp/ocsp_ht.o crypto/ocsp/ocsp_lib.o crypto/ocsp/ocsp_prn.o crypto/ocsp/ocsp_srv.o crypto/ocsp/ocsp_vfy.o crypto/ocsp/v3_ocsp.o crypto/pem/pem_all.o crypto/pem/pem_err.o crypto/pem/pem_info.o crypto/pem/pem_lib.o crypto/pem/pem_oth.o crypto/pem/pem_pk8.o crypto/pem/pem_pkey.o crypto/pem/pem_sign.o crypto/pem/pem_x509.o crypto/pem/pem_xaux.o crypto/pem/pvkfmt.o crypto/pkcs12/p12_add.o crypto/pkcs12/p12_asn.o crypto/pkcs12/p12_attr.o crypto/pkcs12/p12_crpt.o crypto/pkcs12/p12_crt.o crypto/pkcs12/p12_decr.o crypto/pkcs12/p12_init.o crypto/pkcs12/p12_key.o crypto/pkcs12/p12_kiss.o crypto/pkcs12/p12_mutl.o crypto/pkcs12/p12_npas.o crypto/pkcs12/p12_p8d.o crypto/pkcs12/p12_p8e.o crypto/pkcs12/p12_sbag.o crypto/pkcs12/p12_utl.o crypto/pkcs12/pk12err.o crypto/pkcs7/bio_pk7.o crypto/pkcs7/pk7_asn1.o crypto/pkcs7/pk7_attr.o crypto/pkcs7/pk7_doit.o crypto/pkcs7/pk7_lib.o crypto/pkcs7/pk7_mime.o crypto/pkcs7/pk7_smime.o crypto/pkcs7/pkcs7err.o crypto/poly1305/poly1305-mips.o crypto/poly1305/poly1305.o crypto/poly1305/poly1305_ameth.o crypto/poly1305/poly1305_pmeth.o crypto/rand/drbg_ctr.o crypto/rand/drbg_lib.o crypto/rand/rand_egd.o crypto/rand/rand_err.o crypto/rand/rand_lib.o crypto/rand/rand_unix.o crypto/rand/rand_vms.o crypto/rand/rand_win.o crypto/rand/randfile.o crypto/rc2/rc2_cbc.o crypto/rc2/rc2_ecb.o crypto/rc2/rc2_skey.o crypto/rc2/rc2cfb64.o crypto/rc2/rc2ofb64.o crypto/rc4/rc4_enc.o crypto/rc4/rc4_skey.o crypto/ripemd/rmd_dgst.o crypto/ripemd/rmd_one.o crypto/rsa/rsa_ameth.o crypto/rsa/rsa_asn1.o crypto/rsa/rsa_chk.o crypto/rsa/rsa_crpt.o crypto/rsa/rsa_depr.o crypto/rsa/rsa_err.o crypto/rsa/rsa_gen.o crypto/rsa/rsa_lib.o crypto/rsa/rsa_meth.o crypto/rsa/rsa_mp.o crypto/rsa/rsa_none.o crypto/rsa/rsa_oaep.o crypto/rsa/rsa_ossl.o crypto/rsa/rsa_pk1.o crypto/rsa/rsa_pmeth.o crypto/rsa/rsa_prn.o crypto/rsa/rsa_pss.o crypto/rsa/rsa_saos.o crypto/rsa/rsa_sign.o crypto/rsa/rsa_ssl.o crypto/rsa/rsa_x931.o crypto/rsa/rsa_x931g.o crypto/seed/seed.o crypto/seed/seed_cbc.o crypto/seed/seed_cfb.o crypto/seed/seed_ecb.o crypto/seed/seed_ofb.o crypto/sha/keccak1600.o crypto/sha/sha1-mips.o crypto/sha/sha1_one.o crypto/sha/sha1dgst.o crypto/sha/sha256-mips.o crypto/sha/sha256.o crypto/sha/sha512-mips.o crypto/sha/sha512.o crypto/siphash/siphash.o crypto/siphash/siphash_ameth.o crypto/siphash/siphash_pmeth.o crypto/sm3/m_sm3.o crypto/sm3/sm3.o crypto/sm4/sm4.o crypto/srp/srp_lib.o crypto/srp/srp_vfy.o crypto/stack/stack.o crypto/store/loader_file.o crypto/store/store_err.o crypto/store/store_init.o crypto/store/store_lib.o crypto/store/store_register.o crypto/store/store_strings.o crypto/threads_none.o crypto/threads_pthread.o crypto/threads_win.o crypto/ts/ts_asn1.o crypto/ts/ts_conf.o crypto/ts/ts_err.o crypto/ts/ts_lib.o crypto/ts/ts_req_print.o crypto/ts/ts_req_utils.o crypto/ts/ts_rsp_print.o crypto/ts/ts_rsp_sign.o crypto/ts/ts_rsp_utils.o crypto/ts/ts_rsp_verify.o crypto/ts/ts_verify_ctx.o crypto/txt_db/txt_db.o crypto/ui/ui_err.o crypto/ui/ui_lib.o crypto/ui/ui_null.o crypto/ui/ui_openssl.o crypto/ui/ui_util.o crypto/uid.o crypto/whrlpool/wp_block.o crypto/whrlpool/wp_dgst.o crypto/x509/by_dir.o crypto/x509/by_file.o crypto/x509/t_crl.o crypto/x509/t_req.o crypto/x509/t_x509.o crypto/x509/x509_att.o crypto/x509/x509_cmp.o crypto/x509/x509_d2.o crypto/x509/x509_def.o crypto/x509/x509_err.o crypto/x509/x509_ext.o crypto/x509/x509_lu.o crypto/x509/x509_obj.o crypto/x509/x509_r2x.o crypto/x509/x509_req.o crypto/x509/x509_set.o crypto/x509/x509_trs.o crypto/x509/x509_txt.o crypto/x509/x509_v3.o crypto/x509/x509_vfy.o crypto/x509/x509_vpm.o crypto/x509/x509cset.o crypto/x509/x509name.o crypto/x509/x509rset.o crypto/x509/x509spki.o crypto/x509/x509type.o crypto/x509/x_all.o crypto/x509/x_attrib.o crypto/x509/x_crl.o crypto/x509/x_exten.o crypto/x509/x_name.o crypto/x509/x_pubkey.o crypto/x509/x_req.o crypto/x509/x_x509.o crypto/x509/x_x509a.o crypto/x509v3/pcy_cache.o crypto/x509v3/pcy_data.o crypto/x509v3/pcy_lib.o crypto/x509v3/pcy_map.o crypto/x509v3/pcy_node.o crypto/x509v3/pcy_tree.o crypto/x509v3/v3_addr.o crypto/x509v3/v3_admis.o crypto/x509v3/v3_akey.o crypto/x509v3/v3_akeya.o crypto/x509v3/v3_alt.o crypto/x509v3/v3_asid.o crypto/x509v3/v3_bcons.o crypto/x509v3/v3_bitst.o crypto/x509v3/v3_conf.o crypto/x509v3/v3_cpols.o crypto/x509v3/v3_crld.o crypto/x509v3/v3_enum.o crypto/x509v3/v3_extku.o crypto/x509v3/v3_genn.o crypto/x509v3/v3_ia5.o crypto/x509v3/v3_info.o crypto/x509v3/v3_int.o crypto/x509v3/v3_lib.o crypto/x509v3/v3_ncons.o crypto/x509v3/v3_pci.o crypto/x509v3/v3_pcia.o crypto/x509v3/v3_pcons.o crypto/x509v3/v3_pku.o crypto/x509v3/v3_pmaps.o crypto/x509v3/v3_prn.o crypto/x509v3/v3_purp.o crypto/x509v3/v3_skey.o crypto/x509v3/v3_sxnet.o crypto/x509v3/v3_tlsf.o crypto/x509v3/v3_utl.o crypto/x509v3/v3err.o engines/e_capi.o engines/e_padlock.o
mips64-octeon-linux-gnu-ar: creating libcrypto.a
mips64-octeon-linux-gnu-ranlib libcrypto.a || echo Never mind.
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/bio_ssl.d.tmp -MT ssl/bio_ssl.o -c -o ssl/bio_ssl.o ssl/bio_ssl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_lib.d.tmp -MT ssl/d1_lib.o -c -o ssl/d1_lib.o ssl/d1_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_msg.d.tmp -MT ssl/d1_msg.o -c -o ssl/d1_msg.o ssl/d1_msg.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_srtp.d.tmp -MT ssl/d1_srtp.o -c -o ssl/d1_srtp.o ssl/d1_srtp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/methods.d.tmp -MT ssl/methods.o -c -o ssl/methods.o ssl/methods.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/packet.d.tmp -MT ssl/packet.o -c -o ssl/packet.o ssl/packet.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/pqueue.d.tmp -MT ssl/pqueue.o -c -o ssl/pqueue.o ssl/pqueue.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/dtls1_bitmap.d.tmp -MT ssl/record/dtls1_bitmap.o -c -o ssl/record/dtls1_bitmap.o ssl/record/dtls1_bitmap.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/rec_layer_d1.d.tmp -MT ssl/record/rec_layer_d1.o -c -o ssl/record/rec_layer_d1.o ssl/record/rec_layer_d1.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/rec_layer_s3.d.tmp -MT ssl/record/rec_layer_s3.o -c -o ssl/record/rec_layer_s3.o ssl/record/rec_layer_s3.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_buffer.d.tmp -MT ssl/record/ssl3_buffer.o -c -o ssl/record/ssl3_buffer.o ssl/record/ssl3_buffer.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_record.d.tmp -MT ssl/record/ssl3_record.o -c -o ssl/record/ssl3_record.o ssl/record/ssl3_record.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_record_tls13.d.tmp -MT ssl/record/ssl3_record_tls13.o -c -o ssl/record/ssl3_record_tls13.o ssl/record/ssl3_record_tls13.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_cbc.d.tmp -MT ssl/s3_cbc.o -c -o ssl/s3_cbc.o ssl/s3_cbc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_enc.d.tmp -MT ssl/s3_enc.o -c -o ssl/s3_enc.o ssl/s3_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_lib.d.tmp -MT ssl/s3_lib.o -c -o ssl/s3_lib.o ssl/s3_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_msg.d.tmp -MT ssl/s3_msg.o -c -o ssl/s3_msg.o ssl/s3_msg.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_asn1.d.tmp -MT ssl/ssl_asn1.o -c -o ssl/ssl_asn1.o ssl/ssl_asn1.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_cert.d.tmp -MT ssl/ssl_cert.o -c -o ssl/ssl_cert.o ssl/ssl_cert.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_ciph.d.tmp -MT ssl/ssl_ciph.o -c -o ssl/ssl_ciph.o ssl/ssl_ciph.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_conf.d.tmp -MT ssl/ssl_conf.o -c -o ssl/ssl_conf.o ssl/ssl_conf.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_err.d.tmp -MT ssl/ssl_err.o -c -o ssl/ssl_err.o ssl/ssl_err.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_init.d.tmp -MT ssl/ssl_init.o -c -o ssl/ssl_init.o ssl/ssl_init.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_lib.d.tmp -MT ssl/ssl_lib.o -c -o ssl/ssl_lib.o ssl/ssl_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_mcnf.d.tmp -MT ssl/ssl_mcnf.o -c -o ssl/ssl_mcnf.o ssl/ssl_mcnf.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_rsa.d.tmp -MT ssl/ssl_rsa.o -c -o ssl/ssl_rsa.o ssl/ssl_rsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_sess.d.tmp -MT ssl/ssl_sess.o -c -o ssl/ssl_sess.o ssl/ssl_sess.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_stat.d.tmp -MT ssl/ssl_stat.o -c -o ssl/ssl_stat.o ssl/ssl_stat.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_txt.d.tmp -MT ssl/ssl_txt.o -c -o ssl/ssl_txt.o ssl/ssl_txt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_utst.d.tmp -MT ssl/ssl_utst.o -c -o ssl/ssl_utst.o ssl/ssl_utst.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions.d.tmp -MT ssl/statem/extensions.o -c -o ssl/statem/extensions.o ssl/statem/extensions.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_clnt.d.tmp -MT ssl/statem/extensions_clnt.o -c -o ssl/statem/extensions_clnt.o ssl/statem/extensions_clnt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_cust.d.tmp -MT ssl/statem/extensions_cust.o -c -o ssl/statem/extensions_cust.o ssl/statem/extensions_cust.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_srvr.d.tmp -MT ssl/statem/extensions_srvr.o -c -o ssl/statem/extensions_srvr.o ssl/statem/extensions_srvr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem.d.tmp -MT ssl/statem/statem.o -c -o ssl/statem/statem.o ssl/statem/statem.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_clnt.d.tmp -MT ssl/statem/statem_clnt.o -c -o ssl/statem/statem_clnt.o ssl/statem/statem_clnt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_dtls.d.tmp -MT ssl/statem/statem_dtls.o -c -o ssl/statem/statem_dtls.o ssl/statem/statem_dtls.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_lib.d.tmp -MT ssl/statem/statem_lib.o -c -o ssl/statem/statem_lib.o ssl/statem/statem_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_srvr.d.tmp -MT ssl/statem/statem_srvr.o -c -o ssl/statem/statem_srvr.o ssl/statem/statem_srvr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_enc.d.tmp -MT ssl/t1_enc.o -c -o ssl/t1_enc.o ssl/t1_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_lib.d.tmp -MT ssl/t1_lib.o -c -o ssl/t1_lib.o ssl/t1_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_trce.d.tmp -MT ssl/t1_trce.o -c -o ssl/t1_trce.o ssl/t1_trce.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/tls13_enc.d.tmp -MT ssl/tls13_enc.o -c -o ssl/tls13_enc.o ssl/tls13_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/tls_srp.d.tmp -MT ssl/tls_srp.o -c -o ssl/tls_srp.o ssl/tls_srp.c
mips64-octeon-linux-gnu-ar r libssl.a ssl/bio_ssl.o ssl/d1_lib.o ssl/d1_msg.o ssl/d1_srtp.o ssl/methods.o ssl/packet.o ssl/pqueue.o ssl/record/dtls1_bitmap.o ssl/record/rec_layer_d1.o ssl/record/rec_layer_s3.o ssl/record/ssl3_buffer.o ssl/record/ssl3_record.o ssl/record/ssl3_record_tls13.o ssl/s3_cbc.o ssl/s3_enc.o ssl/s3_lib.o ssl/s3_msg.o ssl/ssl_asn1.o ssl/ssl_cert.o ssl/ssl_ciph.o ssl/ssl_conf.o ssl/ssl_err.o ssl/ssl_init.o ssl/ssl_lib.o ssl/ssl_mcnf.o ssl/ssl_rsa.o ssl/ssl_sess.o ssl/ssl_stat.o ssl/ssl_txt.o ssl/ssl_utst.o ssl/statem/extensions.o ssl/statem/extensions_clnt.o ssl/statem/extensions_cust.o ssl/statem/extensions_srvr.o ssl/statem/statem.o ssl/statem/statem_clnt.o ssl/statem/statem_dtls.o ssl/statem/statem_lib.o ssl/statem/statem_srvr.o ssl/t1_enc.o ssl/t1_lib.o ssl/t1_trce.o ssl/tls13_enc.o ssl/tls_srp.o
mips64-octeon-linux-gnu-ar: creating libssl.a
mips64-octeon-linux-gnu-ranlib libssl.a || echo Never mind.
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/basic_output.d.tmp -MT test/testutil/basic_output.o -c -o test/testutil/basic_output.o test/testutil/basic_output.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/cb.d.tmp -MT test/testutil/cb.o -c -o test/testutil/cb.o test/testutil/cb.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/driver.d.tmp -MT test/testutil/driver.o -c -o test/testutil/driver.o test/testutil/driver.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/format_output.d.tmp -MT test/testutil/format_output.o -c -o test/testutil/format_output.o test/testutil/format_output.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/init.d.tmp -MT test/testutil/init.o -c -o test/testutil/init.o test/testutil/init.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/main.d.tmp -MT test/testutil/main.o -c -o test/testutil/main.o test/testutil/main.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/output_helpers.d.tmp -MT test/testutil/output_helpers.o -c -o test/testutil/output_helpers.o test/testutil/output_helpers.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/stanza.d.tmp -MT test/testutil/stanza.o -c -o test/testutil/stanza.o test/testutil/stanza.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/tap_bio.d.tmp -MT test/testutil/tap_bio.o -c -o test/testutil/tap_bio.o test/testutil/tap_bio.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/test_cleanup.d.tmp -MT test/testutil/test_cleanup.o -c -o test/testutil/test_cleanup.o test/testutil/test_cleanup.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/tests.d.tmp -MT test/testutil/tests.o -c -o test/testutil/tests.o test/testutil/tests.c
mips64-octeon-linux-gnu-ar r test/libtestutil.a test/testutil/basic_output.o test/testutil/cb.o test/testutil/driver.o test/testutil/format_output.o test/testutil/init.o test/testutil/main.o test/testutil/output_helpers.o test/testutil/stanza.o test/testutil/tap_bio.o test/testutil/test_cleanup.o test/testutil/tests.o
mips64-octeon-linux-gnu-ar: creating test/libtestutil.a
mips64-octeon-linux-gnu-ranlib test/libtestutil.a || echo Never mind.
/usr/bin/perl apps/progs.pl apps/openssl > apps/progs.h
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/asn1pars.d.tmp -MT apps/asn1pars.o -c -o apps/asn1pars.o apps/asn1pars.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ca.d.tmp -MT apps/ca.o -c -o apps/ca.o apps/ca.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ciphers.d.tmp -MT apps/ciphers.o -c -o apps/ciphers.o apps/ciphers.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/cms.d.tmp -MT apps/cms.o -c -o apps/cms.o apps/cms.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/crl.d.tmp -MT apps/crl.o -c -o apps/crl.o apps/crl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/crl2p7.d.tmp -MT apps/crl2p7.o -c -o apps/crl2p7.o apps/crl2p7.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dgst.d.tmp -MT apps/dgst.o -c -o apps/dgst.o apps/dgst.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dhparam.d.tmp -MT apps/dhparam.o -c -o apps/dhparam.o apps/dhparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dsa.d.tmp -MT apps/dsa.o -c -o apps/dsa.o apps/dsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dsaparam.d.tmp -MT apps/dsaparam.o -c -o apps/dsaparam.o apps/dsaparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ec.d.tmp -MT apps/ec.o -c -o apps/ec.o apps/ec.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ecparam.d.tmp -MT apps/ecparam.o -c -o apps/ecparam.o apps/ecparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/enc.d.tmp -MT apps/enc.o -c -o apps/enc.o apps/enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/engine.d.tmp -MT apps/engine.o -c -o apps/engine.o apps/engine.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/errstr.d.tmp -MT apps/errstr.o -c -o apps/errstr.o apps/errstr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/gendsa.d.tmp -MT apps/gendsa.o -c -o apps/gendsa.o apps/gendsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/genpkey.d.tmp -MT apps/genpkey.o -c -o apps/genpkey.o apps/genpkey.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/genrsa.d.tmp -MT apps/genrsa.o -c -o apps/genrsa.o apps/genrsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/nseq.d.tmp -MT apps/nseq.o -c -o apps/nseq.o apps/nseq.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ocsp.d.tmp -MT apps/ocsp.o -c -o apps/ocsp.o apps/ocsp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/openssl.d.tmp -MT apps/openssl.o -c -o apps/openssl.o apps/openssl.c
apps/openssl.c: In function 'list_type':
apps/openssl.c:523: warning: 'dc.width' may be used uninitialized in this function
apps/openssl.c:523: warning: 'dc.columns' may be used uninitialized in this function
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/passwd.d.tmp -MT apps/passwd.o -c -o apps/passwd.o apps/passwd.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs12.d.tmp -MT apps/pkcs12.o -c -o apps/pkcs12.o apps/pkcs12.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs7.d.tmp -MT apps/pkcs7.o -c -o apps/pkcs7.o apps/pkcs7.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs8.d.tmp -MT apps/pkcs8.o -c -o apps/pkcs8.o apps/pkcs8.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkey.d.tmp -MT apps/pkey.o -c -o apps/pkey.o apps/pkey.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkeyparam.d.tmp -MT apps/pkeyparam.o -c -o apps/pkeyparam.o apps/pkeyparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkeyutl.d.tmp -MT apps/pkeyutl.o -c -o apps/pkeyutl.o apps/pkeyutl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/prime.d.tmp -MT apps/prime.o -c -o apps/prime.o apps/prime.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rand.d.tmp -MT apps/rand.o -c -o apps/rand.o apps/rand.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rehash.d.tmp -MT apps/rehash.o -c -o apps/rehash.o apps/rehash.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/req.d.tmp -MT apps/req.o -c -o apps/req.o apps/req.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rsa.d.tmp -MT apps/rsa.o -c -o apps/rsa.o apps/rsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rsautl.d.tmp -MT apps/rsautl.o -c -o apps/rsautl.o apps/rsautl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_client.d.tmp -MT apps/s_client.o -c -o apps/s_client.o apps/s_client.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_server.d.tmp -MT apps/s_server.o -c -o apps/s_server.o apps/s_server.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_time.d.tmp -MT apps/s_time.o -c -o apps/s_time.o apps/s_time.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/sess_id.d.tmp -MT apps/sess_id.o -c -o apps/sess_id.o apps/sess_id.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/smime.d.tmp -MT apps/smime.o -c -o apps/smime.o apps/smime.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/speed.d.tmp -MT apps/speed.o -c -o apps/speed.o apps/speed.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/spkac.d.tmp -MT apps/spkac.o -c -o apps/spkac.o apps/spkac.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/srp.d.tmp -MT apps/srp.o -c -o apps/srp.o apps/srp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/storeutl.d.tmp -MT apps/storeutl.o -c -o apps/storeutl.o apps/storeutl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ts.d.tmp -MT apps/ts.o -c -o apps/ts.o apps/ts.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/verify.d.tmp -MT apps/verify.o -c -o apps/verify.o apps/verify.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/version.d.tmp -MT apps/version.o -c -o apps/version.o apps/version.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/x509.d.tmp -MT apps/x509.o -c -o apps/x509.o apps/x509.c
rm -f apps/openssl
${LDCMD:-mips64-octeon-linux-gnu-gcc} -mips3 -Wall -O3 -pthread -mabi=n32 -L. \
-o apps/openssl apps/asn1pars.o apps/ca.o apps/ciphers.o apps/cms.o apps/crl.o apps/crl2p7.o apps/dgst.o apps/dhparam.o apps/dsa.o apps/dsaparam.o apps/ec.o apps/ecparam.o apps/enc.o apps/engine.o apps/errstr.o apps/gendsa.o apps/genpkey.o apps/genrsa.o apps/nseq.o apps/ocsp.o apps/openssl.o apps/passwd.o apps/pkcs12.o apps/pkcs7.o apps/pkcs8.o apps/pkey.o apps/pkeyparam.o apps/pkeyutl.o apps/prime.o apps/rand.o apps/rehash.o apps/req.o apps/rsa.o apps/rsautl.o apps/s_client.o apps/s_server.o apps/s_time.o apps/sess_id.o apps/smime.o apps/speed.o apps/spkac.o apps/srp.o apps/storeutl.o apps/ts.o apps/verify.o apps/version.o apps/x509.o \
apps/libapps.a -lssl -lcrypto -ldl -pthread
./libcrypto.a(async_posix.o): In function `ASYNC_is_capable':
async_posix.c:(.text+0x6c): warning: warning: getcontext is not implemented and will always fail
./libcrypto.a(async.o): In function `async_fibre_swapcontext':
async.c:(.text+0x2fc): warning: warning: setcontext is not implemented and will always fail
./libcrypto.a(async_posix.o): In function `async_fibre_makecontext':
async_posix.c:(.text+0x10c): warning: warning: makecontext is not implemented and will always fail
apps/speed.o: In function `speed_main':
speed.c:(.text+0x74bc): undefined reference to `CRYPTO_memcmp'
speed.c:(.text+0x74bc): relocation truncated to fit: R_MIPS_26 against `CRYPTO_memcmp'
./libssl.a(ssl3_record.o): In function `dtls1_process_record':
ssl3_record.c:(.text+0x1e14): undefined reference to `CRYPTO_memcmp'
ssl3_record.c:(.text+0x1f7c): undefined reference to `CRYPTO_memcmp'
./libssl.a(ssl3_record.o): In function `ssl3_get_record':
ssl3_record.c:(.text+0x2a88): undefined reference to `CRYPTO_memcmp'
ssl3_record.c:(.text+0x3210): undefined reference to `CRYPTO_memcmp'
./libssl.a(extensions.o):extensions.c:(.text+0xa84): more undefined references to `CRYPTO_memcmp' follow
./libcrypto.a(init.o): In function `ossl_init_base_ossl_':
init.c:(.text+0x8e0): undefined reference to `OPENSSL_cpuid_setup'
./libcrypto.a(gcm128.o): In function `CRYPTO_gcm128_finish':
gcm128.c:(.text+0x23cc): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(ocb128.o): In function `CRYPTO_ocb128_finish':
ocb128.c:(.text+0x144): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(wrap128.o): In function `CRYPTO_128_unwrap_pad':
wrap128.c:(.text+0x494): undefined reference to `CRYPTO_memcmp'
wrap128.c:(.text+0x588): undefined reference to `CRYPTO_memcmp'
wrap128.c:(.text+0x5b0): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(wrap128.o):wrap128.c:(.text+0x624): more undefined references to `CRYPTO_memcmp' follow
./libcrypto.a(rand_lib.o): In function `rand_drbg_get_additional_data':
rand_lib.c:(.text+0xedc): undefined reference to `OPENSSL_rdtsc'
rand_lib.c:(.text+0xf70): undefined reference to `OPENSSL_rdtsc'
./libcrypto.a(curve25519.o): In function `X25519':
curve25519.c:(.text+0x4e58): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(curve25519.o): In function `ge_frombytes_vartime':
curve25519.c:(.text+0x559c): undefined reference to `CRYPTO_memcmp'
curve25519.c:(.text+0x5754): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(curve25519.o): In function `ED25519_verify':
curve25519.c:(.text+0xdea8): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
eng_all.c:(.text+0x14): undefined reference to `OPENSSL_cpuid_setup'
./libcrypto.a(rsa_oaep.o): In function `RSA_padding_check_PKCS1_OAEP_mgf1':
rsa_oaep.c:(.text+0x4e0): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(dh_kdf.o): In function `DH_KDF_X9_42':
dh_kdf.c:(.text+0x35c): undefined reference to `CRYPTO_memcmp'
collect2: ld returned 1 exit status
make[1]: *** [apps/openssl] Error 1
make[1]: Leaving directory `
make: *** [all] Error 2
Build step 'Execute shell' marked build as failure
From no-reply at appveyor.com Wed Feb 7 10:56:01 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 07 Feb 2018 10:56:01 +0000
Subject: [openssl-commits] Build failed: openssl master.15410
Message-ID: <20180207105601.1.6FE0CE9115979AA1@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Wed Feb 7 12:06:21 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 07 Feb 2018 12:06:21 +0000
Subject: [openssl-commits] Build failed: openssl master.15411
Message-ID: <20180207120621.1.77B336A353AD17D2@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Wed Feb 7 12:27:07 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 07 Feb 2018 12:27:07 +0000
Subject: [openssl-commits] Build failed: openssl master.15412
Message-ID: <20180207122707.1.2CC3A6CB6ACEFD93@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Wed Feb 7 13:43:52 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 07 Feb 2018 13:43:52 +0000
Subject: [openssl-commits] Build completed: openssl master.15413
Message-ID: <20180207134352.1.C383B0D9C6B05FFE@appveyor.com>
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Wed Feb 7 14:24:02 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 07 Feb 2018 14:24:02 +0000
Subject: [openssl-commits] Build failed: openssl master.15416
Message-ID: <20180207142402.1.7D151858225F7C65@appveyor.com>
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Wed Feb 7 15:16:16 2018
From: levitte at openssl.org (Richard Levitte)
Date: Wed, 07 Feb 2018 15:16:16 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518016576.323391.5615.nullmailer@dev.openssl.org>
The branch master has been updated
via 3a7141df8768e797f42ed14027e974ea845aa20f (commit)
via 7d3901f6dbaace18c0307b1f6a20f38fe6a91807 (commit)
via 227a1e3f45bf06fdb00f2bdfb922f6f0d1f1d1de (commit)
from bed4afa81b9c94596cae44226e7506d9b07fe5a5 (commit)
- Log -----------------------------------------------------------------
commit 3a7141df8768e797f42ed14027e974ea845aa20f
Author: Richard Levitte
Date: Wed Feb 7 14:05:20 2018 +0100
Make all private functions in e_afalg.c static
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5270)
commit 7d3901f6dbaace18c0307b1f6a20f38fe6a91807
Author: Richard Levitte
Date: Wed Feb 7 14:02:49 2018 +0100
test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
The afalg engine was moved down from engines/afalg/ to engines/, but
the test wasn't changed accordingly. This was undetected because the
test program didn't fail when it couldn't load the engine.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5270)
commit 227a1e3f45bf06fdb00f2bdfb922f6f0d1f1d1de
Author: Richard Levitte
Date: Wed Feb 7 14:01:13 2018 +0100
Modify test/afalgtest to fail if the afalg engine couldn't be loaded
If you know that there's no afalg engine, don't run this test.
test/recipes/30-test_afalg.t checks this correctly.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5270)
-----------------------------------------------------------------------
Summary of changes:
engines/e_afalg.c | 10 +++++-----
test/afalgtest.c | 10 +++++-----
test/recipes/30-test_afalg.t | 2 +-
3 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/engines/e_afalg.c b/engines/e_afalg.c
index 49b0173..da035b5 100644
--- a/engines/e_afalg.c
+++ b/engines/e_afalg.c
@@ -79,7 +79,7 @@ static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype,
static int afalg_destroy(ENGINE *e);
static int afalg_init(ENGINE *e);
static int afalg_finish(ENGINE *e);
-const EVP_CIPHER *afalg_aes_cbc(int nid);
+static const EVP_CIPHER *afalg_aes_cbc(int nid);
static cbc_handles *get_cipher_handle(int nid);
static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
const int **nids, int nid);
@@ -195,7 +195,7 @@ static int afalg_setup_async_event_notification(afalg_aio *aio)
return 1;
}
-int afalg_init_aio(afalg_aio *aio)
+static int afalg_init_aio(afalg_aio *aio)
{
int r = -1;
@@ -215,8 +215,8 @@ int afalg_init_aio(afalg_aio *aio)
return 1;
}
-int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf,
- size_t len)
+static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf,
+ size_t len)
{
int r;
int retry = 0;
@@ -658,7 +658,7 @@ static cbc_handles *get_cipher_handle(int nid)
}
}
-const EVP_CIPHER *afalg_aes_cbc(int nid)
+static const EVP_CIPHER *afalg_aes_cbc(int nid)
{
cbc_handles *cipher_handle = get_cipher_handle(nid);
if (cipher_handle->_hidden == NULL
diff --git a/test/afalgtest.c b/test/afalgtest.c
index adb2977..bf90545 100644
--- a/test/afalgtest.c
+++ b/test/afalgtest.c
@@ -128,14 +128,14 @@ int global_init(void)
int setup_tests(void)
{
#ifndef OPENSSL_NO_ENGINE
- if ((e = ENGINE_by_id("afalg")) == NULL) {
+ if (!TEST_ptr(e = ENGINE_by_id("afalg"))) {
/* Probably a platform env issue, not a test failure. */
- TEST_info("Can't load AFALG engine");
- } else {
+ TEST_info("Can't load AFALG engine, you might want to check $OPENSSL_ENGINES");
+ return 0;
+ }
# ifndef OPENSSL_NO_AFALGENG
- ADD_ALL_TESTS(test_afalg_aes_cbc, 3);
+ ADD_ALL_TESTS(test_afalg_aes_cbc, 3);
# endif
- }
#endif
return 1;
diff --git a/test/recipes/30-test_afalg.t b/test/recipes/30-test_afalg.t
index c8cb67b..cf8a68f 100644
--- a/test/recipes/30-test_afalg.t
+++ b/test/recipes/30-test_afalg.t
@@ -18,6 +18,6 @@ plan skip_all => "$test_name not supported for this build"
plan tests => 1;
-$ENV{OPENSSL_ENGINES} = bldtop_dir("engines/afalg");
+$ENV{OPENSSL_ENGINES} = bldtop_dir("engines");
ok(run(test(["afalgtest"])), "running afalgtest");
From no-reply at appveyor.com Wed Feb 7 15:24:46 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Wed, 07 Feb 2018 15:24:46 +0000
Subject: [openssl-commits] Build failed: openssl master.15420
Message-ID: <20180207152446.1.CCE12A6DDB06795B@appveyor.com>
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Wed Feb 7 15:48:34 2018
From: builds at travis-ci.org (Travis CI)
Date: Wed, 07 Feb 2018 15:48:34 +0000
Subject: [openssl-commits] Broken: openssl/openssl#16130 (master - 3a7141d)
In-Reply-To:
Message-ID: <5a7b1fd244c6_43fcab5981e98925118@2f9f8493-5923-4fd4-9822-27587e4bd149.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16130
Status: Broken
Duration: 31 minutes and 10 seconds
Commit: 3a7141d (master)
Author: Richard Levitte
Message: Make all private functions in e_afalg.c static
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5270)
View the changeset: https://github.com/openssl/openssl/compare/bed4afa81b9c...3a7141df8768
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/338544691?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Wed Feb 7 21:17:16 2018
From: levitte at openssl.org (Richard Levitte)
Date: Wed, 07 Feb 2018 21:17:16 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518038236.237500.29882.nullmailer@dev.openssl.org>
The branch master has been updated
via 048ebccb8840f7abd90adc59654d959feb25715b (commit)
via cb7b7275683655537c63e42b5e3ef3d7045e4104 (commit)
from 3a7141df8768e797f42ed14027e974ea845aa20f (commit)
- Log -----------------------------------------------------------------
commit 048ebccb8840f7abd90adc59654d959feb25715b
Author: Richard Levitte
Date: Wed Feb 7 19:40:19 2018 +0100
make update ERROR_REBUILD=-rebuild
Reviewed-by: Rich Salz
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/openssl/pull/5275)
commit cb7b7275683655537c63e42b5e3ef3d7045e4104
Author: Richard Levitte
Date: Wed Feb 7 19:23:39 2018 +0100
mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
If a module is disablable (i.e. can be configured with 'no-FOO'), the
resulting header file needs to be guarded with a check of the
corresponding OPENSSL_NO_FOO. While this seem fairly innocuous, it
has an impact on the information in util/*.num, generated by mkdef.pl.
Reviewed-by: Rich Salz
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/openssl/pull/5275)
-----------------------------------------------------------------------
Summary of changes:
Configurations/unix-Makefile.tmpl | 7 +-
include/internal/dsoerr.h | 117 +++++-----
include/openssl/cmserr.h | 339 ++++++++++++++---------------
include/openssl/comperr.h | 29 +--
include/openssl/cterr.h | 103 ++++-----
include/openssl/dherr.h | 117 +++++-----
include/openssl/dsaerr.h | 83 ++++----
include/openssl/ecerr.h | 433 +++++++++++++++++++-------------------
include/openssl/engineerr.h | 161 +++++++-------
include/openssl/ocsperr.h | 99 ++++-----
include/openssl/tserr.h | 207 +++++++++---------
util/mkerr.pl | 33 ++-
12 files changed, 899 insertions(+), 829 deletions(-)
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index 3dd66b8..9e05fd1 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -674,10 +674,11 @@ generate_fuzz_oids:
ERROR_REBUILD=
errors:
( cd $(SRCDIR); $(PERL) util/ck_errf.pl -strict */*.c */*/*.c )
- ( cd $(SRCDIR); $(PERL) util/mkerr.pl $(ERROR_REBUILD) -internal )
- ( cd $(SRCDIR)/engines; \
+ ( b=`pwd`; cd $(SRCDIR); \
+ $(PERL) -I$$b util/mkerr.pl $(ERROR_REBUILD) -internal )
+ ( b=`pwd`; cd $(SRCDIR)/engines; \
for E in *.ec ; do \
- $(PERL) ../util/mkerr.pl $(ERROR_REBUILD) -static \
+ $(PERL) -I$$b ../util/mkerr.pl $(ERROR_REBUILD) -static \
-conf $$E `basename $$E .ec`.c ; \
done )
diff --git a/include/internal/dsoerr.h b/include/internal/dsoerr.h
index 9f1ebf6..7017990 100644
--- a/include/internal/dsoerr.h
+++ b/include/internal/dsoerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,71 +11,76 @@
#ifndef HEADER_DSOERR_H
# define HEADER_DSOERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_DSO
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_DSO_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* DSO function codes.
*/
-# define DSO_F_DLFCN_BIND_FUNC 100
-# define DSO_F_DLFCN_LOAD 102
-# define DSO_F_DLFCN_MERGER 130
-# define DSO_F_DLFCN_NAME_CONVERTER 123
-# define DSO_F_DLFCN_UNLOAD 103
-# define DSO_F_DL_BIND_FUNC 104
-# define DSO_F_DL_LOAD 106
-# define DSO_F_DL_MERGER 131
-# define DSO_F_DL_NAME_CONVERTER 124
-# define DSO_F_DL_UNLOAD 107
-# define DSO_F_DSO_BIND_FUNC 108
-# define DSO_F_DSO_CONVERT_FILENAME 126
-# define DSO_F_DSO_CTRL 110
-# define DSO_F_DSO_FREE 111
-# define DSO_F_DSO_GET_FILENAME 127
-# define DSO_F_DSO_GLOBAL_LOOKUP 139
-# define DSO_F_DSO_LOAD 112
-# define DSO_F_DSO_MERGE 132
-# define DSO_F_DSO_NEW_METHOD 113
-# define DSO_F_DSO_PATHBYADDR 105
-# define DSO_F_DSO_SET_FILENAME 129
-# define DSO_F_DSO_UP_REF 114
-# define DSO_F_VMS_BIND_SYM 115
-# define DSO_F_VMS_LOAD 116
-# define DSO_F_VMS_MERGER 133
-# define DSO_F_VMS_UNLOAD 117
-# define DSO_F_WIN32_BIND_FUNC 101
-# define DSO_F_WIN32_GLOBALLOOKUP 142
-# define DSO_F_WIN32_JOINER 135
-# define DSO_F_WIN32_LOAD 120
-# define DSO_F_WIN32_MERGER 134
-# define DSO_F_WIN32_NAME_CONVERTER 125
-# define DSO_F_WIN32_PATHBYADDR 109
-# define DSO_F_WIN32_SPLITTER 136
-# define DSO_F_WIN32_UNLOAD 121
+# define DSO_F_DLFCN_BIND_FUNC 100
+# define DSO_F_DLFCN_LOAD 102
+# define DSO_F_DLFCN_MERGER 130
+# define DSO_F_DLFCN_NAME_CONVERTER 123
+# define DSO_F_DLFCN_UNLOAD 103
+# define DSO_F_DL_BIND_FUNC 104
+# define DSO_F_DL_LOAD 106
+# define DSO_F_DL_MERGER 131
+# define DSO_F_DL_NAME_CONVERTER 124
+# define DSO_F_DL_UNLOAD 107
+# define DSO_F_DSO_BIND_FUNC 108
+# define DSO_F_DSO_CONVERT_FILENAME 126
+# define DSO_F_DSO_CTRL 110
+# define DSO_F_DSO_FREE 111
+# define DSO_F_DSO_GET_FILENAME 127
+# define DSO_F_DSO_GLOBAL_LOOKUP 139
+# define DSO_F_DSO_LOAD 112
+# define DSO_F_DSO_MERGE 132
+# define DSO_F_DSO_NEW_METHOD 113
+# define DSO_F_DSO_PATHBYADDR 105
+# define DSO_F_DSO_SET_FILENAME 129
+# define DSO_F_DSO_UP_REF 114
+# define DSO_F_VMS_BIND_SYM 115
+# define DSO_F_VMS_LOAD 116
+# define DSO_F_VMS_MERGER 133
+# define DSO_F_VMS_UNLOAD 117
+# define DSO_F_WIN32_BIND_FUNC 101
+# define DSO_F_WIN32_GLOBALLOOKUP 142
+# define DSO_F_WIN32_JOINER 135
+# define DSO_F_WIN32_LOAD 120
+# define DSO_F_WIN32_MERGER 134
+# define DSO_F_WIN32_NAME_CONVERTER 125
+# define DSO_F_WIN32_PATHBYADDR 109
+# define DSO_F_WIN32_SPLITTER 136
+# define DSO_F_WIN32_UNLOAD 121
/*
* DSO reason codes.
*/
-# define DSO_R_CTRL_FAILED 100
-# define DSO_R_DSO_ALREADY_LOADED 110
-# define DSO_R_EMPTY_FILE_STRUCTURE 113
-# define DSO_R_FAILURE 114
-# define DSO_R_FILENAME_TOO_BIG 101
-# define DSO_R_FINISH_FAILED 102
-# define DSO_R_INCORRECT_FILE_SYNTAX 115
-# define DSO_R_LOAD_FAILED 103
-# define DSO_R_NAME_TRANSLATION_FAILED 109
-# define DSO_R_NO_FILENAME 111
-# define DSO_R_NULL_HANDLE 104
-# define DSO_R_SET_FILENAME_FAILED 112
-# define DSO_R_STACK_ERROR 105
-# define DSO_R_SYM_FAILURE 106
-# define DSO_R_UNLOAD_FAILED 107
-# define DSO_R_UNSUPPORTED 108
+# define DSO_R_CTRL_FAILED 100
+# define DSO_R_DSO_ALREADY_LOADED 110
+# define DSO_R_EMPTY_FILE_STRUCTURE 113
+# define DSO_R_FAILURE 114
+# define DSO_R_FILENAME_TOO_BIG 101
+# define DSO_R_FINISH_FAILED 102
+# define DSO_R_INCORRECT_FILE_SYNTAX 115
+# define DSO_R_LOAD_FAILED 103
+# define DSO_R_NAME_TRANSLATION_FAILED 109
+# define DSO_R_NO_FILENAME 111
+# define DSO_R_NULL_HANDLE 104
+# define DSO_R_SET_FILENAME_FAILED 112
+# define DSO_R_STACK_ERROR 105
+# define DSO_R_SYM_FAILURE 106
+# define DSO_R_UNLOAD_FAILED 107
+# define DSO_R_UNSUPPORTED 108
+# endif
#endif
diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h
index a599590..7cb2242 100644
--- a/include/openssl/cmserr.h
+++ b/include/openssl/cmserr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,182 +11,187 @@
#ifndef HEADER_CMSERR_H
# define HEADER_CMSERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_CMS
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_CMS_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* CMS function codes.
*/
-# define CMS_F_CHECK_CONTENT 99
-# define CMS_F_CMS_ADD0_CERT 164
-# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
-# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
-# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
-# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
-# define CMS_F_CMS_ADD1_SIGNER 102
-# define CMS_F_CMS_ADD1_SIGNINGTIME 103
-# define CMS_F_CMS_COMPRESS 104
-# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
-# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
-# define CMS_F_CMS_COPY_CONTENT 107
-# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
-# define CMS_F_CMS_DATA 109
-# define CMS_F_CMS_DATAFINAL 110
-# define CMS_F_CMS_DATAINIT 111
-# define CMS_F_CMS_DECRYPT 112
-# define CMS_F_CMS_DECRYPT_SET1_KEY 113
-# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
-# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
-# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
-# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
-# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
-# define CMS_F_CMS_DIGEST_VERIFY 118
-# define CMS_F_CMS_ENCODE_RECEIPT 161
-# define CMS_F_CMS_ENCRYPT 119
-# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
-# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
-# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
-# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
-# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
-# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
-# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
-# define CMS_F_CMS_ENV_ASN1_CTRL 171
-# define CMS_F_CMS_FINAL 127
-# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
-# define CMS_F_CMS_GET0_CONTENT 129
-# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
-# define CMS_F_CMS_GET0_ENVELOPED 131
-# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
-# define CMS_F_CMS_GET0_SIGNED 133
-# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
-# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
-# define CMS_F_CMS_RECEIPT_VERIFY 160
-# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
-# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
-# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
-# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
-# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
-# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
-# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
-# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
-# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
-# define CMS_F_CMS_SD_ASN1_CTRL 170
-# define CMS_F_CMS_SET1_IAS 176
-# define CMS_F_CMS_SET1_KEYID 177
-# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
-# define CMS_F_CMS_SET_DETACHED 147
-# define CMS_F_CMS_SIGN 148
-# define CMS_F_CMS_SIGNED_DATA_INIT 149
-# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
-# define CMS_F_CMS_SIGNERINFO_SIGN 151
-# define CMS_F_CMS_SIGNERINFO_VERIFY 152
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
-# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
-# define CMS_F_CMS_SIGN_RECEIPT 163
-# define CMS_F_CMS_STREAM 155
-# define CMS_F_CMS_UNCOMPRESS 156
-# define CMS_F_CMS_VERIFY 157
+# define CMS_F_CHECK_CONTENT 99
+# define CMS_F_CMS_ADD0_CERT 164
+# define CMS_F_CMS_ADD0_RECIPIENT_KEY 100
+# define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 165
+# define CMS_F_CMS_ADD1_RECEIPTREQUEST 158
+# define CMS_F_CMS_ADD1_RECIPIENT_CERT 101
+# define CMS_F_CMS_ADD1_SIGNER 102
+# define CMS_F_CMS_ADD1_SIGNINGTIME 103
+# define CMS_F_CMS_COMPRESS 104
+# define CMS_F_CMS_COMPRESSEDDATA_CREATE 105
+# define CMS_F_CMS_COMPRESSEDDATA_INIT_BIO 106
+# define CMS_F_CMS_COPY_CONTENT 107
+# define CMS_F_CMS_COPY_MESSAGEDIGEST 108
+# define CMS_F_CMS_DATA 109
+# define CMS_F_CMS_DATAFINAL 110
+# define CMS_F_CMS_DATAINIT 111
+# define CMS_F_CMS_DECRYPT 112
+# define CMS_F_CMS_DECRYPT_SET1_KEY 113
+# define CMS_F_CMS_DECRYPT_SET1_PASSWORD 166
+# define CMS_F_CMS_DECRYPT_SET1_PKEY 114
+# define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 115
+# define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 116
+# define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 117
+# define CMS_F_CMS_DIGEST_VERIFY 118
+# define CMS_F_CMS_ENCODE_RECEIPT 161
+# define CMS_F_CMS_ENCRYPT 119
+# define CMS_F_CMS_ENCRYPTEDCONTENT_INIT_BIO 120
+# define CMS_F_CMS_ENCRYPTEDDATA_DECRYPT 121
+# define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 122
+# define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 123
+# define CMS_F_CMS_ENVELOPEDDATA_CREATE 124
+# define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 125
+# define CMS_F_CMS_ENVELOPED_DATA_INIT 126
+# define CMS_F_CMS_ENV_ASN1_CTRL 171
+# define CMS_F_CMS_FINAL 127
+# define CMS_F_CMS_GET0_CERTIFICATE_CHOICES 128
+# define CMS_F_CMS_GET0_CONTENT 129
+# define CMS_F_CMS_GET0_ECONTENT_TYPE 130
+# define CMS_F_CMS_GET0_ENVELOPED 131
+# define CMS_F_CMS_GET0_REVOCATION_CHOICES 132
+# define CMS_F_CMS_GET0_SIGNED 133
+# define CMS_F_CMS_MSGSIGDIGEST_ADD1 162
+# define CMS_F_CMS_RECEIPTREQUEST_CREATE0 159
+# define CMS_F_CMS_RECEIPT_VERIFY 160
+# define CMS_F_CMS_RECIPIENTINFO_DECRYPT 134
+# define CMS_F_CMS_RECIPIENTINFO_ENCRYPT 169
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT 178
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ALG 175
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_ORIG_ID 173
+# define CMS_F_CMS_RECIPIENTINFO_KARI_GET0_REKS 172
+# define CMS_F_CMS_RECIPIENTINFO_KARI_ORIG_ID_CMP 174
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_DECRYPT 135
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ENCRYPT 136
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_GET0_ID 137
+# define CMS_F_CMS_RECIPIENTINFO_KEKRI_ID_CMP 138
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_CERT_CMP 139
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_DECRYPT 140
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_ENCRYPT 141
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_ALGS 142
+# define CMS_F_CMS_RECIPIENTINFO_KTRI_GET0_SIGNER_ID 143
+# define CMS_F_CMS_RECIPIENTINFO_PWRI_CRYPT 167
+# define CMS_F_CMS_RECIPIENTINFO_SET0_KEY 144
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PASSWORD 168
+# define CMS_F_CMS_RECIPIENTINFO_SET0_PKEY 145
+# define CMS_F_CMS_SD_ASN1_CTRL 170
+# define CMS_F_CMS_SET1_IAS 176
+# define CMS_F_CMS_SET1_KEYID 177
+# define CMS_F_CMS_SET1_SIGNERIDENTIFIER 146
+# define CMS_F_CMS_SET_DETACHED 147
+# define CMS_F_CMS_SIGN 148
+# define CMS_F_CMS_SIGNED_DATA_INIT 149
+# define CMS_F_CMS_SIGNERINFO_CONTENT_SIGN 150
+# define CMS_F_CMS_SIGNERINFO_SIGN 151
+# define CMS_F_CMS_SIGNERINFO_VERIFY 152
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CERT 153
+# define CMS_F_CMS_SIGNERINFO_VERIFY_CONTENT 154
+# define CMS_F_CMS_SIGN_RECEIPT 163
+# define CMS_F_CMS_STREAM 155
+# define CMS_F_CMS_UNCOMPRESS 156
+# define CMS_F_CMS_VERIFY 157
/*
* CMS reason codes.
*/
-# define CMS_R_ADD_SIGNER_ERROR 99
-# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
-# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
-# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
-# define CMS_R_CIPHER_INITIALISATION_ERROR 101
-# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
-# define CMS_R_CMS_DATAFINAL_ERROR 103
-# define CMS_R_CMS_LIB 104
-# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
-# define CMS_R_CONTENT_NOT_FOUND 105
-# define CMS_R_CONTENT_TYPE_MISMATCH 171
-# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
-# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
-# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
-# define CMS_R_CONTENT_VERIFY_ERROR 109
-# define CMS_R_CTRL_ERROR 110
-# define CMS_R_CTRL_FAILURE 111
-# define CMS_R_DECRYPT_ERROR 112
-# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
-# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
-# define CMS_R_ERROR_SETTING_KEY 115
-# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
-# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
-# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
-# define CMS_R_INVALID_KEY_LENGTH 118
-# define CMS_R_MD_BIO_INIT_ERROR 119
-# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
-# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
-# define CMS_R_MSGSIGDIGEST_ERROR 172
-# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
-# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
-# define CMS_R_NEED_ONE_SIGNER 164
-# define CMS_R_NOT_A_SIGNED_RECEIPT 165
-# define CMS_R_NOT_ENCRYPTED_DATA 122
-# define CMS_R_NOT_KEK 123
-# define CMS_R_NOT_KEY_AGREEMENT 181
-# define CMS_R_NOT_KEY_TRANSPORT 124
-# define CMS_R_NOT_PWRI 177
-# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
-# define CMS_R_NO_CIPHER 126
-# define CMS_R_NO_CONTENT 127
-# define CMS_R_NO_CONTENT_TYPE 173
-# define CMS_R_NO_DEFAULT_DIGEST 128
-# define CMS_R_NO_DIGEST_SET 129
-# define CMS_R_NO_KEY 130
-# define CMS_R_NO_KEY_OR_CERT 174
-# define CMS_R_NO_MATCHING_DIGEST 131
-# define CMS_R_NO_MATCHING_RECIPIENT 132
-# define CMS_R_NO_MATCHING_SIGNATURE 166
-# define CMS_R_NO_MSGSIGDIGEST 167
-# define CMS_R_NO_PASSWORD 178
-# define CMS_R_NO_PRIVATE_KEY 133
-# define CMS_R_NO_PUBLIC_KEY 134
-# define CMS_R_NO_RECEIPT_REQUEST 168
-# define CMS_R_NO_SIGNERS 135
-# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
-# define CMS_R_RECEIPT_DECODE_ERROR 169
-# define CMS_R_RECIPIENT_ERROR 137
-# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
-# define CMS_R_SIGNFINAL_ERROR 139
-# define CMS_R_SMIME_TEXT_ERROR 140
-# define CMS_R_STORE_INIT_ERROR 141
-# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
-# define CMS_R_TYPE_NOT_DATA 143
-# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
-# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
-# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
-# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
-# define CMS_R_UNKNOWN_CIPHER 148
-# define CMS_R_UNKNOWN_DIGEST_ALGORITHM 149
-# define CMS_R_UNKNOWN_ID 150
-# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
-# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
-# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
-# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
-# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155
-# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
-# define CMS_R_UNSUPPORTED_TYPE 156
-# define CMS_R_UNWRAP_ERROR 157
-# define CMS_R_UNWRAP_FAILURE 180
-# define CMS_R_VERIFICATION_FAILURE 158
-# define CMS_R_WRAP_ERROR 159
+# define CMS_R_ADD_SIGNER_ERROR 99
+# define CMS_R_CERTIFICATE_ALREADY_PRESENT 175
+# define CMS_R_CERTIFICATE_HAS_NO_KEYID 160
+# define CMS_R_CERTIFICATE_VERIFY_ERROR 100
+# define CMS_R_CIPHER_INITIALISATION_ERROR 101
+# define CMS_R_CIPHER_PARAMETER_INITIALISATION_ERROR 102
+# define CMS_R_CMS_DATAFINAL_ERROR 103
+# define CMS_R_CMS_LIB 104
+# define CMS_R_CONTENTIDENTIFIER_MISMATCH 170
+# define CMS_R_CONTENT_NOT_FOUND 105
+# define CMS_R_CONTENT_TYPE_MISMATCH 171
+# define CMS_R_CONTENT_TYPE_NOT_COMPRESSED_DATA 106
+# define CMS_R_CONTENT_TYPE_NOT_ENVELOPED_DATA 107
+# define CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA 108
+# define CMS_R_CONTENT_VERIFY_ERROR 109
+# define CMS_R_CTRL_ERROR 110
+# define CMS_R_CTRL_FAILURE 111
+# define CMS_R_DECRYPT_ERROR 112
+# define CMS_R_ERROR_GETTING_PUBLIC_KEY 113
+# define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114
+# define CMS_R_ERROR_SETTING_KEY 115
+# define CMS_R_ERROR_SETTING_RECIPIENTINFO 116
+# define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117
+# define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176
+# define CMS_R_INVALID_KEY_LENGTH 118
+# define CMS_R_MD_BIO_INIT_ERROR 119
+# define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120
+# define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121
+# define CMS_R_MSGSIGDIGEST_ERROR 172
+# define CMS_R_MSGSIGDIGEST_VERIFICATION_FAILURE 162
+# define CMS_R_MSGSIGDIGEST_WRONG_LENGTH 163
+# define CMS_R_NEED_ONE_SIGNER 164
+# define CMS_R_NOT_A_SIGNED_RECEIPT 165
+# define CMS_R_NOT_ENCRYPTED_DATA 122
+# define CMS_R_NOT_KEK 123
+# define CMS_R_NOT_KEY_AGREEMENT 181
+# define CMS_R_NOT_KEY_TRANSPORT 124
+# define CMS_R_NOT_PWRI 177
+# define CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 125
+# define CMS_R_NO_CIPHER 126
+# define CMS_R_NO_CONTENT 127
+# define CMS_R_NO_CONTENT_TYPE 173
+# define CMS_R_NO_DEFAULT_DIGEST 128
+# define CMS_R_NO_DIGEST_SET 129
+# define CMS_R_NO_KEY 130
+# define CMS_R_NO_KEY_OR_CERT 174
+# define CMS_R_NO_MATCHING_DIGEST 131
+# define CMS_R_NO_MATCHING_RECIPIENT 132
+# define CMS_R_NO_MATCHING_SIGNATURE 166
+# define CMS_R_NO_MSGSIGDIGEST 167
+# define CMS_R_NO_PASSWORD 178
+# define CMS_R_NO_PRIVATE_KEY 133
+# define CMS_R_NO_PUBLIC_KEY 134
+# define CMS_R_NO_RECEIPT_REQUEST 168
+# define CMS_R_NO_SIGNERS 135
+# define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136
+# define CMS_R_RECEIPT_DECODE_ERROR 169
+# define CMS_R_RECIPIENT_ERROR 137
+# define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138
+# define CMS_R_SIGNFINAL_ERROR 139
+# define CMS_R_SMIME_TEXT_ERROR 140
+# define CMS_R_STORE_INIT_ERROR 141
+# define CMS_R_TYPE_NOT_COMPRESSED_DATA 142
+# define CMS_R_TYPE_NOT_DATA 143
+# define CMS_R_TYPE_NOT_DIGESTED_DATA 144
+# define CMS_R_TYPE_NOT_ENCRYPTED_DATA 145
+# define CMS_R_TYPE_NOT_ENVELOPED_DATA 146
+# define CMS_R_UNABLE_TO_FINALIZE_CONTEXT 147
+# define CMS_R_UNKNOWN_CIPHER 148
+# define CMS_R_UNKNOWN_DIGEST_ALGORITHM 149
+# define CMS_R_UNKNOWN_ID 150
+# define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151
+# define CMS_R_UNSUPPORTED_CONTENT_TYPE 152
+# define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153
+# define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179
+# define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155
+# define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154
+# define CMS_R_UNSUPPORTED_TYPE 156
+# define CMS_R_UNWRAP_ERROR 157
+# define CMS_R_UNWRAP_FAILURE 180
+# define CMS_R_VERIFICATION_FAILURE 158
+# define CMS_R_WRAP_ERROR 159
+# endif
#endif
diff --git a/include/openssl/comperr.h b/include/openssl/comperr.h
index e6fe3f0..96a4ce6 100644
--- a/include/openssl/comperr.h
+++ b/include/openssl/comperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,27 +11,32 @@
#ifndef HEADER_COMPERR_H
# define HEADER_COMPERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_COMP
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_COMP_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* COMP function codes.
*/
-# define COMP_F_BIO_ZLIB_FLUSH 99
-# define COMP_F_BIO_ZLIB_NEW 100
-# define COMP_F_BIO_ZLIB_READ 101
-# define COMP_F_BIO_ZLIB_WRITE 102
+# define COMP_F_BIO_ZLIB_FLUSH 99
+# define COMP_F_BIO_ZLIB_NEW 100
+# define COMP_F_BIO_ZLIB_READ 101
+# define COMP_F_BIO_ZLIB_WRITE 102
/*
* COMP reason codes.
*/
-# define COMP_R_ZLIB_DEFLATE_ERROR 99
-# define COMP_R_ZLIB_INFLATE_ERROR 100
-# define COMP_R_ZLIB_NOT_SUPPORTED 101
+# define COMP_R_ZLIB_DEFLATE_ERROR 99
+# define COMP_R_ZLIB_INFLATE_ERROR 100
+# define COMP_R_ZLIB_NOT_SUPPORTED 101
+# endif
#endif
diff --git a/include/openssl/cterr.h b/include/openssl/cterr.h
index fc014cb..7f0a7d8 100644
--- a/include/openssl/cterr.h
+++ b/include/openssl/cterr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,64 +11,69 @@
#ifndef HEADER_CTERR_H
# define HEADER_CTERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_CT
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_CT_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* CT function codes.
*/
-# define CT_F_CTLOG_NEW 117
-# define CT_F_CTLOG_NEW_FROM_BASE64 118
-# define CT_F_CTLOG_NEW_FROM_CONF 119
-# define CT_F_CTLOG_STORE_LOAD_CTX_NEW 122
-# define CT_F_CTLOG_STORE_LOAD_FILE 123
-# define CT_F_CTLOG_STORE_LOAD_LOG 130
-# define CT_F_CTLOG_STORE_NEW 131
-# define CT_F_CT_BASE64_DECODE 124
-# define CT_F_CT_POLICY_EVAL_CTX_NEW 133
-# define CT_F_CT_V1_LOG_ID_FROM_PKEY 125
-# define CT_F_I2O_SCT 107
-# define CT_F_I2O_SCT_LIST 108
-# define CT_F_I2O_SCT_SIGNATURE 109
-# define CT_F_O2I_SCT 110
-# define CT_F_O2I_SCT_LIST 111
-# define CT_F_O2I_SCT_SIGNATURE 112
-# define CT_F_SCT_CTX_NEW 126
-# define CT_F_SCT_CTX_VERIFY 128
-# define CT_F_SCT_NEW 100
-# define CT_F_SCT_NEW_FROM_BASE64 127
-# define CT_F_SCT_SET0_LOG_ID 101
-# define CT_F_SCT_SET1_EXTENSIONS 114
-# define CT_F_SCT_SET1_LOG_ID 115
-# define CT_F_SCT_SET1_SIGNATURE 116
-# define CT_F_SCT_SET_LOG_ENTRY_TYPE 102
-# define CT_F_SCT_SET_SIGNATURE_NID 103
-# define CT_F_SCT_SET_VERSION 104
+# define CT_F_CTLOG_NEW 117
+# define CT_F_CTLOG_NEW_FROM_BASE64 118
+# define CT_F_CTLOG_NEW_FROM_CONF 119
+# define CT_F_CTLOG_STORE_LOAD_CTX_NEW 122
+# define CT_F_CTLOG_STORE_LOAD_FILE 123
+# define CT_F_CTLOG_STORE_LOAD_LOG 130
+# define CT_F_CTLOG_STORE_NEW 131
+# define CT_F_CT_BASE64_DECODE 124
+# define CT_F_CT_POLICY_EVAL_CTX_NEW 133
+# define CT_F_CT_V1_LOG_ID_FROM_PKEY 125
+# define CT_F_I2O_SCT 107
+# define CT_F_I2O_SCT_LIST 108
+# define CT_F_I2O_SCT_SIGNATURE 109
+# define CT_F_O2I_SCT 110
+# define CT_F_O2I_SCT_LIST 111
+# define CT_F_O2I_SCT_SIGNATURE 112
+# define CT_F_SCT_CTX_NEW 126
+# define CT_F_SCT_CTX_VERIFY 128
+# define CT_F_SCT_NEW 100
+# define CT_F_SCT_NEW_FROM_BASE64 127
+# define CT_F_SCT_SET0_LOG_ID 101
+# define CT_F_SCT_SET1_EXTENSIONS 114
+# define CT_F_SCT_SET1_LOG_ID 115
+# define CT_F_SCT_SET1_SIGNATURE 116
+# define CT_F_SCT_SET_LOG_ENTRY_TYPE 102
+# define CT_F_SCT_SET_SIGNATURE_NID 103
+# define CT_F_SCT_SET_VERSION 104
/*
* CT reason codes.
*/
-# define CT_R_BASE64_DECODE_ERROR 108
-# define CT_R_INVALID_LOG_ID_LENGTH 100
-# define CT_R_LOG_CONF_INVALID 109
-# define CT_R_LOG_CONF_INVALID_KEY 110
-# define CT_R_LOG_CONF_MISSING_DESCRIPTION 111
-# define CT_R_LOG_CONF_MISSING_KEY 112
-# define CT_R_LOG_KEY_INVALID 113
-# define CT_R_SCT_FUTURE_TIMESTAMP 116
-# define CT_R_SCT_INVALID 104
-# define CT_R_SCT_INVALID_SIGNATURE 107
-# define CT_R_SCT_LIST_INVALID 105
-# define CT_R_SCT_LOG_ID_MISMATCH 114
-# define CT_R_SCT_NOT_SET 106
-# define CT_R_SCT_UNSUPPORTED_VERSION 115
-# define CT_R_UNRECOGNIZED_SIGNATURE_NID 101
-# define CT_R_UNSUPPORTED_ENTRY_TYPE 102
-# define CT_R_UNSUPPORTED_VERSION 103
+# define CT_R_BASE64_DECODE_ERROR 108
+# define CT_R_INVALID_LOG_ID_LENGTH 100
+# define CT_R_LOG_CONF_INVALID 109
+# define CT_R_LOG_CONF_INVALID_KEY 110
+# define CT_R_LOG_CONF_MISSING_DESCRIPTION 111
+# define CT_R_LOG_CONF_MISSING_KEY 112
+# define CT_R_LOG_KEY_INVALID 113
+# define CT_R_SCT_FUTURE_TIMESTAMP 116
+# define CT_R_SCT_INVALID 104
+# define CT_R_SCT_INVALID_SIGNATURE 107
+# define CT_R_SCT_LIST_INVALID 105
+# define CT_R_SCT_LOG_ID_MISMATCH 114
+# define CT_R_SCT_NOT_SET 106
+# define CT_R_SCT_UNSUPPORTED_VERSION 115
+# define CT_R_UNRECOGNIZED_SIGNATURE_NID 101
+# define CT_R_UNSUPPORTED_ENTRY_TYPE 102
+# define CT_R_UNSUPPORTED_VERSION 103
+# endif
#endif
diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
index ddec341..f225cc3 100644
--- a/include/openssl/dherr.h
+++ b/include/openssl/dherr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,71 +11,76 @@
#ifndef HEADER_DHERR_H
# define HEADER_DHERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_DH
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_DH_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* DH function codes.
*/
-# define DH_F_COMPUTE_KEY 102
-# define DH_F_DHPARAMS_PRINT_FP 101
-# define DH_F_DH_BUILTIN_GENPARAMS 106
-# define DH_F_DH_CHECK_EX 121
-# define DH_F_DH_CHECK_PARAMS_EX 122
-# define DH_F_DH_CHECK_PUB_KEY_EX 123
-# define DH_F_DH_CMS_DECRYPT 114
-# define DH_F_DH_CMS_SET_PEERKEY 115
-# define DH_F_DH_CMS_SET_SHARED_INFO 116
-# define DH_F_DH_METH_DUP 117
-# define DH_F_DH_METH_NEW 118
-# define DH_F_DH_METH_SET1_NAME 119
-# define DH_F_DH_NEW_BY_NID 104
-# define DH_F_DH_NEW_METHOD 105
-# define DH_F_DH_PARAM_DECODE 107
-# define DH_F_DH_PKEY_PUBLIC_CHECK 124
-# define DH_F_DH_PRIV_DECODE 110
-# define DH_F_DH_PRIV_ENCODE 111
-# define DH_F_DH_PUB_DECODE 108
-# define DH_F_DH_PUB_ENCODE 109
-# define DH_F_DO_DH_PRINT 100
-# define DH_F_GENERATE_KEY 103
-# define DH_F_PKEY_DH_CTRL_STR 120
-# define DH_F_PKEY_DH_DERIVE 112
-# define DH_F_PKEY_DH_KEYGEN 113
+# define DH_F_COMPUTE_KEY 102
+# define DH_F_DHPARAMS_PRINT_FP 101
+# define DH_F_DH_BUILTIN_GENPARAMS 106
+# define DH_F_DH_CHECK_EX 121
+# define DH_F_DH_CHECK_PARAMS_EX 122
+# define DH_F_DH_CHECK_PUB_KEY_EX 123
+# define DH_F_DH_CMS_DECRYPT 114
+# define DH_F_DH_CMS_SET_PEERKEY 115
+# define DH_F_DH_CMS_SET_SHARED_INFO 116
+# define DH_F_DH_METH_DUP 117
+# define DH_F_DH_METH_NEW 118
+# define DH_F_DH_METH_SET1_NAME 119
+# define DH_F_DH_NEW_BY_NID 104
+# define DH_F_DH_NEW_METHOD 105
+# define DH_F_DH_PARAM_DECODE 107
+# define DH_F_DH_PKEY_PUBLIC_CHECK 124
+# define DH_F_DH_PRIV_DECODE 110
+# define DH_F_DH_PRIV_ENCODE 111
+# define DH_F_DH_PUB_DECODE 108
+# define DH_F_DH_PUB_ENCODE 109
+# define DH_F_DO_DH_PRINT 100
+# define DH_F_GENERATE_KEY 103
+# define DH_F_PKEY_DH_CTRL_STR 120
+# define DH_F_PKEY_DH_DERIVE 112
+# define DH_F_PKEY_DH_KEYGEN 113
/*
* DH reason codes.
*/
-# define DH_R_BAD_GENERATOR 101
-# define DH_R_BN_DECODE_ERROR 109
-# define DH_R_BN_ERROR 106
-# define DH_R_CHECK_INVALID_J_VALUE 115
-# define DH_R_CHECK_INVALID_Q_VALUE 116
-# define DH_R_CHECK_PUBKEY_INVALID 122
-# define DH_R_CHECK_PUBKEY_TOO_LARGE 123
-# define DH_R_CHECK_PUBKEY_TOO_SMALL 124
-# define DH_R_CHECK_P_NOT_PRIME 117
-# define DH_R_CHECK_P_NOT_SAFE_PRIME 118
-# define DH_R_CHECK_Q_NOT_PRIME 119
-# define DH_R_DECODE_ERROR 104
-# define DH_R_INVALID_PARAMETER_NAME 110
-# define DH_R_INVALID_PARAMETER_NID 114
-# define DH_R_INVALID_PUBKEY 102
-# define DH_R_KDF_PARAMETER_ERROR 112
-# define DH_R_KEYS_NOT_SET 108
-# define DH_R_MISSING_PUBKEY 125
-# define DH_R_MODULUS_TOO_LARGE 103
-# define DH_R_NOT_SUITABLE_GENERATOR 120
-# define DH_R_NO_PARAMETERS_SET 107
-# define DH_R_NO_PRIVATE_VALUE 100
-# define DH_R_PARAMETER_ENCODING_ERROR 105
-# define DH_R_PEER_KEY_ERROR 111
-# define DH_R_SHARED_INFO_ERROR 113
-# define DH_R_UNABLE_TO_CHECK_GENERATOR 121
+# define DH_R_BAD_GENERATOR 101
+# define DH_R_BN_DECODE_ERROR 109
+# define DH_R_BN_ERROR 106
+# define DH_R_CHECK_INVALID_J_VALUE 115
+# define DH_R_CHECK_INVALID_Q_VALUE 116
+# define DH_R_CHECK_PUBKEY_INVALID 122
+# define DH_R_CHECK_PUBKEY_TOO_LARGE 123
+# define DH_R_CHECK_PUBKEY_TOO_SMALL 124
+# define DH_R_CHECK_P_NOT_PRIME 117
+# define DH_R_CHECK_P_NOT_SAFE_PRIME 118
+# define DH_R_CHECK_Q_NOT_PRIME 119
+# define DH_R_DECODE_ERROR 104
+# define DH_R_INVALID_PARAMETER_NAME 110
+# define DH_R_INVALID_PARAMETER_NID 114
+# define DH_R_INVALID_PUBKEY 102
+# define DH_R_KDF_PARAMETER_ERROR 112
+# define DH_R_KEYS_NOT_SET 108
+# define DH_R_MISSING_PUBKEY 125
+# define DH_R_MODULUS_TOO_LARGE 103
+# define DH_R_NOT_SUITABLE_GENERATOR 120
+# define DH_R_NO_PARAMETERS_SET 107
+# define DH_R_NO_PRIVATE_VALUE 100
+# define DH_R_PARAMETER_ENCODING_ERROR 105
+# define DH_R_PEER_KEY_ERROR 111
+# define DH_R_SHARED_INFO_ERROR 113
+# define DH_R_UNABLE_TO_CHECK_GENERATOR 121
+# endif
#endif
diff --git a/include/openssl/dsaerr.h b/include/openssl/dsaerr.h
index 357c226..d54642f 100644
--- a/include/openssl/dsaerr.h
+++ b/include/openssl/dsaerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,54 +11,59 @@
#ifndef HEADER_DSAERR_H
# define HEADER_DSAERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_DSA
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_DSA_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* DSA function codes.
*/
-# define DSA_F_DSAPARAMS_PRINT 100
-# define DSA_F_DSAPARAMS_PRINT_FP 101
-# define DSA_F_DSA_BUILTIN_PARAMGEN 125
-# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
-# define DSA_F_DSA_DO_SIGN 112
-# define DSA_F_DSA_DO_VERIFY 113
-# define DSA_F_DSA_METH_DUP 127
-# define DSA_F_DSA_METH_NEW 128
-# define DSA_F_DSA_METH_SET1_NAME 129
-# define DSA_F_DSA_NEW_METHOD 103
-# define DSA_F_DSA_PARAM_DECODE 119
-# define DSA_F_DSA_PRINT_FP 105
-# define DSA_F_DSA_PRIV_DECODE 115
-# define DSA_F_DSA_PRIV_ENCODE 116
-# define DSA_F_DSA_PUB_DECODE 117
-# define DSA_F_DSA_PUB_ENCODE 118
-# define DSA_F_DSA_SIGN 106
-# define DSA_F_DSA_SIGN_SETUP 107
-# define DSA_F_DSA_SIG_NEW 102
-# define DSA_F_OLD_DSA_PRIV_DECODE 122
-# define DSA_F_PKEY_DSA_CTRL 120
-# define DSA_F_PKEY_DSA_KEYGEN 121
+# define DSA_F_DSAPARAMS_PRINT 100
+# define DSA_F_DSAPARAMS_PRINT_FP 101
+# define DSA_F_DSA_BUILTIN_PARAMGEN 125
+# define DSA_F_DSA_BUILTIN_PARAMGEN2 126
+# define DSA_F_DSA_DO_SIGN 112
+# define DSA_F_DSA_DO_VERIFY 113
+# define DSA_F_DSA_METH_DUP 127
+# define DSA_F_DSA_METH_NEW 128
+# define DSA_F_DSA_METH_SET1_NAME 129
+# define DSA_F_DSA_NEW_METHOD 103
+# define DSA_F_DSA_PARAM_DECODE 119
+# define DSA_F_DSA_PRINT_FP 105
+# define DSA_F_DSA_PRIV_DECODE 115
+# define DSA_F_DSA_PRIV_ENCODE 116
+# define DSA_F_DSA_PUB_DECODE 117
+# define DSA_F_DSA_PUB_ENCODE 118
+# define DSA_F_DSA_SIGN 106
+# define DSA_F_DSA_SIGN_SETUP 107
+# define DSA_F_DSA_SIG_NEW 102
+# define DSA_F_OLD_DSA_PRIV_DECODE 122
+# define DSA_F_PKEY_DSA_CTRL 120
+# define DSA_F_PKEY_DSA_KEYGEN 121
/*
* DSA reason codes.
*/
-# define DSA_R_BAD_Q_VALUE 102
-# define DSA_R_BN_DECODE_ERROR 108
-# define DSA_R_BN_ERROR 109
-# define DSA_R_DECODE_ERROR 104
-# define DSA_R_INVALID_DIGEST_TYPE 106
-# define DSA_R_INVALID_PARAMETERS 112
-# define DSA_R_MISSING_PARAMETERS 101
-# define DSA_R_MODULUS_TOO_LARGE 103
-# define DSA_R_NO_PARAMETERS_SET 107
-# define DSA_R_PARAMETER_ENCODING_ERROR 105
-# define DSA_R_Q_NOT_PRIME 113
-# define DSA_R_SEED_LEN_SMALL 110
+# define DSA_R_BAD_Q_VALUE 102
+# define DSA_R_BN_DECODE_ERROR 108
+# define DSA_R_BN_ERROR 109
+# define DSA_R_DECODE_ERROR 104
+# define DSA_R_INVALID_DIGEST_TYPE 106
+# define DSA_R_INVALID_PARAMETERS 112
+# define DSA_R_MISSING_PARAMETERS 101
+# define DSA_R_MODULUS_TOO_LARGE 103
+# define DSA_R_NO_PARAMETERS_SET 107
+# define DSA_R_PARAMETER_ENCODING_ERROR 105
+# define DSA_R_Q_NOT_PRIME 113
+# define DSA_R_SEED_LEN_SMALL 110
+# endif
#endif
diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h
index ae48439..6dc16c0 100644
--- a/include/openssl/ecerr.h
+++ b/include/openssl/ecerr.h
@@ -11,230 +11,235 @@
#ifndef HEADER_ECERR_H
# define HEADER_ECERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_EC
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_EC_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* EC function codes.
*/
-# define EC_F_BN_TO_FELEM 224
-# define EC_F_D2I_ECPARAMETERS 144
-# define EC_F_D2I_ECPKPARAMETERS 145
-# define EC_F_D2I_ECPRIVATEKEY 146
-# define EC_F_DO_EC_KEY_PRINT 221
-# define EC_F_ECDH_CMS_DECRYPT 238
-# define EC_F_ECDH_CMS_SET_SHARED_INFO 239
-# define EC_F_ECDH_COMPUTE_KEY 246
-# define EC_F_ECDH_SIMPLE_COMPUTE_KEY 257
-# define EC_F_ECDSA_DO_SIGN_EX 251
-# define EC_F_ECDSA_DO_VERIFY 252
-# define EC_F_ECDSA_SIGN_EX 254
-# define EC_F_ECDSA_SIGN_SETUP 248
-# define EC_F_ECDSA_SIG_NEW 265
-# define EC_F_ECDSA_VERIFY 253
-# define EC_F_ECD_ITEM_VERIFY 270
-# define EC_F_ECKEY_PARAM2TYPE 223
-# define EC_F_ECKEY_PARAM_DECODE 212
-# define EC_F_ECKEY_PRIV_DECODE 213
-# define EC_F_ECKEY_PRIV_ENCODE 214
-# define EC_F_ECKEY_PUB_DECODE 215
-# define EC_F_ECKEY_PUB_ENCODE 216
-# define EC_F_ECKEY_TYPE2PARAM 220
-# define EC_F_ECPARAMETERS_PRINT 147
-# define EC_F_ECPARAMETERS_PRINT_FP 148
-# define EC_F_ECPKPARAMETERS_PRINT 149
-# define EC_F_ECPKPARAMETERS_PRINT_FP 150
-# define EC_F_ECP_NISTZ256_GET_AFFINE 240
-# define EC_F_ECP_NISTZ256_INV_MOD_ORD 275
-# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
-# define EC_F_ECP_NISTZ256_POINTS_MUL 241
-# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
-# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
-# define EC_F_ECX_KEY_OP 266
-# define EC_F_ECX_PRIV_ENCODE 267
-# define EC_F_ECX_PUB_ENCODE 268
-# define EC_F_EC_ASN1_GROUP2CURVE 153
-# define EC_F_EC_ASN1_GROUP2FIELDID 154
-# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
-# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
-# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
-# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160
-# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161
-# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
-# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
-# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164
-# define EC_F_EC_GFP_MONT_FIELD_DECODE 133
-# define EC_F_EC_GFP_MONT_FIELD_ENCODE 134
-# define EC_F_EC_GFP_MONT_FIELD_MUL 131
-# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
-# define EC_F_EC_GFP_MONT_FIELD_SQR 132
-# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
-# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
-# define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
-# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
-# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
-# define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
-# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
-# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
-# define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
-# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
-# define EC_F_EC_GFP_NIST_FIELD_MUL 200
-# define EC_F_EC_GFP_NIST_FIELD_SQR 201
-# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
-# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
-# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
-# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
-# define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
-# define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
-# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
-# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
-# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
-# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
-# define EC_F_EC_GROUP_CHECK 170
-# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
-# define EC_F_EC_GROUP_COPY 106
-# define EC_F_EC_GROUP_GET_CURVE_GF2M 172
-# define EC_F_EC_GROUP_GET_CURVE_GFP 130
-# define EC_F_EC_GROUP_GET_DEGREE 173
-# define EC_F_EC_GROUP_GET_ECPARAMETERS 261
-# define EC_F_EC_GROUP_GET_ECPKPARAMETERS 262
-# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
-# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
-# define EC_F_EC_GROUP_NEW 108
-# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174
-# define EC_F_EC_GROUP_NEW_FROM_DATA 175
-# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 263
-# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 264
-# define EC_F_EC_GROUP_SET_CURVE_GF2M 176
-# define EC_F_EC_GROUP_SET_CURVE_GFP 109
-# define EC_F_EC_GROUP_SET_GENERATOR 111
-# define EC_F_EC_KEY_CHECK_KEY 177
-# define EC_F_EC_KEY_COPY 178
-# define EC_F_EC_KEY_GENERATE_KEY 179
-# define EC_F_EC_KEY_NEW 182
-# define EC_F_EC_KEY_NEW_METHOD 245
-# define EC_F_EC_KEY_OCT2PRIV 255
-# define EC_F_EC_KEY_PRINT 180
-# define EC_F_EC_KEY_PRINT_FP 181
-# define EC_F_EC_KEY_PRIV2OCT 256
-# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
-# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 258
-# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 259
-# define EC_F_EC_KEY_SIMPLE_PRIV2OCT 260
-# define EC_F_EC_PKEY_CHECK 273
-# define EC_F_EC_PKEY_PARAM_CHECK 274
-# define EC_F_EC_POINTS_MAKE_AFFINE 136
-# define EC_F_EC_POINT_ADD 112
-# define EC_F_EC_POINT_CMP 113
-# define EC_F_EC_POINT_COPY 114
-# define EC_F_EC_POINT_DBL 115
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183
-# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116
-# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117
-# define EC_F_EC_POINT_INVERT 210
-# define EC_F_EC_POINT_IS_AT_INFINITY 118
-# define EC_F_EC_POINT_IS_ON_CURVE 119
-# define EC_F_EC_POINT_MAKE_AFFINE 120
-# define EC_F_EC_POINT_NEW 121
-# define EC_F_EC_POINT_OCT2POINT 122
-# define EC_F_EC_POINT_POINT2OCT 123
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185
-# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186
-# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
-# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
-# define EC_F_EC_POINT_SET_TO_INFINITY 127
-# define EC_F_EC_PRE_COMP_NEW 196
-# define EC_F_EC_WNAF_MUL 187
-# define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
-# define EC_F_I2D_ECPARAMETERS 190
-# define EC_F_I2D_ECPKPARAMETERS 191
-# define EC_F_I2D_ECPRIVATEKEY 192
-# define EC_F_I2O_ECPUBLICKEY 151
-# define EC_F_NISTP224_PRE_COMP_NEW 227
-# define EC_F_NISTP256_PRE_COMP_NEW 236
-# define EC_F_NISTP521_PRE_COMP_NEW 237
-# define EC_F_O2I_ECPUBLICKEY 152
-# define EC_F_OLD_EC_PRIV_DECODE 222
-# define EC_F_OSSL_ECDH_COMPUTE_KEY 247
-# define EC_F_OSSL_ECDSA_SIGN_SIG 249
-# define EC_F_OSSL_ECDSA_VERIFY_SIG 250
-# define EC_F_PKEY_ECD_CTRL 271
-# define EC_F_PKEY_ECD_DIGESTSIGN 272
-# define EC_F_PKEY_ECX_DERIVE 269
-# define EC_F_PKEY_EC_CTRL 197
-# define EC_F_PKEY_EC_CTRL_STR 198
-# define EC_F_PKEY_EC_DERIVE 217
-# define EC_F_PKEY_EC_KEYGEN 199
-# define EC_F_PKEY_EC_PARAMGEN 219
-# define EC_F_PKEY_EC_SIGN 218
+# define EC_F_BN_TO_FELEM 224
+# define EC_F_D2I_ECPARAMETERS 144
+# define EC_F_D2I_ECPKPARAMETERS 145
+# define EC_F_D2I_ECPRIVATEKEY 146
+# define EC_F_DO_EC_KEY_PRINT 221
+# define EC_F_ECDH_CMS_DECRYPT 238
+# define EC_F_ECDH_CMS_SET_SHARED_INFO 239
+# define EC_F_ECDH_COMPUTE_KEY 246
+# define EC_F_ECDH_SIMPLE_COMPUTE_KEY 257
+# define EC_F_ECDSA_DO_SIGN_EX 251
+# define EC_F_ECDSA_DO_VERIFY 252
+# define EC_F_ECDSA_SIGN_EX 254
+# define EC_F_ECDSA_SIGN_SETUP 248
+# define EC_F_ECDSA_SIG_NEW 265
+# define EC_F_ECDSA_VERIFY 253
+# define EC_F_ECD_ITEM_VERIFY 270
+# define EC_F_ECKEY_PARAM2TYPE 223
+# define EC_F_ECKEY_PARAM_DECODE 212
+# define EC_F_ECKEY_PRIV_DECODE 213
+# define EC_F_ECKEY_PRIV_ENCODE 214
+# define EC_F_ECKEY_PUB_DECODE 215
+# define EC_F_ECKEY_PUB_ENCODE 216
+# define EC_F_ECKEY_TYPE2PARAM 220
+# define EC_F_ECPARAMETERS_PRINT 147
+# define EC_F_ECPARAMETERS_PRINT_FP 148
+# define EC_F_ECPKPARAMETERS_PRINT 149
+# define EC_F_ECPKPARAMETERS_PRINT_FP 150
+# define EC_F_ECP_NISTZ256_GET_AFFINE 240
+# define EC_F_ECP_NISTZ256_INV_MOD_ORD 275
+# define EC_F_ECP_NISTZ256_MULT_PRECOMPUTE 243
+# define EC_F_ECP_NISTZ256_POINTS_MUL 241
+# define EC_F_ECP_NISTZ256_PRE_COMP_NEW 244
+# define EC_F_ECP_NISTZ256_WINDOWED_MUL 242
+# define EC_F_ECX_KEY_OP 266
+# define EC_F_ECX_PRIV_ENCODE 267
+# define EC_F_ECX_PUB_ENCODE 268
+# define EC_F_EC_ASN1_GROUP2CURVE 153
+# define EC_F_EC_ASN1_GROUP2FIELDID 154
+# define EC_F_EC_GF2M_MONTGOMERY_POINT_MULTIPLY 208
+# define EC_F_EC_GF2M_SIMPLE_GROUP_CHECK_DISCRIMINANT 159
+# define EC_F_EC_GF2M_SIMPLE_GROUP_SET_CURVE 195
+# define EC_F_EC_GF2M_SIMPLE_OCT2POINT 160
+# define EC_F_EC_GF2M_SIMPLE_POINT2OCT 161
+# define EC_F_EC_GF2M_SIMPLE_POINT_GET_AFFINE_COORDINATES 162
+# define EC_F_EC_GF2M_SIMPLE_POINT_SET_AFFINE_COORDINATES 163
+# define EC_F_EC_GF2M_SIMPLE_SET_COMPRESSED_COORDINATES 164
+# define EC_F_EC_GFP_MONT_FIELD_DECODE 133
+# define EC_F_EC_GFP_MONT_FIELD_ENCODE 134
+# define EC_F_EC_GFP_MONT_FIELD_MUL 131
+# define EC_F_EC_GFP_MONT_FIELD_SET_TO_ONE 209
+# define EC_F_EC_GFP_MONT_FIELD_SQR 132
+# define EC_F_EC_GFP_MONT_GROUP_SET_CURVE 189
+# define EC_F_EC_GFP_NISTP224_GROUP_SET_CURVE 225
+# define EC_F_EC_GFP_NISTP224_POINTS_MUL 228
+# define EC_F_EC_GFP_NISTP224_POINT_GET_AFFINE_COORDINATES 226
+# define EC_F_EC_GFP_NISTP256_GROUP_SET_CURVE 230
+# define EC_F_EC_GFP_NISTP256_POINTS_MUL 231
+# define EC_F_EC_GFP_NISTP256_POINT_GET_AFFINE_COORDINATES 232
+# define EC_F_EC_GFP_NISTP521_GROUP_SET_CURVE 233
+# define EC_F_EC_GFP_NISTP521_POINTS_MUL 234
+# define EC_F_EC_GFP_NISTP521_POINT_GET_AFFINE_COORDINATES 235
+# define EC_F_EC_GFP_NIST_FIELD_MUL 200
+# define EC_F_EC_GFP_NIST_FIELD_SQR 201
+# define EC_F_EC_GFP_NIST_GROUP_SET_CURVE 202
+# define EC_F_EC_GFP_SIMPLE_GROUP_CHECK_DISCRIMINANT 165
+# define EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE 166
+# define EC_F_EC_GFP_SIMPLE_MAKE_AFFINE 102
+# define EC_F_EC_GFP_SIMPLE_OCT2POINT 103
+# define EC_F_EC_GFP_SIMPLE_POINT2OCT 104
+# define EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE 137
+# define EC_F_EC_GFP_SIMPLE_POINT_GET_AFFINE_COORDINATES 167
+# define EC_F_EC_GFP_SIMPLE_POINT_SET_AFFINE_COORDINATES 168
+# define EC_F_EC_GFP_SIMPLE_SET_COMPRESSED_COORDINATES 169
+# define EC_F_EC_GROUP_CHECK 170
+# define EC_F_EC_GROUP_CHECK_DISCRIMINANT 171
+# define EC_F_EC_GROUP_COPY 106
+# define EC_F_EC_GROUP_GET_CURVE_GF2M 172
+# define EC_F_EC_GROUP_GET_CURVE_GFP 130
+# define EC_F_EC_GROUP_GET_DEGREE 173
+# define EC_F_EC_GROUP_GET_ECPARAMETERS 261
+# define EC_F_EC_GROUP_GET_ECPKPARAMETERS 262
+# define EC_F_EC_GROUP_GET_PENTANOMIAL_BASIS 193
+# define EC_F_EC_GROUP_GET_TRINOMIAL_BASIS 194
+# define EC_F_EC_GROUP_NEW 108
+# define EC_F_EC_GROUP_NEW_BY_CURVE_NAME 174
+# define EC_F_EC_GROUP_NEW_FROM_DATA 175
+# define EC_F_EC_GROUP_NEW_FROM_ECPARAMETERS 263
+# define EC_F_EC_GROUP_NEW_FROM_ECPKPARAMETERS 264
+# define EC_F_EC_GROUP_SET_CURVE_GF2M 176
+# define EC_F_EC_GROUP_SET_CURVE_GFP 109
+# define EC_F_EC_GROUP_SET_GENERATOR 111
+# define EC_F_EC_KEY_CHECK_KEY 177
+# define EC_F_EC_KEY_COPY 178
+# define EC_F_EC_KEY_GENERATE_KEY 179
+# define EC_F_EC_KEY_NEW 182
+# define EC_F_EC_KEY_NEW_METHOD 245
+# define EC_F_EC_KEY_OCT2PRIV 255
+# define EC_F_EC_KEY_PRINT 180
+# define EC_F_EC_KEY_PRINT_FP 181
+# define EC_F_EC_KEY_PRIV2OCT 256
+# define EC_F_EC_KEY_SET_PUBLIC_KEY_AFFINE_COORDINATES 229
+# define EC_F_EC_KEY_SIMPLE_CHECK_KEY 258
+# define EC_F_EC_KEY_SIMPLE_OCT2PRIV 259
+# define EC_F_EC_KEY_SIMPLE_PRIV2OCT 260
+# define EC_F_EC_PKEY_CHECK 273
+# define EC_F_EC_PKEY_PARAM_CHECK 274
+# define EC_F_EC_POINTS_MAKE_AFFINE 136
+# define EC_F_EC_POINT_ADD 112
+# define EC_F_EC_POINT_CMP 113
+# define EC_F_EC_POINT_COPY 114
+# define EC_F_EC_POINT_DBL 115
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GF2M 183
+# define EC_F_EC_POINT_GET_AFFINE_COORDINATES_GFP 116
+# define EC_F_EC_POINT_GET_JPROJECTIVE_COORDINATES_GFP 117
+# define EC_F_EC_POINT_INVERT 210
+# define EC_F_EC_POINT_IS_AT_INFINITY 118
+# define EC_F_EC_POINT_IS_ON_CURVE 119
+# define EC_F_EC_POINT_MAKE_AFFINE 120
+# define EC_F_EC_POINT_NEW 121
+# define EC_F_EC_POINT_OCT2POINT 122
+# define EC_F_EC_POINT_POINT2OCT 123
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GF2M 185
+# define EC_F_EC_POINT_SET_AFFINE_COORDINATES_GFP 124
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GF2M 186
+# define EC_F_EC_POINT_SET_COMPRESSED_COORDINATES_GFP 125
+# define EC_F_EC_POINT_SET_JPROJECTIVE_COORDINATES_GFP 126
+# define EC_F_EC_POINT_SET_TO_INFINITY 127
+# define EC_F_EC_PRE_COMP_NEW 196
+# define EC_F_EC_WNAF_MUL 187
+# define EC_F_EC_WNAF_PRECOMPUTE_MULT 188
+# define EC_F_I2D_ECPARAMETERS 190
+# define EC_F_I2D_ECPKPARAMETERS 191
+# define EC_F_I2D_ECPRIVATEKEY 192
+# define EC_F_I2O_ECPUBLICKEY 151
+# define EC_F_NISTP224_PRE_COMP_NEW 227
+# define EC_F_NISTP256_PRE_COMP_NEW 236
+# define EC_F_NISTP521_PRE_COMP_NEW 237
+# define EC_F_O2I_ECPUBLICKEY 152
+# define EC_F_OLD_EC_PRIV_DECODE 222
+# define EC_F_OSSL_ECDH_COMPUTE_KEY 247
+# define EC_F_OSSL_ECDSA_SIGN_SIG 249
+# define EC_F_OSSL_ECDSA_VERIFY_SIG 250
+# define EC_F_PKEY_ECD_CTRL 271
+# define EC_F_PKEY_ECD_DIGESTSIGN 272
+# define EC_F_PKEY_ECX_DERIVE 269
+# define EC_F_PKEY_EC_CTRL 197
+# define EC_F_PKEY_EC_CTRL_STR 198
+# define EC_F_PKEY_EC_DERIVE 217
+# define EC_F_PKEY_EC_KEYGEN 199
+# define EC_F_PKEY_EC_PARAMGEN 219
+# define EC_F_PKEY_EC_SIGN 218
/*
* EC reason codes.
*/
-# define EC_R_ASN1_ERROR 115
-# define EC_R_BAD_SIGNATURE 156
-# define EC_R_BIGNUM_OUT_OF_RANGE 144
-# define EC_R_BUFFER_TOO_SMALL 100
-# define EC_R_COORDINATES_OUT_OF_RANGE 146
-# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
-# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
-# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
-# define EC_R_DECODE_ERROR 142
-# define EC_R_DISCRIMINANT_IS_ZERO 118
-# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
-# define EC_R_FIELD_TOO_LARGE 143
-# define EC_R_GF2M_NOT_SUPPORTED 147
-# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
-# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
-# define EC_R_INCOMPATIBLE_OBJECTS 101
-# define EC_R_INVALID_ARGUMENT 112
-# define EC_R_INVALID_COMPRESSED_POINT 110
-# define EC_R_INVALID_COMPRESSION_BIT 109
-# define EC_R_INVALID_CURVE 141
-# define EC_R_INVALID_DIGEST 151
-# define EC_R_INVALID_DIGEST_TYPE 138
-# define EC_R_INVALID_ENCODING 102
-# define EC_R_INVALID_FIELD 103
-# define EC_R_INVALID_FORM 104
-# define EC_R_INVALID_GROUP_ORDER 122
-# define EC_R_INVALID_KEY 116
-# define EC_R_INVALID_OUTPUT_LENGTH 161
-# define EC_R_INVALID_PEER_KEY 133
-# define EC_R_INVALID_PENTANOMIAL_BASIS 132
-# define EC_R_INVALID_PRIVATE_KEY 123
-# define EC_R_INVALID_TRINOMIAL_BASIS 137
-# define EC_R_KDF_PARAMETER_ERROR 148
-# define EC_R_KEYS_NOT_SET 140
-# define EC_R_MISSING_PARAMETERS 124
-# define EC_R_MISSING_PRIVATE_KEY 125
-# define EC_R_NEED_NEW_SETUP_VALUES 157
-# define EC_R_NOT_A_NIST_PRIME 135
-# define EC_R_NOT_IMPLEMENTED 126
-# define EC_R_NOT_INITIALIZED 111
-# define EC_R_NO_PARAMETERS_SET 139
-# define EC_R_NO_PRIVATE_VALUE 154
-# define EC_R_OPERATION_NOT_SUPPORTED 152
-# define EC_R_PASSED_NULL_PARAMETER 134
-# define EC_R_PEER_KEY_ERROR 149
-# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
-# define EC_R_POINT_ARITHMETIC_FAILURE 155
-# define EC_R_POINT_AT_INFINITY 106
-# define EC_R_POINT_IS_NOT_ON_CURVE 107
-# define EC_R_RANDOM_NUMBER_GENERATION_FAILED 158
-# define EC_R_SHARED_INFO_ERROR 150
-# define EC_R_SLOT_FULL 108
-# define EC_R_UNDEFINED_GENERATOR 113
-# define EC_R_UNDEFINED_ORDER 128
-# define EC_R_UNKNOWN_GROUP 129
-# define EC_R_UNKNOWN_ORDER 114
-# define EC_R_UNSUPPORTED_FIELD 131
-# define EC_R_WRONG_CURVE_PARAMETERS 145
-# define EC_R_WRONG_ORDER 130
+# define EC_R_ASN1_ERROR 115
+# define EC_R_BAD_SIGNATURE 156
+# define EC_R_BIGNUM_OUT_OF_RANGE 144
+# define EC_R_BUFFER_TOO_SMALL 100
+# define EC_R_COORDINATES_OUT_OF_RANGE 146
+# define EC_R_CURVE_DOES_NOT_SUPPORT_ECDH 160
+# define EC_R_CURVE_DOES_NOT_SUPPORT_SIGNING 159
+# define EC_R_D2I_ECPKPARAMETERS_FAILURE 117
+# define EC_R_DECODE_ERROR 142
+# define EC_R_DISCRIMINANT_IS_ZERO 118
+# define EC_R_EC_GROUP_NEW_BY_NAME_FAILURE 119
+# define EC_R_FIELD_TOO_LARGE 143
+# define EC_R_GF2M_NOT_SUPPORTED 147
+# define EC_R_GROUP2PKPARAMETERS_FAILURE 120
+# define EC_R_I2D_ECPKPARAMETERS_FAILURE 121
+# define EC_R_INCOMPATIBLE_OBJECTS 101
+# define EC_R_INVALID_ARGUMENT 112
+# define EC_R_INVALID_COMPRESSED_POINT 110
+# define EC_R_INVALID_COMPRESSION_BIT 109
+# define EC_R_INVALID_CURVE 141
+# define EC_R_INVALID_DIGEST 151
+# define EC_R_INVALID_DIGEST_TYPE 138
+# define EC_R_INVALID_ENCODING 102
+# define EC_R_INVALID_FIELD 103
+# define EC_R_INVALID_FORM 104
+# define EC_R_INVALID_GROUP_ORDER 122
+# define EC_R_INVALID_KEY 116
+# define EC_R_INVALID_OUTPUT_LENGTH 161
+# define EC_R_INVALID_PEER_KEY 133
+# define EC_R_INVALID_PENTANOMIAL_BASIS 132
+# define EC_R_INVALID_PRIVATE_KEY 123
+# define EC_R_INVALID_TRINOMIAL_BASIS 137
+# define EC_R_KDF_PARAMETER_ERROR 148
+# define EC_R_KEYS_NOT_SET 140
+# define EC_R_MISSING_PARAMETERS 124
+# define EC_R_MISSING_PRIVATE_KEY 125
+# define EC_R_NEED_NEW_SETUP_VALUES 157
+# define EC_R_NOT_A_NIST_PRIME 135
+# define EC_R_NOT_IMPLEMENTED 126
+# define EC_R_NOT_INITIALIZED 111
+# define EC_R_NO_PARAMETERS_SET 139
+# define EC_R_NO_PRIVATE_VALUE 154
+# define EC_R_OPERATION_NOT_SUPPORTED 152
+# define EC_R_PASSED_NULL_PARAMETER 134
+# define EC_R_PEER_KEY_ERROR 149
+# define EC_R_PKPARAMETERS2GROUP_FAILURE 127
+# define EC_R_POINT_ARITHMETIC_FAILURE 155
+# define EC_R_POINT_AT_INFINITY 106
+# define EC_R_POINT_IS_NOT_ON_CURVE 107
+# define EC_R_RANDOM_NUMBER_GENERATION_FAILED 158
+# define EC_R_SHARED_INFO_ERROR 150
+# define EC_R_SLOT_FULL 108
+# define EC_R_UNDEFINED_GENERATOR 113
+# define EC_R_UNDEFINED_ORDER 128
+# define EC_R_UNKNOWN_GROUP 129
+# define EC_R_UNKNOWN_ORDER 114
+# define EC_R_UNSUPPORTED_FIELD 131
+# define EC_R_WRONG_CURVE_PARAMETERS 145
+# define EC_R_WRONG_ORDER 130
+# endif
#endif
diff --git a/include/openssl/engineerr.h b/include/openssl/engineerr.h
index c3e3844..f6025f6 100644
--- a/include/openssl/engineerr.h
+++ b/include/openssl/engineerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,93 +11,98 @@
#ifndef HEADER_ENGINEERR_H
# define HEADER_ENGINEERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_ENGINE
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_ENGINE_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* ENGINE function codes.
*/
-# define ENGINE_F_DIGEST_UPDATE 198
-# define ENGINE_F_DYNAMIC_CTRL 180
-# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
-# define ENGINE_F_DYNAMIC_LOAD 182
-# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183
-# define ENGINE_F_ENGINE_ADD 105
-# define ENGINE_F_ENGINE_BY_ID 106
-# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
-# define ENGINE_F_ENGINE_CTRL 142
-# define ENGINE_F_ENGINE_CTRL_CMD 178
-# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
-# define ENGINE_F_ENGINE_FINISH 107
-# define ENGINE_F_ENGINE_GET_CIPHER 185
-# define ENGINE_F_ENGINE_GET_DIGEST 186
-# define ENGINE_F_ENGINE_GET_FIRST 195
-# define ENGINE_F_ENGINE_GET_LAST 196
-# define ENGINE_F_ENGINE_GET_NEXT 115
-# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
-# define ENGINE_F_ENGINE_GET_PKEY_METH 192
-# define ENGINE_F_ENGINE_GET_PREV 116
-# define ENGINE_F_ENGINE_INIT 119
-# define ENGINE_F_ENGINE_LIST_ADD 120
-# define ENGINE_F_ENGINE_LIST_REMOVE 121
-# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
-# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
-# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
-# define ENGINE_F_ENGINE_NEW 122
-# define ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR 197
-# define ENGINE_F_ENGINE_REMOVE 123
-# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
-# define ENGINE_F_ENGINE_SET_ID 129
-# define ENGINE_F_ENGINE_SET_NAME 130
-# define ENGINE_F_ENGINE_TABLE_REGISTER 184
-# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
-# define ENGINE_F_ENGINE_UP_REF 190
-# define ENGINE_F_INT_CTRL_HELPER 172
-# define ENGINE_F_INT_ENGINE_CONFIGURE 188
-# define ENGINE_F_INT_ENGINE_MODULE_INIT 187
+# define ENGINE_F_DIGEST_UPDATE 198
+# define ENGINE_F_DYNAMIC_CTRL 180
+# define ENGINE_F_DYNAMIC_GET_DATA_CTX 181
+# define ENGINE_F_DYNAMIC_LOAD 182
+# define ENGINE_F_DYNAMIC_SET_DATA_CTX 183
+# define ENGINE_F_ENGINE_ADD 105
+# define ENGINE_F_ENGINE_BY_ID 106
+# define ENGINE_F_ENGINE_CMD_IS_EXECUTABLE 170
+# define ENGINE_F_ENGINE_CTRL 142
+# define ENGINE_F_ENGINE_CTRL_CMD 178
+# define ENGINE_F_ENGINE_CTRL_CMD_STRING 171
+# define ENGINE_F_ENGINE_FINISH 107
+# define ENGINE_F_ENGINE_GET_CIPHER 185
+# define ENGINE_F_ENGINE_GET_DIGEST 186
+# define ENGINE_F_ENGINE_GET_FIRST 195
+# define ENGINE_F_ENGINE_GET_LAST 196
+# define ENGINE_F_ENGINE_GET_NEXT 115
+# define ENGINE_F_ENGINE_GET_PKEY_ASN1_METH 193
+# define ENGINE_F_ENGINE_GET_PKEY_METH 192
+# define ENGINE_F_ENGINE_GET_PREV 116
+# define ENGINE_F_ENGINE_INIT 119
+# define ENGINE_F_ENGINE_LIST_ADD 120
+# define ENGINE_F_ENGINE_LIST_REMOVE 121
+# define ENGINE_F_ENGINE_LOAD_PRIVATE_KEY 150
+# define ENGINE_F_ENGINE_LOAD_PUBLIC_KEY 151
+# define ENGINE_F_ENGINE_LOAD_SSL_CLIENT_CERT 194
+# define ENGINE_F_ENGINE_NEW 122
+# define ENGINE_F_ENGINE_PKEY_ASN1_FIND_STR 197
+# define ENGINE_F_ENGINE_REMOVE 123
+# define ENGINE_F_ENGINE_SET_DEFAULT_STRING 189
+# define ENGINE_F_ENGINE_SET_ID 129
+# define ENGINE_F_ENGINE_SET_NAME 130
+# define ENGINE_F_ENGINE_TABLE_REGISTER 184
+# define ENGINE_F_ENGINE_UNLOCKED_FINISH 191
+# define ENGINE_F_ENGINE_UP_REF 190
+# define ENGINE_F_INT_CTRL_HELPER 172
+# define ENGINE_F_INT_ENGINE_CONFIGURE 188
+# define ENGINE_F_INT_ENGINE_MODULE_INIT 187
/*
* ENGINE reason codes.
*/
-# define ENGINE_R_ALREADY_LOADED 100
-# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
-# define ENGINE_R_CMD_NOT_EXECUTABLE 134
-# define ENGINE_R_COMMAND_TAKES_INPUT 135
-# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
-# define ENGINE_R_CONFLICTING_ENGINE_ID 103
-# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
-# define ENGINE_R_DSO_FAILURE 104
-# define ENGINE_R_DSO_NOT_FOUND 132
-# define ENGINE_R_ENGINES_SECTION_ERROR 148
-# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
-# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
-# define ENGINE_R_ENGINE_SECTION_ERROR 149
-# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
-# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
-# define ENGINE_R_FINISH_FAILED 106
-# define ENGINE_R_ID_OR_NAME_MISSING 108
-# define ENGINE_R_INIT_FAILED 109
-# define ENGINE_R_INTERNAL_LIST_ERROR 110
-# define ENGINE_R_INVALID_ARGUMENT 143
-# define ENGINE_R_INVALID_CMD_NAME 137
-# define ENGINE_R_INVALID_CMD_NUMBER 138
-# define ENGINE_R_INVALID_INIT_VALUE 151
-# define ENGINE_R_INVALID_STRING 150
-# define ENGINE_R_NOT_INITIALISED 117
-# define ENGINE_R_NOT_LOADED 112
-# define ENGINE_R_NO_CONTROL_FUNCTION 120
-# define ENGINE_R_NO_INDEX 144
-# define ENGINE_R_NO_LOAD_FUNCTION 125
-# define ENGINE_R_NO_REFERENCE 130
-# define ENGINE_R_NO_SUCH_ENGINE 116
-# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
-# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
-# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
-# define ENGINE_R_VERSION_INCOMPATIBILITY 145
+# define ENGINE_R_ALREADY_LOADED 100
+# define ENGINE_R_ARGUMENT_IS_NOT_A_NUMBER 133
+# define ENGINE_R_CMD_NOT_EXECUTABLE 134
+# define ENGINE_R_COMMAND_TAKES_INPUT 135
+# define ENGINE_R_COMMAND_TAKES_NO_INPUT 136
+# define ENGINE_R_CONFLICTING_ENGINE_ID 103
+# define ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED 119
+# define ENGINE_R_DSO_FAILURE 104
+# define ENGINE_R_DSO_NOT_FOUND 132
+# define ENGINE_R_ENGINES_SECTION_ERROR 148
+# define ENGINE_R_ENGINE_CONFIGURATION_ERROR 102
+# define ENGINE_R_ENGINE_IS_NOT_IN_LIST 105
+# define ENGINE_R_ENGINE_SECTION_ERROR 149
+# define ENGINE_R_FAILED_LOADING_PRIVATE_KEY 128
+# define ENGINE_R_FAILED_LOADING_PUBLIC_KEY 129
+# define ENGINE_R_FINISH_FAILED 106
+# define ENGINE_R_ID_OR_NAME_MISSING 108
+# define ENGINE_R_INIT_FAILED 109
+# define ENGINE_R_INTERNAL_LIST_ERROR 110
+# define ENGINE_R_INVALID_ARGUMENT 143
+# define ENGINE_R_INVALID_CMD_NAME 137
+# define ENGINE_R_INVALID_CMD_NUMBER 138
+# define ENGINE_R_INVALID_INIT_VALUE 151
+# define ENGINE_R_INVALID_STRING 150
+# define ENGINE_R_NOT_INITIALISED 117
+# define ENGINE_R_NOT_LOADED 112
+# define ENGINE_R_NO_CONTROL_FUNCTION 120
+# define ENGINE_R_NO_INDEX 144
+# define ENGINE_R_NO_LOAD_FUNCTION 125
+# define ENGINE_R_NO_REFERENCE 130
+# define ENGINE_R_NO_SUCH_ENGINE 116
+# define ENGINE_R_UNIMPLEMENTED_CIPHER 146
+# define ENGINE_R_UNIMPLEMENTED_DIGEST 147
+# define ENGINE_R_UNIMPLEMENTED_PUBLIC_KEY_METHOD 101
+# define ENGINE_R_VERSION_INCOMPATIBILITY 145
+# endif
#endif
diff --git a/include/openssl/ocsperr.h b/include/openssl/ocsperr.h
index 08800d1..f78f232 100644
--- a/include/openssl/ocsperr.h
+++ b/include/openssl/ocsperr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,62 +11,67 @@
#ifndef HEADER_OCSPERR_H
# define HEADER_OCSPERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_OCSP
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_OCSP_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* OCSP function codes.
*/
-# define OCSP_F_D2I_OCSP_NONCE 102
-# define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
-# define OCSP_F_OCSP_BASIC_SIGN 104
-# define OCSP_F_OCSP_BASIC_SIGN_CTX 119
-# define OCSP_F_OCSP_BASIC_VERIFY 105
-# define OCSP_F_OCSP_CERT_ID_NEW 101
-# define OCSP_F_OCSP_CHECK_DELEGATED 106
-# define OCSP_F_OCSP_CHECK_IDS 107
-# define OCSP_F_OCSP_CHECK_ISSUER 108
-# define OCSP_F_OCSP_CHECK_VALIDITY 115
-# define OCSP_F_OCSP_MATCH_ISSUERID 109
-# define OCSP_F_OCSP_PARSE_URL 114
-# define OCSP_F_OCSP_REQUEST_SIGN 110
-# define OCSP_F_OCSP_REQUEST_VERIFY 116
-# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
-# define OCSP_F_PARSE_HTTP_LINE1 118
+# define OCSP_F_D2I_OCSP_NONCE 102
+# define OCSP_F_OCSP_BASIC_ADD1_STATUS 103
+# define OCSP_F_OCSP_BASIC_SIGN 104
+# define OCSP_F_OCSP_BASIC_SIGN_CTX 119
+# define OCSP_F_OCSP_BASIC_VERIFY 105
+# define OCSP_F_OCSP_CERT_ID_NEW 101
+# define OCSP_F_OCSP_CHECK_DELEGATED 106
+# define OCSP_F_OCSP_CHECK_IDS 107
+# define OCSP_F_OCSP_CHECK_ISSUER 108
+# define OCSP_F_OCSP_CHECK_VALIDITY 115
+# define OCSP_F_OCSP_MATCH_ISSUERID 109
+# define OCSP_F_OCSP_PARSE_URL 114
+# define OCSP_F_OCSP_REQUEST_SIGN 110
+# define OCSP_F_OCSP_REQUEST_VERIFY 116
+# define OCSP_F_OCSP_RESPONSE_GET1_BASIC 111
+# define OCSP_F_PARSE_HTTP_LINE1 118
/*
* OCSP reason codes.
*/
-# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
-# define OCSP_R_DIGEST_ERR 102
-# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
-# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
-# define OCSP_R_ERROR_PARSING_URL 121
-# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
-# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
-# define OCSP_R_NOT_BASIC_RESPONSE 104
-# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
-# define OCSP_R_NO_RESPONSE_DATA 108
-# define OCSP_R_NO_REVOKED_TIME 109
-# define OCSP_R_NO_SIGNER_KEY 130
-# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
-# define OCSP_R_REQUEST_NOT_SIGNED 128
-# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
-# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
-# define OCSP_R_SERVER_RESPONSE_ERROR 114
-# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
-# define OCSP_R_SIGNATURE_FAILURE 117
-# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
-# define OCSP_R_STATUS_EXPIRED 125
-# define OCSP_R_STATUS_NOT_YET_VALID 126
-# define OCSP_R_STATUS_TOO_OLD 127
-# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
-# define OCSP_R_UNKNOWN_NID 120
-# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
+# define OCSP_R_CERTIFICATE_VERIFY_ERROR 101
+# define OCSP_R_DIGEST_ERR 102
+# define OCSP_R_ERROR_IN_NEXTUPDATE_FIELD 122
+# define OCSP_R_ERROR_IN_THISUPDATE_FIELD 123
+# define OCSP_R_ERROR_PARSING_URL 121
+# define OCSP_R_MISSING_OCSPSIGNING_USAGE 103
+# define OCSP_R_NEXTUPDATE_BEFORE_THISUPDATE 124
+# define OCSP_R_NOT_BASIC_RESPONSE 104
+# define OCSP_R_NO_CERTIFICATES_IN_CHAIN 105
+# define OCSP_R_NO_RESPONSE_DATA 108
+# define OCSP_R_NO_REVOKED_TIME 109
+# define OCSP_R_NO_SIGNER_KEY 130
+# define OCSP_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 110
+# define OCSP_R_REQUEST_NOT_SIGNED 128
+# define OCSP_R_RESPONSE_CONTAINS_NO_REVOCATION_DATA 111
+# define OCSP_R_ROOT_CA_NOT_TRUSTED 112
+# define OCSP_R_SERVER_RESPONSE_ERROR 114
+# define OCSP_R_SERVER_RESPONSE_PARSE_ERROR 115
+# define OCSP_R_SIGNATURE_FAILURE 117
+# define OCSP_R_SIGNER_CERTIFICATE_NOT_FOUND 118
+# define OCSP_R_STATUS_EXPIRED 125
+# define OCSP_R_STATUS_NOT_YET_VALID 126
+# define OCSP_R_STATUS_TOO_OLD 127
+# define OCSP_R_UNKNOWN_MESSAGE_DIGEST 119
+# define OCSP_R_UNKNOWN_NID 120
+# define OCSP_R_UNSUPPORTED_REQUESTORNAME_TYPE 129
+# endif
#endif
diff --git a/include/openssl/tserr.h b/include/openssl/tserr.h
index 233438a..01ebfef 100644
--- a/include/openssl/tserr.h
+++ b/include/openssl/tserr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -11,116 +11,121 @@
#ifndef HEADER_TSERR_H
# define HEADER_TSERR_H
-# ifdef __cplusplus
+# include
+
+# ifndef OPENSSL_NO_TS
+
+# ifdef __cplusplus
extern "C" {
-# endif
+# endif
int ERR_load_TS_strings(void);
-# ifdef __cplusplus
+# ifdef __cplusplus
}
-# endif
+# endif
/*
* TS function codes.
*/
-# define TS_F_DEF_SERIAL_CB 110
-# define TS_F_DEF_TIME_CB 111
-# define TS_F_ESS_ADD_SIGNING_CERT 112
-# define TS_F_ESS_ADD_SIGNING_CERT_V2 147
-# define TS_F_ESS_CERT_ID_NEW_INIT 113
-# define TS_F_ESS_CERT_ID_V2_NEW_INIT 156
-# define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
-# define TS_F_ESS_SIGNING_CERT_V2_NEW_INIT 157
-# define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
-# define TS_F_PKCS7_TO_TS_TST_INFO 148
-# define TS_F_TS_ACCURACY_SET_MICROS 115
-# define TS_F_TS_ACCURACY_SET_MILLIS 116
-# define TS_F_TS_ACCURACY_SET_SECONDS 117
-# define TS_F_TS_CHECK_IMPRINTS 100
-# define TS_F_TS_CHECK_NONCES 101
-# define TS_F_TS_CHECK_POLICY 102
-# define TS_F_TS_CHECK_SIGNING_CERTS 103
-# define TS_F_TS_CHECK_STATUS_INFO 104
-# define TS_F_TS_COMPUTE_IMPRINT 145
-# define TS_F_TS_CONF_INVALID 151
-# define TS_F_TS_CONF_LOAD_CERT 153
-# define TS_F_TS_CONF_LOAD_CERTS 154
-# define TS_F_TS_CONF_LOAD_KEY 155
-# define TS_F_TS_CONF_LOOKUP_FAIL 152
-# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
-# define TS_F_TS_GET_STATUS_TEXT 105
-# define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
-# define TS_F_TS_REQ_SET_MSG_IMPRINT 119
-# define TS_F_TS_REQ_SET_NONCE 120
-# define TS_F_TS_REQ_SET_POLICY_ID 121
-# define TS_F_TS_RESP_CREATE_RESPONSE 122
-# define TS_F_TS_RESP_CREATE_TST_INFO 123
-# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
-# define TS_F_TS_RESP_CTX_ADD_MD 125
-# define TS_F_TS_RESP_CTX_ADD_POLICY 126
-# define TS_F_TS_RESP_CTX_NEW 127
-# define TS_F_TS_RESP_CTX_SET_ACCURACY 128
-# define TS_F_TS_RESP_CTX_SET_CERTS 129
-# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
-# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
-# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
-# define TS_F_TS_RESP_GET_POLICY 133
-# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
-# define TS_F_TS_RESP_SET_STATUS_INFO 135
-# define TS_F_TS_RESP_SET_TST_INFO 150
-# define TS_F_TS_RESP_SIGN 136
-# define TS_F_TS_RESP_VERIFY_SIGNATURE 106
-# define TS_F_TS_TST_INFO_SET_ACCURACY 137
-# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
-# define TS_F_TS_TST_INFO_SET_NONCE 139
-# define TS_F_TS_TST_INFO_SET_POLICY_ID 140
-# define TS_F_TS_TST_INFO_SET_SERIAL 141
-# define TS_F_TS_TST_INFO_SET_TIME 142
-# define TS_F_TS_TST_INFO_SET_TSA 143
-# define TS_F_TS_VERIFY 108
-# define TS_F_TS_VERIFY_CERT 109
-# define TS_F_TS_VERIFY_CTX_NEW 144
+# define TS_F_DEF_SERIAL_CB 110
+# define TS_F_DEF_TIME_CB 111
+# define TS_F_ESS_ADD_SIGNING_CERT 112
+# define TS_F_ESS_ADD_SIGNING_CERT_V2 147
+# define TS_F_ESS_CERT_ID_NEW_INIT 113
+# define TS_F_ESS_CERT_ID_V2_NEW_INIT 156
+# define TS_F_ESS_SIGNING_CERT_NEW_INIT 114
+# define TS_F_ESS_SIGNING_CERT_V2_NEW_INIT 157
+# define TS_F_INT_TS_RESP_VERIFY_TOKEN 149
+# define TS_F_PKCS7_TO_TS_TST_INFO 148
+# define TS_F_TS_ACCURACY_SET_MICROS 115
+# define TS_F_TS_ACCURACY_SET_MILLIS 116
+# define TS_F_TS_ACCURACY_SET_SECONDS 117
+# define TS_F_TS_CHECK_IMPRINTS 100
+# define TS_F_TS_CHECK_NONCES 101
+# define TS_F_TS_CHECK_POLICY 102
+# define TS_F_TS_CHECK_SIGNING_CERTS 103
+# define TS_F_TS_CHECK_STATUS_INFO 104
+# define TS_F_TS_COMPUTE_IMPRINT 145
+# define TS_F_TS_CONF_INVALID 151
+# define TS_F_TS_CONF_LOAD_CERT 153
+# define TS_F_TS_CONF_LOAD_CERTS 154
+# define TS_F_TS_CONF_LOAD_KEY 155
+# define TS_F_TS_CONF_LOOKUP_FAIL 152
+# define TS_F_TS_CONF_SET_DEFAULT_ENGINE 146
+# define TS_F_TS_GET_STATUS_TEXT 105
+# define TS_F_TS_MSG_IMPRINT_SET_ALGO 118
+# define TS_F_TS_REQ_SET_MSG_IMPRINT 119
+# define TS_F_TS_REQ_SET_NONCE 120
+# define TS_F_TS_REQ_SET_POLICY_ID 121
+# define TS_F_TS_RESP_CREATE_RESPONSE 122
+# define TS_F_TS_RESP_CREATE_TST_INFO 123
+# define TS_F_TS_RESP_CTX_ADD_FAILURE_INFO 124
+# define TS_F_TS_RESP_CTX_ADD_MD 125
+# define TS_F_TS_RESP_CTX_ADD_POLICY 126
+# define TS_F_TS_RESP_CTX_NEW 127
+# define TS_F_TS_RESP_CTX_SET_ACCURACY 128
+# define TS_F_TS_RESP_CTX_SET_CERTS 129
+# define TS_F_TS_RESP_CTX_SET_DEF_POLICY 130
+# define TS_F_TS_RESP_CTX_SET_SIGNER_CERT 131
+# define TS_F_TS_RESP_CTX_SET_STATUS_INFO 132
+# define TS_F_TS_RESP_GET_POLICY 133
+# define TS_F_TS_RESP_SET_GENTIME_WITH_PRECISION 134
+# define TS_F_TS_RESP_SET_STATUS_INFO 135
+# define TS_F_TS_RESP_SET_TST_INFO 150
+# define TS_F_TS_RESP_SIGN 136
+# define TS_F_TS_RESP_VERIFY_SIGNATURE 106
+# define TS_F_TS_TST_INFO_SET_ACCURACY 137
+# define TS_F_TS_TST_INFO_SET_MSG_IMPRINT 138
+# define TS_F_TS_TST_INFO_SET_NONCE 139
+# define TS_F_TS_TST_INFO_SET_POLICY_ID 140
+# define TS_F_TS_TST_INFO_SET_SERIAL 141
+# define TS_F_TS_TST_INFO_SET_TIME 142
+# define TS_F_TS_TST_INFO_SET_TSA 143
+# define TS_F_TS_VERIFY 108
+# define TS_F_TS_VERIFY_CERT 109
+# define TS_F_TS_VERIFY_CTX_NEW 144
/*
* TS reason codes.
*/
-# define TS_R_BAD_PKCS7_TYPE 132
-# define TS_R_BAD_TYPE 133
-# define TS_R_CANNOT_LOAD_CERT 137
-# define TS_R_CANNOT_LOAD_KEY 138
-# define TS_R_CERTIFICATE_VERIFY_ERROR 100
-# define TS_R_COULD_NOT_SET_ENGINE 127
-# define TS_R_COULD_NOT_SET_TIME 115
-# define TS_R_DETACHED_CONTENT 134
-# define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
-# define TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR 139
-# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
-# define TS_R_INVALID_NULL_POINTER 102
-# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
-# define TS_R_MESSAGE_IMPRINT_MISMATCH 103
-# define TS_R_NONCE_MISMATCH 104
-# define TS_R_NONCE_NOT_RETURNED 105
-# define TS_R_NO_CONTENT 106
-# define TS_R_NO_TIME_STAMP_TOKEN 107
-# define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
-# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
-# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
-# define TS_R_POLICY_MISMATCH 108
-# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
-# define TS_R_RESPONSE_SETUP_ERROR 121
-# define TS_R_SIGNATURE_FAILURE 109
-# define TS_R_THERE_MUST_BE_ONE_SIGNER 110
-# define TS_R_TIME_SYSCALL_ERROR 122
-# define TS_R_TOKEN_NOT_PRESENT 130
-# define TS_R_TOKEN_PRESENT 131
-# define TS_R_TSA_NAME_MISMATCH 111
-# define TS_R_TSA_UNTRUSTED 112
-# define TS_R_TST_INFO_SETUP_ERROR 123
-# define TS_R_TS_DATASIGN 124
-# define TS_R_UNACCEPTABLE_POLICY 125
-# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
-# define TS_R_UNSUPPORTED_VERSION 113
-# define TS_R_VAR_BAD_VALUE 135
-# define TS_R_VAR_LOOKUP_FAILURE 136
-# define TS_R_WRONG_CONTENT_TYPE 114
+# define TS_R_BAD_PKCS7_TYPE 132
+# define TS_R_BAD_TYPE 133
+# define TS_R_CANNOT_LOAD_CERT 137
+# define TS_R_CANNOT_LOAD_KEY 138
+# define TS_R_CERTIFICATE_VERIFY_ERROR 100
+# define TS_R_COULD_NOT_SET_ENGINE 127
+# define TS_R_COULD_NOT_SET_TIME 115
+# define TS_R_DETACHED_CONTENT 134
+# define TS_R_ESS_ADD_SIGNING_CERT_ERROR 116
+# define TS_R_ESS_ADD_SIGNING_CERT_V2_ERROR 139
+# define TS_R_ESS_SIGNING_CERTIFICATE_ERROR 101
+# define TS_R_INVALID_NULL_POINTER 102
+# define TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE 117
+# define TS_R_MESSAGE_IMPRINT_MISMATCH 103
+# define TS_R_NONCE_MISMATCH 104
+# define TS_R_NONCE_NOT_RETURNED 105
+# define TS_R_NO_CONTENT 106
+# define TS_R_NO_TIME_STAMP_TOKEN 107
+# define TS_R_PKCS7_ADD_SIGNATURE_ERROR 118
+# define TS_R_PKCS7_ADD_SIGNED_ATTR_ERROR 119
+# define TS_R_PKCS7_TO_TS_TST_INFO_FAILED 129
+# define TS_R_POLICY_MISMATCH 108
+# define TS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 120
+# define TS_R_RESPONSE_SETUP_ERROR 121
+# define TS_R_SIGNATURE_FAILURE 109
+# define TS_R_THERE_MUST_BE_ONE_SIGNER 110
+# define TS_R_TIME_SYSCALL_ERROR 122
+# define TS_R_TOKEN_NOT_PRESENT 130
+# define TS_R_TOKEN_PRESENT 131
+# define TS_R_TSA_NAME_MISMATCH 111
+# define TS_R_TSA_UNTRUSTED 112
+# define TS_R_TST_INFO_SETUP_ERROR 123
+# define TS_R_TS_DATASIGN 124
+# define TS_R_UNACCEPTABLE_POLICY 125
+# define TS_R_UNSUPPORTED_MD_ALGORITHM 126
+# define TS_R_UNSUPPORTED_VERSION 113
+# define TS_R_VAR_BAD_VALUE 135
+# define TS_R_VAR_LOOKUP_FAILURE 136
+# define TS_R_WRONG_CONTENT_TYPE 114
+# endif
#endif
diff --git a/util/mkerr.pl b/util/mkerr.pl
index 52a44c9..1740e40 100755
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@@ -9,6 +9,9 @@
use strict;
use warnings;
+use lib ".";
+use configdata;
+
my $config = "crypto/err/openssl.ec";
my $debug = 0;
my $internal = 0;
@@ -430,6 +433,9 @@ foreach my $lib ( keys %errorfile ) {
my @function = sort grep( /^${lib}_/, keys %fcodes );
my @reasons = sort grep( /^${lib}_/, keys %rcodes );
+ # indent level for innermost preprocessor lines
+ my $indent = " ";
+
# Rewrite the header file
my $hfile = $hinc{$lib};
@@ -453,14 +459,24 @@ EOF
if ( $internal ) {
# Declare the load function because the generate C file
# includes "fooerr.h" not "foo.h"
+ if ($lib ne "SSL" && $lib ne "ASYNC"
+ && grep { $lib eq uc $_ } @disablables) {
+ print OUT <<"EOF";
+# include
+
+# ifndef OPENSSL_NO_${lib}
+
+EOF
+ $indent = " ";
+ }
print OUT <<"EOF";
-# ifdef __cplusplus
+#${indent}ifdef __cplusplus
extern \"C\" {
-# endif
+#${indent}endif
int ERR_load_${lib}_strings(void);
-# ifdef __cplusplus
+#${indent}ifdef __cplusplus
}
-# endif
+#${indent}endif
EOF
} else {
print OUT <<"EOF";
@@ -498,7 +514,7 @@ EOF
$fassigned{$lib} .= "$findcode:";
print STDERR "New Function code $i\n" if $debug;
}
- printf OUT "# define $i%s $fcodes{$i}\n", " " x $z;
+ printf OUT "#${indent}define $i%s $fcodes{$i}\n", " " x $z;
}
print OUT "\n/*\n * $lib reason codes.\n */\n";
@@ -516,11 +532,14 @@ EOF
$rassigned{$lib} .= "$findcode:";
print STDERR "New Reason code $i\n" if $debug;
}
- printf OUT "# define $i%s $rcodes{$i}\n", " " x $z;
+ printf OUT "#${indent}define $i%s $rcodes{$i}\n", " " x $z;
}
print OUT "\n";
- print OUT "#endif\n";
+ while (length($indent) > 0) {
+ $indent = substr $indent, 0, -1;
+ print OUT "#${indent}endif\n";
+ }
# Rewrite the C source file containing the error details.
From levitte at openssl.org Wed Feb 7 21:24:20 2018
From: levitte at openssl.org (Richard Levitte)
Date: Wed, 07 Feb 2018 21:24:20 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518038660.850046.32046.nullmailer@dev.openssl.org>
The branch master has been updated
via c517ac4c3f6d48cf35b75f148515ce7f3677a03b (commit)
from 048ebccb8840f7abd90adc59654d959feb25715b (commit)
- Log -----------------------------------------------------------------
commit c517ac4c3f6d48cf35b75f148515ce7f3677a03b
Author: Richard Levitte
Date: Wed Feb 7 22:18:44 2018 +0100
Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
It turns out that even if you successfully build the engine, it might
not load properly, so we cannot make the test program fail for it.
See the message in commit 25b9d11c002e5c71840c2a6733c5009d78f2c9db
This reverts commit 227a1e3f45bf06fdb00f2bdfb922f6f0d1f1d1de.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5276)
-----------------------------------------------------------------------
Summary of changes:
test/afalgtest.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/test/afalgtest.c b/test/afalgtest.c
index bf90545..adb2977 100644
--- a/test/afalgtest.c
+++ b/test/afalgtest.c
@@ -128,14 +128,14 @@ int global_init(void)
int setup_tests(void)
{
#ifndef OPENSSL_NO_ENGINE
- if (!TEST_ptr(e = ENGINE_by_id("afalg"))) {
+ if ((e = ENGINE_by_id("afalg")) == NULL) {
/* Probably a platform env issue, not a test failure. */
- TEST_info("Can't load AFALG engine, you might want to check $OPENSSL_ENGINES");
- return 0;
- }
+ TEST_info("Can't load AFALG engine");
+ } else {
# ifndef OPENSSL_NO_AFALGENG
- ADD_ALL_TESTS(test_afalg_aes_cbc, 3);
+ ADD_ALL_TESTS(test_afalg_aes_cbc, 3);
# endif
+ }
#endif
return 1;
From levitte at openssl.org Wed Feb 7 21:32:54 2018
From: levitte at openssl.org (Richard Levitte)
Date: Wed, 07 Feb 2018 21:32:54 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1518039174.108531.1103.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via db5ec96acd4e65bca886f2ef09316a7fb0aa8cac (commit)
from 4bcc6a1f5557ceb1e335d39bac308b9cd64f40cd (commit)
- Log -----------------------------------------------------------------
commit db5ec96acd4e65bca886f2ef09316a7fb0aa8cac
Author: Richard Levitte
Date: Wed Feb 7 19:56:57 2018 +0100
Make all private functions in e_afalg.c static
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5273)
-----------------------------------------------------------------------
Summary of changes:
engines/afalg/e_afalg.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/engines/afalg/e_afalg.c b/engines/afalg/e_afalg.c
index 20ac978..05ad905 100644
--- a/engines/afalg/e_afalg.c
+++ b/engines/afalg/e_afalg.c
@@ -80,7 +80,7 @@ static int afalg_create_sk(afalg_ctx *actx, const char *ciphertype,
static int afalg_destroy(ENGINE *e);
static int afalg_init(ENGINE *e);
static int afalg_finish(ENGINE *e);
-const EVP_CIPHER *afalg_aes_128_cbc(void);
+static const EVP_CIPHER *afalg_aes_128_cbc(void);
static int afalg_ciphers(ENGINE *e, const EVP_CIPHER **cipher,
const int **nids, int nid);
static int afalg_cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
@@ -191,7 +191,7 @@ static int afalg_setup_async_event_notification(afalg_aio *aio)
return 1;
}
-int afalg_init_aio(afalg_aio *aio)
+static int afalg_init_aio(afalg_aio *aio)
{
int r = -1;
@@ -211,8 +211,8 @@ int afalg_init_aio(afalg_aio *aio)
return 1;
}
-int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf,
- size_t len)
+static int afalg_fin_cipher_aio(afalg_aio *aio, int sfd, unsigned char *buf,
+ size_t len)
{
int r;
int retry = 0;
@@ -639,7 +639,7 @@ static int afalg_cipher_cleanup(EVP_CIPHER_CTX *ctx)
return 1;
}
-const EVP_CIPHER *afalg_aes_128_cbc(void)
+static const EVP_CIPHER *afalg_aes_128_cbc(void)
{
if (_hidden_aes_128_cbc == NULL
&& ((_hidden_aes_128_cbc =
From matt at openssl.org Wed Feb 7 21:41:49 2018
From: matt at openssl.org (Matt Caswell)
Date: Wed, 07 Feb 2018 21:41:49 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518039709.850345.3740.nullmailer@dev.openssl.org>
The branch master has been updated
via 4af26979480a42e267ff686210bb63b1ebdd0eab (commit)
via 04e3bb045f9b407d1ec681cfbeab4da8e53d750a (commit)
via 0f41dc0e9e9e6a8c2a43fa6af5fdf5359283e2ba (commit)
via f518cef40c431188b4910ca9bd8ef3778f599bb5 (commit)
from c517ac4c3f6d48cf35b75f148515ce7f3677a03b (commit)
- Log -----------------------------------------------------------------
commit 4af26979480a42e267ff686210bb63b1ebdd0eab
Author: Matt Caswell
Date: Wed Feb 7 14:53:31 2018 +0000
Don't run tls13encryptiontest on a shared Windows build
tls13encryptiontest is an "internal" test. As with all the other internal
tests it should not be run on a shared native Windows build.
[extended tests]
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5266)
commit 04e3bb045f9b407d1ec681cfbeab4da8e53d750a
Author: Matt Caswell
Date: Wed Feb 7 14:20:31 2018 +0000
Fix some undefined behaviour in ossltest engine
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5266)
commit 0f41dc0e9e9e6a8c2a43fa6af5fdf5359283e2ba
Author: Matt Caswell
Date: Wed Feb 7 10:55:02 2018 +0000
Fix clienthellotest with TLSv1.3
If TLSv1.3 is enabled and combined with other options that extend the
size of the ClientHello, then the clienthello test can sometimes fail
because the ClientHello has grown too large. Part of the purpose of the
test is to check that the padding extension works properly. This requires
the ClientHello size to be kept within certain bounds.
By restricting the number of ciphersuites sent we can reduce the size of
the ClientHello.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5266)
commit f518cef40c431188b4910ca9bd8ef3778f599bb5
Author: Matt Caswell
Date: Tue Feb 6 17:27:25 2018 +0000
Enable TLSv1.3 by default
[extended tests]
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5266)
-----------------------------------------------------------------------
Summary of changes:
.travis.yml | 2 +-
CHANGES | 20 +
Configure | 2 -
INSTALL | 27 +-
NEWS | 1 +
engines/e_ossltest.c | 16 +-
test/clienthellotest.c | 9 +
test/recipes/80-test_ssl_new.t | 2 +-
test/recipes/90-test_tls13encryption.t | 3 +
test/ssl-tests/02-protocol-version.conf | 478 ++++++----
test/ssl-tests/10-resumption.conf | 1473 ++++++++++++++++++++++++++-----
test/ssl-tests/20-cert-select.conf | 543 +++++++++++-
test/ssl-tests/22-compression.conf | 178 +++-
13 files changed, 2290 insertions(+), 464 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index b361059..cfc11b6 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -43,7 +43,7 @@ matrix:
sources:
- ubuntu-toolchain-r-test
compiler: gcc-5
- env: CONFIG_OPTS="--strict-warnings enable-tls1_3" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
+ env: CONFIG_OPTS="--strict-warnings" TESTS="-test_fuzz" COMMENT="Move to the BORINGTEST build when interoperable"
- os: linux
compiler: clang-3.9
env: CONFIG_OPTS="--strict-warnings no-deprecated" BUILDONLY="yes"
diff --git a/CHANGES b/CHANGES
index f0807c6..178c6c4 100644
--- a/CHANGES
+++ b/CHANGES
@@ -9,6 +9,26 @@
Changes between 1.1.0f and 1.1.1 [xx XXX xxxx]
+ *) Support for TLSv1.3 added. Note that users upgrading from an earlier
+ version of OpenSSL should review their configuration settings to ensure
+ that they are still appropriate for TLSv1.3. In particular if no TLSv1.3
+ ciphersuites are enabled then OpenSSL will refuse to make a connection
+ unless (1) TLSv1.3 is explicitly disabled or (2) the ciphersuite
+ configuration is updated to include suitable ciphersuites. The DEFAULT
+ ciphersuite configuration does include TLSv1.3 ciphersuites. For further
+ information on this and other related issues please see:
+ https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/
+
+ NOTE: In this pre-release of OpenSSL a draft version of the
+ TLSv1.3 standard has been implemented. Implementations of different draft
+ versions of the standard do not inter-operate, and this version will not
+ inter-operate with an implementation of the final standard when it is
+ eventually published. Different pre-release versions may implement
+ different versions of the draft. The final version of OpenSSL 1.1.1 will
+ implement the final version of the standard.
+ TODO(TLS1.3): Remove the above note before final release
+ [Matt Caswell]
+
*) Changed Configure so it only says what it does and doesn't dump
so much data. Instead, ./configdata.pm should be used as a script
to display all sorts of configuration data.
diff --git a/Configure b/Configure
index a6f5a31..c90a66c 100755
--- a/Configure
+++ b/Configure
@@ -435,8 +435,6 @@ our %disabled = ( # "what" => "comment"
"ssl3" => "default",
"ssl3-method" => "default",
"ubsan" => "default",
- #TODO(TLS1.3): Temporarily disabled while this is a WIP
- "tls1_3" => "default",
"tls13downgrade" => "default",
"unit-test" => "default",
"weak-ssl-ciphers" => "default",
diff --git a/INSTALL b/INSTALL
index 48c25e6..9d1f90d 100644
--- a/INSTALL
+++ b/INSTALL
@@ -482,27 +482,24 @@
likely to complement configuration command line with
suitable compiler-specific option.
- enable-tls1_3
- TODO(TLS1.3): Make this enabled by default
- Build support for TLS1.3. Note: This is a WIP feature and
- only a single draft version is supported. Implementations
- of different draft versions will negotiate TLS 1.2 instead
- of (draft) TLS 1.3. Use with caution!!
-
no-
Don't build support for negotiating the specified SSL/TLS
- protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2, dtls,
- dtls1 or dtls1_2). If "no-tls" is selected then all of tls1,
- tls1_1 and tls1_2 are disabled. Similarly "no-dtls" will
- disable dtls1 and dtls1_2. The "no-ssl" option is synonymous
- with "no-ssl3". Note this only affects version negotiation.
- OpenSSL will still provide the methods for applications to
- explicitly select the individual protocol versions.
+ protocol (one of ssl, ssl3, tls, tls1, tls1_1, tls1_2,
+ tls1_3, dtls, dtls1 or dtls1_2). If "no-tls" is selected then
+ all of tls1, tls1_1, tls1_2 and tls1_3 are disabled.
+ Similarly "no-dtls" will disable dtls1 and dtls1_2. The
+ "no-ssl" option is synonymous with "no-ssl3". Note this only
+ affects version negotiation. OpenSSL will still provide the
+ methods for applications to explicitly select the individual
+ protocol versions.
no--method
As for no- but in addition do not build the methods for
applications to explicitly select individual protocol
- versions.
+ versions. Note that there is no "no-tls1_3-method" option
+ because there is no application method for TLSv1.3. Using
+ invidivial protocol methods directly is deprecated.
+ Applications should use TLS_method() instead.
enable-
Build with support for the specified algorithm, where
diff --git a/NEWS b/NEWS
index 0fb5314..425fbd5 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,7 @@
Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.1 [under development]
+ o Support for TLSv1.3 added
o Move the display of configuration data to configdata.pm.
o Allow GNU style "make variables" to be used with Configure.
o Add a STORE module (OSSL_STORE)
diff --git a/engines/e_ossltest.c b/engines/e_ossltest.c
index d3d6998..8fc056a 100644
--- a/engines/e_ossltest.c
+++ b/engines/e_ossltest.c
@@ -593,17 +593,21 @@ int ossltest_aes128_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
int ret;
tmpbuf = OPENSSL_malloc(inl);
- if (tmpbuf == NULL)
+
+ /* OPENSSL_malloc will return NULL if inl == 0 */
+ if (tmpbuf == NULL && inl > 0)
return -1;
/* Remember what we were asked to encrypt */
- memcpy(tmpbuf, in, inl);
+ if (tmpbuf != NULL)
+ memcpy(tmpbuf, in, inl);
/* Go through the motions of encrypting it */
ret = EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_cbc())(ctx, out, in, inl);
/* Throw it all away and just use the plaintext as the output */
- memcpy(out, tmpbuf, inl);
+ if (tmpbuf != NULL)
+ memcpy(out, tmpbuf, inl);
OPENSSL_free(tmpbuf);
return ret;
@@ -626,13 +630,15 @@ int ossltest_aes128_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
return -1;
/* Remember what we were asked to encrypt */
- memcpy(tmpbuf, in, inl);
+ if (tmpbuf != NULL)
+ memcpy(tmpbuf, in, inl);
/* Go through the motions of encrypting it */
EVP_CIPHER_meth_get_do_cipher(EVP_aes_128_gcm())(ctx, out, in, inl);
/* Throw it all away and just use the plaintext as the output */
- memcpy(out, tmpbuf, inl);
+ if (tmpbuf != NULL)
+ memcpy(out, tmpbuf, inl);
OPENSSL_free(tmpbuf);
return inl;
diff --git a/test/clienthellotest.c b/test/clienthellotest.c
index 88e0a1c..f3e9588 100644
--- a/test/clienthellotest.c
+++ b/test/clienthellotest.c
@@ -87,6 +87,15 @@ static int test_client_hello(int currtest)
break;
case TEST_ADD_PADDING_AND_PSK:
+ /*
+ * In this case we're doing TLSv1.3 and we're sending a PSK so the
+ * ClientHello is already going to be quite long. To avoid getting one
+ * that is too long for this test we use a restricted ciphersuite list
+ */
+ if (!TEST_true(SSL_CTX_set_cipher_list(ctx,
+ "TLS13-AES-128-GCM-SHA256")))
+ goto end;
+ /* Fall through */
case TEST_ADD_PADDING:
case TEST_PADDING_NOT_NEEDED:
SSL_CTX_set_options(ctx, SSL_OP_TLSEXT_PADDING);
diff --git a/test/recipes/80-test_ssl_new.t b/test/recipes/80-test_ssl_new.t
index be03388..26bcb39 100644
--- a/test/recipes/80-test_ssl_new.t
+++ b/test/recipes/80-test_ssl_new.t
@@ -34,7 +34,7 @@ plan tests => 26; # = scalar @conf_srcs
# verify generated sources in the default configuration.
my $is_default_tls = (disabled("ssl3") && !disabled("tls1") &&
!disabled("tls1_1") && !disabled("tls1_2") &&
- disabled("tls1_3"));
+ !disabled("tls1_3"));
my $is_default_dtls = (!disabled("dtls1") && !disabled("dtls1_2"));
diff --git a/test/recipes/90-test_tls13encryption.t b/test/recipes/90-test_tls13encryption.t
index 63e62db..3fb4810 100644
--- a/test/recipes/90-test_tls13encryption.t
+++ b/test/recipes/90-test_tls13encryption.t
@@ -15,6 +15,9 @@ setup($test_name);
plan skip_all => "$test_name is not supported in this build"
if disabled("tls1_3");
+plan skip_all => "This test is unsupported in a shared library build on Windows"
+ if $^O eq 'MSWin32' && !disabled("shared");
+
plan tests => 1;
ok(run(test(["tls13encryptiontest"])), "running tls13encryptiontest");
diff --git a/test/ssl-tests/02-protocol-version.conf b/test/ssl-tests/02-protocol-version.conf
index f18d6a3..d0a64cd 100644
--- a/test/ssl-tests/02-protocol-version.conf
+++ b/test/ssl-tests/02-protocol-version.conf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 676
+num_tests = 678
test-0 = 0-version-negotiation
test-1 = 1-version-negotiation
@@ -678,6 +678,8 @@ test-672 = 672-version-negotiation
test-673 = 673-version-negotiation
test-674 = 674-version-negotiation
test-675 = 675-version-negotiation
+test-676 = 676-ciphersuite-sanity-check-client
+test-677 = 677-ciphersuite-sanity-check-server
# ===========================================================
[0-version-negotiation]
@@ -3515,7 +3517,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-108]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3540,7 +3542,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-109]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3674,7 +3676,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-114]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3700,7 +3702,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-115]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3808,7 +3810,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-119]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3834,7 +3836,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-120]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3915,7 +3917,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-123]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3941,7 +3943,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-124]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -3995,7 +3997,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-126]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4021,7 +4023,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-127]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4048,7 +4050,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-128]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -4073,7 +4076,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-129]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -4196,7 +4200,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-134]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4220,7 +4224,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-135]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4349,7 +4353,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-140]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4374,7 +4378,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-141]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4478,7 +4482,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-145]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4503,7 +4507,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-146]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4581,7 +4585,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-149]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4606,7 +4610,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-150]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4658,7 +4662,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-152]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4683,7 +4687,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-153]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -4709,7 +4713,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-154]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -4733,7 +4738,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-155]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -7682,7 +7688,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-264]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7708,7 +7714,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-265]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7847,7 +7853,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-270]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7874,7 +7880,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-271]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -7986,7 +7992,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-275]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8013,7 +8019,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-276]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8097,7 +8103,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-279]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8124,7 +8130,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-280]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8180,7 +8186,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-282]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8207,7 +8213,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-283]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8235,7 +8241,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-284]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8261,7 +8268,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-285]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8389,7 +8397,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-290]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8414,7 +8422,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-291]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8548,7 +8556,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-296]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8574,7 +8582,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-297]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8682,7 +8690,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-301]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8708,7 +8716,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-302]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8789,7 +8797,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-305]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8815,7 +8823,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-306]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8869,7 +8877,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-308]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8895,7 +8903,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-309]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -8922,7 +8930,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-310]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -8947,7 +8956,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-311]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -11206,7 +11216,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-394]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11232,7 +11242,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-395]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11371,7 +11381,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-400]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11398,7 +11408,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-401]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11510,7 +11520,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-405]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11537,7 +11547,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-406]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11621,7 +11631,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-409]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11648,7 +11658,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-410]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11704,7 +11714,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-412]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11731,7 +11741,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-413]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11759,7 +11769,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-414]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -11785,7 +11796,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-415]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -11913,7 +11925,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-420]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -11938,7 +11950,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-421]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12072,7 +12084,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-426]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12098,7 +12110,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-427]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12206,7 +12218,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-431]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12232,7 +12244,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-432]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12313,7 +12325,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-435]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12339,7 +12351,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-436]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12393,7 +12405,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-438]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12419,7 +12431,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-439]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -12446,7 +12458,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-440]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -12471,7 +12484,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-441]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -13938,7 +13952,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-495]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -14018,7 +14032,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-498]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14044,7 +14058,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-499]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14099,7 +14113,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-501]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -14182,7 +14196,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-504]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14209,7 +14223,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-505]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14237,7 +14251,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-506]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -14320,7 +14334,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-509]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14347,7 +14361,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-510]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14431,7 +14445,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-513]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14458,7 +14472,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-514]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14514,7 +14528,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-516]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14541,7 +14555,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-517]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14569,7 +14583,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-518]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -14595,7 +14610,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-519]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -14645,7 +14661,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-521]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -14722,7 +14738,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-524]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14747,7 +14763,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-525]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14800,7 +14816,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-527]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -14880,7 +14896,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-530]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14906,7 +14922,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-531]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -14933,7 +14949,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-532]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -15013,7 +15029,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-535]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -15039,7 +15055,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-536]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -15120,7 +15136,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-539]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -15146,7 +15162,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-540]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -15200,7 +15216,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-542]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -15226,7 +15242,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-543]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -15253,7 +15269,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-544]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -15278,7 +15295,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-545]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -16035,7 +16053,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-573]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16061,7 +16079,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-574]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16114,7 +16132,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-576]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16140,7 +16158,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-577]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16195,7 +16213,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-579]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16222,7 +16240,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-580]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16277,7 +16295,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-582]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16304,7 +16322,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-583]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16332,7 +16350,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-584]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16359,7 +16377,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-585]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16414,7 +16432,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-587]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16441,7 +16459,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-588]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16469,7 +16487,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-589]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16524,7 +16542,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-591]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16551,7 +16569,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-592]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16607,7 +16625,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-594]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16634,7 +16652,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-595]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16662,7 +16680,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-596]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -16688,7 +16707,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-597]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -16738,7 +16758,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-599]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16763,7 +16783,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-600]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16814,7 +16834,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-602]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16839,7 +16859,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-603]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16892,7 +16912,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-605]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16918,7 +16938,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-606]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -16971,7 +16991,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-608]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -16997,7 +17017,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-609]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -17024,7 +17044,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-610]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17050,7 +17070,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-611]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17103,7 +17123,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-613]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -17129,7 +17149,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-614]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -17156,7 +17176,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-615]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17209,7 +17229,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-617]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -17235,7 +17255,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-618]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -17289,7 +17309,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-620]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -17315,7 +17335,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-621]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
ExpectedResult = Success
@@ -17342,7 +17362,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-622]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17367,7 +17388,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-623]
-ExpectedResult = ServerFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17393,7 +17415,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-624]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17419,7 +17441,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-625]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17445,7 +17467,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-626]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17471,7 +17493,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-627]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17497,7 +17519,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-628]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17522,7 +17545,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-629]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17549,7 +17573,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-630]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17576,7 +17600,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-631]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17603,7 +17627,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-632]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17630,7 +17654,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-633]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17657,7 +17681,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-634]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17683,7 +17708,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-635]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17710,7 +17736,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-636]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17737,7 +17763,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-637]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17764,7 +17790,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-638]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17791,7 +17817,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-639]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17817,7 +17844,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-640]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17844,7 +17872,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-641]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17871,7 +17899,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-642]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17898,7 +17926,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-643]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17924,7 +17953,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-644]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -17951,7 +17981,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-645]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -17978,7 +18008,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-646]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18004,7 +18035,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-647]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18031,7 +18063,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-648]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18057,7 +18090,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-649]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18082,7 +18116,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-650]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18107,7 +18141,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-651]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18132,7 +18166,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-652]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18157,7 +18191,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-653]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18182,7 +18216,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-654]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18206,7 +18241,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-655]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18232,7 +18268,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-656]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18258,7 +18294,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-657]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18284,7 +18320,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-658]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18310,7 +18346,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-659]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18336,7 +18372,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-660]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18361,7 +18398,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-661]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18387,7 +18425,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-662]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18413,7 +18451,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-663]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18439,7 +18477,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-664]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18465,7 +18503,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-665]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18490,7 +18529,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-666]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18516,7 +18556,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-667]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18542,7 +18582,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-668]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18568,7 +18608,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-669]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18593,7 +18634,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-670]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18619,7 +18661,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-671]
-ExpectedResult = ClientFail
+ExpectedResult = ServerFail
# ===========================================================
@@ -18645,7 +18687,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-672]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18670,7 +18713,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-673]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18696,7 +18740,8 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-674]
-ExpectedResult = ClientFail
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
# ===========================================================
@@ -18721,6 +18766,55 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-675]
+ExpectedProtocol = TLSv1.3
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[676-ciphersuite-sanity-check-client]
+ssl_conf = 676-ciphersuite-sanity-check-client-ssl
+
+[676-ciphersuite-sanity-check-client-ssl]
+server = 676-ciphersuite-sanity-check-client-server
+client = 676-ciphersuite-sanity-check-client-client
+
+[676-ciphersuite-sanity-check-client-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[676-ciphersuite-sanity-check-client-client]
+CipherString = AES128-SHA
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-676]
ExpectedResult = ClientFail
+# ===========================================================
+
+[677-ciphersuite-sanity-check-server]
+ssl_conf = 677-ciphersuite-sanity-check-server-ssl
+
+[677-ciphersuite-sanity-check-server-ssl]
+server = 677-ciphersuite-sanity-check-server-server
+client = 677-ciphersuite-sanity-check-server-client
+
+[677-ciphersuite-sanity-check-server-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = AES128-SHA
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[677-ciphersuite-sanity-check-server-client]
+CipherString = AES128-SHA
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-677]
+ExpectedResult = ServerFail
+
+
diff --git a/test/ssl-tests/10-resumption.conf b/test/ssl-tests/10-resumption.conf
index b2deee4..73955de 100644
--- a/test/ssl-tests/10-resumption.conf
+++ b/test/ssl-tests/10-resumption.conf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 36
+num_tests = 65
test-0 = 0-resumption
test-1 = 1-resumption
@@ -38,6 +38,35 @@ test-32 = 32-resumption
test-33 = 33-resumption
test-34 = 34-resumption
test-35 = 35-resumption
+test-36 = 36-resumption
+test-37 = 37-resumption
+test-38 = 38-resumption
+test-39 = 39-resumption
+test-40 = 40-resumption
+test-41 = 41-resumption
+test-42 = 42-resumption
+test-43 = 43-resumption
+test-44 = 44-resumption
+test-45 = 45-resumption
+test-46 = 46-resumption
+test-47 = 47-resumption
+test-48 = 48-resumption
+test-49 = 49-resumption
+test-50 = 50-resumption
+test-51 = 51-resumption
+test-52 = 52-resumption
+test-53 = 53-resumption
+test-54 = 54-resumption
+test-55 = 55-resumption
+test-56 = 56-resumption
+test-57 = 57-resumption
+test-58 = 58-resumption
+test-59 = 59-resumption
+test-60 = 60-resumption
+test-61 = 61-resumption
+test-62 = 62-resumption
+test-63 = 63-resumption
+test-64 = 64-resumption-with-hrr
# ===========================================================
[0-resumption]
@@ -268,15 +297,15 @@ resume-client = 6-resumption-client
[6-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[6-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[6-resumption-client]
@@ -285,7 +314,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-6]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -304,15 +333,15 @@ resume-client = 7-resumption-client
[7-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[7-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[7-resumption-client]
@@ -321,7 +350,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-7]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -348,7 +377,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[8-resumption-client]
@@ -357,9 +386,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-8]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -384,7 +413,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[9-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[9-resumption-client]
@@ -393,9 +422,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-9]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -420,7 +449,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[10-resumption-client]
@@ -429,9 +458,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-10]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -456,7 +485,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[11-resumption-client]
@@ -465,9 +494,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-11]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -484,15 +513,15 @@ resume-client = 12-resumption-client
[12-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[12-resumption-client]
@@ -501,7 +530,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-12]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
ResumptionExpected = No
@@ -520,15 +549,15 @@ resume-client = 13-resumption-client
[13-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
+MaxProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[13-resumption-client]
@@ -537,7 +566,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-13]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
ResumptionExpected = No
@@ -556,15 +585,15 @@ resume-client = 14-resumption-client
[14-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[14-resumption-client]
@@ -573,7 +602,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-14]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -592,15 +621,15 @@ resume-client = 15-resumption-client
[15-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1.3
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[15-resumption-client]
@@ -609,7 +638,7 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-15]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -636,7 +665,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[16-resumption-client]
@@ -645,9 +674,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-16]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -672,7 +701,7 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-resumption-resume-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[17-resumption-client]
@@ -681,9 +710,9 @@ VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-17]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -694,32 +723,32 @@ ssl_conf = 18-resumption-ssl
[18-resumption-ssl]
server = 18-resumption-server
client = 18-resumption-client
-resume-server = 18-resumption-server
-resume-client = 18-resumption-resume-client
+resume-server = 18-resumption-resume-server
+resume-client = 18-resumption-client
[18-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[18-resumption-client]
+[18-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[18-resumption-resume-client]
+[18-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-18]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -730,32 +759,32 @@ ssl_conf = 19-resumption-ssl
[19-resumption-ssl]
server = 19-resumption-server
client = 19-resumption-client
-resume-server = 19-resumption-server
-resume-client = 19-resumption-resume-client
+resume-server = 19-resumption-resume-server
+resume-client = 19-resumption-client
[19-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[19-resumption-client]
+[19-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[19-resumption-resume-client]
+[19-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-19]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -766,32 +795,32 @@ ssl_conf = 20-resumption-ssl
[20-resumption-ssl]
server = 20-resumption-server
client = 20-resumption-client
-resume-server = 20-resumption-server
-resume-client = 20-resumption-resume-client
+resume-server = 20-resumption-resume-server
+resume-client = 20-resumption-client
[20-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[20-resumption-client]
+[20-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[20-resumption-resume-client]
+[20-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-20]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -802,32 +831,32 @@ ssl_conf = 21-resumption-ssl
[21-resumption-ssl]
server = 21-resumption-server
client = 21-resumption-client
-resume-server = 21-resumption-server
-resume-client = 21-resumption-resume-client
+resume-server = 21-resumption-resume-server
+resume-client = 21-resumption-client
[21-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[21-resumption-client]
+[21-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[21-resumption-resume-client]
+[21-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-21]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -838,30 +867,30 @@ ssl_conf = 22-resumption-ssl
[22-resumption-ssl]
server = 22-resumption-server
client = 22-resumption-client
-resume-server = 22-resumption-server
-resume-client = 22-resumption-resume-client
+resume-server = 22-resumption-resume-server
+resume-client = 22-resumption-client
[22-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[22-resumption-client]
+[22-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[22-resumption-resume-client]
+[22-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-22]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -874,30 +903,30 @@ ssl_conf = 23-resumption-ssl
[23-resumption-ssl]
server = 23-resumption-server
client = 23-resumption-client
-resume-server = 23-resumption-server
-resume-client = 23-resumption-resume-client
+resume-server = 23-resumption-resume-server
+resume-client = 23-resumption-client
[23-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[23-resumption-client]
+[23-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1
-MinProtocol = TLSv1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[23-resumption-resume-client]
+[23-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-23]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
ResumptionExpected = No
@@ -910,25 +939,25 @@ ssl_conf = 24-resumption-ssl
[24-resumption-ssl]
server = 24-resumption-server
client = 24-resumption-client
-resume-server = 24-resumption-server
-resume-client = 24-resumption-resume-client
+resume-server = 24-resumption-resume-server
+resume-client = 24-resumption-client
[24-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[24-resumption-client]
+[24-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[24-resumption-resume-client]
+[24-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -946,25 +975,25 @@ ssl_conf = 25-resumption-ssl
[25-resumption-ssl]
server = 25-resumption-server
client = 25-resumption-client
-resume-server = 25-resumption-server
-resume-client = 25-resumption-resume-client
+resume-server = 25-resumption-resume-server
+resume-client = 25-resumption-client
[25-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[25-resumption-client]
+[25-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[25-resumption-resume-client]
+[25-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -982,32 +1011,32 @@ ssl_conf = 26-resumption-ssl
[26-resumption-ssl]
server = 26-resumption-server
client = 26-resumption-client
-resume-server = 26-resumption-server
-resume-client = 26-resumption-resume-client
+resume-server = 26-resumption-resume-server
+resume-client = 26-resumption-client
[26-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[26-resumption-client]
+[26-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[26-resumption-resume-client]
+[26-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-26]
ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -1018,32 +1047,32 @@ ssl_conf = 27-resumption-ssl
[27-resumption-ssl]
server = 27-resumption-server
client = 27-resumption-client
-resume-server = 27-resumption-server
-resume-client = 27-resumption-resume-client
+resume-server = 27-resumption-resume-server
+resume-client = 27-resumption-client
[27-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[27-resumption-client]
+[27-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[27-resumption-resume-client]
+[27-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-27]
ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -1054,25 +1083,25 @@ ssl_conf = 28-resumption-ssl
[28-resumption-ssl]
server = 28-resumption-server
client = 28-resumption-client
-resume-server = 28-resumption-server
-resume-client = 28-resumption-resume-client
+resume-server = 28-resumption-resume-server
+resume-client = 28-resumption-client
[28-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[28-resumption-client]
+[28-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[28-resumption-resume-client]
+[28-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -1090,25 +1119,25 @@ ssl_conf = 29-resumption-ssl
[29-resumption-ssl]
server = 29-resumption-server
client = 29-resumption-client
-resume-server = 29-resumption-server
-resume-client = 29-resumption-resume-client
+resume-server = 29-resumption-resume-server
+resume-client = 29-resumption-client
[29-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[29-resumption-client]
+[29-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
-MinProtocol = TLSv1.1
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.2
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[29-resumption-resume-client]
+[29-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
@@ -1126,32 +1155,32 @@ ssl_conf = 30-resumption-ssl
[30-resumption-ssl]
server = 30-resumption-server
client = 30-resumption-client
-resume-server = 30-resumption-server
-resume-client = 30-resumption-resume-client
+resume-server = 30-resumption-resume-server
+resume-client = 30-resumption-client
[30-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[30-resumption-client]
+[30-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[30-resumption-resume-client]
+[30-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-30]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1162,32 +1191,32 @@ ssl_conf = 31-resumption-ssl
[31-resumption-ssl]
server = 31-resumption-server
client = 31-resumption-client
-resume-server = 31-resumption-server
-resume-client = 31-resumption-resume-client
+resume-server = 31-resumption-resume-server
+resume-client = 31-resumption-client
[31-resumption-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
Options = -SessionTicket
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[31-resumption-client]
+[31-resumption-resume-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
-VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
-VerifyMode = Peer
+MaxProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[31-resumption-resume-client]
+[31-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-31]
-ExpectedProtocol = TLSv1
+ExpectedProtocol = TLSv1.3
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1209,21 +1238,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[32-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[32-resumption-resume-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-32]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1245,21 +1274,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[33-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[33-resumption-resume-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.1
+MaxProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-33]
-ExpectedProtocol = TLSv1.1
+ExpectedProtocol = TLSv1
HandshakeMode = Resume
-ResumptionExpected = No
+ResumptionExpected = Yes
# ===========================================================
@@ -1281,21 +1310,21 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[34-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[34-resumption-resume-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-34]
-ExpectedProtocol = TLSv1.2
+ExpectedProtocol = TLSv1.1
HandshakeMode = Resume
-ResumptionExpected = Yes
+ResumptionExpected = No
# ===========================================================
@@ -1317,20 +1346,1062 @@ PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
[35-resumption-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
-MinProtocol = TLSv1.2
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[35-resumption-resume-client]
CipherString = DEFAULT
-MaxProtocol = TLSv1.2
+MaxProtocol = TLSv1.1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
[test-35]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[36-resumption]
+ssl_conf = 36-resumption-ssl
+
+[36-resumption-ssl]
+server = 36-resumption-server
+client = 36-resumption-client
+resume-server = 36-resumption-server
+resume-client = 36-resumption-resume-client
+
+[36-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[36-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[36-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-36]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[37-resumption]
+ssl_conf = 37-resumption-ssl
+
+[37-resumption-ssl]
+server = 37-resumption-server
+client = 37-resumption-client
+resume-server = 37-resumption-server
+resume-client = 37-resumption-resume-client
+
+[37-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[37-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[37-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-37]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[38-resumption]
+ssl_conf = 38-resumption-ssl
+
+[38-resumption-ssl]
+server = 38-resumption-server
+client = 38-resumption-client
+resume-server = 38-resumption-server
+resume-client = 38-resumption-resume-client
+
+[38-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[38-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[38-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-38]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[39-resumption]
+ssl_conf = 39-resumption-ssl
+
+[39-resumption-ssl]
+server = 39-resumption-server
+client = 39-resumption-client
+resume-server = 39-resumption-server
+resume-client = 39-resumption-resume-client
+
+[39-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[39-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+MinProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[39-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-39]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[40-resumption]
+ssl_conf = 40-resumption-ssl
+
+[40-resumption-ssl]
+server = 40-resumption-server
+client = 40-resumption-client
+resume-server = 40-resumption-server
+resume-client = 40-resumption-resume-client
+
+[40-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[40-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[40-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-40]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[41-resumption]
+ssl_conf = 41-resumption-ssl
+
+[41-resumption-ssl]
+server = 41-resumption-server
+client = 41-resumption-client
+resume-server = 41-resumption-server
+resume-client = 41-resumption-resume-client
+
+[41-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[41-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[41-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-41]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[42-resumption]
+ssl_conf = 42-resumption-ssl
+
+[42-resumption-ssl]
+server = 42-resumption-server
+client = 42-resumption-client
+resume-server = 42-resumption-server
+resume-client = 42-resumption-resume-client
+
+[42-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[42-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[42-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-42]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[43-resumption]
+ssl_conf = 43-resumption-ssl
+
+[43-resumption-ssl]
+server = 43-resumption-server
+client = 43-resumption-client
+resume-server = 43-resumption-server
+resume-client = 43-resumption-resume-client
+
+[43-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[43-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[43-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-43]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[44-resumption]
+ssl_conf = 44-resumption-ssl
+
+[44-resumption-ssl]
+server = 44-resumption-server
+client = 44-resumption-client
+resume-server = 44-resumption-server
+resume-client = 44-resumption-resume-client
+
+[44-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[44-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[44-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-44]
ExpectedProtocol = TLSv1.2
HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[45-resumption]
+ssl_conf = 45-resumption-ssl
+
+[45-resumption-ssl]
+server = 45-resumption-server
+client = 45-resumption-client
+resume-server = 45-resumption-server
+resume-client = 45-resumption-resume-client
+
+[45-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[45-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[45-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-45]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[46-resumption]
+ssl_conf = 46-resumption-ssl
+
+[46-resumption-ssl]
+server = 46-resumption-server
+client = 46-resumption-client
+resume-server = 46-resumption-server
+resume-client = 46-resumption-resume-client
+
+[46-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[46-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[46-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-46]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[47-resumption]
+ssl_conf = 47-resumption-ssl
+
+[47-resumption-ssl]
+server = 47-resumption-server
+client = 47-resumption-client
+resume-server = 47-resumption-server
+resume-client = 47-resumption-resume-client
+
+[47-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[47-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+MinProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[47-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-47]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[48-resumption]
+ssl_conf = 48-resumption-ssl
+
+[48-resumption-ssl]
+server = 48-resumption-server
+client = 48-resumption-client
+resume-server = 48-resumption-server
+resume-client = 48-resumption-resume-client
+
+[48-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[48-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[48-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-48]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[49-resumption]
+ssl_conf = 49-resumption-ssl
+
+[49-resumption-ssl]
+server = 49-resumption-server
+client = 49-resumption-client
+resume-server = 49-resumption-server
+resume-client = 49-resumption-resume-client
+
+[49-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[49-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[49-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-49]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[50-resumption]
+ssl_conf = 50-resumption-ssl
+
+[50-resumption-ssl]
+server = 50-resumption-server
+client = 50-resumption-client
+resume-server = 50-resumption-server
+resume-client = 50-resumption-resume-client
+
+[50-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[50-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[50-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-50]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[51-resumption]
+ssl_conf = 51-resumption-ssl
+
+[51-resumption-ssl]
+server = 51-resumption-server
+client = 51-resumption-client
+resume-server = 51-resumption-server
+resume-client = 51-resumption-resume-client
+
+[51-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[51-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[51-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-51]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[52-resumption]
+ssl_conf = 52-resumption-ssl
+
+[52-resumption-ssl]
+server = 52-resumption-server
+client = 52-resumption-client
+resume-server = 52-resumption-server
+resume-client = 52-resumption-resume-client
+
+[52-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[52-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[52-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-52]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[53-resumption]
+ssl_conf = 53-resumption-ssl
+
+[53-resumption-ssl]
+server = 53-resumption-server
+client = 53-resumption-client
+resume-server = 53-resumption-server
+resume-client = 53-resumption-resume-client
+
+[53-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[53-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[53-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-53]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[54-resumption]
+ssl_conf = 54-resumption-ssl
+
+[54-resumption-ssl]
+server = 54-resumption-server
+client = 54-resumption-client
+resume-server = 54-resumption-server
+resume-client = 54-resumption-resume-client
+
+[54-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[54-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[54-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-54]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[55-resumption]
+ssl_conf = 55-resumption-ssl
+
+[55-resumption-ssl]
+server = 55-resumption-server
+client = 55-resumption-client
+resume-server = 55-resumption-server
+resume-client = 55-resumption-resume-client
+
+[55-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[55-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+MinProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[55-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-55]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[56-resumption]
+ssl_conf = 56-resumption-ssl
+
+[56-resumption-ssl]
+server = 56-resumption-server
+client = 56-resumption-client
+resume-server = 56-resumption-server
+resume-client = 56-resumption-resume-client
+
+[56-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[56-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[56-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-56]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[57-resumption]
+ssl_conf = 57-resumption-ssl
+
+[57-resumption-ssl]
+server = 57-resumption-server
+client = 57-resumption-client
+resume-server = 57-resumption-server
+resume-client = 57-resumption-resume-client
+
+[57-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[57-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[57-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-57]
+ExpectedProtocol = TLSv1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[58-resumption]
+ssl_conf = 58-resumption-ssl
+
+[58-resumption-ssl]
+server = 58-resumption-server
+client = 58-resumption-client
+resume-server = 58-resumption-server
+resume-client = 58-resumption-resume-client
+
+[58-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[58-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[58-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-58]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[59-resumption]
+ssl_conf = 59-resumption-ssl
+
+[59-resumption-ssl]
+server = 59-resumption-server
+client = 59-resumption-client
+resume-server = 59-resumption-server
+resume-client = 59-resumption-resume-client
+
+[59-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[59-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[59-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-59]
+ExpectedProtocol = TLSv1.1
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[60-resumption]
+ssl_conf = 60-resumption-ssl
+
+[60-resumption-ssl]
+server = 60-resumption-server
+client = 60-resumption-client
+resume-server = 60-resumption-server
+resume-client = 60-resumption-resume-client
+
+[60-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[60-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[60-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-60]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[61-resumption]
+ssl_conf = 61-resumption-ssl
+
+[61-resumption-ssl]
+server = 61-resumption-server
+client = 61-resumption-client
+resume-server = 61-resumption-server
+resume-client = 61-resumption-resume-client
+
+[61-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[61-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[61-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.2
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-61]
+ExpectedProtocol = TLSv1.2
+HandshakeMode = Resume
+ResumptionExpected = No
+
+
+# ===========================================================
+
+[62-resumption]
+ssl_conf = 62-resumption-ssl
+
+[62-resumption-ssl]
+server = 62-resumption-server
+client = 62-resumption-client
+resume-server = 62-resumption-server
+resume-client = 62-resumption-resume-client
+
+[62-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[62-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[62-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-62]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[63-resumption]
+ssl_conf = 63-resumption-ssl
+
+[63-resumption-ssl]
+server = 63-resumption-server
+client = 63-resumption-client
+resume-server = 63-resumption-server
+resume-client = 63-resumption-resume-client
+
+[63-resumption-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = -SessionTicket
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[63-resumption-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[63-resumption-resume-client]
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-63]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+ResumptionExpected = Yes
+
+
+# ===========================================================
+
+[64-resumption-with-hrr]
+ssl_conf = 64-resumption-with-hrr-ssl
+
+[64-resumption-with-hrr-ssl]
+server = 64-resumption-with-hrr-server
+client = 64-resumption-with-hrr-client
+resume-server = 64-resumption-with-hrr-server
+resume-client = 64-resumption-with-hrr-resume-client
+
+[64-resumption-with-hrr-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Curves = P-256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[64-resumption-with-hrr-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[64-resumption-with-hrr-resume-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-64]
+ExpectedProtocol = TLSv1.3
+HandshakeMode = Resume
+Method = TLS
ResumptionExpected = Yes
diff --git a/test/ssl-tests/20-cert-select.conf b/test/ssl-tests/20-cert-select.conf
index 47ff667..609e216 100644
--- a/test/ssl-tests/20-cert-select.conf
+++ b/test/ssl-tests/20-cert-select.conf
@@ -1,6 +1,6 @@
# Generated with generate_ssl_tests.pl
-num_tests = 23
+num_tests = 39
test-0 = 0-ECDSA CipherString Selection
test-1 = 1-Ed25519 CipherString and Signature Algorithm Selection
@@ -24,7 +24,23 @@ test-18 = 18-Suite B P-256 Hash Algorithm Selection
test-19 = 19-Suite B P-384 Hash Algorithm Selection
test-20 = 20-TLS 1.2 Ed25519 Client Auth
test-21 = 21-Only RSA-PSS Certificate, TLS v1.1
-test-22 = 22-TLS 1.2 DSA Certificate Test
+test-22 = 22-TLS 1.3 ECDSA Signature Algorithm Selection
+test-23 = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point
+test-24 = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1
+test-25 = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS
+test-26 = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS
+test-27 = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate
+test-28 = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS
+test-29 = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection
+test-30 = 30-TLS 1.3 Ed25519 Signature Algorithm Selection
+test-31 = 31-TLS 1.3 Ed25519 CipherString and Groups Selection
+test-32 = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection
+test-33 = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names
+test-34 = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection
+test-35 = 35-TLS 1.3 Ed25519 Client Auth
+test-36 = 36-TLS 1.2 DSA Certificate Test
+test-37 = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms
+test-38 = 38-TLS 1.3 DSA Certificate Test
# ===========================================================
[0-ECDSA CipherString Selection]
@@ -697,14 +713,467 @@ ExpectedResult = ServerFail
# ===========================================================
-[22-TLS 1.2 DSA Certificate Test]
-ssl_conf = 22-TLS 1.2 DSA Certificate Test-ssl
+[22-TLS 1.3 ECDSA Signature Algorithm Selection]
+ssl_conf = 22-TLS 1.3 ECDSA Signature Algorithm Selection-ssl
-[22-TLS 1.2 DSA Certificate Test-ssl]
-server = 22-TLS 1.2 DSA Certificate Test-server
-client = 22-TLS 1.2 DSA Certificate Test-client
+[22-TLS 1.3 ECDSA Signature Algorithm Selection-ssl]
+server = 22-TLS 1.3 ECDSA Signature Algorithm Selection-server
+client = 22-TLS 1.3 ECDSA Signature Algorithm Selection-client
-[22-TLS 1.2 DSA Certificate Test-server]
+[22-TLS 1.3 ECDSA Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[22-TLS 1.3 ECDSA Signature Algorithm Selection-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-22]
+ExpectedResult = Success
+ExpectedServerCANames = empty
+ExpectedServerCertType = P-256
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = EC
+
+
+# ===========================================================
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point]
+ssl_conf = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-ssl]
+server = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server
+client = 23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-cecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-cecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[23-TLS 1.3 ECDSA Signature Algorithm Selection compressed point-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-23]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1]
+ssl_conf = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-ssl]
+server = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server
+client = 24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[24-TLS 1.3 ECDSA Signature Algorithm Selection SHA1-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA1
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-24]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS]
+ssl_conf = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-ssl]
+server = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server
+client = 25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[25-TLS 1.3 ECDSA Signature Algorithm Selection with PSS-client]
+CipherString = DEFAULT
+RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+SignatureAlgorithms = ECDSA+SHA256:RSA-PSS+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-25]
+ExpectedResult = Success
+ExpectedServerCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ExpectedServerCertType = P-256
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = EC
+
+
+# ===========================================================
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS]
+ssl_conf = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-ssl]
+server = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server
+client = 26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[26-TLS 1.3 RSA Signature Algorithm Selection SHA384 with PSS-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA384:RSA-PSS+SHA384
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-26]
+ExpectedResult = Success
+ExpectedServerCertType = RSA
+ExpectedServerSignHash = SHA384
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate]
+ssl_conf = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-ssl]
+server = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server
+client = 27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[27-TLS 1.3 ECDSA Signature Algorithm Selection, no ECDSA certificate-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-27]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS]
+ssl_conf = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-ssl]
+server = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server
+client = 28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[28-TLS 1.3 RSA Signature Algorithm Selection, no PSS-client]
+CipherString = DEFAULT
+SignatureAlgorithms = RSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-28]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection]
+ssl_conf = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection-ssl]
+server = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection-server
+client = 29-TLS 1.3 RSA-PSS Signature Algorithm Selection-client
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[29-TLS 1.3 RSA-PSS Signature Algorithm Selection-client]
+CipherString = DEFAULT
+SignatureAlgorithms = RSA-PSS+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-29]
+ExpectedResult = Success
+ExpectedServerCertType = RSA
+ExpectedServerSignHash = SHA256
+ExpectedServerSignType = RSA-PSS
+
+
+# ===========================================================
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection]
+ssl_conf = 30-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection-ssl]
+server = 30-TLS 1.3 Ed25519 Signature Algorithm Selection-server
+client = 30-TLS 1.3 Ed25519 Signature Algorithm Selection-client
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[30-TLS 1.3 Ed25519 Signature Algorithm Selection-client]
+CipherString = DEFAULT
+SignatureAlgorithms = ed25519
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-30]
+ExpectedResult = Success
+ExpectedServerCertType = Ed25519
+ExpectedServerSignType = Ed25519
+
+
+# ===========================================================
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection]
+ssl_conf = 31-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection-ssl]
+server = 31-TLS 1.3 Ed25519 CipherString and Groups Selection-server
+client = 31-TLS 1.3 Ed25519 CipherString and Groups Selection-client
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ecdsa-cert.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ecdsa-key.pem
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[31-TLS 1.3 Ed25519 CipherString and Groups Selection-client]
+CipherString = DEFAULT
+Groups = X25519
+SignatureAlgorithms = ECDSA+SHA256:ed25519
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-31]
+ExpectedResult = Success
+ExpectedServerCertType = P-256
+ExpectedServerSignType = EC
+
+
+# ===========================================================
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection]
+ssl_conf = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-ssl]
+server = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server
+client = 32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = PSS+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[32-TLS 1.3 RSA Client Auth Signature Algorithm Selection-client]
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-32]
+ExpectedClientCANames = empty
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names]
+ssl_conf = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-ssl]
+server = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server
+client = 33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = PSS+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+RequestCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[33-TLS 1.3 RSA Client Auth Signature Algorithm Selection non-empty CA Names-client]
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-33]
+ExpectedClientCANames = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+ExpectedClientCertType = RSA
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = RSA-PSS
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection]
+ssl_conf = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-ssl]
+server = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server
+client = 34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = ECDSA+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[34-TLS 1.3 ECDSA Client Auth Signature Algorithm Selection-client]
+CipherString = DEFAULT
+ECDSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-client-chain.pem
+ECDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-ecdsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+RSA.Certificate = ${ENV::TEST_CERTS_DIR}/ee-client-chain.pem
+RSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/ee-key.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-34]
+ExpectedClientCertType = P-256
+ExpectedClientSignHash = SHA256
+ExpectedClientSignType = EC
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[35-TLS 1.3 Ed25519 Client Auth]
+ssl_conf = 35-TLS 1.3 Ed25519 Client Auth-ssl
+
+[35-TLS 1.3 Ed25519 Client Auth-ssl]
+server = 35-TLS 1.3 Ed25519 Client Auth-server
+client = 35-TLS 1.3 Ed25519 Client Auth-client
+
+[35-TLS 1.3 Ed25519 Client Auth-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Require
+
+[35-TLS 1.3 Ed25519 Client Auth-client]
+CipherString = DEFAULT
+EdDSA.Certificate = ${ENV::TEST_CERTS_DIR}/client-ed25519-cert.pem
+EdDSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/client-ed25519-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-35]
+ExpectedClientCertType = Ed25519
+ExpectedClientSignType = Ed25519
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[36-TLS 1.2 DSA Certificate Test]
+ssl_conf = 36-TLS 1.2 DSA Certificate Test-ssl
+
+[36-TLS 1.2 DSA Certificate Test-ssl]
+server = 36-TLS 1.2 DSA Certificate Test-server
+client = 36-TLS 1.2 DSA Certificate Test-client
+
+[36-TLS 1.2 DSA Certificate Test-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = ALL
DHParameters = ${ENV::TEST_CERTS_DIR}/dhp2048.pem
@@ -714,13 +1183,67 @@ MaxProtocol = TLSv1.2
MinProtocol = TLSv1.2
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[22-TLS 1.2 DSA Certificate Test-client]
+[36-TLS 1.2 DSA Certificate Test-client]
CipherString = ALL
SignatureAlgorithms = DSA+SHA256:DSA+SHA1
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-22]
+[test-36]
ExpectedResult = Success
+# ===========================================================
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms]
+ssl_conf = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-ssl]
+server = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server
+client = 37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+ClientSignatureAlgorithms = ECDSA+SHA1:DSA+SHA256:RSA+SHA256
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/root-cert.pem
+VerifyMode = Request
+
+[37-TLS 1.3 Client Auth No TLS 1.3 Signature Algorithms-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-37]
+ExpectedResult = ServerFail
+
+
+# ===========================================================
+
+[38-TLS 1.3 DSA Certificate Test]
+ssl_conf = 38-TLS 1.3 DSA Certificate Test-ssl
+
+[38-TLS 1.3 DSA Certificate Test-ssl]
+server = 38-TLS 1.3 DSA Certificate Test-server
+client = 38-TLS 1.3 DSA Certificate Test-client
+
+[38-TLS 1.3 DSA Certificate Test-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = ALL
+DSA.Certificate = ${ENV::TEST_CERTS_DIR}/server-dsa-cert.pem
+DSA.PrivateKey = ${ENV::TEST_CERTS_DIR}/server-dsa-key.pem
+MaxProtocol = TLSv1.3
+MinProtocol = TLSv1.3
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[38-TLS 1.3 DSA Certificate Test-client]
+CipherString = ALL
+SignatureAlgorithms = DSA+SHA1:DSA+SHA256:ECDSA+SHA256
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-38]
+ExpectedResult = ServerFail
+
+
diff --git a/test/ssl-tests/22-compression.conf b/test/ssl-tests/22-compression.conf
index 999b008..c85d312 100644
--- a/test/ssl-tests/22-compression.conf
+++ b/test/ssl-tests/22-compression.conf
@@ -1,111 +1,215 @@
# Generated with generate_ssl_tests.pl
-num_tests = 4
+num_tests = 8
+
+test-0 = 0-tlsv1_3-both-compress
+test-1 = 1-tlsv1_3-client-compress
+test-2 = 2-tlsv1_3-server-compress
+test-3 = 3-tlsv1_3-neither-compress
+test-4 = 4-tlsv1_2-both-compress
+test-5 = 5-tlsv1_2-client-compress
+test-6 = 6-tlsv1_2-server-compress
+test-7 = 7-tlsv1_2-neither-compress
+# ===========================================================
+
+[0-tlsv1_3-both-compress]
+ssl_conf = 0-tlsv1_3-both-compress-ssl
+
+[0-tlsv1_3-both-compress-ssl]
+server = 0-tlsv1_3-both-compress-server
+client = 0-tlsv1_3-both-compress-client
+
+[0-tlsv1_3-both-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = Compression
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[0-tlsv1_3-both-compress-client]
+CipherString = DEFAULT
+Options = Compression
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-0]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[1-tlsv1_3-client-compress]
+ssl_conf = 1-tlsv1_3-client-compress-ssl
+
+[1-tlsv1_3-client-compress-ssl]
+server = 1-tlsv1_3-client-compress-server
+client = 1-tlsv1_3-client-compress-client
+
+[1-tlsv1_3-client-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[1-tlsv1_3-client-compress-client]
+CipherString = DEFAULT
+Options = Compression
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-1]
+CompressionExpected = No
+ExpectedResult = Success
+
-test-0 = 0-tlsv1_2-both-compress
-test-1 = 1-tlsv1_2-client-compress
-test-2 = 2-tlsv1_2-server-compress
-test-3 = 3-tlsv1_2-neither-compress
# ===========================================================
-[0-tlsv1_2-both-compress]
-ssl_conf = 0-tlsv1_2-both-compress-ssl
+[2-tlsv1_3-server-compress]
+ssl_conf = 2-tlsv1_3-server-compress-ssl
-[0-tlsv1_2-both-compress-ssl]
-server = 0-tlsv1_2-both-compress-server
-client = 0-tlsv1_2-both-compress-client
+[2-tlsv1_3-server-compress-ssl]
+server = 2-tlsv1_3-server-compress-server
+client = 2-tlsv1_3-server-compress-client
-[0-tlsv1_2-both-compress-server]
+[2-tlsv1_3-server-compress-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Options = Compression
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[0-tlsv1_2-both-compress-client]
+[2-tlsv1_3-server-compress-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-2]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[3-tlsv1_3-neither-compress]
+ssl_conf = 3-tlsv1_3-neither-compress-ssl
+
+[3-tlsv1_3-neither-compress-ssl]
+server = 3-tlsv1_3-neither-compress-server
+client = 3-tlsv1_3-neither-compress-client
+
+[3-tlsv1_3-neither-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[3-tlsv1_3-neither-compress-client]
+CipherString = DEFAULT
+VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
+VerifyMode = Peer
+
+[test-3]
+CompressionExpected = No
+ExpectedResult = Success
+
+
+# ===========================================================
+
+[4-tlsv1_2-both-compress]
+ssl_conf = 4-tlsv1_2-both-compress-ssl
+
+[4-tlsv1_2-both-compress-ssl]
+server = 4-tlsv1_2-both-compress-server
+client = 4-tlsv1_2-both-compress-client
+
+[4-tlsv1_2-both-compress-server]
+Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
+CipherString = DEFAULT
+Options = Compression
+PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
+
+[4-tlsv1_2-both-compress-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
Options = Compression
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-0]
+[test-4]
CompressionExpected = Yes
ExpectedResult = Success
# ===========================================================
-[1-tlsv1_2-client-compress]
-ssl_conf = 1-tlsv1_2-client-compress-ssl
+[5-tlsv1_2-client-compress]
+ssl_conf = 5-tlsv1_2-client-compress-ssl
-[1-tlsv1_2-client-compress-ssl]
-server = 1-tlsv1_2-client-compress-server
-client = 1-tlsv1_2-client-compress-client
+[5-tlsv1_2-client-compress-ssl]
+server = 5-tlsv1_2-client-compress-server
+client = 5-tlsv1_2-client-compress-client
-[1-tlsv1_2-client-compress-server]
+[5-tlsv1_2-client-compress-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[1-tlsv1_2-client-compress-client]
+[5-tlsv1_2-client-compress-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
Options = Compression
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-1]
+[test-5]
CompressionExpected = No
ExpectedResult = Success
# ===========================================================
-[2-tlsv1_2-server-compress]
-ssl_conf = 2-tlsv1_2-server-compress-ssl
+[6-tlsv1_2-server-compress]
+ssl_conf = 6-tlsv1_2-server-compress-ssl
-[2-tlsv1_2-server-compress-ssl]
-server = 2-tlsv1_2-server-compress-server
-client = 2-tlsv1_2-server-compress-client
+[6-tlsv1_2-server-compress-ssl]
+server = 6-tlsv1_2-server-compress-server
+client = 6-tlsv1_2-server-compress-client
-[2-tlsv1_2-server-compress-server]
+[6-tlsv1_2-server-compress-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
Options = Compression
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[2-tlsv1_2-server-compress-client]
+[6-tlsv1_2-server-compress-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-2]
+[test-6]
CompressionExpected = No
ExpectedResult = Success
# ===========================================================
-[3-tlsv1_2-neither-compress]
-ssl_conf = 3-tlsv1_2-neither-compress-ssl
+[7-tlsv1_2-neither-compress]
+ssl_conf = 7-tlsv1_2-neither-compress-ssl
-[3-tlsv1_2-neither-compress-ssl]
-server = 3-tlsv1_2-neither-compress-server
-client = 3-tlsv1_2-neither-compress-client
+[7-tlsv1_2-neither-compress-ssl]
+server = 7-tlsv1_2-neither-compress-server
+client = 7-tlsv1_2-neither-compress-client
-[3-tlsv1_2-neither-compress-server]
+[7-tlsv1_2-neither-compress-server]
Certificate = ${ENV::TEST_CERTS_DIR}/servercert.pem
CipherString = DEFAULT
PrivateKey = ${ENV::TEST_CERTS_DIR}/serverkey.pem
-[3-tlsv1_2-neither-compress-client]
+[7-tlsv1_2-neither-compress-client]
CipherString = DEFAULT
MaxProtocol = TLSv1.2
VerifyCAFile = ${ENV::TEST_CERTS_DIR}/rootcert.pem
VerifyMode = Peer
-[test-3]
+[test-7]
CompressionExpected = No
ExpectedResult = Success
From builds at travis-ci.org Wed Feb 7 21:47:03 2018
From: builds at travis-ci.org (Travis CI)
Date: Wed, 07 Feb 2018 21:47:03 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16148 (master -
048ebcc)
In-Reply-To:
Message-ID: <5a7b73d6cb77c_43fcaa5bc8b8014245b3@2f9f8493-5923-4fd4-9822-27587e4bd149.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16148
Status: Still Failing
Duration: 28 minutes and 48 seconds
Commit: 048ebcc (master)
Author: Richard Levitte
Message: make update ERROR_REBUILD=-rebuild
Reviewed-by: Rich Salz
Reviewed-by: Tim Hudson
(Merged from https://github.com/openssl/openssl/pull/5275)
View the changeset: https://github.com/openssl/openssl/compare/3a7141df8768...048ebccb8840
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/338709907?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Wed Feb 7 22:21:59 2018
From: builds at travis-ci.org (Travis CI)
Date: Wed, 07 Feb 2018 22:21:59 +0000
Subject: [openssl-commits] Fixed: openssl/openssl#16151 (master - c517ac4)
In-Reply-To:
Message-ID: <5a7b7c06c597a_43f82f8109cd424232e1@6325923d-0d1f-4d60-8695-f5815b2c890e.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16151
Status: Fixed
Duration: 33 minutes and 51 seconds
Commit: c517ac4 (master)
Author: Richard Levitte
Message: Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
It turns out that even if you successfully build the engine, it might
not load properly, so we cannot make the test program fail for it.
See the message in commit 25b9d11c002e5c71840c2a6733c5009d78f2c9db
This reverts commit 227a1e3f45bf06fdb00f2bdfb922f6f0d1f1d1de.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5276)
View the changeset: https://github.com/openssl/openssl/compare/048ebccb8840...c517ac4c3f6d
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/338712886?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Wed Feb 7 22:46:34 2018
From: builds at travis-ci.org (Travis CI)
Date: Wed, 07 Feb 2018 22:46:34 +0000
Subject: [openssl-commits] Fixed: openssl/openssl#16153 (master - 4af2697)
In-Reply-To:
Message-ID: <5a7b81ca60f86_43fcab9999db415031d0@2f9f8493-5923-4fd4-9822-27587e4bd149.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16153
Status: Fixed
Duration: 32 minutes and 43 seconds
Commit: 4af2697 (master)
Author: Matt Caswell
Message: Don't run tls13encryptiontest on a shared Windows build
tls13encryptiontest is an "internal" test. As with all the other internal
tests it should not be run on a shared native Windows build.
[extended tests]
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5266)
View the changeset: https://github.com/openssl/openssl/compare/c517ac4c3f6d...4af26979480a
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/338719850?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From openssl at openssl.org Thu Feb 8 00:16:28 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 08 Feb 2018 00:16:28 +0000
Subject: [openssl-commits] FAILED build of OpenSSL branch master with
options -d --strict-warnings no-chacha
Message-ID: <1518048988.534103.16239.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-chacha
Commit log since last time:
4af2697 Don't run tls13encryptiontest on a shared Windows build
04e3bb0 Fix some undefined behaviour in ossltest engine
0f41dc0 Fix clienthellotest with TLSv1.3
f518cef Enable TLSv1.3 by default
c517ac4 Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
048ebcc make update ERROR_REBUILD=-rebuild
cb7b727 mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
3a7141d Make all private functions in e_afalg.c static
7d3901f test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
227a1e3 Modify test/afalgtest to fail if the afalg engine couldn't be loaded
bed4afa Fix glibc specific conditional for Mac OS/X
2b66fd5 Unify timer code
360fc9f Make OPENSSL_rdtsc universally available.
2ad2281 Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
Build log ended with (last 100 lines):
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t .................. ok
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t .............. ok
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................ ok
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................ ok
../../openssl/test/recipes/70-test_renegotiation.t ............ ok
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok
../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok
../../openssl/test/recipes/70-test_sslextension.t ............. ok
../../openssl/test/recipes/70-test_sslmessages.t .............. ok
../../openssl/test/recipes/70-test_sslrecords.t ............... ok
../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok
../../openssl/test/recipes/70-test_sslsignature.t ............. ok
../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok
../../openssl/test/recipes/70-test_sslversions.t .............. ok
../../openssl/test/recipes/70-test_sslvertol.t ................ ok
../../openssl/test/recipes/70-test_tls13cookie.t .............. ok
../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade not run in pre TLSv1.3 RFC implementation
../../openssl/test/recipes/70-test_tls13hrr.t ................. ok
../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok
../../openssl/test/recipes/70-test_tls13messages.t ............ ok
../../openssl/test/recipes/70-test_tls13psk.t ................. ok
../../openssl/test/recipes/70-test_tlsextms.t ................. ok
../../openssl/test/recipes/70-test_verify_extra.t ............. ok
../../openssl/test/recipes/70-test_wpacket.t .................. ok
../../openssl/test/recipes/80-test_ca.t ....................... ok
../../openssl/test/recipes/80-test_cipherbytes.t .............. ok
../../openssl/test/recipes/80-test_cipherlist.t ...............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/80-test_ciphername.t ............... ok
../../openssl/test/recipes/80-test_cms.t ...................... ok
../../openssl/test/recipes/80-test_ct.t ....................... ok
../../openssl/test/recipes/80-test_dane.t ..................... ok
../../openssl/test/recipes/80-test_dtls.t ..................... ok
../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok
../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok
../../openssl/test/recipes/80-test_ocsp.t ..................... ok
../../openssl/test/recipes/80-test_pkcs12.t ................... ok
../../openssl/test/recipes/80-test_ssl_new.t .................. ok
../../openssl/test/recipes/80-test_ssl_old.t .................. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok
../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok
../../openssl/test/recipes/80-test_tsa.t ...................... ok
../../openssl/test/recipes/80-test_x509aux.t .................. ok
../../openssl/test/recipes/90-test_asn1_time.t ................ ok
../../openssl/test/recipes/90-test_async.t .................... ok
../../openssl/test/recipes/90-test_bio_enc.t .................. ok
../../openssl/test/recipes/90-test_constant_time.t ............ ok
../../openssl/test/recipes/90-test_fatalerr.t ................. ok
../../openssl/test/recipes/90-test_gmdiff.t ................... ok
../../openssl/test/recipes/90-test_ige.t ...................... ok
../../openssl/test/recipes/90-test_memleak.t .................. ok
../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds
../../openssl/test/recipes/90-test_secmem.t ................... ok
../../openssl/test/recipes/90-test_shlibload.t ................ ok
../../openssl/test/recipes/90-test_srp.t ...................... ok
../../openssl/test/recipes/90-test_sslapi.t ...................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/90-test_sslbuffers.t ............... ok
../../openssl/test/recipes/90-test_store.t .................... ok
../../openssl/test/recipes/90-test_threads.t .................. ok
../../openssl/test/recipes/90-test_time_offset.t .............. ok
../../openssl/test/recipes/90-test_tls13ccs.t ................. ok
../../openssl/test/recipes/90-test_tls13encryption.t .......... ok
../../openssl/test/recipes/90-test_tls13secrets.t ............. ok
../../openssl/test/recipes/90-test_v3name.t ................... ok
../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/99-test_ecstress.t ................. ok
../../openssl/test/recipes/99-test_fuzz.t ..................... ok
Test Summary Report
-------------------
../../openssl/test/recipes/80-test_cipherlist.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
../../openssl/test/recipes/90-test_sslapi.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
Files=140, Tests=1310, 383 wallclock secs ( 3.78 usr 0.35 sys + 190.82 cusr 24.28 csys = 219.23 CPU)
Result: FAIL
Makefile:171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-chacha'
Makefile:169: recipe for target 'tests' failed
make: *** [tests] Error 2
From openssl at openssl.org Thu Feb 8 01:14:10 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 08 Feb 2018 01:14:10 +0000
Subject: [openssl-commits] Still FAILED build of OpenSSL branch master with
options -d --strict-warnings no-deprecated
Message-ID: <1518052450.798695.21687.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-deprecated
Commit log since last time:
4af2697 Don't run tls13encryptiontest on a shared Windows build
04e3bb0 Fix some undefined behaviour in ossltest engine
0f41dc0 Fix clienthellotest with TLSv1.3
f518cef Enable TLSv1.3 by default
c517ac4 Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
048ebcc make update ERROR_REBUILD=-rebuild
cb7b727 mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
3a7141d Make all private functions in e_afalg.c static
7d3901f test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
227a1e3 Modify test/afalgtest to fail if the afalg engine couldn't be loaded
bed4afa Fix glibc specific conditional for Mac OS/X
2b66fd5 Unify timer code
360fc9f Make OPENSSL_rdtsc universally available.
2ad2281 Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
Build log ended with (last 100 lines):
../../openssl/test/recipes/25-test_verify.t ................... ok
../../openssl/test/recipes/25-test_x509.t ..................... ok
../../openssl/test/recipes/30-test_afalg.t .................... ok
../../openssl/test/recipes/30-test_engine.t ................... ok
../../openssl/test/recipes/30-test_evp.t ...................... ok
../../openssl/test/recipes/30-test_evp_extra.t ................ ok
../../openssl/test/recipes/30-test_pbelu.t .................... ok
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t .................. ok
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t .............. ok
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................ ok
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................ ok
../../openssl/test/recipes/70-test_renegotiation.t ............ ok
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok
../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok
../../openssl/test/recipes/70-test_sslextension.t ............. ok
../../openssl/test/recipes/70-test_sslmessages.t .............. ok
../../openssl/test/recipes/70-test_sslrecords.t ............... ok
../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok
../../openssl/test/recipes/70-test_sslsignature.t ............. ok
../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok
../../openssl/test/recipes/70-test_sslversions.t .............. ok
../../openssl/test/recipes/70-test_sslvertol.t ................ ok
../../openssl/test/recipes/70-test_tls13cookie.t .............. ok
../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade not run in pre TLSv1.3 RFC implementation
../../openssl/test/recipes/70-test_tls13hrr.t ................. ok
../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok
../../openssl/test/recipes/70-test_tls13messages.t ............ ok
../../openssl/test/recipes/70-test_tls13psk.t ................. ok
../../openssl/test/recipes/70-test_tlsextms.t ................. ok
../../openssl/test/recipes/70-test_verify_extra.t ............. ok
../../openssl/test/recipes/70-test_wpacket.t .................. ok
../../openssl/test/recipes/80-test_ca.t ....................... ok
../../openssl/test/recipes/80-test_cipherbytes.t .............. ok
../../openssl/test/recipes/80-test_cipherlist.t ............... ok
../../openssl/test/recipes/80-test_ciphername.t ............... ok
../../openssl/test/recipes/80-test_cms.t ...................... ok
../../openssl/test/recipes/80-test_ct.t ....................... ok
../../openssl/test/recipes/80-test_dane.t ..................... ok
../../openssl/test/recipes/80-test_dtls.t ..................... ok
../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok
../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok
../../openssl/test/recipes/80-test_ocsp.t ..................... ok
../../openssl/test/recipes/80-test_pkcs12.t ................... ok
../../openssl/test/recipes/80-test_ssl_new.t .................. ok
../../openssl/test/recipes/80-test_ssl_old.t .................. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok
../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok
../../openssl/test/recipes/80-test_tsa.t ...................... ok
../../openssl/test/recipes/80-test_x509aux.t .................. ok
../../openssl/test/recipes/90-test_asn1_time.t ................ ok
../../openssl/test/recipes/90-test_async.t .................... ok
../../openssl/test/recipes/90-test_bio_enc.t .................. ok
../../openssl/test/recipes/90-test_constant_time.t ............ ok
../../openssl/test/recipes/90-test_fatalerr.t ................. ok
../../openssl/test/recipes/90-test_gmdiff.t ................... ok
../../openssl/test/recipes/90-test_ige.t ...................... ok
../../openssl/test/recipes/90-test_memleak.t .................. ok
../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds
../../openssl/test/recipes/90-test_secmem.t ................... ok
../../openssl/test/recipes/90-test_shlibload.t ................ ok
../../openssl/test/recipes/90-test_srp.t ...................... ok
../../openssl/test/recipes/90-test_sslapi.t ................... ok
../../openssl/test/recipes/90-test_sslbuffers.t ............... ok
../../openssl/test/recipes/90-test_store.t .................... ok
../../openssl/test/recipes/90-test_threads.t .................. ok
../../openssl/test/recipes/90-test_time_offset.t .............. ok
../../openssl/test/recipes/90-test_tls13ccs.t ................. ok
../../openssl/test/recipes/90-test_tls13encryption.t .......... ok
../../openssl/test/recipes/90-test_tls13secrets.t ............. ok
../../openssl/test/recipes/90-test_v3name.t ................... ok
../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/99-test_ecstress.t ................. ok
../../openssl/test/recipes/99-test_fuzz.t ..................... ok
Test Summary Report
-------------------
../../openssl/test/recipes/01-test_symbol_presence.t (Wstat: 512 Tests: 4 Failed: 2)
Failed tests: 2, 4
Non-zero exit status: 2
Files=140, Tests=1312, 365 wallclock secs ( 3.64 usr 0.36 sys + 174.64 cusr 23.72 csys = 202.36 CPU)
Result: FAIL
Makefile:171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-deprecated'
Makefile:169: recipe for target 'tests' failed
make: *** [tests] Error 2
From levitte at openssl.org Thu Feb 8 04:10:54 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 08 Feb 2018 04:10:54 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518063054.022604.5655.nullmailer@dev.openssl.org>
The branch master has been updated
via 22626b972c024d5ae9922e4a9d710a5f9e51f753 (commit)
from 4af26979480a42e267ff686210bb63b1ebdd0eab (commit)
- Log -----------------------------------------------------------------
commit 22626b972c024d5ae9922e4a9d710a5f9e51f753
Author: Richard Levitte
Date: Wed Feb 7 22:40:32 2018 +0100
With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
The slash should be there according to Microsoft documentation,
see https://msdn.microsoft.com/en-us/library/7cafx990.aspx
Fixes #5277
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5278)
-----------------------------------------------------------------------
Summary of changes:
Configurations/windows-makefile.tmpl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl
index b135502..0abe6ea 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -59,7 +59,7 @@
sub dependmagic {
my $target = shift;
- return "$target: build_generated\n\t\$(MAKE) depend && \$(MAKE) _$target\n_$target";
+ return "$target: build_generated\n\t\$(MAKE) /\$(MAKEFLAGS) depend && \$(MAKE) /\$(MAKEFLAGS) _$target\n_$target";
}
'';
-}
From osslsanity at gmail.com Thu Feb 8 09:18:27 2018
From: osslsanity at gmail.com (osslsanity at gmail.com)
Date: Thu, 8 Feb 2018 09:18:27 +0000 (UTC)
Subject: [openssl-commits] Build failed in Jenkins: master_mips #375
In-Reply-To: <1037560288.321.1517995102352.JavaMail.jenkins@ip-172-31-34-99>
References: <1037560288.321.1517995102352.JavaMail.jenkins@ip-172-31-34-99>
Message-ID: <321265509.322.1518081507484.JavaMail.jenkins@ip-172-31-34-99>
See
Changes:
[levitte] Modify test/afalgtest to fail if the afalg engine couldn't be loaded
[levitte] test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
[levitte] Make all private functions in e_afalg.c static
[levitte] mkerr.pl: When writing internal FOOerr.h, pay attention to disablable
[levitte] make update ERROR_REBUILD=-rebuild
[levitte] Revert "Modify test/afalgtest to fail if the afalg engine couldn't be
[matt] Enable TLSv1.3 by default
[matt] Fix clienthellotest with TLSv1.3
[matt] Fix some undefined behaviour in ossltest engine
[matt] Don't run tls13encryptiontest on a shared Windows build
[levitte] With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
------------------------------------------
[...truncated 281.85 KB...]
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_err.d.tmp -MT crypto/ui/ui_err.o -c -o crypto/ui/ui_err.o crypto/ui/ui_err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_lib.d.tmp -MT crypto/ui/ui_lib.o -c -o crypto/ui/ui_lib.o crypto/ui/ui_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_null.d.tmp -MT crypto/ui/ui_null.o -c -o crypto/ui/ui_null.o crypto/ui/ui_null.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_openssl.d.tmp -MT crypto/ui/ui_openssl.o -c -o crypto/ui/ui_openssl.o crypto/ui/ui_openssl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_util.d.tmp -MT crypto/ui/ui_util.o -c -o crypto/ui/ui_util.o crypto/ui/ui_util.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/uid.d.tmp -MT crypto/uid.o -c -o crypto/uid.o crypto/uid.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/whrlpool/wp_block.d.tmp -MT crypto/whrlpool/wp_block.o -c -o crypto/whrlpool/wp_block.o crypto/whrlpool/wp_block.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/whrlpool/wp_dgst.d.tmp -MT crypto/whrlpool/wp_dgst.o -c -o crypto/whrlpool/wp_dgst.o crypto/whrlpool/wp_dgst.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/by_dir.d.tmp -MT crypto/x509/by_dir.o -c -o crypto/x509/by_dir.o crypto/x509/by_dir.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/by_file.d.tmp -MT crypto/x509/by_file.o -c -o crypto/x509/by_file.o crypto/x509/by_file.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_crl.d.tmp -MT crypto/x509/t_crl.o -c -o crypto/x509/t_crl.o crypto/x509/t_crl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_req.d.tmp -MT crypto/x509/t_req.o -c -o crypto/x509/t_req.o crypto/x509/t_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_x509.d.tmp -MT crypto/x509/t_x509.o -c -o crypto/x509/t_x509.o crypto/x509/t_x509.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_att.d.tmp -MT crypto/x509/x509_att.o -c -o crypto/x509/x509_att.o crypto/x509/x509_att.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_cmp.d.tmp -MT crypto/x509/x509_cmp.o -c -o crypto/x509/x509_cmp.o crypto/x509/x509_cmp.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_d2.d.tmp -MT crypto/x509/x509_d2.o -c -o crypto/x509/x509_d2.o crypto/x509/x509_d2.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_def.d.tmp -MT crypto/x509/x509_def.o -c -o crypto/x509/x509_def.o crypto/x509/x509_def.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_err.d.tmp -MT crypto/x509/x509_err.o -c -o crypto/x509/x509_err.o crypto/x509/x509_err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_ext.d.tmp -MT crypto/x509/x509_ext.o -c -o crypto/x509/x509_ext.o crypto/x509/x509_ext.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_lu.d.tmp -MT crypto/x509/x509_lu.o -c -o crypto/x509/x509_lu.o crypto/x509/x509_lu.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_obj.d.tmp -MT crypto/x509/x509_obj.o -c -o crypto/x509/x509_obj.o crypto/x509/x509_obj.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_r2x.d.tmp -MT crypto/x509/x509_r2x.o -c -o crypto/x509/x509_r2x.o crypto/x509/x509_r2x.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_req.d.tmp -MT crypto/x509/x509_req.o -c -o crypto/x509/x509_req.o crypto/x509/x509_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_set.d.tmp -MT crypto/x509/x509_set.o -c -o crypto/x509/x509_set.o crypto/x509/x509_set.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_trs.d.tmp -MT crypto/x509/x509_trs.o -c -o crypto/x509/x509_trs.o crypto/x509/x509_trs.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_txt.d.tmp -MT crypto/x509/x509_txt.o -c -o crypto/x509/x509_txt.o crypto/x509/x509_txt.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_v3.d.tmp -MT crypto/x509/x509_v3.o -c -o crypto/x509/x509_v3.o crypto/x509/x509_v3.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_vfy.d.tmp -MT crypto/x509/x509_vfy.o -c -o crypto/x509/x509_vfy.o crypto/x509/x509_vfy.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_vpm.d.tmp -MT crypto/x509/x509_vpm.o -c -o crypto/x509/x509_vpm.o crypto/x509/x509_vpm.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509cset.d.tmp -MT crypto/x509/x509cset.o -c -o crypto/x509/x509cset.o crypto/x509/x509cset.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509name.d.tmp -MT crypto/x509/x509name.o -c -o crypto/x509/x509name.o crypto/x509/x509name.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509rset.d.tmp -MT crypto/x509/x509rset.o -c -o crypto/x509/x509rset.o crypto/x509/x509rset.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509spki.d.tmp -MT crypto/x509/x509spki.o -c -o crypto/x509/x509spki.o crypto/x509/x509spki.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509type.d.tmp -MT crypto/x509/x509type.o -c -o crypto/x509/x509type.o crypto/x509/x509type.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_all.d.tmp -MT crypto/x509/x_all.o -c -o crypto/x509/x_all.o crypto/x509/x_all.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_attrib.d.tmp -MT crypto/x509/x_attrib.o -c -o crypto/x509/x_attrib.o crypto/x509/x_attrib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_crl.d.tmp -MT crypto/x509/x_crl.o -c -o crypto/x509/x_crl.o crypto/x509/x_crl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_exten.d.tmp -MT crypto/x509/x_exten.o -c -o crypto/x509/x_exten.o crypto/x509/x_exten.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_name.d.tmp -MT crypto/x509/x_name.o -c -o crypto/x509/x_name.o crypto/x509/x_name.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_pubkey.d.tmp -MT crypto/x509/x_pubkey.o -c -o crypto/x509/x_pubkey.o crypto/x509/x_pubkey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_req.d.tmp -MT crypto/x509/x_req.o -c -o crypto/x509/x_req.o crypto/x509/x_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_x509.d.tmp -MT crypto/x509/x_x509.o -c -o crypto/x509/x_x509.o crypto/x509/x_x509.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_x509a.d.tmp -MT crypto/x509/x_x509a.o -c -o crypto/x509/x_x509a.o crypto/x509/x_x509a.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_cache.d.tmp -MT crypto/x509v3/pcy_cache.o -c -o crypto/x509v3/pcy_cache.o crypto/x509v3/pcy_cache.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_data.d.tmp -MT crypto/x509v3/pcy_data.o -c -o crypto/x509v3/pcy_data.o crypto/x509v3/pcy_data.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_lib.d.tmp -MT crypto/x509v3/pcy_lib.o -c -o crypto/x509v3/pcy_lib.o crypto/x509v3/pcy_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_map.d.tmp -MT crypto/x509v3/pcy_map.o -c -o crypto/x509v3/pcy_map.o crypto/x509v3/pcy_map.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_node.d.tmp -MT crypto/x509v3/pcy_node.o -c -o crypto/x509v3/pcy_node.o crypto/x509v3/pcy_node.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_tree.d.tmp -MT crypto/x509v3/pcy_tree.o -c -o crypto/x509v3/pcy_tree.o crypto/x509v3/pcy_tree.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_addr.d.tmp -MT crypto/x509v3/v3_addr.o -c -o crypto/x509v3/v3_addr.o crypto/x509v3/v3_addr.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_admis.d.tmp -MT crypto/x509v3/v3_admis.o -c -o crypto/x509v3/v3_admis.o crypto/x509v3/v3_admis.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_akey.d.tmp -MT crypto/x509v3/v3_akey.o -c -o crypto/x509v3/v3_akey.o crypto/x509v3/v3_akey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_akeya.d.tmp -MT crypto/x509v3/v3_akeya.o -c -o crypto/x509v3/v3_akeya.o crypto/x509v3/v3_akeya.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_alt.d.tmp -MT crypto/x509v3/v3_alt.o -c -o crypto/x509v3/v3_alt.o crypto/x509v3/v3_alt.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_asid.d.tmp -MT crypto/x509v3/v3_asid.o -c -o crypto/x509v3/v3_asid.o crypto/x509v3/v3_asid.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_bcons.d.tmp -MT crypto/x509v3/v3_bcons.o -c -o crypto/x509v3/v3_bcons.o crypto/x509v3/v3_bcons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_bitst.d.tmp -MT crypto/x509v3/v3_bitst.o -c -o crypto/x509v3/v3_bitst.o crypto/x509v3/v3_bitst.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_conf.d.tmp -MT crypto/x509v3/v3_conf.o -c -o crypto/x509v3/v3_conf.o crypto/x509v3/v3_conf.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_cpols.d.tmp -MT crypto/x509v3/v3_cpols.o -c -o crypto/x509v3/v3_cpols.o crypto/x509v3/v3_cpols.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_crld.d.tmp -MT crypto/x509v3/v3_crld.o -c -o crypto/x509v3/v3_crld.o crypto/x509v3/v3_crld.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_enum.d.tmp -MT crypto/x509v3/v3_enum.o -c -o crypto/x509v3/v3_enum.o crypto/x509v3/v3_enum.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_extku.d.tmp -MT crypto/x509v3/v3_extku.o -c -o crypto/x509v3/v3_extku.o crypto/x509v3/v3_extku.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_genn.d.tmp -MT crypto/x509v3/v3_genn.o -c -o crypto/x509v3/v3_genn.o crypto/x509v3/v3_genn.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_ia5.d.tmp -MT crypto/x509v3/v3_ia5.o -c -o crypto/x509v3/v3_ia5.o crypto/x509v3/v3_ia5.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_info.d.tmp -MT crypto/x509v3/v3_info.o -c -o crypto/x509v3/v3_info.o crypto/x509v3/v3_info.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_int.d.tmp -MT crypto/x509v3/v3_int.o -c -o crypto/x509v3/v3_int.o crypto/x509v3/v3_int.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_lib.d.tmp -MT crypto/x509v3/v3_lib.o -c -o crypto/x509v3/v3_lib.o crypto/x509v3/v3_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_ncons.d.tmp -MT crypto/x509v3/v3_ncons.o -c -o crypto/x509v3/v3_ncons.o crypto/x509v3/v3_ncons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pci.d.tmp -MT crypto/x509v3/v3_pci.o -c -o crypto/x509v3/v3_pci.o crypto/x509v3/v3_pci.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pcia.d.tmp -MT crypto/x509v3/v3_pcia.o -c -o crypto/x509v3/v3_pcia.o crypto/x509v3/v3_pcia.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pcons.d.tmp -MT crypto/x509v3/v3_pcons.o -c -o crypto/x509v3/v3_pcons.o crypto/x509v3/v3_pcons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pku.d.tmp -MT crypto/x509v3/v3_pku.o -c -o crypto/x509v3/v3_pku.o crypto/x509v3/v3_pku.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pmaps.d.tmp -MT crypto/x509v3/v3_pmaps.o -c -o crypto/x509v3/v3_pmaps.o crypto/x509v3/v3_pmaps.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_prn.d.tmp -MT crypto/x509v3/v3_prn.o -c -o crypto/x509v3/v3_prn.o crypto/x509v3/v3_prn.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_purp.d.tmp -MT crypto/x509v3/v3_purp.o -c -o crypto/x509v3/v3_purp.o crypto/x509v3/v3_purp.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_skey.d.tmp -MT crypto/x509v3/v3_skey.o -c -o crypto/x509v3/v3_skey.o crypto/x509v3/v3_skey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_sxnet.d.tmp -MT crypto/x509v3/v3_sxnet.o -c -o crypto/x509v3/v3_sxnet.o crypto/x509v3/v3_sxnet.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_tlsf.d.tmp -MT crypto/x509v3/v3_tlsf.o -c -o crypto/x509v3/v3_tlsf.o crypto/x509v3/v3_tlsf.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_utl.d.tmp -MT crypto/x509v3/v3_utl.o -c -o crypto/x509v3/v3_utl.o crypto/x509v3/v3_utl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3err.d.tmp -MT crypto/x509v3/v3err.o -c -o crypto/x509v3/v3err.o crypto/x509v3/v3err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF engines/e_capi.d.tmp -MT engines/e_capi.o -c -o engines/e_capi.o engines/e_capi.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF engines/e_padlock.d.tmp -MT engines/e_padlock.o -c -o engines/e_padlock.o engines/e_padlock.c
mips64-octeon-linux-gnu-ar r libcrypto.a crypto/aes/aes-mips.o crypto/aes/aes_cbc.o crypto/aes/aes_cfb.o crypto/aes/aes_ecb.o crypto/aes/aes_ige.o crypto/aes/aes_misc.o crypto/aes/aes_ofb.o crypto/aes/aes_wrap.o crypto/aria/aria.o crypto/asn1/a_bitstr.o crypto/asn1/a_d2i_fp.o crypto/asn1/a_digest.o crypto/asn1/a_dup.o crypto/asn1/a_gentm.o crypto/asn1/a_i2d_fp.o crypto/asn1/a_int.o crypto/asn1/a_mbstr.o crypto/asn1/a_object.o crypto/asn1/a_octet.o crypto/asn1/a_print.o crypto/asn1/a_sign.o crypto/asn1/a_strex.o crypto/asn1/a_strnid.o crypto/asn1/a_time.o crypto/asn1/a_type.o crypto/asn1/a_utctm.o crypto/asn1/a_utf8.o crypto/asn1/a_verify.o crypto/asn1/ameth_lib.o crypto/asn1/asn1_err.o crypto/asn1/asn1_gen.o crypto/asn1/asn1_item_list.o crypto/asn1/asn1_lib.o crypto/asn1/asn1_par.o crypto/asn1/asn_mime.o crypto/asn1/asn_moid.o crypto/asn1/asn_mstbl.o crypto/asn1/asn_pack.o crypto/asn1/bio_asn1.o crypto/asn1/bio_ndef.o crypto/asn1/d2i_pr.o crypto/asn1/d2i_pu.o crypto/asn1/evp_asn1.o crypto/asn1/f_int.o crypto/asn1/f_string.o crypto/asn1/i2d_pr.o crypto/asn1/i2d_pu.o crypto/asn1/n_pkey.o crypto/asn1/nsseq.o crypto/asn1/p5_pbe.o crypto/asn1/p5_pbev2.o crypto/asn1/p5_scrypt.o crypto/asn1/p8_pkey.o crypto/asn1/t_bitst.o crypto/asn1/t_pkey.o crypto/asn1/t_spki.o crypto/asn1/tasn_dec.o crypto/asn1/tasn_enc.o crypto/asn1/tasn_fre.o crypto/asn1/tasn_new.o crypto/asn1/tasn_prn.o crypto/asn1/tasn_scn.o crypto/asn1/tasn_typ.o crypto/asn1/tasn_utl.o crypto/asn1/x_algor.o crypto/asn1/x_bignum.o crypto/asn1/x_info.o crypto/asn1/x_int64.o crypto/asn1/x_long.o crypto/asn1/x_pkey.o crypto/asn1/x_sig.o crypto/asn1/x_spki.o crypto/asn1/x_val.o crypto/async/arch/async_null.o crypto/async/arch/async_posix.o crypto/async/arch/async_win.o crypto/async/async.o crypto/async/async_err.o crypto/async/async_wait.o crypto/bf/bf_cfb64.o crypto/bf/bf_ecb.o crypto/bf/bf_enc.o crypto/bf/bf_ofb64.o crypto/bf/bf_skey.o crypto/bio/b_addr.o crypto/bio/b_dump.o crypto/bio/b_print.o crypto/bio/b_sock.o crypto/bio/b_sock2.o crypto/bio/bf_buff.o crypto/bio/bf_lbuf.o crypto/bio/bf_nbio.o crypto/bio/bf_null.o crypto/bio/bio_cb.o crypto/bio/bio_err.o crypto/bio/bio_lib.o crypto/bio/bio_meth.o crypto/bio/bss_acpt.o crypto/bio/bss_bio.o crypto/bio/bss_conn.o crypto/bio/bss_dgram.o crypto/bio/bss_fd.o crypto/bio/bss_file.o crypto/bio/bss_log.o crypto/bio/bss_mem.o crypto/bio/bss_null.o crypto/bio/bss_sock.o crypto/blake2/blake2b.o crypto/blake2/blake2s.o crypto/blake2/m_blake2b.o crypto/blake2/m_blake2s.o crypto/bn/bn-mips.o crypto/bn/bn_add.o crypto/bn/bn_blind.o crypto/bn/bn_const.o crypto/bn/bn_ctx.o crypto/bn/bn_depr.o crypto/bn/bn_dh.o crypto/bn/bn_div.o crypto/bn/bn_err.o crypto/bn/bn_exp.o crypto/bn/bn_exp2.o crypto/bn/bn_gcd.o crypto/bn/bn_gf2m.o crypto/bn/bn_intern.o crypto/bn/bn_kron.o crypto/bn/bn_lib.o crypto/bn/bn_mod.o crypto/bn/bn_mont.o crypto/bn/bn_mpi.o crypto/bn/bn_mul.o crypto/bn/bn_nist.o crypto/bn/bn_prime.o crypto/bn/bn_print.o crypto/bn/bn_rand.o crypto/bn/bn_recp.o crypto/bn/bn_shift.o crypto/bn/bn_sqr.o crypto/bn/bn_sqrt.o crypto/bn/bn_srp.o crypto/bn/bn_word.o crypto/bn/bn_x931p.o crypto/bn/mips-mont.o crypto/buffer/buf_err.o crypto/buffer/buffer.o crypto/camellia/camellia.o crypto/camellia/cmll_cbc.o crypto/camellia/cmll_cfb.o crypto/camellia/cmll_ctr.o crypto/camellia/cmll_ecb.o crypto/camellia/cmll_misc.o crypto/camellia/cmll_ofb.o crypto/cast/c_cfb64.o crypto/cast/c_ecb.o crypto/cast/c_enc.o crypto/cast/c_ofb64.o crypto/cast/c_skey.o crypto/chacha/chacha_enc.o crypto/cmac/cm_ameth.o crypto/cmac/cm_pmeth.o crypto/cmac/cmac.o crypto/cms/cms_asn1.o crypto/cms/cms_att.o crypto/cms/cms_cd.o crypto/cms/cms_dd.o crypto/cms/cms_enc.o crypto/cms/cms_env.o crypto/cms/cms_err.o crypto/cms/cms_ess.o crypto/cms/cms_io.o crypto/cms/cms_kari.o crypto/cms/cms_lib.o crypto/cms/cms_pwri.o crypto/cms/cms_sd.o crypto/cms/cms_smime.o crypto/comp/c_zlib.o crypto/comp/comp_err.o crypto/comp/comp_lib.o crypto/conf/conf_api.o crypto/conf/conf_def.o crypto/conf/conf_err.o crypto/conf/conf_lib.o crypto/conf/conf_mall.o crypto/conf/conf_mod.o crypto/conf/conf_sap.o crypto/cpt_err.o crypto/cryptlib.o crypto/ct/ct_b64.o crypto/ct/ct_err.o crypto/ct/ct_log.o crypto/ct/ct_oct.o crypto/ct/ct_policy.o crypto/ct/ct_prn.o crypto/ct/ct_sct.o crypto/ct/ct_sct_ctx.o crypto/ct/ct_vfy.o crypto/ct/ct_x509v3.o crypto/ctype.o crypto/cversion.o crypto/des/cbc_cksm.o crypto/des/cbc_enc.o crypto/des/cfb64ede.o crypto/des/cfb64enc.o crypto/des/cfb_enc.o crypto/des/des_enc.o crypto/des/ecb3_enc.o crypto/des/ecb_enc.o crypto/des/fcrypt.o crypto/des/fcrypt_b.o crypto/des/ofb64ede.o crypto/des/ofb64enc.o crypto/des/ofb_enc.o crypto/des/pcbc_enc.o crypto/des/qud_cksm.o crypto/des/rand_key.o crypto/des/set_key.o crypto/des/str2key.o crypto/des/xcbc_enc.o crypto/dh/dh_ameth.o crypto/dh/dh_asn1.o crypto/dh/dh_check.o crypto/dh/dh_depr.o crypto/dh/dh_err.o crypto/dh/dh_gen.o crypto/dh/dh_kdf.o crypto/dh/dh_key.o crypto/dh/dh_lib.o crypto/dh/dh_meth.o crypto/dh/dh_pmeth.o crypto/dh/dh_prn.o crypto/dh/dh_rfc5114.o crypto/dh/dh_rfc7919.o crypto/dsa/dsa_ameth.o crypto/dsa/dsa_asn1.o crypto/dsa/dsa_depr.o crypto/dsa/dsa_err.o crypto/dsa/dsa_gen.o crypto/dsa/dsa_key.o crypto/dsa/dsa_lib.o crypto/dsa/dsa_meth.o crypto/dsa/dsa_ossl.o crypto/dsa/dsa_pmeth.o crypto/dsa/dsa_prn.o crypto/dsa/dsa_sign.o crypto/dsa/dsa_vrf.o crypto/dso/dso_dl.o crypto/dso/dso_dlfcn.o crypto/dso/dso_err.o crypto/dso/dso_lib.o crypto/dso/dso_openssl.o crypto/dso/dso_vms.o crypto/dso/dso_win32.o crypto/ebcdic.o crypto/ec/curve25519.o crypto/ec/ec2_mult.o crypto/ec/ec2_oct.o crypto/ec/ec2_smpl.o crypto/ec/ec_ameth.o crypto/ec/ec_asn1.o crypto/ec/ec_check.o crypto/ec/ec_curve.o crypto/ec/ec_cvt.o crypto/ec/ec_err.o crypto/ec/ec_key.o crypto/ec/ec_kmeth.o crypto/ec/ec_lib.o crypto/ec/ec_mult.o crypto/ec/ec_oct.o crypto/ec/ec_pmeth.o crypto/ec/ec_print.o crypto/ec/ecdh_kdf.o crypto/ec/ecdh_ossl.o crypto/ec/ecdsa_ossl.o crypto/ec/ecdsa_sign.o crypto/ec/ecdsa_vrf.o crypto/ec/eck_prn.o crypto/ec/ecp_mont.o crypto/ec/ecp_nist.o crypto/ec/ecp_nistp224.o crypto/ec/ecp_nistp256.o crypto/ec/ecp_nistp521.o crypto/ec/ecp_nistputil.o crypto/ec/ecp_oct.o crypto/ec/ecp_smpl.o crypto/ec/ecx_meth.o crypto/engine/eng_all.o crypto/engine/eng_cnf.o crypto/engine/eng_ctrl.o crypto/engine/eng_dyn.o crypto/engine/eng_err.o crypto/engine/eng_fat.o crypto/engine/eng_init.o crypto/engine/eng_lib.o crypto/engine/eng_list.o crypto/engine/eng_openssl.o crypto/engine/eng_pkey.o crypto/engine/eng_rdrand.o crypto/engine/eng_table.o crypto/engine/tb_asnmth.o crypto/engine/tb_cipher.o crypto/engine/tb_dh.o crypto/engine/tb_digest.o crypto/engine/tb_dsa.o crypto/engine/tb_eckey.o crypto/engine/tb_pkmeth.o crypto/engine/tb_rand.o crypto/engine/tb_rsa.o crypto/err/err.o crypto/err/err_all.o crypto/err/err_prn.o crypto/evp/bio_b64.o crypto/evp/bio_enc.o crypto/evp/bio_md.o crypto/evp/bio_ok.o crypto/evp/c_allc.o crypto/evp/c_alld.o crypto/evp/cmeth_lib.o crypto/evp/digest.o crypto/evp/e_aes.o crypto/evp/e_aes_cbc_hmac_sha1.o crypto/evp/e_aes_cbc_hmac_sha256.o crypto/evp/e_aria.o crypto/evp/e_bf.o crypto/evp/e_camellia.o crypto/evp/e_cast.o crypto/evp/e_chacha20_poly1305.o crypto/evp/e_des.o crypto/evp/e_des3.o crypto/evp/e_idea.o crypto/evp/e_null.o crypto/evp/e_old.o crypto/evp/e_rc2.o crypto/evp/e_rc4.o crypto/evp/e_rc4_hmac_md5.o crypto/evp/e_rc5.o crypto/evp/e_seed.o crypto/evp/e_sm4.o crypto/evp/e_xcbc_d.o crypto/evp/encode.o crypto/evp/evp_cnf.o crypto/evp/evp_enc.o crypto/evp/evp_err.o crypto/evp/evp_key.o crypto/evp/evp_lib.o crypto/evp/evp_pbe.o crypto/evp/evp_pkey.o crypto/evp/m_md2.o crypto/evp/m_md4.o crypto/evp/m_md5.o crypto/evp/m_md5_sha1.o crypto/evp/m_mdc2.o crypto/evp/m_null.o crypto/evp/m_ripemd.o crypto/evp/m_sha1.o crypto/evp/m_sha3.o crypto/evp/m_sigver.o crypto/evp/m_wp.o crypto/evp/names.o crypto/evp/p5_crpt.o crypto/evp/p5_crpt2.o crypto/evp/p_dec.o crypto/evp/p_enc.o crypto/evp/p_lib.o crypto/evp/p_open.o crypto/evp/p_seal.o crypto/evp/p_sign.o crypto/evp/p_verify.o crypto/evp/pbe_scrypt.o crypto/evp/pmeth_fn.o crypto/evp/pmeth_gn.o crypto/evp/pmeth_lib.o crypto/ex_data.o crypto/hmac/hm_ameth.o crypto/hmac/hm_pmeth.o crypto/hmac/hmac.o crypto/idea/i_cbc.o crypto/idea/i_cfb64.o crypto/idea/i_ecb.o crypto/idea/i_ofb64.o crypto/idea/i_skey.o crypto/init.o crypto/kdf/hkdf.o crypto/kdf/kdf_err.o crypto/kdf/scrypt.o crypto/kdf/tls1_prf.o crypto/lhash/lh_stats.o crypto/lhash/lhash.o crypto/md4/md4_dgst.o crypto/md4/md4_one.o crypto/md5/md5_dgst.o crypto/md5/md5_one.o crypto/mdc2/mdc2_one.o crypto/mdc2/mdc2dgst.o crypto/mem.o crypto/mem_clr.o crypto/mem_dbg.o crypto/mem_sec.o crypto/modes/cbc128.o crypto/modes/ccm128.o crypto/modes/cfb128.o crypto/modes/ctr128.o crypto/modes/cts128.o crypto/modes/gcm128.o crypto/modes/ocb128.o crypto/modes/ofb128.o crypto/modes/wrap128.o crypto/modes/xts128.o crypto/o_dir.o crypto/o_fips.o crypto/o_fopen.o crypto/o_init.o crypto/o_str.o crypto/o_time.o crypto/objects/o_names.o crypto/objects/obj_dat.o crypto/objects/obj_err.o crypto/objects/obj_lib.o crypto/objects/obj_xref.o crypto/ocsp/ocsp_asn.o crypto/ocsp/ocsp_cl.o crypto/ocsp/ocsp_err.o crypto/ocsp/ocsp_ext.o crypto/ocsp/ocsp_ht.o crypto/ocsp/ocsp_lib.o crypto/ocsp/ocsp_prn.o crypto/ocsp/ocsp_srv.o crypto/ocsp/ocsp_vfy.o crypto/ocsp/v3_ocsp.o crypto/pem/pem_all.o crypto/pem/pem_err.o crypto/pem/pem_info.o crypto/pem/pem_lib.o crypto/pem/pem_oth.o crypto/pem/pem_pk8.o crypto/pem/pem_pkey.o crypto/pem/pem_sign.o crypto/pem/pem_x509.o crypto/pem/pem_xaux.o crypto/pem/pvkfmt.o crypto/pkcs12/p12_add.o crypto/pkcs12/p12_asn.o crypto/pkcs12/p12_attr.o crypto/pkcs12/p12_crpt.o crypto/pkcs12/p12_crt.o crypto/pkcs12/p12_decr.o crypto/pkcs12/p12_init.o crypto/pkcs12/p12_key.o crypto/pkcs12/p12_kiss.o crypto/pkcs12/p12_mutl.o crypto/pkcs12/p12_npas.o crypto/pkcs12/p12_p8d.o crypto/pkcs12/p12_p8e.o crypto/pkcs12/p12_sbag.o crypto/pkcs12/p12_utl.o crypto/pkcs12/pk12err.o crypto/pkcs7/bio_pk7.o crypto/pkcs7/pk7_asn1.o crypto/pkcs7/pk7_attr.o crypto/pkcs7/pk7_doit.o crypto/pkcs7/pk7_lib.o crypto/pkcs7/pk7_mime.o crypto/pkcs7/pk7_smime.o crypto/pkcs7/pkcs7err.o crypto/poly1305/poly1305-mips.o crypto/poly1305/poly1305.o crypto/poly1305/poly1305_ameth.o crypto/poly1305/poly1305_pmeth.o crypto/rand/drbg_ctr.o crypto/rand/drbg_lib.o crypto/rand/rand_egd.o crypto/rand/rand_err.o crypto/rand/rand_lib.o crypto/rand/rand_unix.o crypto/rand/rand_vms.o crypto/rand/rand_win.o crypto/rand/randfile.o crypto/rc2/rc2_cbc.o crypto/rc2/rc2_ecb.o crypto/rc2/rc2_skey.o crypto/rc2/rc2cfb64.o crypto/rc2/rc2ofb64.o crypto/rc4/rc4_enc.o crypto/rc4/rc4_skey.o crypto/ripemd/rmd_dgst.o crypto/ripemd/rmd_one.o crypto/rsa/rsa_ameth.o crypto/rsa/rsa_asn1.o crypto/rsa/rsa_chk.o crypto/rsa/rsa_crpt.o crypto/rsa/rsa_depr.o crypto/rsa/rsa_err.o crypto/rsa/rsa_gen.o crypto/rsa/rsa_lib.o crypto/rsa/rsa_meth.o crypto/rsa/rsa_mp.o crypto/rsa/rsa_none.o crypto/rsa/rsa_oaep.o crypto/rsa/rsa_ossl.o crypto/rsa/rsa_pk1.o crypto/rsa/rsa_pmeth.o crypto/rsa/rsa_prn.o crypto/rsa/rsa_pss.o crypto/rsa/rsa_saos.o crypto/rsa/rsa_sign.o crypto/rsa/rsa_ssl.o crypto/rsa/rsa_x931.o crypto/rsa/rsa_x931g.o crypto/seed/seed.o crypto/seed/seed_cbc.o crypto/seed/seed_cfb.o crypto/seed/seed_ecb.o crypto/seed/seed_ofb.o crypto/sha/keccak1600.o crypto/sha/sha1-mips.o crypto/sha/sha1_one.o crypto/sha/sha1dgst.o crypto/sha/sha256-mips.o crypto/sha/sha256.o crypto/sha/sha512-mips.o crypto/sha/sha512.o crypto/siphash/siphash.o crypto/siphash/siphash_ameth.o crypto/siphash/siphash_pmeth.o crypto/sm3/m_sm3.o crypto/sm3/sm3.o crypto/sm4/sm4.o crypto/srp/srp_lib.o crypto/srp/srp_vfy.o crypto/stack/stack.o crypto/store/loader_file.o crypto/store/store_err.o crypto/store/store_init.o crypto/store/store_lib.o crypto/store/store_register.o crypto/store/store_strings.o crypto/threads_none.o crypto/threads_pthread.o crypto/threads_win.o crypto/ts/ts_asn1.o crypto/ts/ts_conf.o crypto/ts/ts_err.o crypto/ts/ts_lib.o crypto/ts/ts_req_print.o crypto/ts/ts_req_utils.o crypto/ts/ts_rsp_print.o crypto/ts/ts_rsp_sign.o crypto/ts/ts_rsp_utils.o crypto/ts/ts_rsp_verify.o crypto/ts/ts_verify_ctx.o crypto/txt_db/txt_db.o crypto/ui/ui_err.o crypto/ui/ui_lib.o crypto/ui/ui_null.o crypto/ui/ui_openssl.o crypto/ui/ui_util.o crypto/uid.o crypto/whrlpool/wp_block.o crypto/whrlpool/wp_dgst.o crypto/x509/by_dir.o crypto/x509/by_file.o crypto/x509/t_crl.o crypto/x509/t_req.o crypto/x509/t_x509.o crypto/x509/x509_att.o crypto/x509/x509_cmp.o crypto/x509/x509_d2.o crypto/x509/x509_def.o crypto/x509/x509_err.o crypto/x509/x509_ext.o crypto/x509/x509_lu.o crypto/x509/x509_obj.o crypto/x509/x509_r2x.o crypto/x509/x509_req.o crypto/x509/x509_set.o crypto/x509/x509_trs.o crypto/x509/x509_txt.o crypto/x509/x509_v3.o crypto/x509/x509_vfy.o crypto/x509/x509_vpm.o crypto/x509/x509cset.o crypto/x509/x509name.o crypto/x509/x509rset.o crypto/x509/x509spki.o crypto/x509/x509type.o crypto/x509/x_all.o crypto/x509/x_attrib.o crypto/x509/x_crl.o crypto/x509/x_exten.o crypto/x509/x_name.o crypto/x509/x_pubkey.o crypto/x509/x_req.o crypto/x509/x_x509.o crypto/x509/x_x509a.o crypto/x509v3/pcy_cache.o crypto/x509v3/pcy_data.o crypto/x509v3/pcy_lib.o crypto/x509v3/pcy_map.o crypto/x509v3/pcy_node.o crypto/x509v3/pcy_tree.o crypto/x509v3/v3_addr.o crypto/x509v3/v3_admis.o crypto/x509v3/v3_akey.o crypto/x509v3/v3_akeya.o crypto/x509v3/v3_alt.o crypto/x509v3/v3_asid.o crypto/x509v3/v3_bcons.o crypto/x509v3/v3_bitst.o crypto/x509v3/v3_conf.o crypto/x509v3/v3_cpols.o crypto/x509v3/v3_crld.o crypto/x509v3/v3_enum.o crypto/x509v3/v3_extku.o crypto/x509v3/v3_genn.o crypto/x509v3/v3_ia5.o crypto/x509v3/v3_info.o crypto/x509v3/v3_int.o crypto/x509v3/v3_lib.o crypto/x509v3/v3_ncons.o crypto/x509v3/v3_pci.o crypto/x509v3/v3_pcia.o crypto/x509v3/v3_pcons.o crypto/x509v3/v3_pku.o crypto/x509v3/v3_pmaps.o crypto/x509v3/v3_prn.o crypto/x509v3/v3_purp.o crypto/x509v3/v3_skey.o crypto/x509v3/v3_sxnet.o crypto/x509v3/v3_tlsf.o crypto/x509v3/v3_utl.o crypto/x509v3/v3err.o engines/e_capi.o engines/e_padlock.o
mips64-octeon-linux-gnu-ar: creating libcrypto.a
mips64-octeon-linux-gnu-ranlib libcrypto.a || echo Never mind.
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/bio_ssl.d.tmp -MT ssl/bio_ssl.o -c -o ssl/bio_ssl.o ssl/bio_ssl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_lib.d.tmp -MT ssl/d1_lib.o -c -o ssl/d1_lib.o ssl/d1_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_msg.d.tmp -MT ssl/d1_msg.o -c -o ssl/d1_msg.o ssl/d1_msg.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_srtp.d.tmp -MT ssl/d1_srtp.o -c -o ssl/d1_srtp.o ssl/d1_srtp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/methods.d.tmp -MT ssl/methods.o -c -o ssl/methods.o ssl/methods.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/packet.d.tmp -MT ssl/packet.o -c -o ssl/packet.o ssl/packet.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/pqueue.d.tmp -MT ssl/pqueue.o -c -o ssl/pqueue.o ssl/pqueue.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/dtls1_bitmap.d.tmp -MT ssl/record/dtls1_bitmap.o -c -o ssl/record/dtls1_bitmap.o ssl/record/dtls1_bitmap.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/rec_layer_d1.d.tmp -MT ssl/record/rec_layer_d1.o -c -o ssl/record/rec_layer_d1.o ssl/record/rec_layer_d1.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/rec_layer_s3.d.tmp -MT ssl/record/rec_layer_s3.o -c -o ssl/record/rec_layer_s3.o ssl/record/rec_layer_s3.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_buffer.d.tmp -MT ssl/record/ssl3_buffer.o -c -o ssl/record/ssl3_buffer.o ssl/record/ssl3_buffer.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_record.d.tmp -MT ssl/record/ssl3_record.o -c -o ssl/record/ssl3_record.o ssl/record/ssl3_record.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_record_tls13.d.tmp -MT ssl/record/ssl3_record_tls13.o -c -o ssl/record/ssl3_record_tls13.o ssl/record/ssl3_record_tls13.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_cbc.d.tmp -MT ssl/s3_cbc.o -c -o ssl/s3_cbc.o ssl/s3_cbc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_enc.d.tmp -MT ssl/s3_enc.o -c -o ssl/s3_enc.o ssl/s3_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_lib.d.tmp -MT ssl/s3_lib.o -c -o ssl/s3_lib.o ssl/s3_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_msg.d.tmp -MT ssl/s3_msg.o -c -o ssl/s3_msg.o ssl/s3_msg.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_asn1.d.tmp -MT ssl/ssl_asn1.o -c -o ssl/ssl_asn1.o ssl/ssl_asn1.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_cert.d.tmp -MT ssl/ssl_cert.o -c -o ssl/ssl_cert.o ssl/ssl_cert.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_ciph.d.tmp -MT ssl/ssl_ciph.o -c -o ssl/ssl_ciph.o ssl/ssl_ciph.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_conf.d.tmp -MT ssl/ssl_conf.o -c -o ssl/ssl_conf.o ssl/ssl_conf.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_err.d.tmp -MT ssl/ssl_err.o -c -o ssl/ssl_err.o ssl/ssl_err.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_init.d.tmp -MT ssl/ssl_init.o -c -o ssl/ssl_init.o ssl/ssl_init.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_lib.d.tmp -MT ssl/ssl_lib.o -c -o ssl/ssl_lib.o ssl/ssl_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_mcnf.d.tmp -MT ssl/ssl_mcnf.o -c -o ssl/ssl_mcnf.o ssl/ssl_mcnf.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_rsa.d.tmp -MT ssl/ssl_rsa.o -c -o ssl/ssl_rsa.o ssl/ssl_rsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_sess.d.tmp -MT ssl/ssl_sess.o -c -o ssl/ssl_sess.o ssl/ssl_sess.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_stat.d.tmp -MT ssl/ssl_stat.o -c -o ssl/ssl_stat.o ssl/ssl_stat.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_txt.d.tmp -MT ssl/ssl_txt.o -c -o ssl/ssl_txt.o ssl/ssl_txt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_utst.d.tmp -MT ssl/ssl_utst.o -c -o ssl/ssl_utst.o ssl/ssl_utst.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions.d.tmp -MT ssl/statem/extensions.o -c -o ssl/statem/extensions.o ssl/statem/extensions.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_clnt.d.tmp -MT ssl/statem/extensions_clnt.o -c -o ssl/statem/extensions_clnt.o ssl/statem/extensions_clnt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_cust.d.tmp -MT ssl/statem/extensions_cust.o -c -o ssl/statem/extensions_cust.o ssl/statem/extensions_cust.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_srvr.d.tmp -MT ssl/statem/extensions_srvr.o -c -o ssl/statem/extensions_srvr.o ssl/statem/extensions_srvr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem.d.tmp -MT ssl/statem/statem.o -c -o ssl/statem/statem.o ssl/statem/statem.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_clnt.d.tmp -MT ssl/statem/statem_clnt.o -c -o ssl/statem/statem_clnt.o ssl/statem/statem_clnt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_dtls.d.tmp -MT ssl/statem/statem_dtls.o -c -o ssl/statem/statem_dtls.o ssl/statem/statem_dtls.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_lib.d.tmp -MT ssl/statem/statem_lib.o -c -o ssl/statem/statem_lib.o ssl/statem/statem_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_srvr.d.tmp -MT ssl/statem/statem_srvr.o -c -o ssl/statem/statem_srvr.o ssl/statem/statem_srvr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_enc.d.tmp -MT ssl/t1_enc.o -c -o ssl/t1_enc.o ssl/t1_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_lib.d.tmp -MT ssl/t1_lib.o -c -o ssl/t1_lib.o ssl/t1_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_trce.d.tmp -MT ssl/t1_trce.o -c -o ssl/t1_trce.o ssl/t1_trce.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/tls13_enc.d.tmp -MT ssl/tls13_enc.o -c -o ssl/tls13_enc.o ssl/tls13_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/tls_srp.d.tmp -MT ssl/tls_srp.o -c -o ssl/tls_srp.o ssl/tls_srp.c
mips64-octeon-linux-gnu-ar r libssl.a ssl/bio_ssl.o ssl/d1_lib.o ssl/d1_msg.o ssl/d1_srtp.o ssl/methods.o ssl/packet.o ssl/pqueue.o ssl/record/dtls1_bitmap.o ssl/record/rec_layer_d1.o ssl/record/rec_layer_s3.o ssl/record/ssl3_buffer.o ssl/record/ssl3_record.o ssl/record/ssl3_record_tls13.o ssl/s3_cbc.o ssl/s3_enc.o ssl/s3_lib.o ssl/s3_msg.o ssl/ssl_asn1.o ssl/ssl_cert.o ssl/ssl_ciph.o ssl/ssl_conf.o ssl/ssl_err.o ssl/ssl_init.o ssl/ssl_lib.o ssl/ssl_mcnf.o ssl/ssl_rsa.o ssl/ssl_sess.o ssl/ssl_stat.o ssl/ssl_txt.o ssl/ssl_utst.o ssl/statem/extensions.o ssl/statem/extensions_clnt.o ssl/statem/extensions_cust.o ssl/statem/extensions_srvr.o ssl/statem/statem.o ssl/statem/statem_clnt.o ssl/statem/statem_dtls.o ssl/statem/statem_lib.o ssl/statem/statem_srvr.o ssl/t1_enc.o ssl/t1_lib.o ssl/t1_trce.o ssl/tls13_enc.o ssl/tls_srp.o
mips64-octeon-linux-gnu-ar: creating libssl.a
mips64-octeon-linux-gnu-ranlib libssl.a || echo Never mind.
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/basic_output.d.tmp -MT test/testutil/basic_output.o -c -o test/testutil/basic_output.o test/testutil/basic_output.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/cb.d.tmp -MT test/testutil/cb.o -c -o test/testutil/cb.o test/testutil/cb.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/driver.d.tmp -MT test/testutil/driver.o -c -o test/testutil/driver.o test/testutil/driver.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/format_output.d.tmp -MT test/testutil/format_output.o -c -o test/testutil/format_output.o test/testutil/format_output.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/init.d.tmp -MT test/testutil/init.o -c -o test/testutil/init.o test/testutil/init.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/main.d.tmp -MT test/testutil/main.o -c -o test/testutil/main.o test/testutil/main.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/output_helpers.d.tmp -MT test/testutil/output_helpers.o -c -o test/testutil/output_helpers.o test/testutil/output_helpers.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/stanza.d.tmp -MT test/testutil/stanza.o -c -o test/testutil/stanza.o test/testutil/stanza.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/tap_bio.d.tmp -MT test/testutil/tap_bio.o -c -o test/testutil/tap_bio.o test/testutil/tap_bio.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/test_cleanup.d.tmp -MT test/testutil/test_cleanup.o -c -o test/testutil/test_cleanup.o test/testutil/test_cleanup.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/tests.d.tmp -MT test/testutil/tests.o -c -o test/testutil/tests.o test/testutil/tests.c
mips64-octeon-linux-gnu-ar r test/libtestutil.a test/testutil/basic_output.o test/testutil/cb.o test/testutil/driver.o test/testutil/format_output.o test/testutil/init.o test/testutil/main.o test/testutil/output_helpers.o test/testutil/stanza.o test/testutil/tap_bio.o test/testutil/test_cleanup.o test/testutil/tests.o
mips64-octeon-linux-gnu-ar: creating test/libtestutil.a
mips64-octeon-linux-gnu-ranlib test/libtestutil.a || echo Never mind.
/usr/bin/perl apps/progs.pl apps/openssl > apps/progs.h
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/asn1pars.d.tmp -MT apps/asn1pars.o -c -o apps/asn1pars.o apps/asn1pars.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ca.d.tmp -MT apps/ca.o -c -o apps/ca.o apps/ca.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ciphers.d.tmp -MT apps/ciphers.o -c -o apps/ciphers.o apps/ciphers.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/cms.d.tmp -MT apps/cms.o -c -o apps/cms.o apps/cms.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/crl.d.tmp -MT apps/crl.o -c -o apps/crl.o apps/crl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/crl2p7.d.tmp -MT apps/crl2p7.o -c -o apps/crl2p7.o apps/crl2p7.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dgst.d.tmp -MT apps/dgst.o -c -o apps/dgst.o apps/dgst.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dhparam.d.tmp -MT apps/dhparam.o -c -o apps/dhparam.o apps/dhparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dsa.d.tmp -MT apps/dsa.o -c -o apps/dsa.o apps/dsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dsaparam.d.tmp -MT apps/dsaparam.o -c -o apps/dsaparam.o apps/dsaparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ec.d.tmp -MT apps/ec.o -c -o apps/ec.o apps/ec.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ecparam.d.tmp -MT apps/ecparam.o -c -o apps/ecparam.o apps/ecparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/enc.d.tmp -MT apps/enc.o -c -o apps/enc.o apps/enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/engine.d.tmp -MT apps/engine.o -c -o apps/engine.o apps/engine.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/errstr.d.tmp -MT apps/errstr.o -c -o apps/errstr.o apps/errstr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/gendsa.d.tmp -MT apps/gendsa.o -c -o apps/gendsa.o apps/gendsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/genpkey.d.tmp -MT apps/genpkey.o -c -o apps/genpkey.o apps/genpkey.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/genrsa.d.tmp -MT apps/genrsa.o -c -o apps/genrsa.o apps/genrsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/nseq.d.tmp -MT apps/nseq.o -c -o apps/nseq.o apps/nseq.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ocsp.d.tmp -MT apps/ocsp.o -c -o apps/ocsp.o apps/ocsp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/openssl.d.tmp -MT apps/openssl.o -c -o apps/openssl.o apps/openssl.c
apps/openssl.c: In function 'list_type':
apps/openssl.c:523: warning: 'dc.width' may be used uninitialized in this function
apps/openssl.c:523: warning: 'dc.columns' may be used uninitialized in this function
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/passwd.d.tmp -MT apps/passwd.o -c -o apps/passwd.o apps/passwd.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs12.d.tmp -MT apps/pkcs12.o -c -o apps/pkcs12.o apps/pkcs12.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs7.d.tmp -MT apps/pkcs7.o -c -o apps/pkcs7.o apps/pkcs7.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs8.d.tmp -MT apps/pkcs8.o -c -o apps/pkcs8.o apps/pkcs8.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkey.d.tmp -MT apps/pkey.o -c -o apps/pkey.o apps/pkey.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkeyparam.d.tmp -MT apps/pkeyparam.o -c -o apps/pkeyparam.o apps/pkeyparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkeyutl.d.tmp -MT apps/pkeyutl.o -c -o apps/pkeyutl.o apps/pkeyutl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/prime.d.tmp -MT apps/prime.o -c -o apps/prime.o apps/prime.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rand.d.tmp -MT apps/rand.o -c -o apps/rand.o apps/rand.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rehash.d.tmp -MT apps/rehash.o -c -o apps/rehash.o apps/rehash.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/req.d.tmp -MT apps/req.o -c -o apps/req.o apps/req.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rsa.d.tmp -MT apps/rsa.o -c -o apps/rsa.o apps/rsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rsautl.d.tmp -MT apps/rsautl.o -c -o apps/rsautl.o apps/rsautl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_client.d.tmp -MT apps/s_client.o -c -o apps/s_client.o apps/s_client.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_server.d.tmp -MT apps/s_server.o -c -o apps/s_server.o apps/s_server.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_time.d.tmp -MT apps/s_time.o -c -o apps/s_time.o apps/s_time.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/sess_id.d.tmp -MT apps/sess_id.o -c -o apps/sess_id.o apps/sess_id.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/smime.d.tmp -MT apps/smime.o -c -o apps/smime.o apps/smime.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/speed.d.tmp -MT apps/speed.o -c -o apps/speed.o apps/speed.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/spkac.d.tmp -MT apps/spkac.o -c -o apps/spkac.o apps/spkac.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/srp.d.tmp -MT apps/srp.o -c -o apps/srp.o apps/srp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/storeutl.d.tmp -MT apps/storeutl.o -c -o apps/storeutl.o apps/storeutl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ts.d.tmp -MT apps/ts.o -c -o apps/ts.o apps/ts.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/verify.d.tmp -MT apps/verify.o -c -o apps/verify.o apps/verify.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/version.d.tmp -MT apps/version.o -c -o apps/version.o apps/version.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/x509.d.tmp -MT apps/x509.o -c -o apps/x509.o apps/x509.c
rm -f apps/openssl
${LDCMD:-mips64-octeon-linux-gnu-gcc} -mips3 -Wall -O3 -pthread -mabi=n32 -L. \
-o apps/openssl apps/asn1pars.o apps/ca.o apps/ciphers.o apps/cms.o apps/crl.o apps/crl2p7.o apps/dgst.o apps/dhparam.o apps/dsa.o apps/dsaparam.o apps/ec.o apps/ecparam.o apps/enc.o apps/engine.o apps/errstr.o apps/gendsa.o apps/genpkey.o apps/genrsa.o apps/nseq.o apps/ocsp.o apps/openssl.o apps/passwd.o apps/pkcs12.o apps/pkcs7.o apps/pkcs8.o apps/pkey.o apps/pkeyparam.o apps/pkeyutl.o apps/prime.o apps/rand.o apps/rehash.o apps/req.o apps/rsa.o apps/rsautl.o apps/s_client.o apps/s_server.o apps/s_time.o apps/sess_id.o apps/smime.o apps/speed.o apps/spkac.o apps/srp.o apps/storeutl.o apps/ts.o apps/verify.o apps/version.o apps/x509.o \
apps/libapps.a -lssl -lcrypto -ldl -pthread
./libcrypto.a(async_posix.o): In function `ASYNC_is_capable':
async_posix.c:(.text+0x6c): warning: warning: getcontext is not implemented and will always fail
./libcrypto.a(async.o): In function `async_fibre_swapcontext':
async.c:(.text+0x2fc): warning: warning: setcontext is not implemented and will always fail
./libcrypto.a(async_posix.o): In function `async_fibre_makecontext':
async_posix.c:(.text+0x10c): warning: warning: makecontext is not implemented and will always fail
apps/speed.o: In function `speed_main':
speed.c:(.text+0x74bc): undefined reference to `CRYPTO_memcmp'
speed.c:(.text+0x74bc): relocation truncated to fit: R_MIPS_26 against `CRYPTO_memcmp'
./libssl.a(ssl3_record.o): In function `dtls1_process_record':
ssl3_record.c:(.text+0x1e14): undefined reference to `CRYPTO_memcmp'
ssl3_record.c:(.text+0x1f7c): undefined reference to `CRYPTO_memcmp'
./libssl.a(ssl3_record.o): In function `ssl3_get_record':
ssl3_record.c:(.text+0x2a88): undefined reference to `CRYPTO_memcmp'
ssl3_record.c:(.text+0x3210): undefined reference to `CRYPTO_memcmp'
./libssl.a(extensions.o):extensions.c:(.text+0xa84): more undefined references to `CRYPTO_memcmp' follow
./libcrypto.a(init.o): In function `ossl_init_base_ossl_':
init.c:(.text+0x8e0): undefined reference to `OPENSSL_cpuid_setup'
./libcrypto.a(gcm128.o): In function `CRYPTO_gcm128_finish':
gcm128.c:(.text+0x23cc): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(ocb128.o): In function `CRYPTO_ocb128_finish':
ocb128.c:(.text+0x144): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(wrap128.o): In function `CRYPTO_128_unwrap_pad':
wrap128.c:(.text+0x494): undefined reference to `CRYPTO_memcmp'
wrap128.c:(.text+0x588): undefined reference to `CRYPTO_memcmp'
wrap128.c:(.text+0x5b0): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(wrap128.o):wrap128.c:(.text+0x624): more undefined references to `CRYPTO_memcmp' follow
./libcrypto.a(rand_lib.o): In function `rand_drbg_get_additional_data':
rand_lib.c:(.text+0xedc): undefined reference to `OPENSSL_rdtsc'
rand_lib.c:(.text+0xf70): undefined reference to `OPENSSL_rdtsc'
./libcrypto.a(curve25519.o): In function `X25519':
curve25519.c:(.text+0x4e58): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(curve25519.o): In function `ge_frombytes_vartime':
curve25519.c:(.text+0x559c): undefined reference to `CRYPTO_memcmp'
curve25519.c:(.text+0x5754): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(curve25519.o): In function `ED25519_verify':
curve25519.c:(.text+0xdea8): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
eng_all.c:(.text+0x14): undefined reference to `OPENSSL_cpuid_setup'
./libcrypto.a(rsa_oaep.o): In function `RSA_padding_check_PKCS1_OAEP_mgf1':
rsa_oaep.c:(.text+0x4e0): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(dh_kdf.o): In function `DH_KDF_X9_42':
dh_kdf.c:(.text+0x35c): undefined reference to `CRYPTO_memcmp'
collect2: ld returned 1 exit status
make[1]: *** [apps/openssl] Error 1
make[1]: Leaving directory `
make: *** [all] Error 2
Build step 'Execute shell' marked build as failure
From openssl at openssl.org Thu Feb 8 09:28:14 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 08 Feb 2018 09:28:14 +0000
Subject: [openssl-commits] FAILED build of OpenSSL branch master with
options -d --strict-warnings no-nextprotoneg
Message-ID: <1518082094.819977.16530.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-nextprotoneg
Commit log since last time:
4af2697 Don't run tls13encryptiontest on a shared Windows build
04e3bb0 Fix some undefined behaviour in ossltest engine
0f41dc0 Fix clienthellotest with TLSv1.3
f518cef Enable TLSv1.3 by default
c517ac4 Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
048ebcc make update ERROR_REBUILD=-rebuild
cb7b727 mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
3a7141d Make all private functions in e_afalg.c static
7d3901f test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
227a1e3 Modify test/afalgtest to fail if the afalg engine couldn't be loaded
bed4afa Fix glibc specific conditional for Mac OS/X
2b66fd5 Unify timer code
360fc9f Make OPENSSL_rdtsc universally available.
2ad2281 Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
Build log ended with (last 100 lines):
../../openssl/test/recipes/03-test_internal_asn1.t ............ ok
../../openssl/test/recipes/03-test_internal_chacha.t .......... ok
../../openssl/test/recipes/03-test_internal_mdc2.t ............ ok
../../openssl/test/recipes/03-test_internal_modes.t ........... ok
../../openssl/test/recipes/03-test_internal_poly1305.t ........ ok
../../openssl/test/recipes/03-test_internal_siphash.t ......... ok
../../openssl/test/recipes/03-test_internal_sm4.t ............. ok
../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok
../../openssl/test/recipes/03-test_internal_x509.t ............ ok
../../openssl/test/recipes/03-test_ui.t ....................... ok
../../openssl/test/recipes/04-test_asn1_encode.t .............. ok
../../openssl/test/recipes/04-test_asn1_string_table.t ........ ok
../../openssl/test/recipes/04-test_bioprint.t ................. ok
../../openssl/test/recipes/04-test_pem.t ...................... ok
../../openssl/test/recipes/05-test_bf.t ....................... ok
../../openssl/test/recipes/05-test_cast.t ..................... ok
../../openssl/test/recipes/05-test_des.t ...................... ok
../../openssl/test/recipes/05-test_hmac.t ..................... ok
../../openssl/test/recipes/05-test_idea.t ..................... ok
../../openssl/test/recipes/05-test_md2.t ...................... skipped: md2 is not supported by this OpenSSL build
../../openssl/test/recipes/05-test_mdc2.t ..................... ok
../../openssl/test/recipes/05-test_rand.t ..................... ok
../../openssl/test/recipes/05-test_rc2.t ...................... ok
../../openssl/test/recipes/05-test_rc4.t ...................... ok
../../openssl/test/recipes/05-test_rc5.t ...................... skipped: rc5 is not supported by this OpenSSL build
../../openssl/test/recipes/10-test_bn.t ....................... ok
../../openssl/test/recipes/10-test_exp.t ...................... ok
../../openssl/test/recipes/15-test_dh.t ....................... ok
../../openssl/test/recipes/15-test_dsa.t ...................... ok
../../openssl/test/recipes/15-test_ec.t ....................... ok
../../openssl/test/recipes/15-test_ecdsa.t .................... ok
../../openssl/test/recipes/15-test_ecparam.t .................. ok
../../openssl/test/recipes/15-test_genrsa.t ................... ok
../../openssl/test/recipes/15-test_mp_rsa.t ................... ok
../../openssl/test/recipes/15-test_rsa.t ...................... ok
../../openssl/test/recipes/15-test_rsapss.t ................... ok
../../openssl/test/recipes/20-test_enc.t ...................... ok
../../openssl/test/recipes/20-test_enc_more.t ................. ok
../../openssl/test/recipes/20-test_passwd.t ................... ok
../../openssl/test/recipes/25-test_crl.t ...................... ok
../../openssl/test/recipes/25-test_d2i.t ...................... ok
../../openssl/test/recipes/25-test_pkcs7.t .................... ok
../../openssl/test/recipes/25-test_req.t ...................... ok
../../openssl/test/recipes/25-test_sid.t ...................... ok
../../openssl/test/recipes/25-test_verify.t ................... ok
../../openssl/test/recipes/25-test_x509.t ..................... ok
../../openssl/test/recipes/30-test_afalg.t .................... ok
../../openssl/test/recipes/30-test_engine.t ................... ok
../../openssl/test/recipes/30-test_evp.t ...................... ok
../../openssl/test/recipes/30-test_evp_extra.t ................ ok
../../openssl/test/recipes/30-test_pbelu.t .................... ok
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t ..................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t .............. ok
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................
Dubious, test returned 6 (wstat 1536, 0x600)
Failed 6/22 subtests
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_renegotiation.t ............ ok
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok
../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok
../../openssl/test/recipes/70-test_sslextension.t ............. ok
../../openssl/test/recipes/70-test_sslmessages.t .............. ok
../../openssl/test/recipes/70-test_sslrecords.t ...............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/18 subtests
../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ...............
Dubious, test returned 4 (wstat 1024, 0x400)
Failed 4/21 subtests
../../openssl/test/recipes/70-test_sslsignature.t .............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/4 subtests
../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok
../../openssl/test/recipes/70-test_sslversions.t ..............
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/7 subtests
../../openssl/test/recipes/70-test_sslvertol.t ................ ok
../../openssl/test/recipes/70-test_tls13cookie.t ..............
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/2 subtests
../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade not run in pre TLSv1.3 RFC implementation
../../openssl/test/recipes/70-test_tls13hrr.t ................. ok
make[1]: *** wait: No child processes. Stop.
make[1]: *** Waiting for unfinished jobs....
make[1]: *** wait: No child processes. Stop.
From openssl at openssl.org Thu Feb 8 10:03:31 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 08 Feb 2018 10:03:31 +0000
Subject: [openssl-commits] FAILED build of OpenSSL branch master with
options -d --strict-warnings no-poly1305
Message-ID: <1518084211.912409.28675.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-poly1305
Commit log since last time:
4af2697 Don't run tls13encryptiontest on a shared Windows build
04e3bb0 Fix some undefined behaviour in ossltest engine
0f41dc0 Fix clienthellotest with TLSv1.3
f518cef Enable TLSv1.3 by default
c517ac4 Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
048ebcc make update ERROR_REBUILD=-rebuild
cb7b727 mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
3a7141d Make all private functions in e_afalg.c static
7d3901f test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
227a1e3 Modify test/afalgtest to fail if the afalg engine couldn't be loaded
bed4afa Fix glibc specific conditional for Mac OS/X
2b66fd5 Unify timer code
360fc9f Make OPENSSL_rdtsc universally available.
2ad2281 Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
Build log ended with (last 100 lines):
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t .................. ok
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t .............. ok
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................ ok
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................ ok
../../openssl/test/recipes/70-test_renegotiation.t ............ ok
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok
../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok
../../openssl/test/recipes/70-test_sslextension.t ............. ok
../../openssl/test/recipes/70-test_sslmessages.t .............. ok
../../openssl/test/recipes/70-test_sslrecords.t ............... ok
../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ............... ok
../../openssl/test/recipes/70-test_sslsignature.t ............. ok
../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok
../../openssl/test/recipes/70-test_sslversions.t .............. ok
../../openssl/test/recipes/70-test_sslvertol.t ................ ok
../../openssl/test/recipes/70-test_tls13cookie.t .............. ok
../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade not run in pre TLSv1.3 RFC implementation
../../openssl/test/recipes/70-test_tls13hrr.t ................. ok
../../openssl/test/recipes/70-test_tls13kexmodes.t ............ ok
../../openssl/test/recipes/70-test_tls13messages.t ............ ok
../../openssl/test/recipes/70-test_tls13psk.t ................. ok
../../openssl/test/recipes/70-test_tlsextms.t ................. ok
../../openssl/test/recipes/70-test_verify_extra.t ............. ok
../../openssl/test/recipes/70-test_wpacket.t .................. ok
../../openssl/test/recipes/80-test_ca.t ....................... ok
../../openssl/test/recipes/80-test_cipherbytes.t .............. ok
../../openssl/test/recipes/80-test_cipherlist.t ...............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/80-test_ciphername.t ............... ok
../../openssl/test/recipes/80-test_cms.t ...................... ok
../../openssl/test/recipes/80-test_ct.t ....................... ok
../../openssl/test/recipes/80-test_dane.t ..................... ok
../../openssl/test/recipes/80-test_dtls.t ..................... ok
../../openssl/test/recipes/80-test_dtls_mtu.t ................. ok
../../openssl/test/recipes/80-test_dtlsv1listen.t ............. ok
../../openssl/test/recipes/80-test_ocsp.t ..................... ok
../../openssl/test/recipes/80-test_pkcs12.t ................... ok
../../openssl/test/recipes/80-test_ssl_new.t .................. ok
../../openssl/test/recipes/80-test_ssl_old.t .................. ok
../../openssl/test/recipes/80-test_ssl_test_ctx.t ............. ok
../../openssl/test/recipes/80-test_sslcorrupt.t ............... ok
../../openssl/test/recipes/80-test_tsa.t ...................... ok
../../openssl/test/recipes/80-test_x509aux.t .................. ok
../../openssl/test/recipes/90-test_asn1_time.t ................ ok
../../openssl/test/recipes/90-test_async.t .................... ok
../../openssl/test/recipes/90-test_bio_enc.t .................. ok
../../openssl/test/recipes/90-test_constant_time.t ............ ok
../../openssl/test/recipes/90-test_fatalerr.t ................. ok
../../openssl/test/recipes/90-test_gmdiff.t ................... ok
../../openssl/test/recipes/90-test_ige.t ...................... ok
../../openssl/test/recipes/90-test_memleak.t .................. ok
../../openssl/test/recipes/90-test_overhead.t ................. skipped: Only supported in no-shared builds
../../openssl/test/recipes/90-test_secmem.t ................... ok
../../openssl/test/recipes/90-test_shlibload.t ................ ok
../../openssl/test/recipes/90-test_srp.t ...................... ok
../../openssl/test/recipes/90-test_sslapi.t ...................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/90-test_sslbuffers.t ............... ok
../../openssl/test/recipes/90-test_store.t .................... ok
../../openssl/test/recipes/90-test_threads.t .................. ok
../../openssl/test/recipes/90-test_time_offset.t .............. ok
../../openssl/test/recipes/90-test_tls13ccs.t ................. ok
../../openssl/test/recipes/90-test_tls13encryption.t .......... ok
../../openssl/test/recipes/90-test_tls13secrets.t ............. ok
../../openssl/test/recipes/90-test_v3name.t ................... ok
../../openssl/test/recipes/95-test_external_boringssl.t ....... skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_krb5.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/95-test_external_pyca.t ............ skipped: No external tests in this configuration
../../openssl/test/recipes/99-test_ecstress.t ................. ok
../../openssl/test/recipes/99-test_fuzz.t ..................... ok
Test Summary Report
-------------------
../../openssl/test/recipes/80-test_cipherlist.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
../../openssl/test/recipes/90-test_sslapi.t (Wstat: 256 Tests: 1 Failed: 1)
Failed test: 1
Non-zero exit status: 1
Files=140, Tests=1311, 375 wallclock secs ( 3.79 usr 0.32 sys + 180.04 cusr 24.55 csys = 208.70 CPU)
Result: FAIL
Makefile:171: recipe for target '_tests' failed
make[1]: *** [_tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-poly1305'
Makefile:169: recipe for target 'tests' failed
make: *** [tests] Error 2
From levitte at openssl.org Thu Feb 8 11:45:03 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 08 Feb 2018 11:45:03 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518090303.688062.24758.nullmailer@dev.openssl.org>
The branch master has been updated
via b53fdad0e4350ba49812c50305686ee5a6239111 (commit)
from 22626b972c024d5ae9922e4a9d710a5f9e51f753 (commit)
- Log -----------------------------------------------------------------
commit b53fdad0e4350ba49812c50305686ee5a6239111
Author: Richard Levitte
Date: Thu Feb 8 12:31:05 2018 +0100
util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
%disabled_algorithms isn't necessarily initialised with the "algos"
'DEPRECATEDIN_1_1_0' etc. However, we know that @known_algorithms has
them all, so use that to find them instead.
Fixes #5157
(where this was reported)
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5282)
-----------------------------------------------------------------------
Summary of changes:
util/mkdef.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 72d1c8f..fac911a 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -152,7 +152,7 @@ my %disabled_algorithms =
map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled;
my $apiv = sprintf "%x%02x%02x", split(/\./, $config{api});
-foreach (keys %disabled_algorithms) {
+foreach (@known_algorithms) {
if (/^DEPRECATEDIN_(\d+)_(\d+)_(\d+)$/) {
my $depv = sprintf "%x%02x%02x", $1, $2, $3;
$disabled_algorithms{$_} = 1 if $apiv ge $depv;
From levitte at openssl.org Thu Feb 8 11:46:51 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 08 Feb 2018 11:46:51 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1518090411.550397.25639.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via 65de3f1657d8a3bdb7c48063931a3c619817c921 (commit)
via d8ba72c9f7e397942aabe1a0a3ad7019e774884a (commit)
from db5ec96acd4e65bca886f2ef09316a7fb0aa8cac (commit)
- Log -----------------------------------------------------------------
commit 65de3f1657d8a3bdb7c48063931a3c619817c921
Author: Richard Levitte
Date: Thu Feb 8 12:31:05 2018 +0100
util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
%disabled_algorithms isn't necessarily initialised with the "algos"
'DEPRECATEDIN_1_1_0' etc. However, we know that @known_algorithms has
them all, so use that to find them instead.
Fixes #5157
(where this was reported)
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5282)
(cherry picked from commit b53fdad0e4350ba49812c50305686ee5a6239111)
commit d8ba72c9f7e397942aabe1a0a3ad7019e774884a
Author: Richard Levitte
Date: Wed Jan 24 14:17:39 2018 +0100
util/mkdef.pl: Trust configdata.pm
This script kept its own database of disablable algorithms, which is a
maintenance problem, as it's not always perfectly in sync with what
Configure does. However, we do have all the data in configdata.pm,
produced by Configure, so let's use that instead.
Also, make sure to parse the *err.h header files, as they contain
function declarations that might not be present elsewhere.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5157)
(cherry picked from commit 54f3b7d2f5a313e5c702f75ee030f8a08e6bf6aa)
-----------------------------------------------------------------------
Summary of changes:
util/mkdef.pl | 73 ++++++++++-------------------------------------------------
1 file changed, 12 insertions(+), 61 deletions(-)
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 3067fbe..3775b70 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -133,71 +133,22 @@ my @known_platforms = ( "__FreeBSD__", "PERL5",
"EXPORT_VAR_AS_FUNCTION", "ZLIB", "_WIN32"
);
my @known_ossl_platforms = ( "UNIX", "VMS", "WIN32", "WINNT", "OS2" );
-my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
- "CAST", "MD2", "MD4", "MD5", "SHA", "SHA0", "SHA1",
- "SHA256", "SHA512", "RMD160",
- "MDC2", "WHIRLPOOL", "RSA", "DSA", "DH", "EC", "EC2M",
- "HMAC", "AES", "CAMELLIA", "SEED", "GOST",
- "SCRYPT", "CHACHA", "POLY1305", "BLAKE2",
- # EC_NISTP_64_GCC_128
- "EC_NISTP_64_GCC_128",
- # Envelope "algorithms"
- "EVP", "X509", "ASN1_TYPEDEFS",
- # Helper "algorithms"
- "BIO", "COMP", "BUFFER", "LHASH", "STACK", "ERR",
- "LOCKING",
- # External "algorithms"
- "FP_API", "STDIO", "SOCK", "DGRAM",
- "CRYPTO_MDEBUG",
- # Engines
- "STATIC_ENGINE", "ENGINE", "HW", "GMP",
- # Entropy Gathering
- "EGD",
- # Certificate Transparency
- "CT",
- # RFC3779
- "RFC3779",
- # TLS
- "PSK", "SRP", "HEARTBEATS",
- # CMS
- "CMS",
- "OCSP",
- # CryptoAPI Engine
- "CAPIENG",
- # SSL methods
- "SSL3_METHOD", "TLS1_METHOD", "TLS1_1_METHOD", "TLS1_2_METHOD", "DTLS1_METHOD", "DTLS1_2_METHOD",
- # NEXTPROTONEG
- "NEXTPROTONEG",
- # Deprecated functions
+my @known_algorithms = ( # These are algorithms we know are guarded in relevant
+ # header files, but aren't actually disablable.
+ # Without these, this script will warn a lot.
+ "RSA", "MD5",
+ # @disablables comes from configdata.pm
+ map { (my $x = uc $_) =~ s|-|_|g; $x; } @disablables,
+ # Deprecated functions. Not really algorithmss, but
+ # treated as such here for the sake of simplicity
"DEPRECATEDIN_0_9_8",
"DEPRECATEDIN_1_0_0",
"DEPRECATEDIN_1_1_0",
- # SCTP
- "SCTP",
- # SRTP
- "SRTP",
- # SSL TRACE
- "SSL_TRACE",
- # Unit testing
- "UNIT_TEST",
- # User Interface
- "UI",
- #
- "TS",
- # OCB mode
- "OCB",
- "CMAC",
- # APPLINK (win build feature?)
- "APPLINK"
);
-my %disabled_algorithms;
-
-foreach (@known_algorithms) {
- $disabled_algorithms{$_} = 0;
-}
-# disabled by default
-$disabled_algorithms{"STATIC_ENGINE"} = 1;
+# %disabled comes from configdata.pm
+my %disabled_algorithms =
+ map { (my $x = uc $_) =~ s|-|_|g; $x => 1; } keys %disabled;
my $zlib;
@@ -239,7 +190,7 @@ foreach (@ARGV, split(/ /, $config{options}))
$do_checkexist=1 if $_ eq "exist";
if (/^--api=(\d+)\.(\d+)\.(\d+)$/) {
my $apiv = sprintf "%x%02x%02x", $1, $2, $3;
- foreach (keys %disabled_algorithms) {
+ foreach (@known_algorithms) {
if (/^DEPRECATEDIN_(\d+)_(\d+)_(\d+)$/) {
my $depv = sprintf "%x%02x%02x", $1, $2, $3;
$disabled_algorithms{$_} = 1 if $apiv ge $depv;
From levitte at openssl.org Thu Feb 8 12:01:01 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 08 Feb 2018 12:01:01 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1518091261.395994.28438.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via 30562caa34de5f23dead9b246aaf284748e184bf (commit)
from 65de3f1657d8a3bdb7c48063931a3c619817c921 (commit)
- Log -----------------------------------------------------------------
commit 30562caa34de5f23dead9b246aaf284748e184bf
Author: Richard Levitte
Date: Thu Feb 8 12:54:25 2018 +0100
util/mkdef.pl: Fix incomplete cherry-pick
The cherry pick that resulted in 65de3f1657d8a3bdb7c48063931a3c619817c921
was incomplete.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5283)
-----------------------------------------------------------------------
Summary of changes:
util/mkdef.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/mkdef.pl b/util/mkdef.pl
index 3775b70..66db26c 100755
--- a/util/mkdef.pl
+++ b/util/mkdef.pl
@@ -198,7 +198,7 @@ foreach (@ARGV, split(/ /, $config{options}))
}
}
if (/^no-deprecated$/) {
- foreach (keys %disabled_algorithms) {
+ foreach (@known_algorithms) {
if (/^DEPRECATEDIN_/) {
$disabled_algorithms{$_} = 1;
}
From osslsanity at gmail.com Thu Feb 8 13:18:23 2018
From: osslsanity at gmail.com (osslsanity at gmail.com)
Date: Thu, 8 Feb 2018 13:18:23 +0000 (UTC)
Subject: [openssl-commits] Build failed in Jenkins: master_mips #376
In-Reply-To: <321265509.322.1518081507484.JavaMail.jenkins@ip-172-31-34-99>
References: <321265509.322.1518081507484.JavaMail.jenkins@ip-172-31-34-99>
Message-ID: <64333004.323.1518095903486.JavaMail.jenkins@ip-172-31-34-99>
See
Changes:
[levitte] util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
------------------------------------------
[...truncated 281.85 KB...]
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_err.d.tmp -MT crypto/ui/ui_err.o -c -o crypto/ui/ui_err.o crypto/ui/ui_err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_lib.d.tmp -MT crypto/ui/ui_lib.o -c -o crypto/ui/ui_lib.o crypto/ui/ui_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_null.d.tmp -MT crypto/ui/ui_null.o -c -o crypto/ui/ui_null.o crypto/ui/ui_null.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_openssl.d.tmp -MT crypto/ui/ui_openssl.o -c -o crypto/ui/ui_openssl.o crypto/ui/ui_openssl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/ui/ui_util.d.tmp -MT crypto/ui/ui_util.o -c -o crypto/ui/ui_util.o crypto/ui/ui_util.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/uid.d.tmp -MT crypto/uid.o -c -o crypto/uid.o crypto/uid.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/whrlpool/wp_block.d.tmp -MT crypto/whrlpool/wp_block.o -c -o crypto/whrlpool/wp_block.o crypto/whrlpool/wp_block.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/whrlpool/wp_dgst.d.tmp -MT crypto/whrlpool/wp_dgst.o -c -o crypto/whrlpool/wp_dgst.o crypto/whrlpool/wp_dgst.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/by_dir.d.tmp -MT crypto/x509/by_dir.o -c -o crypto/x509/by_dir.o crypto/x509/by_dir.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/by_file.d.tmp -MT crypto/x509/by_file.o -c -o crypto/x509/by_file.o crypto/x509/by_file.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_crl.d.tmp -MT crypto/x509/t_crl.o -c -o crypto/x509/t_crl.o crypto/x509/t_crl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_req.d.tmp -MT crypto/x509/t_req.o -c -o crypto/x509/t_req.o crypto/x509/t_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/t_x509.d.tmp -MT crypto/x509/t_x509.o -c -o crypto/x509/t_x509.o crypto/x509/t_x509.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_att.d.tmp -MT crypto/x509/x509_att.o -c -o crypto/x509/x509_att.o crypto/x509/x509_att.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_cmp.d.tmp -MT crypto/x509/x509_cmp.o -c -o crypto/x509/x509_cmp.o crypto/x509/x509_cmp.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_d2.d.tmp -MT crypto/x509/x509_d2.o -c -o crypto/x509/x509_d2.o crypto/x509/x509_d2.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_def.d.tmp -MT crypto/x509/x509_def.o -c -o crypto/x509/x509_def.o crypto/x509/x509_def.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_err.d.tmp -MT crypto/x509/x509_err.o -c -o crypto/x509/x509_err.o crypto/x509/x509_err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_ext.d.tmp -MT crypto/x509/x509_ext.o -c -o crypto/x509/x509_ext.o crypto/x509/x509_ext.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_lu.d.tmp -MT crypto/x509/x509_lu.o -c -o crypto/x509/x509_lu.o crypto/x509/x509_lu.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_obj.d.tmp -MT crypto/x509/x509_obj.o -c -o crypto/x509/x509_obj.o crypto/x509/x509_obj.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_r2x.d.tmp -MT crypto/x509/x509_r2x.o -c -o crypto/x509/x509_r2x.o crypto/x509/x509_r2x.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_req.d.tmp -MT crypto/x509/x509_req.o -c -o crypto/x509/x509_req.o crypto/x509/x509_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_set.d.tmp -MT crypto/x509/x509_set.o -c -o crypto/x509/x509_set.o crypto/x509/x509_set.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_trs.d.tmp -MT crypto/x509/x509_trs.o -c -o crypto/x509/x509_trs.o crypto/x509/x509_trs.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_txt.d.tmp -MT crypto/x509/x509_txt.o -c -o crypto/x509/x509_txt.o crypto/x509/x509_txt.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_v3.d.tmp -MT crypto/x509/x509_v3.o -c -o crypto/x509/x509_v3.o crypto/x509/x509_v3.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_vfy.d.tmp -MT crypto/x509/x509_vfy.o -c -o crypto/x509/x509_vfy.o crypto/x509/x509_vfy.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509_vpm.d.tmp -MT crypto/x509/x509_vpm.o -c -o crypto/x509/x509_vpm.o crypto/x509/x509_vpm.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509cset.d.tmp -MT crypto/x509/x509cset.o -c -o crypto/x509/x509cset.o crypto/x509/x509cset.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509name.d.tmp -MT crypto/x509/x509name.o -c -o crypto/x509/x509name.o crypto/x509/x509name.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509rset.d.tmp -MT crypto/x509/x509rset.o -c -o crypto/x509/x509rset.o crypto/x509/x509rset.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509spki.d.tmp -MT crypto/x509/x509spki.o -c -o crypto/x509/x509spki.o crypto/x509/x509spki.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x509type.d.tmp -MT crypto/x509/x509type.o -c -o crypto/x509/x509type.o crypto/x509/x509type.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_all.d.tmp -MT crypto/x509/x_all.o -c -o crypto/x509/x_all.o crypto/x509/x_all.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_attrib.d.tmp -MT crypto/x509/x_attrib.o -c -o crypto/x509/x_attrib.o crypto/x509/x_attrib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_crl.d.tmp -MT crypto/x509/x_crl.o -c -o crypto/x509/x_crl.o crypto/x509/x_crl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_exten.d.tmp -MT crypto/x509/x_exten.o -c -o crypto/x509/x_exten.o crypto/x509/x_exten.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_name.d.tmp -MT crypto/x509/x_name.o -c -o crypto/x509/x_name.o crypto/x509/x_name.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_pubkey.d.tmp -MT crypto/x509/x_pubkey.o -c -o crypto/x509/x_pubkey.o crypto/x509/x_pubkey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_req.d.tmp -MT crypto/x509/x_req.o -c -o crypto/x509/x_req.o crypto/x509/x_req.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_x509.d.tmp -MT crypto/x509/x_x509.o -c -o crypto/x509/x_x509.o crypto/x509/x_x509.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509/x_x509a.d.tmp -MT crypto/x509/x_x509a.o -c -o crypto/x509/x_x509a.o crypto/x509/x_x509a.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_cache.d.tmp -MT crypto/x509v3/pcy_cache.o -c -o crypto/x509v3/pcy_cache.o crypto/x509v3/pcy_cache.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_data.d.tmp -MT crypto/x509v3/pcy_data.o -c -o crypto/x509v3/pcy_data.o crypto/x509v3/pcy_data.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_lib.d.tmp -MT crypto/x509v3/pcy_lib.o -c -o crypto/x509v3/pcy_lib.o crypto/x509v3/pcy_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_map.d.tmp -MT crypto/x509v3/pcy_map.o -c -o crypto/x509v3/pcy_map.o crypto/x509v3/pcy_map.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_node.d.tmp -MT crypto/x509v3/pcy_node.o -c -o crypto/x509v3/pcy_node.o crypto/x509v3/pcy_node.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/pcy_tree.d.tmp -MT crypto/x509v3/pcy_tree.o -c -o crypto/x509v3/pcy_tree.o crypto/x509v3/pcy_tree.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_addr.d.tmp -MT crypto/x509v3/v3_addr.o -c -o crypto/x509v3/v3_addr.o crypto/x509v3/v3_addr.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_admis.d.tmp -MT crypto/x509v3/v3_admis.o -c -o crypto/x509v3/v3_admis.o crypto/x509v3/v3_admis.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_akey.d.tmp -MT crypto/x509v3/v3_akey.o -c -o crypto/x509v3/v3_akey.o crypto/x509v3/v3_akey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_akeya.d.tmp -MT crypto/x509v3/v3_akeya.o -c -o crypto/x509v3/v3_akeya.o crypto/x509v3/v3_akeya.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_alt.d.tmp -MT crypto/x509v3/v3_alt.o -c -o crypto/x509v3/v3_alt.o crypto/x509v3/v3_alt.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_asid.d.tmp -MT crypto/x509v3/v3_asid.o -c -o crypto/x509v3/v3_asid.o crypto/x509v3/v3_asid.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_bcons.d.tmp -MT crypto/x509v3/v3_bcons.o -c -o crypto/x509v3/v3_bcons.o crypto/x509v3/v3_bcons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_bitst.d.tmp -MT crypto/x509v3/v3_bitst.o -c -o crypto/x509v3/v3_bitst.o crypto/x509v3/v3_bitst.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_conf.d.tmp -MT crypto/x509v3/v3_conf.o -c -o crypto/x509v3/v3_conf.o crypto/x509v3/v3_conf.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_cpols.d.tmp -MT crypto/x509v3/v3_cpols.o -c -o crypto/x509v3/v3_cpols.o crypto/x509v3/v3_cpols.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_crld.d.tmp -MT crypto/x509v3/v3_crld.o -c -o crypto/x509v3/v3_crld.o crypto/x509v3/v3_crld.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_enum.d.tmp -MT crypto/x509v3/v3_enum.o -c -o crypto/x509v3/v3_enum.o crypto/x509v3/v3_enum.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_extku.d.tmp -MT crypto/x509v3/v3_extku.o -c -o crypto/x509v3/v3_extku.o crypto/x509v3/v3_extku.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_genn.d.tmp -MT crypto/x509v3/v3_genn.o -c -o crypto/x509v3/v3_genn.o crypto/x509v3/v3_genn.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_ia5.d.tmp -MT crypto/x509v3/v3_ia5.o -c -o crypto/x509v3/v3_ia5.o crypto/x509v3/v3_ia5.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_info.d.tmp -MT crypto/x509v3/v3_info.o -c -o crypto/x509v3/v3_info.o crypto/x509v3/v3_info.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_int.d.tmp -MT crypto/x509v3/v3_int.o -c -o crypto/x509v3/v3_int.o crypto/x509v3/v3_int.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_lib.d.tmp -MT crypto/x509v3/v3_lib.o -c -o crypto/x509v3/v3_lib.o crypto/x509v3/v3_lib.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_ncons.d.tmp -MT crypto/x509v3/v3_ncons.o -c -o crypto/x509v3/v3_ncons.o crypto/x509v3/v3_ncons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pci.d.tmp -MT crypto/x509v3/v3_pci.o -c -o crypto/x509v3/v3_pci.o crypto/x509v3/v3_pci.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pcia.d.tmp -MT crypto/x509v3/v3_pcia.o -c -o crypto/x509v3/v3_pcia.o crypto/x509v3/v3_pcia.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pcons.d.tmp -MT crypto/x509v3/v3_pcons.o -c -o crypto/x509v3/v3_pcons.o crypto/x509v3/v3_pcons.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pku.d.tmp -MT crypto/x509v3/v3_pku.o -c -o crypto/x509v3/v3_pku.o crypto/x509v3/v3_pku.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_pmaps.d.tmp -MT crypto/x509v3/v3_pmaps.o -c -o crypto/x509v3/v3_pmaps.o crypto/x509v3/v3_pmaps.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_prn.d.tmp -MT crypto/x509v3/v3_prn.o -c -o crypto/x509v3/v3_prn.o crypto/x509v3/v3_prn.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_purp.d.tmp -MT crypto/x509v3/v3_purp.o -c -o crypto/x509v3/v3_purp.o crypto/x509v3/v3_purp.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_skey.d.tmp -MT crypto/x509v3/v3_skey.o -c -o crypto/x509v3/v3_skey.o crypto/x509v3/v3_skey.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_sxnet.d.tmp -MT crypto/x509v3/v3_sxnet.o -c -o crypto/x509v3/v3_sxnet.o crypto/x509v3/v3_sxnet.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_tlsf.d.tmp -MT crypto/x509v3/v3_tlsf.o -c -o crypto/x509v3/v3_tlsf.o crypto/x509v3/v3_tlsf.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3_utl.d.tmp -MT crypto/x509v3/v3_utl.o -c -o crypto/x509v3/v3_utl.o crypto/x509v3/v3_utl.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF crypto/x509v3/v3err.d.tmp -MT crypto/x509v3/v3err.o -c -o crypto/x509v3/v3err.o crypto/x509v3/v3err.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF engines/e_capi.d.tmp -MT engines/e_capi.o -c -o engines/e_capi.o engines/e_capi.c
mips64-octeon-linux-gnu-gcc -I. -Icrypto/include -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF engines/e_padlock.d.tmp -MT engines/e_padlock.o -c -o engines/e_padlock.o engines/e_padlock.c
mips64-octeon-linux-gnu-ar r libcrypto.a crypto/aes/aes-mips.o crypto/aes/aes_cbc.o crypto/aes/aes_cfb.o crypto/aes/aes_ecb.o crypto/aes/aes_ige.o crypto/aes/aes_misc.o crypto/aes/aes_ofb.o crypto/aes/aes_wrap.o crypto/aria/aria.o crypto/asn1/a_bitstr.o crypto/asn1/a_d2i_fp.o crypto/asn1/a_digest.o crypto/asn1/a_dup.o crypto/asn1/a_gentm.o crypto/asn1/a_i2d_fp.o crypto/asn1/a_int.o crypto/asn1/a_mbstr.o crypto/asn1/a_object.o crypto/asn1/a_octet.o crypto/asn1/a_print.o crypto/asn1/a_sign.o crypto/asn1/a_strex.o crypto/asn1/a_strnid.o crypto/asn1/a_time.o crypto/asn1/a_type.o crypto/asn1/a_utctm.o crypto/asn1/a_utf8.o crypto/asn1/a_verify.o crypto/asn1/ameth_lib.o crypto/asn1/asn1_err.o crypto/asn1/asn1_gen.o crypto/asn1/asn1_item_list.o crypto/asn1/asn1_lib.o crypto/asn1/asn1_par.o crypto/asn1/asn_mime.o crypto/asn1/asn_moid.o crypto/asn1/asn_mstbl.o crypto/asn1/asn_pack.o crypto/asn1/bio_asn1.o crypto/asn1/bio_ndef.o crypto/asn1/d2i_pr.o crypto/asn1/d2i_pu.o crypto/asn1/evp_asn1.o crypto/asn1/f_int.o crypto/asn1/f_string.o crypto/asn1/i2d_pr.o crypto/asn1/i2d_pu.o crypto/asn1/n_pkey.o crypto/asn1/nsseq.o crypto/asn1/p5_pbe.o crypto/asn1/p5_pbev2.o crypto/asn1/p5_scrypt.o crypto/asn1/p8_pkey.o crypto/asn1/t_bitst.o crypto/asn1/t_pkey.o crypto/asn1/t_spki.o crypto/asn1/tasn_dec.o crypto/asn1/tasn_enc.o crypto/asn1/tasn_fre.o crypto/asn1/tasn_new.o crypto/asn1/tasn_prn.o crypto/asn1/tasn_scn.o crypto/asn1/tasn_typ.o crypto/asn1/tasn_utl.o crypto/asn1/x_algor.o crypto/asn1/x_bignum.o crypto/asn1/x_info.o crypto/asn1/x_int64.o crypto/asn1/x_long.o crypto/asn1/x_pkey.o crypto/asn1/x_sig.o crypto/asn1/x_spki.o crypto/asn1/x_val.o crypto/async/arch/async_null.o crypto/async/arch/async_posix.o crypto/async/arch/async_win.o crypto/async/async.o crypto/async/async_err.o crypto/async/async_wait.o crypto/bf/bf_cfb64.o crypto/bf/bf_ecb.o crypto/bf/bf_enc.o crypto/bf/bf_ofb64.o crypto/bf/bf_skey.o crypto/bio/b_addr.o crypto/bio/b_dump.o crypto/bio/b_print.o crypto/bio/b_sock.o crypto/bio/b_sock2.o crypto/bio/bf_buff.o crypto/bio/bf_lbuf.o crypto/bio/bf_nbio.o crypto/bio/bf_null.o crypto/bio/bio_cb.o crypto/bio/bio_err.o crypto/bio/bio_lib.o crypto/bio/bio_meth.o crypto/bio/bss_acpt.o crypto/bio/bss_bio.o crypto/bio/bss_conn.o crypto/bio/bss_dgram.o crypto/bio/bss_fd.o crypto/bio/bss_file.o crypto/bio/bss_log.o crypto/bio/bss_mem.o crypto/bio/bss_null.o crypto/bio/bss_sock.o crypto/blake2/blake2b.o crypto/blake2/blake2s.o crypto/blake2/m_blake2b.o crypto/blake2/m_blake2s.o crypto/bn/bn-mips.o crypto/bn/bn_add.o crypto/bn/bn_blind.o crypto/bn/bn_const.o crypto/bn/bn_ctx.o crypto/bn/bn_depr.o crypto/bn/bn_dh.o crypto/bn/bn_div.o crypto/bn/bn_err.o crypto/bn/bn_exp.o crypto/bn/bn_exp2.o crypto/bn/bn_gcd.o crypto/bn/bn_gf2m.o crypto/bn/bn_intern.o crypto/bn/bn_kron.o crypto/bn/bn_lib.o crypto/bn/bn_mod.o crypto/bn/bn_mont.o crypto/bn/bn_mpi.o crypto/bn/bn_mul.o crypto/bn/bn_nist.o crypto/bn/bn_prime.o crypto/bn/bn_print.o crypto/bn/bn_rand.o crypto/bn/bn_recp.o crypto/bn/bn_shift.o crypto/bn/bn_sqr.o crypto/bn/bn_sqrt.o crypto/bn/bn_srp.o crypto/bn/bn_word.o crypto/bn/bn_x931p.o crypto/bn/mips-mont.o crypto/buffer/buf_err.o crypto/buffer/buffer.o crypto/camellia/camellia.o crypto/camellia/cmll_cbc.o crypto/camellia/cmll_cfb.o crypto/camellia/cmll_ctr.o crypto/camellia/cmll_ecb.o crypto/camellia/cmll_misc.o crypto/camellia/cmll_ofb.o crypto/cast/c_cfb64.o crypto/cast/c_ecb.o crypto/cast/c_enc.o crypto/cast/c_ofb64.o crypto/cast/c_skey.o crypto/chacha/chacha_enc.o crypto/cmac/cm_ameth.o crypto/cmac/cm_pmeth.o crypto/cmac/cmac.o crypto/cms/cms_asn1.o crypto/cms/cms_att.o crypto/cms/cms_cd.o crypto/cms/cms_dd.o crypto/cms/cms_enc.o crypto/cms/cms_env.o crypto/cms/cms_err.o crypto/cms/cms_ess.o crypto/cms/cms_io.o crypto/cms/cms_kari.o crypto/cms/cms_lib.o crypto/cms/cms_pwri.o crypto/cms/cms_sd.o crypto/cms/cms_smime.o crypto/comp/c_zlib.o crypto/comp/comp_err.o crypto/comp/comp_lib.o crypto/conf/conf_api.o crypto/conf/conf_def.o crypto/conf/conf_err.o crypto/conf/conf_lib.o crypto/conf/conf_mall.o crypto/conf/conf_mod.o crypto/conf/conf_sap.o crypto/cpt_err.o crypto/cryptlib.o crypto/ct/ct_b64.o crypto/ct/ct_err.o crypto/ct/ct_log.o crypto/ct/ct_oct.o crypto/ct/ct_policy.o crypto/ct/ct_prn.o crypto/ct/ct_sct.o crypto/ct/ct_sct_ctx.o crypto/ct/ct_vfy.o crypto/ct/ct_x509v3.o crypto/ctype.o crypto/cversion.o crypto/des/cbc_cksm.o crypto/des/cbc_enc.o crypto/des/cfb64ede.o crypto/des/cfb64enc.o crypto/des/cfb_enc.o crypto/des/des_enc.o crypto/des/ecb3_enc.o crypto/des/ecb_enc.o crypto/des/fcrypt.o crypto/des/fcrypt_b.o crypto/des/ofb64ede.o crypto/des/ofb64enc.o crypto/des/ofb_enc.o crypto/des/pcbc_enc.o crypto/des/qud_cksm.o crypto/des/rand_key.o crypto/des/set_key.o crypto/des/str2key.o crypto/des/xcbc_enc.o crypto/dh/dh_ameth.o crypto/dh/dh_asn1.o crypto/dh/dh_check.o crypto/dh/dh_depr.o crypto/dh/dh_err.o crypto/dh/dh_gen.o crypto/dh/dh_kdf.o crypto/dh/dh_key.o crypto/dh/dh_lib.o crypto/dh/dh_meth.o crypto/dh/dh_pmeth.o crypto/dh/dh_prn.o crypto/dh/dh_rfc5114.o crypto/dh/dh_rfc7919.o crypto/dsa/dsa_ameth.o crypto/dsa/dsa_asn1.o crypto/dsa/dsa_depr.o crypto/dsa/dsa_err.o crypto/dsa/dsa_gen.o crypto/dsa/dsa_key.o crypto/dsa/dsa_lib.o crypto/dsa/dsa_meth.o crypto/dsa/dsa_ossl.o crypto/dsa/dsa_pmeth.o crypto/dsa/dsa_prn.o crypto/dsa/dsa_sign.o crypto/dsa/dsa_vrf.o crypto/dso/dso_dl.o crypto/dso/dso_dlfcn.o crypto/dso/dso_err.o crypto/dso/dso_lib.o crypto/dso/dso_openssl.o crypto/dso/dso_vms.o crypto/dso/dso_win32.o crypto/ebcdic.o crypto/ec/curve25519.o crypto/ec/ec2_mult.o crypto/ec/ec2_oct.o crypto/ec/ec2_smpl.o crypto/ec/ec_ameth.o crypto/ec/ec_asn1.o crypto/ec/ec_check.o crypto/ec/ec_curve.o crypto/ec/ec_cvt.o crypto/ec/ec_err.o crypto/ec/ec_key.o crypto/ec/ec_kmeth.o crypto/ec/ec_lib.o crypto/ec/ec_mult.o crypto/ec/ec_oct.o crypto/ec/ec_pmeth.o crypto/ec/ec_print.o crypto/ec/ecdh_kdf.o crypto/ec/ecdh_ossl.o crypto/ec/ecdsa_ossl.o crypto/ec/ecdsa_sign.o crypto/ec/ecdsa_vrf.o crypto/ec/eck_prn.o crypto/ec/ecp_mont.o crypto/ec/ecp_nist.o crypto/ec/ecp_nistp224.o crypto/ec/ecp_nistp256.o crypto/ec/ecp_nistp521.o crypto/ec/ecp_nistputil.o crypto/ec/ecp_oct.o crypto/ec/ecp_smpl.o crypto/ec/ecx_meth.o crypto/engine/eng_all.o crypto/engine/eng_cnf.o crypto/engine/eng_ctrl.o crypto/engine/eng_dyn.o crypto/engine/eng_err.o crypto/engine/eng_fat.o crypto/engine/eng_init.o crypto/engine/eng_lib.o crypto/engine/eng_list.o crypto/engine/eng_openssl.o crypto/engine/eng_pkey.o crypto/engine/eng_rdrand.o crypto/engine/eng_table.o crypto/engine/tb_asnmth.o crypto/engine/tb_cipher.o crypto/engine/tb_dh.o crypto/engine/tb_digest.o crypto/engine/tb_dsa.o crypto/engine/tb_eckey.o crypto/engine/tb_pkmeth.o crypto/engine/tb_rand.o crypto/engine/tb_rsa.o crypto/err/err.o crypto/err/err_all.o crypto/err/err_prn.o crypto/evp/bio_b64.o crypto/evp/bio_enc.o crypto/evp/bio_md.o crypto/evp/bio_ok.o crypto/evp/c_allc.o crypto/evp/c_alld.o crypto/evp/cmeth_lib.o crypto/evp/digest.o crypto/evp/e_aes.o crypto/evp/e_aes_cbc_hmac_sha1.o crypto/evp/e_aes_cbc_hmac_sha256.o crypto/evp/e_aria.o crypto/evp/e_bf.o crypto/evp/e_camellia.o crypto/evp/e_cast.o crypto/evp/e_chacha20_poly1305.o crypto/evp/e_des.o crypto/evp/e_des3.o crypto/evp/e_idea.o crypto/evp/e_null.o crypto/evp/e_old.o crypto/evp/e_rc2.o crypto/evp/e_rc4.o crypto/evp/e_rc4_hmac_md5.o crypto/evp/e_rc5.o crypto/evp/e_seed.o crypto/evp/e_sm4.o crypto/evp/e_xcbc_d.o crypto/evp/encode.o crypto/evp/evp_cnf.o crypto/evp/evp_enc.o crypto/evp/evp_err.o crypto/evp/evp_key.o crypto/evp/evp_lib.o crypto/evp/evp_pbe.o crypto/evp/evp_pkey.o crypto/evp/m_md2.o crypto/evp/m_md4.o crypto/evp/m_md5.o crypto/evp/m_md5_sha1.o crypto/evp/m_mdc2.o crypto/evp/m_null.o crypto/evp/m_ripemd.o crypto/evp/m_sha1.o crypto/evp/m_sha3.o crypto/evp/m_sigver.o crypto/evp/m_wp.o crypto/evp/names.o crypto/evp/p5_crpt.o crypto/evp/p5_crpt2.o crypto/evp/p_dec.o crypto/evp/p_enc.o crypto/evp/p_lib.o crypto/evp/p_open.o crypto/evp/p_seal.o crypto/evp/p_sign.o crypto/evp/p_verify.o crypto/evp/pbe_scrypt.o crypto/evp/pmeth_fn.o crypto/evp/pmeth_gn.o crypto/evp/pmeth_lib.o crypto/ex_data.o crypto/hmac/hm_ameth.o crypto/hmac/hm_pmeth.o crypto/hmac/hmac.o crypto/idea/i_cbc.o crypto/idea/i_cfb64.o crypto/idea/i_ecb.o crypto/idea/i_ofb64.o crypto/idea/i_skey.o crypto/init.o crypto/kdf/hkdf.o crypto/kdf/kdf_err.o crypto/kdf/scrypt.o crypto/kdf/tls1_prf.o crypto/lhash/lh_stats.o crypto/lhash/lhash.o crypto/md4/md4_dgst.o crypto/md4/md4_one.o crypto/md5/md5_dgst.o crypto/md5/md5_one.o crypto/mdc2/mdc2_one.o crypto/mdc2/mdc2dgst.o crypto/mem.o crypto/mem_clr.o crypto/mem_dbg.o crypto/mem_sec.o crypto/modes/cbc128.o crypto/modes/ccm128.o crypto/modes/cfb128.o crypto/modes/ctr128.o crypto/modes/cts128.o crypto/modes/gcm128.o crypto/modes/ocb128.o crypto/modes/ofb128.o crypto/modes/wrap128.o crypto/modes/xts128.o crypto/o_dir.o crypto/o_fips.o crypto/o_fopen.o crypto/o_init.o crypto/o_str.o crypto/o_time.o crypto/objects/o_names.o crypto/objects/obj_dat.o crypto/objects/obj_err.o crypto/objects/obj_lib.o crypto/objects/obj_xref.o crypto/ocsp/ocsp_asn.o crypto/ocsp/ocsp_cl.o crypto/ocsp/ocsp_err.o crypto/ocsp/ocsp_ext.o crypto/ocsp/ocsp_ht.o crypto/ocsp/ocsp_lib.o crypto/ocsp/ocsp_prn.o crypto/ocsp/ocsp_srv.o crypto/ocsp/ocsp_vfy.o crypto/ocsp/v3_ocsp.o crypto/pem/pem_all.o crypto/pem/pem_err.o crypto/pem/pem_info.o crypto/pem/pem_lib.o crypto/pem/pem_oth.o crypto/pem/pem_pk8.o crypto/pem/pem_pkey.o crypto/pem/pem_sign.o crypto/pem/pem_x509.o crypto/pem/pem_xaux.o crypto/pem/pvkfmt.o crypto/pkcs12/p12_add.o crypto/pkcs12/p12_asn.o crypto/pkcs12/p12_attr.o crypto/pkcs12/p12_crpt.o crypto/pkcs12/p12_crt.o crypto/pkcs12/p12_decr.o crypto/pkcs12/p12_init.o crypto/pkcs12/p12_key.o crypto/pkcs12/p12_kiss.o crypto/pkcs12/p12_mutl.o crypto/pkcs12/p12_npas.o crypto/pkcs12/p12_p8d.o crypto/pkcs12/p12_p8e.o crypto/pkcs12/p12_sbag.o crypto/pkcs12/p12_utl.o crypto/pkcs12/pk12err.o crypto/pkcs7/bio_pk7.o crypto/pkcs7/pk7_asn1.o crypto/pkcs7/pk7_attr.o crypto/pkcs7/pk7_doit.o crypto/pkcs7/pk7_lib.o crypto/pkcs7/pk7_mime.o crypto/pkcs7/pk7_smime.o crypto/pkcs7/pkcs7err.o crypto/poly1305/poly1305-mips.o crypto/poly1305/poly1305.o crypto/poly1305/poly1305_ameth.o crypto/poly1305/poly1305_pmeth.o crypto/rand/drbg_ctr.o crypto/rand/drbg_lib.o crypto/rand/rand_egd.o crypto/rand/rand_err.o crypto/rand/rand_lib.o crypto/rand/rand_unix.o crypto/rand/rand_vms.o crypto/rand/rand_win.o crypto/rand/randfile.o crypto/rc2/rc2_cbc.o crypto/rc2/rc2_ecb.o crypto/rc2/rc2_skey.o crypto/rc2/rc2cfb64.o crypto/rc2/rc2ofb64.o crypto/rc4/rc4_enc.o crypto/rc4/rc4_skey.o crypto/ripemd/rmd_dgst.o crypto/ripemd/rmd_one.o crypto/rsa/rsa_ameth.o crypto/rsa/rsa_asn1.o crypto/rsa/rsa_chk.o crypto/rsa/rsa_crpt.o crypto/rsa/rsa_depr.o crypto/rsa/rsa_err.o crypto/rsa/rsa_gen.o crypto/rsa/rsa_lib.o crypto/rsa/rsa_meth.o crypto/rsa/rsa_mp.o crypto/rsa/rsa_none.o crypto/rsa/rsa_oaep.o crypto/rsa/rsa_ossl.o crypto/rsa/rsa_pk1.o crypto/rsa/rsa_pmeth.o crypto/rsa/rsa_prn.o crypto/rsa/rsa_pss.o crypto/rsa/rsa_saos.o crypto/rsa/rsa_sign.o crypto/rsa/rsa_ssl.o crypto/rsa/rsa_x931.o crypto/rsa/rsa_x931g.o crypto/seed/seed.o crypto/seed/seed_cbc.o crypto/seed/seed_cfb.o crypto/seed/seed_ecb.o crypto/seed/seed_ofb.o crypto/sha/keccak1600.o crypto/sha/sha1-mips.o crypto/sha/sha1_one.o crypto/sha/sha1dgst.o crypto/sha/sha256-mips.o crypto/sha/sha256.o crypto/sha/sha512-mips.o crypto/sha/sha512.o crypto/siphash/siphash.o crypto/siphash/siphash_ameth.o crypto/siphash/siphash_pmeth.o crypto/sm3/m_sm3.o crypto/sm3/sm3.o crypto/sm4/sm4.o crypto/srp/srp_lib.o crypto/srp/srp_vfy.o crypto/stack/stack.o crypto/store/loader_file.o crypto/store/store_err.o crypto/store/store_init.o crypto/store/store_lib.o crypto/store/store_register.o crypto/store/store_strings.o crypto/threads_none.o crypto/threads_pthread.o crypto/threads_win.o crypto/ts/ts_asn1.o crypto/ts/ts_conf.o crypto/ts/ts_err.o crypto/ts/ts_lib.o crypto/ts/ts_req_print.o crypto/ts/ts_req_utils.o crypto/ts/ts_rsp_print.o crypto/ts/ts_rsp_sign.o crypto/ts/ts_rsp_utils.o crypto/ts/ts_rsp_verify.o crypto/ts/ts_verify_ctx.o crypto/txt_db/txt_db.o crypto/ui/ui_err.o crypto/ui/ui_lib.o crypto/ui/ui_null.o crypto/ui/ui_openssl.o crypto/ui/ui_util.o crypto/uid.o crypto/whrlpool/wp_block.o crypto/whrlpool/wp_dgst.o crypto/x509/by_dir.o crypto/x509/by_file.o crypto/x509/t_crl.o crypto/x509/t_req.o crypto/x509/t_x509.o crypto/x509/x509_att.o crypto/x509/x509_cmp.o crypto/x509/x509_d2.o crypto/x509/x509_def.o crypto/x509/x509_err.o crypto/x509/x509_ext.o crypto/x509/x509_lu.o crypto/x509/x509_obj.o crypto/x509/x509_r2x.o crypto/x509/x509_req.o crypto/x509/x509_set.o crypto/x509/x509_trs.o crypto/x509/x509_txt.o crypto/x509/x509_v3.o crypto/x509/x509_vfy.o crypto/x509/x509_vpm.o crypto/x509/x509cset.o crypto/x509/x509name.o crypto/x509/x509rset.o crypto/x509/x509spki.o crypto/x509/x509type.o crypto/x509/x_all.o crypto/x509/x_attrib.o crypto/x509/x_crl.o crypto/x509/x_exten.o crypto/x509/x_name.o crypto/x509/x_pubkey.o crypto/x509/x_req.o crypto/x509/x_x509.o crypto/x509/x_x509a.o crypto/x509v3/pcy_cache.o crypto/x509v3/pcy_data.o crypto/x509v3/pcy_lib.o crypto/x509v3/pcy_map.o crypto/x509v3/pcy_node.o crypto/x509v3/pcy_tree.o crypto/x509v3/v3_addr.o crypto/x509v3/v3_admis.o crypto/x509v3/v3_akey.o crypto/x509v3/v3_akeya.o crypto/x509v3/v3_alt.o crypto/x509v3/v3_asid.o crypto/x509v3/v3_bcons.o crypto/x509v3/v3_bitst.o crypto/x509v3/v3_conf.o crypto/x509v3/v3_cpols.o crypto/x509v3/v3_crld.o crypto/x509v3/v3_enum.o crypto/x509v3/v3_extku.o crypto/x509v3/v3_genn.o crypto/x509v3/v3_ia5.o crypto/x509v3/v3_info.o crypto/x509v3/v3_int.o crypto/x509v3/v3_lib.o crypto/x509v3/v3_ncons.o crypto/x509v3/v3_pci.o crypto/x509v3/v3_pcia.o crypto/x509v3/v3_pcons.o crypto/x509v3/v3_pku.o crypto/x509v3/v3_pmaps.o crypto/x509v3/v3_prn.o crypto/x509v3/v3_purp.o crypto/x509v3/v3_skey.o crypto/x509v3/v3_sxnet.o crypto/x509v3/v3_tlsf.o crypto/x509v3/v3_utl.o crypto/x509v3/v3err.o engines/e_capi.o engines/e_padlock.o
mips64-octeon-linux-gnu-ar: creating libcrypto.a
mips64-octeon-linux-gnu-ranlib libcrypto.a || echo Never mind.
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/bio_ssl.d.tmp -MT ssl/bio_ssl.o -c -o ssl/bio_ssl.o ssl/bio_ssl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_lib.d.tmp -MT ssl/d1_lib.o -c -o ssl/d1_lib.o ssl/d1_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_msg.d.tmp -MT ssl/d1_msg.o -c -o ssl/d1_msg.o ssl/d1_msg.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/d1_srtp.d.tmp -MT ssl/d1_srtp.o -c -o ssl/d1_srtp.o ssl/d1_srtp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/methods.d.tmp -MT ssl/methods.o -c -o ssl/methods.o ssl/methods.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/packet.d.tmp -MT ssl/packet.o -c -o ssl/packet.o ssl/packet.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/pqueue.d.tmp -MT ssl/pqueue.o -c -o ssl/pqueue.o ssl/pqueue.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/dtls1_bitmap.d.tmp -MT ssl/record/dtls1_bitmap.o -c -o ssl/record/dtls1_bitmap.o ssl/record/dtls1_bitmap.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/rec_layer_d1.d.tmp -MT ssl/record/rec_layer_d1.o -c -o ssl/record/rec_layer_d1.o ssl/record/rec_layer_d1.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/rec_layer_s3.d.tmp -MT ssl/record/rec_layer_s3.o -c -o ssl/record/rec_layer_s3.o ssl/record/rec_layer_s3.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_buffer.d.tmp -MT ssl/record/ssl3_buffer.o -c -o ssl/record/ssl3_buffer.o ssl/record/ssl3_buffer.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_record.d.tmp -MT ssl/record/ssl3_record.o -c -o ssl/record/ssl3_record.o ssl/record/ssl3_record.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/record/ssl3_record_tls13.d.tmp -MT ssl/record/ssl3_record_tls13.o -c -o ssl/record/ssl3_record_tls13.o ssl/record/ssl3_record_tls13.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_cbc.d.tmp -MT ssl/s3_cbc.o -c -o ssl/s3_cbc.o ssl/s3_cbc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_enc.d.tmp -MT ssl/s3_enc.o -c -o ssl/s3_enc.o ssl/s3_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_lib.d.tmp -MT ssl/s3_lib.o -c -o ssl/s3_lib.o ssl/s3_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/s3_msg.d.tmp -MT ssl/s3_msg.o -c -o ssl/s3_msg.o ssl/s3_msg.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_asn1.d.tmp -MT ssl/ssl_asn1.o -c -o ssl/ssl_asn1.o ssl/ssl_asn1.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_cert.d.tmp -MT ssl/ssl_cert.o -c -o ssl/ssl_cert.o ssl/ssl_cert.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_ciph.d.tmp -MT ssl/ssl_ciph.o -c -o ssl/ssl_ciph.o ssl/ssl_ciph.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_conf.d.tmp -MT ssl/ssl_conf.o -c -o ssl/ssl_conf.o ssl/ssl_conf.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_err.d.tmp -MT ssl/ssl_err.o -c -o ssl/ssl_err.o ssl/ssl_err.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_init.d.tmp -MT ssl/ssl_init.o -c -o ssl/ssl_init.o ssl/ssl_init.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_lib.d.tmp -MT ssl/ssl_lib.o -c -o ssl/ssl_lib.o ssl/ssl_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_mcnf.d.tmp -MT ssl/ssl_mcnf.o -c -o ssl/ssl_mcnf.o ssl/ssl_mcnf.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_rsa.d.tmp -MT ssl/ssl_rsa.o -c -o ssl/ssl_rsa.o ssl/ssl_rsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_sess.d.tmp -MT ssl/ssl_sess.o -c -o ssl/ssl_sess.o ssl/ssl_sess.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_stat.d.tmp -MT ssl/ssl_stat.o -c -o ssl/ssl_stat.o ssl/ssl_stat.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_txt.d.tmp -MT ssl/ssl_txt.o -c -o ssl/ssl_txt.o ssl/ssl_txt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/ssl_utst.d.tmp -MT ssl/ssl_utst.o -c -o ssl/ssl_utst.o ssl/ssl_utst.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions.d.tmp -MT ssl/statem/extensions.o -c -o ssl/statem/extensions.o ssl/statem/extensions.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_clnt.d.tmp -MT ssl/statem/extensions_clnt.o -c -o ssl/statem/extensions_clnt.o ssl/statem/extensions_clnt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_cust.d.tmp -MT ssl/statem/extensions_cust.o -c -o ssl/statem/extensions_cust.o ssl/statem/extensions_cust.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/extensions_srvr.d.tmp -MT ssl/statem/extensions_srvr.o -c -o ssl/statem/extensions_srvr.o ssl/statem/extensions_srvr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem.d.tmp -MT ssl/statem/statem.o -c -o ssl/statem/statem.o ssl/statem/statem.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_clnt.d.tmp -MT ssl/statem/statem_clnt.o -c -o ssl/statem/statem_clnt.o ssl/statem/statem_clnt.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_dtls.d.tmp -MT ssl/statem/statem_dtls.o -c -o ssl/statem/statem_dtls.o ssl/statem/statem_dtls.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_lib.d.tmp -MT ssl/statem/statem_lib.o -c -o ssl/statem/statem_lib.o ssl/statem/statem_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/statem/statem_srvr.d.tmp -MT ssl/statem/statem_srvr.o -c -o ssl/statem/statem_srvr.o ssl/statem/statem_srvr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_enc.d.tmp -MT ssl/t1_enc.o -c -o ssl/t1_enc.o ssl/t1_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_lib.d.tmp -MT ssl/t1_lib.o -c -o ssl/t1_lib.o ssl/t1_lib.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/t1_trce.d.tmp -MT ssl/t1_trce.o -c -o ssl/t1_trce.o ssl/t1_trce.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/tls13_enc.d.tmp -MT ssl/tls13_enc.o -c -o ssl/tls13_enc.o ssl/tls13_enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF ssl/tls_srp.d.tmp -MT ssl/tls_srp.o -c -o ssl/tls_srp.o ssl/tls_srp.c
mips64-octeon-linux-gnu-ar r libssl.a ssl/bio_ssl.o ssl/d1_lib.o ssl/d1_msg.o ssl/d1_srtp.o ssl/methods.o ssl/packet.o ssl/pqueue.o ssl/record/dtls1_bitmap.o ssl/record/rec_layer_d1.o ssl/record/rec_layer_s3.o ssl/record/ssl3_buffer.o ssl/record/ssl3_record.o ssl/record/ssl3_record_tls13.o ssl/s3_cbc.o ssl/s3_enc.o ssl/s3_lib.o ssl/s3_msg.o ssl/ssl_asn1.o ssl/ssl_cert.o ssl/ssl_ciph.o ssl/ssl_conf.o ssl/ssl_err.o ssl/ssl_init.o ssl/ssl_lib.o ssl/ssl_mcnf.o ssl/ssl_rsa.o ssl/ssl_sess.o ssl/ssl_stat.o ssl/ssl_txt.o ssl/ssl_utst.o ssl/statem/extensions.o ssl/statem/extensions_clnt.o ssl/statem/extensions_cust.o ssl/statem/extensions_srvr.o ssl/statem/statem.o ssl/statem/statem_clnt.o ssl/statem/statem_dtls.o ssl/statem/statem_lib.o ssl/statem/statem_srvr.o ssl/t1_enc.o ssl/t1_lib.o ssl/t1_trce.o ssl/tls13_enc.o ssl/tls_srp.o
mips64-octeon-linux-gnu-ar: creating libssl.a
mips64-octeon-linux-gnu-ranlib libssl.a || echo Never mind.
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/basic_output.d.tmp -MT test/testutil/basic_output.o -c -o test/testutil/basic_output.o test/testutil/basic_output.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/cb.d.tmp -MT test/testutil/cb.o -c -o test/testutil/cb.o test/testutil/cb.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/driver.d.tmp -MT test/testutil/driver.o -c -o test/testutil/driver.o test/testutil/driver.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/format_output.d.tmp -MT test/testutil/format_output.o -c -o test/testutil/format_output.o test/testutil/format_output.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/init.d.tmp -MT test/testutil/init.o -c -o test/testutil/init.o test/testutil/init.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/main.d.tmp -MT test/testutil/main.o -c -o test/testutil/main.o test/testutil/main.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/output_helpers.d.tmp -MT test/testutil/output_helpers.o -c -o test/testutil/output_helpers.o test/testutil/output_helpers.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/stanza.d.tmp -MT test/testutil/stanza.o -c -o test/testutil/stanza.o test/testutil/stanza.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/tap_bio.d.tmp -MT test/testutil/tap_bio.o -c -o test/testutil/tap_bio.o test/testutil/tap_bio.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/test_cleanup.d.tmp -MT test/testutil/test_cleanup.o -c -o test/testutil/test_cleanup.o test/testutil/test_cleanup.c
mips64-octeon-linux-gnu-gcc -Iinclude -mips3 -Wall -O3 -pthread -mabi=n32 -fPIC -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-1.1\"" -c -MMD -MF test/testutil/tests.d.tmp -MT test/testutil/tests.o -c -o test/testutil/tests.o test/testutil/tests.c
mips64-octeon-linux-gnu-ar r test/libtestutil.a test/testutil/basic_output.o test/testutil/cb.o test/testutil/driver.o test/testutil/format_output.o test/testutil/init.o test/testutil/main.o test/testutil/output_helpers.o test/testutil/stanza.o test/testutil/tap_bio.o test/testutil/test_cleanup.o test/testutil/tests.o
mips64-octeon-linux-gnu-ar: creating test/libtestutil.a
mips64-octeon-linux-gnu-ranlib test/libtestutil.a || echo Never mind.
/usr/bin/perl apps/progs.pl apps/openssl > apps/progs.h
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/asn1pars.d.tmp -MT apps/asn1pars.o -c -o apps/asn1pars.o apps/asn1pars.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ca.d.tmp -MT apps/ca.o -c -o apps/ca.o apps/ca.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ciphers.d.tmp -MT apps/ciphers.o -c -o apps/ciphers.o apps/ciphers.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/cms.d.tmp -MT apps/cms.o -c -o apps/cms.o apps/cms.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/crl.d.tmp -MT apps/crl.o -c -o apps/crl.o apps/crl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/crl2p7.d.tmp -MT apps/crl2p7.o -c -o apps/crl2p7.o apps/crl2p7.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dgst.d.tmp -MT apps/dgst.o -c -o apps/dgst.o apps/dgst.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dhparam.d.tmp -MT apps/dhparam.o -c -o apps/dhparam.o apps/dhparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dsa.d.tmp -MT apps/dsa.o -c -o apps/dsa.o apps/dsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/dsaparam.d.tmp -MT apps/dsaparam.o -c -o apps/dsaparam.o apps/dsaparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ec.d.tmp -MT apps/ec.o -c -o apps/ec.o apps/ec.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ecparam.d.tmp -MT apps/ecparam.o -c -o apps/ecparam.o apps/ecparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/enc.d.tmp -MT apps/enc.o -c -o apps/enc.o apps/enc.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/engine.d.tmp -MT apps/engine.o -c -o apps/engine.o apps/engine.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/errstr.d.tmp -MT apps/errstr.o -c -o apps/errstr.o apps/errstr.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/gendsa.d.tmp -MT apps/gendsa.o -c -o apps/gendsa.o apps/gendsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/genpkey.d.tmp -MT apps/genpkey.o -c -o apps/genpkey.o apps/genpkey.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/genrsa.d.tmp -MT apps/genrsa.o -c -o apps/genrsa.o apps/genrsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/nseq.d.tmp -MT apps/nseq.o -c -o apps/nseq.o apps/nseq.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ocsp.d.tmp -MT apps/ocsp.o -c -o apps/ocsp.o apps/ocsp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/openssl.d.tmp -MT apps/openssl.o -c -o apps/openssl.o apps/openssl.c
apps/openssl.c: In function 'list_type':
apps/openssl.c:523: warning: 'dc.width' may be used uninitialized in this function
apps/openssl.c:523: warning: 'dc.columns' may be used uninitialized in this function
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/passwd.d.tmp -MT apps/passwd.o -c -o apps/passwd.o apps/passwd.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs12.d.tmp -MT apps/pkcs12.o -c -o apps/pkcs12.o apps/pkcs12.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs7.d.tmp -MT apps/pkcs7.o -c -o apps/pkcs7.o apps/pkcs7.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkcs8.d.tmp -MT apps/pkcs8.o -c -o apps/pkcs8.o apps/pkcs8.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkey.d.tmp -MT apps/pkey.o -c -o apps/pkey.o apps/pkey.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkeyparam.d.tmp -MT apps/pkeyparam.o -c -o apps/pkeyparam.o apps/pkeyparam.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/pkeyutl.d.tmp -MT apps/pkeyutl.o -c -o apps/pkeyutl.o apps/pkeyutl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/prime.d.tmp -MT apps/prime.o -c -o apps/prime.o apps/prime.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rand.d.tmp -MT apps/rand.o -c -o apps/rand.o apps/rand.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rehash.d.tmp -MT apps/rehash.o -c -o apps/rehash.o apps/rehash.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/req.d.tmp -MT apps/req.o -c -o apps/req.o apps/req.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rsa.d.tmp -MT apps/rsa.o -c -o apps/rsa.o apps/rsa.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/rsautl.d.tmp -MT apps/rsautl.o -c -o apps/rsautl.o apps/rsautl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_client.d.tmp -MT apps/s_client.o -c -o apps/s_client.o apps/s_client.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_server.d.tmp -MT apps/s_server.o -c -o apps/s_server.o apps/s_server.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/s_time.d.tmp -MT apps/s_time.o -c -o apps/s_time.o apps/s_time.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/sess_id.d.tmp -MT apps/sess_id.o -c -o apps/sess_id.o apps/sess_id.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/smime.d.tmp -MT apps/smime.o -c -o apps/smime.o apps/smime.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/speed.d.tmp -MT apps/speed.o -c -o apps/speed.o apps/speed.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/spkac.d.tmp -MT apps/spkac.o -c -o apps/spkac.o apps/spkac.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/srp.d.tmp -MT apps/srp.o -c -o apps/srp.o apps/srp.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/storeutl.d.tmp -MT apps/storeutl.o -c -o apps/storeutl.o apps/storeutl.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/ts.d.tmp -MT apps/ts.o -c -o apps/ts.o apps/ts.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/verify.d.tmp -MT apps/verify.o -c -o apps/verify.o apps/verify.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/version.d.tmp -MT apps/version.o -c -o apps/version.o apps/version.c
mips64-octeon-linux-gnu-gcc -I. -Iinclude -Iapps -mips3 -Wall -O3 -pthread -mabi=n32 -DNDEBUG -DOPENSSL_NO_DYNAMIC_ENGINE -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DAES_ASM -DPOLY1305_ASM -DOPENSSL_USE_NODELETE -DBN_DIV3W -c -MMD -MF apps/x509.d.tmp -MT apps/x509.o -c -o apps/x509.o apps/x509.c
rm -f apps/openssl
${LDCMD:-mips64-octeon-linux-gnu-gcc} -mips3 -Wall -O3 -pthread -mabi=n32 -L. \
-o apps/openssl apps/asn1pars.o apps/ca.o apps/ciphers.o apps/cms.o apps/crl.o apps/crl2p7.o apps/dgst.o apps/dhparam.o apps/dsa.o apps/dsaparam.o apps/ec.o apps/ecparam.o apps/enc.o apps/engine.o apps/errstr.o apps/gendsa.o apps/genpkey.o apps/genrsa.o apps/nseq.o apps/ocsp.o apps/openssl.o apps/passwd.o apps/pkcs12.o apps/pkcs7.o apps/pkcs8.o apps/pkey.o apps/pkeyparam.o apps/pkeyutl.o apps/prime.o apps/rand.o apps/rehash.o apps/req.o apps/rsa.o apps/rsautl.o apps/s_client.o apps/s_server.o apps/s_time.o apps/sess_id.o apps/smime.o apps/speed.o apps/spkac.o apps/srp.o apps/storeutl.o apps/ts.o apps/verify.o apps/version.o apps/x509.o \
apps/libapps.a -lssl -lcrypto -ldl -pthread
./libcrypto.a(async_posix.o): In function `ASYNC_is_capable':
async_posix.c:(.text+0x6c): warning: warning: getcontext is not implemented and will always fail
./libcrypto.a(async.o): In function `async_fibre_swapcontext':
async.c:(.text+0x2fc): warning: warning: setcontext is not implemented and will always fail
./libcrypto.a(async_posix.o): In function `async_fibre_makecontext':
async_posix.c:(.text+0x10c): warning: warning: makecontext is not implemented and will always fail
apps/speed.o: In function `speed_main':
speed.c:(.text+0x74bc): undefined reference to `CRYPTO_memcmp'
speed.c:(.text+0x74bc): relocation truncated to fit: R_MIPS_26 against `CRYPTO_memcmp'
./libssl.a(ssl3_record.o): In function `dtls1_process_record':
ssl3_record.c:(.text+0x1e14): undefined reference to `CRYPTO_memcmp'
ssl3_record.c:(.text+0x1f7c): undefined reference to `CRYPTO_memcmp'
./libssl.a(ssl3_record.o): In function `ssl3_get_record':
ssl3_record.c:(.text+0x2a88): undefined reference to `CRYPTO_memcmp'
ssl3_record.c:(.text+0x3210): undefined reference to `CRYPTO_memcmp'
./libssl.a(extensions.o):extensions.c:(.text+0xa84): more undefined references to `CRYPTO_memcmp' follow
./libcrypto.a(init.o): In function `ossl_init_base_ossl_':
init.c:(.text+0x8e0): undefined reference to `OPENSSL_cpuid_setup'
./libcrypto.a(gcm128.o): In function `CRYPTO_gcm128_finish':
gcm128.c:(.text+0x23cc): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(ocb128.o): In function `CRYPTO_ocb128_finish':
ocb128.c:(.text+0x144): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(wrap128.o): In function `CRYPTO_128_unwrap_pad':
wrap128.c:(.text+0x494): undefined reference to `CRYPTO_memcmp'
wrap128.c:(.text+0x588): undefined reference to `CRYPTO_memcmp'
wrap128.c:(.text+0x5b0): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(wrap128.o):wrap128.c:(.text+0x624): more undefined references to `CRYPTO_memcmp' follow
./libcrypto.a(rand_lib.o): In function `rand_drbg_get_additional_data':
rand_lib.c:(.text+0xedc): undefined reference to `OPENSSL_rdtsc'
rand_lib.c:(.text+0xf70): undefined reference to `OPENSSL_rdtsc'
./libcrypto.a(curve25519.o): In function `X25519':
curve25519.c:(.text+0x4e58): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(curve25519.o): In function `ge_frombytes_vartime':
curve25519.c:(.text+0x559c): undefined reference to `CRYPTO_memcmp'
curve25519.c:(.text+0x5754): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(curve25519.o): In function `ED25519_verify':
curve25519.c:(.text+0xdea8): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
eng_all.c:(.text+0x14): undefined reference to `OPENSSL_cpuid_setup'
./libcrypto.a(rsa_oaep.o): In function `RSA_padding_check_PKCS1_OAEP_mgf1':
rsa_oaep.c:(.text+0x4e0): undefined reference to `CRYPTO_memcmp'
./libcrypto.a(dh_kdf.o): In function `DH_KDF_X9_42':
dh_kdf.c:(.text+0x35c): undefined reference to `CRYPTO_memcmp'
collect2: ld returned 1 exit status
make[1]: *** [apps/openssl] Error 1
make[1]: Leaving directory `
make: *** [all] Error 2
Build step 'Execute shell' marked build as failure
From openssl at openssl.org Thu Feb 8 14:11:20 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 08 Feb 2018 14:11:20 +0000
Subject: [openssl-commits] FAILED build of OpenSSL branch master with
options -d --strict-warnings 386
Message-ID: <1518099080.610921.2537.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings 386
Commit log since last time:
4af2697 Don't run tls13encryptiontest on a shared Windows build
04e3bb0 Fix some undefined behaviour in ossltest engine
0f41dc0 Fix clienthellotest with TLSv1.3
f518cef Enable TLSv1.3 by default
c517ac4 Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
048ebcc make update ERROR_REBUILD=-rebuild
cb7b727 mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
3a7141d Make all private functions in e_afalg.c static
7d3901f test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
227a1e3 Modify test/afalgtest to fail if the afalg engine couldn't be loaded
bed4afa Fix glibc specific conditional for Mac OS/X
2b66fd5 Unify timer code
360fc9f Make OPENSSL_rdtsc universally available.
2ad2281 Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
Build log ended with (last 100 lines):
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:38: undefined reference to `OPENSSL_ia32_rdrand'
libcrypto.a(e_aes.o): In function `aes_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:2906: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3458: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3393: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:428: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:713: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o):/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:648: more undefined references to `CRYPTO_memcmp' follow
libcrypto.a(curve25519.o): In function `ED25519_verify':
/home/openssl/run-checker/386/../openssl/crypto/ec/curve25519.c:5149: undefined reference to `CRYPTO_memcmp'
libcrypto.a(curve25519.o): In function `X25519':
/home/openssl/run-checker/386/../openssl/crypto/ec/curve25519.c:5174: undefined reference to `CRYPTO_memcmp'
libcrypto.a(curve25519.o): In function `fe_isnonzero':
/home/openssl/run-checker/386/../openssl/crypto/ec/curve25519.c:1235: undefined reference to `CRYPTO_memcmp'
libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_all.c:16: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(eng_rdrand.o): In function `get_random_bytes':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:30: undefined reference to `OPENSSL_ia32_rdrand'
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:38: undefined reference to `OPENSSL_ia32_rdrand'
libcrypto.a(e_aes.o): In function `aes_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:2906: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3458: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3393: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:428: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:713: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o):/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:648: more undefined references to `CRYPTO_memcmp' follow
if [ 'libcrypto.so' != 'libcrypto.so.1.1' ]; then \
rm -f libcrypto.so; \
ln -s libcrypto.so.1.1 libcrypto.so; \
fi
clang: error: linker command failed with exit code 1 (use -v to see invocation)
rm -f test/modes_internal_test
Makefile:7074: recipe for target 'test/asn1_internal_test' failed
make[1]: *** [test/asn1_internal_test] Error 1
make[1]: *** Waiting for unfinished jobs....
${LDCMD:-clang} -Wall -O0 -g -pthread -m64 -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -Wno-unknown-warning-option -L. \
-o test/modes_internal_test test/modes_internal_test.o \
test/libtestutil.a libcrypto.a -ldl -pthread
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Makefile:8695: recipe for target 'test/chacha_internal_test' failed
make[1]: *** [test/chacha_internal_test] Error 1
libcrypto.a(init.o): In function `ossl_init_base':
/home/openssl/run-checker/386/../openssl/crypto/init.c:89: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(rand_lib.o): In function `get_timer_bits':
/home/openssl/run-checker/386/../openssl/crypto/rand/rand_lib.c:206: undefined reference to `OPENSSL_rdtsc'
libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_all.c:16: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(eng_rdrand.o): In function `get_random_bytes':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:30: undefined reference to `OPENSSL_ia32_rdrand'
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:38: undefined reference to `OPENSSL_ia32_rdrand'
libcrypto.a(e_aes.o): In function `aes_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:2906: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3458: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3393: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:428: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:713: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o):/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:648: more undefined references to `CRYPTO_memcmp' follow
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Makefile:8799: recipe for target 'test/ctype_internal_test' failed
make[1]: *** [test/ctype_internal_test] Error 1
libcrypto.a(init.o): In function `ossl_init_base':
/home/openssl/run-checker/386/../openssl/crypto/init.c:89: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(gcm128.o): In function `CRYPTO_gcm128_finish':
/home/openssl/run-checker/386/../openssl/crypto/modes/gcm128.c:1651: undefined reference to `CRYPTO_memcmp'
libcrypto.a(rand_lib.o): In function `get_timer_bits':
/home/openssl/run-checker/386/../openssl/crypto/rand/rand_lib.c:206: undefined reference to `OPENSSL_rdtsc'
libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_all.c:16: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(eng_rdrand.o): In function `get_random_bytes':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:30: undefined reference to `OPENSSL_ia32_rdrand'
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:38: undefined reference to `OPENSSL_ia32_rdrand'
libcrypto.a(e_aes.o): In function `aes_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:2906: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3458: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3393: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:428: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:713: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o):/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:648: more undefined references to `CRYPTO_memcmp' follow
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Makefile:9163: recipe for target 'test/modes_internal_test' failed
make[1]: *** [test/modes_internal_test] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/386'
Makefile:143: recipe for target 'all' failed
make: *** [all] Error 2
From openssl at openssl.org Thu Feb 8 15:53:15 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 08 Feb 2018 15:53:15 +0000
Subject: [openssl-commits] FAILED build of OpenSSL branch master with
options -d --strict-warnings no-tls1_2
Message-ID: <1518105195.962919.13369.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2
Commit log since last time:
4af2697 Don't run tls13encryptiontest on a shared Windows build
04e3bb0 Fix some undefined behaviour in ossltest engine
0f41dc0 Fix clienthellotest with TLSv1.3
f518cef Enable TLSv1.3 by default
c517ac4 Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
048ebcc make update ERROR_REBUILD=-rebuild
cb7b727 mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
3a7141d Make all private functions in e_afalg.c static
7d3901f test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
227a1e3 Modify test/afalgtest to fail if the afalg engine couldn't be loaded
bed4afa Fix glibc specific conditional for Mac OS/X
2b66fd5 Unify timer code
360fc9f Make OPENSSL_rdtsc universally available.
2ad2281 Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
Build log ended with (last 100 lines):
( cd test; \
mkdir -p test-runs; \
SRCTOP=../../openssl \
BLDTOP=../. \
RESULT_D=test-runs \
PERL="/usr/bin/perl" \
EXE_EXT= \
OPENSSL_ENGINES=`cd .././engines; pwd` \
OPENSSL_DEBUG_MEMORY=on \
/usr/bin/perl ../../openssl/test/run_tests.pl )
../../openssl/test/recipes/01-test_abort.t .................... ok
../../openssl/test/recipes/01-test_sanity.t ................... ok
../../openssl/test/recipes/01-test_symbol_presence.t .......... ok
../../openssl/test/recipes/01-test_test.t ..................... ok
../../openssl/test/recipes/02-test_internal_ctype.t ........... ok
../../openssl/test/recipes/02-test_lhash.t .................... ok
../../openssl/test/recipes/02-test_ordinals.t ................. ok
../../openssl/test/recipes/02-test_stack.t .................... ok
../../openssl/test/recipes/03-test_exdata.t ................... ok
../../openssl/test/recipes/03-test_internal_asn1.t ............ ok
../../openssl/test/recipes/03-test_internal_chacha.t .......... ok
../../openssl/test/recipes/03-test_internal_mdc2.t ............ ok
../../openssl/test/recipes/03-test_internal_modes.t ........... ok
../../openssl/test/recipes/03-test_internal_poly1305.t ........ ok
../../openssl/test/recipes/03-test_internal_siphash.t ......... ok
../../openssl/test/recipes/03-test_internal_sm4.t ............. ok
../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok
../../openssl/test/recipes/03-test_internal_x509.t ............ ok
../../openssl/test/recipes/03-test_ui.t ....................... ok
../../openssl/test/recipes/04-test_asn1_encode.t .............. ok
../../openssl/test/recipes/04-test_asn1_string_table.t ........ ok
../../openssl/test/recipes/04-test_bioprint.t ................. ok
../../openssl/test/recipes/04-test_pem.t ...................... ok
../../openssl/test/recipes/05-test_bf.t ....................... ok
../../openssl/test/recipes/05-test_cast.t ..................... ok
../../openssl/test/recipes/05-test_des.t ...................... ok
../../openssl/test/recipes/05-test_hmac.t ..................... ok
../../openssl/test/recipes/05-test_idea.t ..................... ok
../../openssl/test/recipes/05-test_md2.t ...................... skipped: md2 is not supported by this OpenSSL build
../../openssl/test/recipes/05-test_mdc2.t ..................... ok
../../openssl/test/recipes/05-test_rand.t ..................... ok
../../openssl/test/recipes/05-test_rc2.t ...................... ok
../../openssl/test/recipes/05-test_rc4.t ...................... ok
../../openssl/test/recipes/05-test_rc5.t ...................... skipped: rc5 is not supported by this OpenSSL build
../../openssl/test/recipes/10-test_bn.t ....................... ok
../../openssl/test/recipes/10-test_exp.t ...................... ok
../../openssl/test/recipes/15-test_dh.t ....................... ok
../../openssl/test/recipes/15-test_dsa.t ...................... ok
../../openssl/test/recipes/15-test_ec.t ....................... ok
../../openssl/test/recipes/15-test_ecdsa.t .................... ok
../../openssl/test/recipes/15-test_ecparam.t .................. ok
../../openssl/test/recipes/15-test_genrsa.t ................... ok
../../openssl/test/recipes/15-test_mp_rsa.t ................... ok
../../openssl/test/recipes/15-test_rsa.t ...................... ok
../../openssl/test/recipes/15-test_rsapss.t ................... ok
../../openssl/test/recipes/20-test_enc.t ...................... ok
../../openssl/test/recipes/20-test_enc_more.t ................. ok
../../openssl/test/recipes/20-test_passwd.t ................... ok
../../openssl/test/recipes/25-test_crl.t ...................... ok
../../openssl/test/recipes/25-test_d2i.t ...................... ok
../../openssl/test/recipes/25-test_pkcs7.t .................... ok
../../openssl/test/recipes/25-test_req.t ...................... ok
../../openssl/test/recipes/25-test_sid.t ...................... ok
../../openssl/test/recipes/25-test_verify.t ................... ok
../../openssl/test/recipes/25-test_x509.t ..................... ok
../../openssl/test/recipes/30-test_afalg.t .................... ok
../../openssl/test/recipes/30-test_engine.t ................... ok
../../openssl/test/recipes/30-test_evp.t ...................... ok
../../openssl/test/recipes/30-test_evp_extra.t ................ ok
../../openssl/test/recipes/30-test_pbelu.t .................... ok
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t .................. ok
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t ..............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/22 subtests
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................ ok
../../openssl/test/recipes/70-test_renegotiation.t ............ skipped: test_renegotiation needs TLS <= 1.2 enabled
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ skipped: test_sslcbcpadding needs TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslcertstatus.t ............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_sslextension.t .............
Dubious, test returned 255 (wstat 65280, 0xff00)
No subtests run
make[1]: *** wait: No child processes. Stop.
make[1]: *** Waiting for unfinished jobs....
make[1]: *** wait: No child processes. Stop.
From matt at openssl.org Thu Feb 8 17:27:29 2018
From: matt at openssl.org (Matt Caswell)
Date: Thu, 08 Feb 2018 17:27:29 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518110849.360805.5463.nullmailer@dev.openssl.org>
The branch master has been updated
via 71cff963b4b3f8432e7fea4c94c138ca61b07d95 (commit)
from b53fdad0e4350ba49812c50305686ee5a6239111 (commit)
- Log -----------------------------------------------------------------
commit 71cff963b4b3f8432e7fea4c94c138ca61b07d95
Author: Matt Caswell
Date: Thu Feb 8 15:45:35 2018 +0000
Fix no-chacha and no-poly1305
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5287)
-----------------------------------------------------------------------
Summary of changes:
test/cipherlist_test.c | 4 +++-
test/sslapitest.c | 2 ++
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/test/cipherlist_test.c b/test/cipherlist_test.c
index 2d8288d..336bdb0 100644
--- a/test/cipherlist_test.c
+++ b/test/cipherlist_test.c
@@ -72,7 +72,7 @@ static const uint32_t default_ciphers_in_order[] = {
TLS1_CK_DHE_RSA_WITH_AES_256_GCM_SHA384,
# endif
-# if !defined OPENSSL_NO_CHACHA && !defined OPENSSL_NO_POLY1305
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
# ifndef OPENSSL_NO_EC
TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305,
@@ -126,7 +126,9 @@ static const uint32_t default_ciphers_in_order[] = {
#endif
#ifndef OPENSSL_NO_TLS1_3
TLS1_3_CK_AES_256_GCM_SHA384,
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
TLS1_3_CK_CHACHA20_POLY1305_SHA256,
+# endif
TLS1_3_CK_AES_128_GCM_SHA256,
#endif
#ifndef OPENSSL_NO_TLS1_2
diff --git a/test/sslapitest.c b/test/sslapitest.c
index b655fe7..483941a 100644
--- a/test/sslapitest.c
+++ b/test/sslapitest.c
@@ -2332,6 +2332,7 @@ static int test_ciphersuite_change(void)
SSL_free(clientssl);
serverssl = clientssl = NULL;
+# if !defined(OPENSSL_NO_CHACHA) && !defined(OPENSSL_NO_POLY1305)
/* Check we can resume a session with a different SHA-256 ciphersuite */
if (!TEST_true(SSL_CTX_set_cipher_list(cctx,
"TLS13-CHACHA20-POLY1305-SHA256"))
@@ -2350,6 +2351,7 @@ static int test_ciphersuite_change(void)
SSL_free(serverssl);
SSL_free(clientssl);
serverssl = clientssl = NULL;
+# endif
/*
* Check attempting to resume a SHA-256 session with no SHA-256 ciphersuites
From openssl at openssl.org Thu Feb 8 17:36:03 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Thu, 08 Feb 2018 17:36:03 +0000
Subject: [openssl-commits] FAILED build of OpenSSL branch master with
options -d --strict-warnings no-tls1_2-method
Message-ID: <1518111363.335586.31189.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2-method
Commit log since last time:
4af2697 Don't run tls13encryptiontest on a shared Windows build
04e3bb0 Fix some undefined behaviour in ossltest engine
0f41dc0 Fix clienthellotest with TLSv1.3
f518cef Enable TLSv1.3 by default
c517ac4 Revert "Modify test/afalgtest to fail if the afalg engine couldn't be loaded"
048ebcc make update ERROR_REBUILD=-rebuild
cb7b727 mkerr.pl: When writing internal FOOerr.h, pay attention to disablable modules
3a7141d Make all private functions in e_afalg.c static
7d3901f test/recipes/30-test_afalg.t: set OPENSSL_ENGINES correctly
227a1e3 Modify test/afalgtest to fail if the afalg engine couldn't be loaded
bed4afa Fix glibc specific conditional for Mac OS/X
2b66fd5 Unify timer code
360fc9f Make OPENSSL_rdtsc universally available.
2ad2281 Make the OPENSSL_CPUID_OBJ define internal. Patch by @levitte.
Build log ended with (last 100 lines):
( cd test; \
mkdir -p test-runs; \
SRCTOP=../../openssl \
BLDTOP=../. \
RESULT_D=test-runs \
PERL="/usr/bin/perl" \
EXE_EXT= \
OPENSSL_ENGINES=`cd .././engines; pwd` \
OPENSSL_DEBUG_MEMORY=on \
/usr/bin/perl ../../openssl/test/run_tests.pl )
../../openssl/test/recipes/01-test_abort.t .................... ok
../../openssl/test/recipes/01-test_sanity.t ................... ok
../../openssl/test/recipes/01-test_symbol_presence.t .......... ok
../../openssl/test/recipes/01-test_test.t ..................... ok
../../openssl/test/recipes/02-test_internal_ctype.t ........... ok
../../openssl/test/recipes/02-test_lhash.t .................... ok
../../openssl/test/recipes/02-test_ordinals.t ................. ok
../../openssl/test/recipes/02-test_stack.t .................... ok
../../openssl/test/recipes/03-test_exdata.t ................... ok
../../openssl/test/recipes/03-test_internal_asn1.t ............ ok
../../openssl/test/recipes/03-test_internal_chacha.t .......... ok
../../openssl/test/recipes/03-test_internal_mdc2.t ............ ok
../../openssl/test/recipes/03-test_internal_modes.t ........... ok
../../openssl/test/recipes/03-test_internal_poly1305.t ........ ok
../../openssl/test/recipes/03-test_internal_siphash.t ......... ok
../../openssl/test/recipes/03-test_internal_sm4.t ............. ok
../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok
../../openssl/test/recipes/03-test_internal_x509.t ............ ok
../../openssl/test/recipes/03-test_ui.t ....................... ok
../../openssl/test/recipes/04-test_asn1_encode.t .............. ok
../../openssl/test/recipes/04-test_asn1_string_table.t ........ ok
../../openssl/test/recipes/04-test_bioprint.t ................. ok
../../openssl/test/recipes/04-test_pem.t ...................... ok
../../openssl/test/recipes/05-test_bf.t ....................... ok
../../openssl/test/recipes/05-test_cast.t ..................... ok
../../openssl/test/recipes/05-test_des.t ...................... ok
../../openssl/test/recipes/05-test_hmac.t ..................... ok
../../openssl/test/recipes/05-test_idea.t ..................... ok
../../openssl/test/recipes/05-test_md2.t ...................... skipped: md2 is not supported by this OpenSSL build
../../openssl/test/recipes/05-test_mdc2.t ..................... ok
../../openssl/test/recipes/05-test_rand.t ..................... ok
../../openssl/test/recipes/05-test_rc2.t ...................... ok
../../openssl/test/recipes/05-test_rc4.t ...................... ok
../../openssl/test/recipes/05-test_rc5.t ...................... skipped: rc5 is not supported by this OpenSSL build
../../openssl/test/recipes/10-test_bn.t ....................... ok
../../openssl/test/recipes/10-test_exp.t ...................... ok
../../openssl/test/recipes/15-test_dh.t ....................... ok
../../openssl/test/recipes/15-test_dsa.t ...................... ok
../../openssl/test/recipes/15-test_ec.t ....................... ok
../../openssl/test/recipes/15-test_ecdsa.t .................... ok
../../openssl/test/recipes/15-test_ecparam.t .................. ok
../../openssl/test/recipes/15-test_genrsa.t ................... ok
../../openssl/test/recipes/15-test_mp_rsa.t ................... ok
../../openssl/test/recipes/15-test_rsa.t ...................... ok
../../openssl/test/recipes/15-test_rsapss.t ................... ok
../../openssl/test/recipes/20-test_enc.t ...................... ok
../../openssl/test/recipes/20-test_enc_more.t ................. ok
../../openssl/test/recipes/20-test_passwd.t ................... ok
../../openssl/test/recipes/25-test_crl.t ...................... ok
../../openssl/test/recipes/25-test_d2i.t ...................... ok
../../openssl/test/recipes/25-test_pkcs7.t .................... ok
../../openssl/test/recipes/25-test_req.t ...................... ok
../../openssl/test/recipes/25-test_sid.t ...................... ok
../../openssl/test/recipes/25-test_verify.t ................... ok
../../openssl/test/recipes/25-test_x509.t ..................... ok
../../openssl/test/recipes/30-test_afalg.t .................... ok
../../openssl/test/recipes/30-test_engine.t ................... ok
../../openssl/test/recipes/30-test_evp.t ...................... ok
../../openssl/test/recipes/30-test_evp_extra.t ................ ok
../../openssl/test/recipes/30-test_pbelu.t .................... ok
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t .................. ok
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t ..............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/22 subtests
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................ ok
../../openssl/test/recipes/70-test_renegotiation.t ............ skipped: test_renegotiation needs TLS <= 1.2 enabled
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ skipped: test_sslcbcpadding needs TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslcertstatus.t ............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_sslextension.t .............
Dubious, test returned 255 (wstat 65280, 0xff00)
No subtests run
make[1]: *** wait: No child processes. Stop.
make[1]: *** Waiting for unfinished jobs....
make[1]: *** wait: No child processes. Stop.
From levitte at openssl.org Thu Feb 8 18:42:30 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 08 Feb 2018 18:42:30 +0000
Subject: [openssl-commits] [tools] master update
Message-ID: <1518115350.633083.16528.nullmailer@dev.openssl.org>
The branch master has been updated
via da7d7b372dc15d739df3ba7aff2c1a4292148515 (commit)
from 7823d374c6841eac48a7baf1f2955eb962b5305d (commit)
- Log -----------------------------------------------------------------
commit da7d7b372dc15d739df3ba7aff2c1a4292148515
Author: Richard Levitte
Date: Thu Feb 8 19:25:20 2018 +0100
run-checker: enhance README
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/8)
-----------------------------------------------------------------------
Summary of changes:
run-checker/README | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 88 insertions(+), 2 deletions(-)
diff --git a/run-checker/README b/run-checker/README
index cc589b6..b9540a0 100644
--- a/run-checker/README
+++ b/run-checker/README
@@ -1,2 +1,88 @@
-This tool is used to build various config options of openssl
-and generate okay/fail reports.
+This tool is used to build various predefined config options of
+openssl and generate okay/fail reports. The array of config options
+is found in run-checker.sh, assigned to 'opts'.
+
+Quick manual run
+----------------
+
+To run a check on the master branch:
+
+ git clone git://git.openssl.org/openssl.git openssl
+ /path/to/run-checker.sh
+
+To run a check on a release branch:
+
+ git clone -b OpenSSL_1_1_0-stable git://git.openssl.org/openssl.git openssl
+ /path/to/run-checker.sh
+
+
+Hooks
+-----
+
+run-checker supports a few hooks, in form of scripts that are
+executed:
+
+hook-prepare This script is run once, when run-checker is
+ starting. If it exits with a status other
+ than zero, run-checker.sh will stop. It gets
+ no arguments.
+
+hook-start This script is run before each option build.
+ If it exits with a status other than zero,
+ run-checker.sh will skip the current build.
+ It gets the following arguments:
+
+ $1 The build directory.
+ $2 The option being checked.
+ $3... Configure options and arguments.
+
+hook-end This script is run after each option build.
+ If gets the following arguments:
+
+ $1 The build directory.
+ $2 "pass" or "fail", depending on the
+ build result.
+
+hook-takedown This script is run once, just before
+ run-checker terminates. It gets no arguments.
+
+
+The hooks and documentation in run-checker-autohooks are an advanced
+example, and what the OpenSSL Team runs daily (automatically).
+
+
+Example hooks 1
+---------------
+
+The run-checker script uses disk space by leaving every build tree
+behind! It may be that you want to clear the build tree after each
+build. This little hook can help:
+
+hook-end:
+
+ #! /bin/sh
+ builddir="$1"
+ mv "$builddir"/build.log "$builddir".log && rm -rf "$builddir"
+
+Example hook 2
+--------------
+
+This is a variant of Example hook 1 that saves away the build dir into
+a tarball:
+
+hook-end:
+
+ #! /bin/sh
+ builddir="$1"
+ tar --remove-files -cJf "$builddir.tar.xz" "./$builddir"
+
+Example hook 3
+--------------
+
+You might want to avoid some builds, based on the options. For
+example, all the fuzz builds may require installations that you're not
+willing to do. hook-start is the perfect place for this:
+
+ #! /bin/sh
+ if [ echo "$2" | grep -E '.*fuzz.*' ]; then exit 1; fi
+ exit 0
From levitte at openssl.org Thu Feb 8 18:44:31 2018
From: levitte at openssl.org (Richard Levitte)
Date: Thu, 08 Feb 2018 18:44:31 +0000
Subject: [openssl-commits] [tools] master update
Message-ID: <1518115471.337930.17297.nullmailer@dev.openssl.org>
The branch master has been updated
via 9d9fdc1727e3ff90d25dbccb4c530312b897536f (commit)
via 7723f7c116e2024e727648fe369133b0fc8f70e5 (commit)
from da7d7b372dc15d739df3ba7aff2c1a4292148515 (commit)
- Log -----------------------------------------------------------------
commit 9d9fdc1727e3ff90d25dbccb4c530312b897536f
Author: Richard Levitte
Date: Thu Feb 8 19:39:21 2018 +0100
run-checker-autohooks: make some variables mandatory
REPORT_FROM and REPORT_RECIPIENT *must* be assigned something to
be useful. The defaults are removed, as they are internal for the
OpenSSL Team machinery
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/9)
commit 7723f7c116e2024e727648fe369133b0fc8f70e5
Author: Richard Levitte
Date: Thu Feb 8 19:37:59 2018 +0100
run-checker-autohooks: update README for accuracy
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/9)
-----------------------------------------------------------------------
Summary of changes:
run-checker/run-checker-autohooks/README | 14 ++++----
run-checker/run-checker-autohooks/hook-end | 56 ++++++++++++++++--------------
2 files changed, 36 insertions(+), 34 deletions(-)
diff --git a/run-checker/run-checker-autohooks/README b/run-checker/run-checker-autohooks/README
index a4039b7..87e4be4 100644
--- a/run-checker/run-checker-autohooks/README
+++ b/run-checker/run-checker-autohooks/README
@@ -9,11 +9,11 @@ repeatedly, for example as a cron job.
Example setup:
- $ git clone openssl-git at git.openssl.org:bureau.git bureau
+ $ git clone git://git.openssl.org/tools.git tools
$ mkdir ~/run-checker
$ cd ~/run-checker
- $ ln -s ../bureau/run-checker.sh \
- ../bureau/run-checker-autohooks/hook-{prepare,start,end,takedown} \
+ $ ln -s ../tools/run-checker/run-checker.sh \
+ ../tools/run-checker/run-checker-autohooks/hook-{prepare,start,end,takedown} \
.
$ git clone openssl-git at git.openssl.org:openssl.git openssl
@@ -30,13 +30,13 @@ In addition to the hooks, one can also have a shell script called
- REPORT_FROM
- The email address used in the report From: header. Defaults to
- 'OpenSSL run-checker '
+ The email address used in the report From: header. This MUST be
+ assigned a value or reports will not be posted.
- REPORT_RECIPIENT
- The email address reports will get sent to. Defaults to
- ''
+ The email address reports will get sent to. This MUST be assigned a
+ value or reports will not be posted.
- SKIP_OPTS
diff --git a/run-checker/run-checker-autohooks/hook-end b/run-checker/run-checker-autohooks/hook-end
index 70c51b9..c95051b 100755
--- a/run-checker/run-checker-autohooks/hook-end
+++ b/run-checker/run-checker-autohooks/hook-end
@@ -3,8 +3,8 @@
here=$(cd $(dirname $0); pwd)
rcd=$here/.run-checker-data
-REPORT_RECIPIENT=''
-REPORT_FROM='OpenSSL run-checker '
+REPORT_RECIPIENT=
+REPORT_FROM=
if [ -f $rcd/new/hook-config ]; then
. $rcd/new/hook-config
fi
@@ -38,47 +38,49 @@ if (
# If the build failed or the status changed since last time, report
if [ "$newstatus" == "fail" -o "$newstatus" != "$curstatus" ]; then
- (
- statusword=FAILED
- if [ "$newstatus" == "pass" ]; then
- statusword=SUCCESSFUL
- elif [ "$curstatus" == "fail" ]; then
- statusword="Still FAILED"
- fi
- echo "From: $REPORT_FROM"
- echo "To: $REPORT_RECIPIENT"
- echo "Subject: $statusword build of OpenSSL branch $gitbranch with options $expandedopts"
- cat <
An HTML attachment was scrubbed...
URL:
From no-reply at appveyor.com Thu Feb 8 22:03:54 2018
From: no-reply at appveyor.com (AppVeyor)
Date: Thu, 08 Feb 2018 22:03:54 +0000
Subject: [openssl-commits] Build completed: openssl master.15471
Message-ID: <20180208220354.1.74736A5055A448D0@appveyor.com>
An HTML attachment was scrubbed...
URL:
From openssl at openssl.org Fri Feb 9 00:17:46 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 09 Feb 2018 00:17:46 +0000
Subject: [openssl-commits] SUCCESSFUL build of OpenSSL branch master with
options -d --strict-warnings no-chacha
Message-ID: <1518135466.590919.23031.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-chacha
Commit log since last time:
71cff96 Fix no-chacha and no-poly1305
b53fdad util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
22626b9 With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
From openssl at openssl.org Fri Feb 9 01:15:52 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 09 Feb 2018 01:15:52 +0000
Subject: [openssl-commits] SUCCESSFUL build of OpenSSL branch master with
options -d --strict-warnings no-deprecated
Message-ID: <1518138952.149211.28487.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-deprecated
Commit log since last time:
71cff96 Fix no-chacha and no-poly1305
b53fdad util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
22626b9 With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
From matthias.st.pierre at ncp-e.com Fri Feb 9 08:50:02 2018
From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com)
Date: Fri, 09 Feb 2018 08:50:02 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518166202.702883.23529.nullmailer@dev.openssl.org>
The branch master has been updated
via b9ed9ab38e492fa070c3d7ed63233e3debc36528 (commit)
from 71cff963b4b3f8432e7fea4c94c138ca61b07d95 (commit)
- Log -----------------------------------------------------------------
commit b9ed9ab38e492fa070c3d7ed63233e3debc36528
Author: Dr. Matthias St. Pierre
Date: Fri Feb 9 08:52:56 2018 +0100
CRYPTO_THREAD_run_once.pod: fix typo and punktuation
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5293)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/CRYPTO_THREAD_run_once.pod | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/doc/man3/CRYPTO_THREAD_run_once.pod b/doc/man3/CRYPTO_THREAD_run_once.pod
index 734d2d8..e57ae83 100644
--- a/doc/man3/CRYPTO_THREAD_run_once.pod
+++ b/doc/man3/CRYPTO_THREAD_run_once.pod
@@ -67,7 +67,7 @@ CRYPTO_THREAD_unlock() unlocks the previously locked B.
=item *
-CRYPTO_THREAD_lock_frees() frees the provided B.
+CRYPTO_THREAD_lock_free() frees the provided B.
=item *
@@ -96,9 +96,9 @@ CRYPTO_THREAD_run_once() returns 1 on success, or 0 on error.
CRYPTO_THREAD_lock_new() returns the allocated lock, or NULL on error.
-CRYPTO_THREAD_lock_frees() returns no value.
+CRYPTO_THREAD_lock_free() returns no value.
-The other functions return 1 on success or 0 on error.
+The other functions return 1 on success, or 0 on error.
=head1 NOTES
From levitte at openssl.org Fri Feb 9 09:03:45 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 09 Feb 2018 09:03:45 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518167025.633657.25892.nullmailer@dev.openssl.org>
The branch master has been updated
via a6da6b73ca480cfa6fe8d0a882f4ff549d46fcff (commit)
from b9ed9ab38e492fa070c3d7ed63233e3debc36528 (commit)
- Log -----------------------------------------------------------------
commit a6da6b73ca480cfa6fe8d0a882f4ff549d46fcff
Author: Richard Levitte
Date: Fri Feb 9 09:12:47 2018 +0100
Revert ".travis.yml: remove osx from build matrix."
Recent changes seem to have gotten OS X back on track, so we should be
able to run our tests there again.
This reverts commit e12e903e9ac675d08f9dd0db1f0c1a2049232c21.
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5292)
-----------------------------------------------------------------------
Summary of changes:
.travis.yml | 1 +
1 file changed, 1 insertion(+)
diff --git a/.travis.yml b/.travis.yml
index cfc11b6..0586fb3 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -22,6 +22,7 @@ addons:
os:
- linux
+ - osx
compiler:
- clang
From levitte at openssl.org Fri Feb 9 09:06:50 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 09 Feb 2018 09:06:50 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518167210.038769.26855.nullmailer@dev.openssl.org>
The branch master has been updated
via fd87700995a65d54e78630f1f8f960e258a7977a (commit)
from a6da6b73ca480cfa6fe8d0a882f4ff549d46fcff (commit)
- Log -----------------------------------------------------------------
commit fd87700995a65d54e78630f1f8f960e258a7977a
Author: Richard Levitte
Date: Fri Feb 9 09:03:05 2018 +0100
Fix check of cpuid_asm_src config attribute
The contents of that attribute is C file names, not object file names.
This went undetected because quite a lot of systems have assembler
implementations anyway, so setting OPENSSL_CPUID_OBJ was correct for
them.
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5291)
-----------------------------------------------------------------------
Summary of changes:
Configure | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Configure b/Configure
index c90a66c..e3d8d70 100755
--- a/Configure
+++ b/Configure
@@ -1290,7 +1290,7 @@ if ($target{sys_id} ne "")
unless ($disabled{asm}) {
$target{cpuid_asm_src}=$table{DEFAULTS}->{cpuid_asm_src} if ($config{processor} eq "386");
- push @{$config{defines}}, "OPENSSL_CPUID_OBJ" if ($target{cpuid_asm_src} ne "mem_clr.o");
+ push @{$config{defines}}, "OPENSSL_CPUID_OBJ" if ($target{cpuid_asm_src} ne "mem_clr.c");
$target{bn_asm_src} =~ s/\w+-gf2m.c// if (defined($disabled{ec2m}));
From levitte at openssl.org Fri Feb 9 09:12:09 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 09 Feb 2018 09:12:09 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518167529.746307.27843.nullmailer@dev.openssl.org>
The branch master has been updated
via 4cd58771d8387c6bfbd0fd9936aaeb3ba63a6fe6 (commit)
from fd87700995a65d54e78630f1f8f960e258a7977a (commit)
- Log -----------------------------------------------------------------
commit 4cd58771d8387c6bfbd0fd9936aaeb3ba63a6fe6
Author: Pauli
Date: Thu Feb 8 11:04:30 2018 +1000
Fix glibc version detection.
Simplify Posix timer detection.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5279)
-----------------------------------------------------------------------
Summary of changes:
crypto/rand/rand_lib.c | 39 ++++++++++++++++++++++++++++++++++-----
1 file changed, 34 insertions(+), 5 deletions(-)
diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c
index 69c3c79..faec18d 100644
--- a/crypto/rand/rand_lib.c
+++ b/crypto/rand/rand_lib.c
@@ -25,6 +25,39 @@
/* Macro to convert two thirty two bit values into a sixty four bit one */
#define TWO32TO64(a, b) ((((uint64_t)(a)) << 32) + (b))
+/*
+ * Check for the existence and support of POSIX timers. The standard
+ * says that the _POSIX_TIMERS macro will have a positive value if they
+ * are available.
+ *
+ * However, we want an additional constraint: that the timer support does
+ * not require an extra library dependency. Early versions of glibc
+ * require -lrt to be specified on the link line to access the timers,
+ * so this needs to be checked for.
+ *
+ * It is worse because some libraries define __GLIBC__ but don't
+ * support the version testing macro (e.g. uClibc). This means
+ * an extra check is needed.
+ *
+ * The final condition is:
+ * "have posix timers and either not glibc or glibc without -lrt"
+ *
+ * The nested #if sequences are required to avoid using a parameterised
+ * macro that might be undefined.
+ */
+#undef OSSL_POSIX_TIMER_OKAY
+#if defined(_POSIX_TIMERS) && _POSIX_TIMERS > 0
+# if defined(__GLIBC__)
+# if defined(__GLIBC_PREREQ)
+# if __GLIBC_PREREQ(2, 17)
+# define OSSL_POSIX_TIMER_OKAY
+# endif
+# endif
+# else
+# define OSSL_POSIX_TIMER_OKAY
+# endif
+#endif
+
#ifndef OPENSSL_NO_ENGINE
/* non-NULL if default_RAND_meth is ENGINE-provided */
static ENGINE *funct_ref;
@@ -228,11 +261,7 @@ static uint64_t get_timer_bits(void)
}
#else
-# if defined(_POSIX_C_SOURCE) \
- && defined(_POSIX_TIMERS) \
- && _POSIX_C_SOURCE >= 199309L \
- && (!defined(__GLIBC__) \
- || (defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 17)))
+#if defined(OSSL_POSIX_TIMER_OKAY)
{
struct timespec ts;
clockid_t cid;
From osslsanity at gmail.com Fri Feb 9 09:19:36 2018
From: osslsanity at gmail.com (osslsanity at gmail.com)
Date: Fri, 9 Feb 2018 09:19:36 +0000 (UTC)
Subject: [openssl-commits] Jenkins build is back to normal : master_mips #377
In-Reply-To: <64333004.323.1518095903486.JavaMail.jenkins@ip-172-31-34-99>
References: <64333004.323.1518095903486.JavaMail.jenkins@ip-172-31-34-99>
Message-ID: <1986068287.325.1518167976139.JavaMail.jenkins@ip-172-31-34-99>
See
From levitte at openssl.org Fri Feb 9 09:32:11 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 09 Feb 2018 09:32:11 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518168731.771285.29791.nullmailer@dev.openssl.org>
The branch master has been updated
via 2e8b0ef8f4d4b5498f3ffd1fc9f24e52ede8555f (commit)
from 4cd58771d8387c6bfbd0fd9936aaeb3ba63a6fe6 (commit)
- Log -----------------------------------------------------------------
commit 2e8b0ef8f4d4b5498f3ffd1fc9f24e52ede8555f
Author: Richard Levitte
Date: Fri Feb 9 09:55:36 2018 +0100
VMS: take care of includes
Configurations/descrip.mms.tmpl didn't treat the includes config
attribute very well. In fact, it didn't treat it at all!
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5295)
-----------------------------------------------------------------------
Summary of changes:
Configurations/descrip.mms.tmpl | 43 +++++++++++++++++++++++++++++++----------
1 file changed, 33 insertions(+), 10 deletions(-)
diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
index bfeee77..2b2e4d0 100644
--- a/Configurations/descrip.mms.tmpl
+++ b/Configurations/descrip.mms.tmpl
@@ -175,9 +175,12 @@ CC= {- $config{cc} -}
DEFINES={- our $defines = join(",",
'__dummy', # To make comma processing easier
@{$config{defines}}) -}
+INCLUDES={- our $includes = join(',', @{$config{includes}}) -}
CPPFLAGS={- our $cppflags = join('', @{$config{cppflags}}) -}
-CPPFLAGS_Q={- $cppflags =~ s|"|""|g; $defines =~ s|"|""|g;
- $cppflags."/DEFINE($defines)" -}
+CPPFLAGS_Q={- (my $x = $cppflags) =~ s|"|""|g; $defines =~ s|"|""|g;
+ $x .= "/DEFINE=($defines)";
+ $x .= "/INCLUDE=($includes)" if $includes;
+ $x; -}
CFLAGS={- join('', @{$config{cflags}}) -}
LDFLAGS= {- join('', @{$config{lflags}}) -}
EX_LIBS= {- join('', map { ','.$_ } @{$config{ex_libs}}) -}
@@ -635,10 +638,8 @@ EOF
dso => '$(DSO_DEFINES)',
bin => '$(BIN_DEFINES)' } -> {$args{intent}};
$cflags .= '/DEFINE=('.$defines.')';
+ $cflags .= "/INCLUDE=('tmp_includes')";
- my $incs_on = "\@ !";
- my $incs_off = "\@ !";
- my $incs = "";
my @incs = ();
push @incs, @{$args{incs}} if @{$args{incs}};
unless ($disabled{zlib}) {
@@ -646,15 +647,37 @@ EOF
# incarnations.
push @incs, ($withargs{zlib_include} || 'GNV$ZLIB_INCLUDE:');
}
+ # We create a logical name TMP_INCLUDES: to hold the list of internal
+ # includes. However, we cannot use it directly, as logical names can't
+ # hold zero entries, so we also create a symbol with the same name and
+ # use that instead, see the '/INCLUDE=' assignment above. If there are
+ # no internal include directories, it will simply be the empty string,
+ # but if there are, it will be assigned "TMP_DEFINES:,"
+ my $xtraincludes = { lib => '$(LIB_INCLUDES)',
+ dso => '$(DSO_INCLUDES)',
+ bin => '$(BIN_INCLUDES)' } -> {$args{intent}};
+ my $incs_add =
+ 'IF tmp_add .NES. "" .AND. tmp_includes .NES. "" THEN tmp_includes = "," + tmp_includes'
+ ."\n\t".'tmp_includes = tmp_add + tmp_includes';
+ my $incs_on = 'tmp_includes := '
+ ."\n\t"."tmp_add := $xtraincludes"
+ ."\n\t".$incs_add
+ ."\n\t".'tmp_add := $(INCLUDES)'
+ ."\n\t".$incs_add;
+ my $incs_off = 'DELETE/SYMBOL/LOCAL tmp_includes'
+ ."\n\t".'DELETE/SYMBOL/LOCAL tmp_add';
if (@incs) {
$incs_on =
- "DEFINE tmp_includes "
+ 'DEFINE tmp_includes '
.join(",-\n\t\t\t", map {
file_name_is_absolute($_)
? $_ : catdir($backward,$_)
- } @incs);
- $incs_off = "DEASSIGN tmp_includes";
- $incs = " /INCLUDE=(tmp_includes:)";
+ } @incs)
+ ."\n\t".$incs_on
+ ."\n\t".'IF tmp_includes .NES. "" THEN tmp_includes = "," + tmp_includes'
+ ."\n\t".'tmp_includes = "tmp_includes:" + tmp_includes';
+ $incs_off .=
+ "\n\t".'DEASSIGN tmp_includes';
}
my $before = $unified_info{before}->{$obj.".OBJ"} || "\@ !";
my $after = $unified_info{after}->{$obj.".OBJ"} || "\@ !";
@@ -666,7 +689,7 @@ $obj.OBJ : $deps
${before}
SET DEFAULT $forward
$incs_on
- \$(CC) ${cflags}${incs}${depbuild} /OBJECT=${objd}${objn}.OBJ /REPOSITORY=$backward $srcs
+ \$(CC) ${cflags}${depbuild} /OBJECT=${objd}${objn}.OBJ /REPOSITORY=$backward $srcs
$incs_off
SET DEFAULT $backward
${after}
From openssl at openssl.org Fri Feb 9 09:32:56 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 09 Feb 2018 09:32:56 +0000
Subject: [openssl-commits] Still FAILED build of OpenSSL branch master with
options -d --strict-warnings no-nextprotoneg
Message-ID: <1518168776.609406.24173.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-nextprotoneg
Commit log since last time:
71cff96 Fix no-chacha and no-poly1305
b53fdad util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
22626b9 With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
Build log ended with (last 100 lines):
../../openssl/test/recipes/03-test_internal_asn1.t ............ ok
../../openssl/test/recipes/03-test_internal_chacha.t .......... ok
../../openssl/test/recipes/03-test_internal_mdc2.t ............ ok
../../openssl/test/recipes/03-test_internal_modes.t ........... ok
../../openssl/test/recipes/03-test_internal_poly1305.t ........ ok
../../openssl/test/recipes/03-test_internal_siphash.t ......... ok
../../openssl/test/recipes/03-test_internal_sm4.t ............. ok
../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok
../../openssl/test/recipes/03-test_internal_x509.t ............ ok
../../openssl/test/recipes/03-test_ui.t ....................... ok
../../openssl/test/recipes/04-test_asn1_encode.t .............. ok
../../openssl/test/recipes/04-test_asn1_string_table.t ........ ok
../../openssl/test/recipes/04-test_bioprint.t ................. ok
../../openssl/test/recipes/04-test_pem.t ...................... ok
../../openssl/test/recipes/05-test_bf.t ....................... ok
../../openssl/test/recipes/05-test_cast.t ..................... ok
../../openssl/test/recipes/05-test_des.t ...................... ok
../../openssl/test/recipes/05-test_hmac.t ..................... ok
../../openssl/test/recipes/05-test_idea.t ..................... ok
../../openssl/test/recipes/05-test_md2.t ...................... skipped: md2 is not supported by this OpenSSL build
../../openssl/test/recipes/05-test_mdc2.t ..................... ok
../../openssl/test/recipes/05-test_rand.t ..................... ok
../../openssl/test/recipes/05-test_rc2.t ...................... ok
../../openssl/test/recipes/05-test_rc4.t ...................... ok
../../openssl/test/recipes/05-test_rc5.t ...................... skipped: rc5 is not supported by this OpenSSL build
../../openssl/test/recipes/10-test_bn.t ....................... ok
../../openssl/test/recipes/10-test_exp.t ...................... ok
../../openssl/test/recipes/15-test_dh.t ....................... ok
../../openssl/test/recipes/15-test_dsa.t ...................... ok
../../openssl/test/recipes/15-test_ec.t ....................... ok
../../openssl/test/recipes/15-test_ecdsa.t .................... ok
../../openssl/test/recipes/15-test_ecparam.t .................. ok
../../openssl/test/recipes/15-test_genrsa.t ................... ok
../../openssl/test/recipes/15-test_mp_rsa.t ................... ok
../../openssl/test/recipes/15-test_rsa.t ...................... ok
../../openssl/test/recipes/15-test_rsapss.t ................... ok
../../openssl/test/recipes/20-test_enc.t ...................... ok
../../openssl/test/recipes/20-test_enc_more.t ................. ok
../../openssl/test/recipes/20-test_passwd.t ................... ok
../../openssl/test/recipes/25-test_crl.t ...................... ok
../../openssl/test/recipes/25-test_d2i.t ...................... ok
../../openssl/test/recipes/25-test_pkcs7.t .................... ok
../../openssl/test/recipes/25-test_req.t ...................... ok
../../openssl/test/recipes/25-test_sid.t ...................... ok
../../openssl/test/recipes/25-test_verify.t ................... ok
../../openssl/test/recipes/25-test_x509.t ..................... ok
../../openssl/test/recipes/30-test_afalg.t .................... ok
../../openssl/test/recipes/30-test_engine.t ................... ok
../../openssl/test/recipes/30-test_evp.t ...................... ok
../../openssl/test/recipes/30-test_evp_extra.t ................ ok
../../openssl/test/recipes/30-test_pbelu.t .................... ok
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t ..................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t .............. ok
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................
Dubious, test returned 6 (wstat 1536, 0x600)
Failed 6/22 subtests
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_renegotiation.t ............ ok
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ ok
../../openssl/test/recipes/70-test_sslcertstatus.t ............ ok
../../openssl/test/recipes/70-test_sslextension.t ............. ok
../../openssl/test/recipes/70-test_sslmessages.t .............. ok
../../openssl/test/recipes/70-test_sslrecords.t ...............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/18 subtests
../../openssl/test/recipes/70-test_sslsessiontick.t ........... ok
../../openssl/test/recipes/70-test_sslsigalgs.t ...............
Dubious, test returned 4 (wstat 1024, 0x400)
Failed 4/21 subtests
../../openssl/test/recipes/70-test_sslsignature.t .............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/4 subtests
../../openssl/test/recipes/70-test_sslskewith0p.t ............. ok
../../openssl/test/recipes/70-test_sslversions.t ..............
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/7 subtests
../../openssl/test/recipes/70-test_sslvertol.t ................ ok
../../openssl/test/recipes/70-test_tls13cookie.t ..............
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/2 subtests
../../openssl/test/recipes/70-test_tls13downgrade.t ........... skipped: test_tls13downgrade not run in pre TLSv1.3 RFC implementation
../../openssl/test/recipes/70-test_tls13hrr.t ................. ok
make[1]: *** wait: No child processes. Stop.
make[1]: *** Waiting for unfinished jobs....
make[1]: *** wait: No child processes. Stop.
From builds at travis-ci.org Fri Feb 9 09:43:53 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 09:43:53 +0000
Subject: [openssl-commits] Broken: openssl/openssl#16189 (master - a6da6b7)
In-Reply-To:
Message-ID: <5a7d6dbfb698b_43fc56637b9083864d8@6d40c516-40fe-402c-a43b-6e583071f2f2.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16189
Status: Broken
Duration: 37 minutes and 31 seconds
Commit: a6da6b7 (master)
Author: Richard Levitte
Message: Revert ".travis.yml: remove osx from build matrix."
Recent changes seem to have gotten OS X back on track, so we should be
able to run our tests there again.
This reverts commit e12e903e9ac675d08f9dd0db1f0c1a2049232c21.
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5292)
View the changeset: https://github.com/openssl/openssl/compare/b9ed9ab38e49...a6da6b73ca48
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339365594?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From openssl at openssl.org Fri Feb 9 10:08:12 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 09 Feb 2018 10:08:12 +0000
Subject: [openssl-commits] SUCCESSFUL build of OpenSSL branch master with
options -d --strict-warnings no-poly1305
Message-ID: <1518170892.902919.3909.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-poly1305
Commit log since last time:
71cff96 Fix no-chacha and no-poly1305
b53fdad util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
22626b9 With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
From builds at travis-ci.org Fri Feb 9 09:55:26 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 09:55:26 +0000
Subject: [openssl-commits] Broken: openssl/openssl#16190 (master - fd87700)
In-Reply-To:
Message-ID: <5a7d700e34dc5_43f9e7d53df6c69314c@f0ddcd00-8376-4938-bd0e-d7bf1c278eb1.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16190
Status: Broken
Duration: 37 minutes and 57 seconds
Commit: fd87700 (master)
Author: Richard Levitte
Message: Fix check of cpuid_asm_src config attribute
The contents of that attribute is C file names, not object file names.
This went undetected because quite a lot of systems have assembler
implementations anyway, so setting OPENSSL_CPUID_OBJ was correct for
them.
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5291)
View the changeset: https://github.com/openssl/openssl/compare/a6da6b73ca48...fd87700995a6
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339366809?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Fri Feb 9 10:16:40 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 10:16:40 +0000
Subject: [openssl-commits] Broken: openssl/openssl#16191 (master - 4cd5877)
In-Reply-To:
Message-ID: <5a7d74ec7aa68_43f9eba1bd6847237e5@f0ddcd00-8376-4938-bd0e-d7bf1c278eb1.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16191
Status: Broken
Duration: 42 minutes and 1 second
Commit: 4cd5877 (master)
Author: Pauli
Message: Fix glibc version detection.
Simplify Posix timer detection.
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5279)
View the changeset: https://github.com/openssl/openssl/compare/fd87700995a6...4cd58771d838
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339368727?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From builds at travis-ci.org Fri Feb 9 10:30:52 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 10:30:52 +0000
Subject: [openssl-commits] Broken: openssl/openssl#16192 (master - 2e8b0ef)
In-Reply-To:
Message-ID: <5a7d785c269a9_43fe5c0529af06014bb@ff28422c-dfe0-47cc-bb4b-8ee261a4ff5c.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16192
Status: Broken
Duration: 39 minutes and 23 seconds
Commit: 2e8b0ef (master)
Author: Richard Levitte
Message: VMS: take care of includes
Configurations/descrip.mms.tmpl didn't treat the includes config
attribute very well. In fact, it didn't treat it at all!
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5295)
View the changeset: https://github.com/openssl/openssl/compare/4cd58771d838...2e8b0ef8f4d4
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339374656?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From rsalz at openssl.org Fri Feb 9 12:05:13 2018
From: rsalz at openssl.org (Rich Salz)
Date: Fri, 09 Feb 2018 12:05:13 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518177913.455991.10673.nullmailer@dev.openssl.org>
The branch master has been updated
via a699b8e4ca106a1aade0cc741eca63a61d44b90f (commit)
from 2e8b0ef8f4d4b5498f3ffd1fc9f24e52ede8555f (commit)
- Log -----------------------------------------------------------------
commit a699b8e4ca106a1aade0cc741eca63a61d44b90f
Author: FdaSilvaYY
Date: Thu Feb 8 18:47:30 2018 -0500
Small simplification in mkerr.pl
As suggested in https://github.com/openssl/openssl/pull/5275
Reviewed-by: Richard Levitte
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5288)
-----------------------------------------------------------------------
Summary of changes:
crypto/ocsp/ocsp_err.c | 5 +++--
include/internal/dsoerr.h | 5 +----
include/openssl/asn1err.h | 7 ++-----
include/openssl/asyncerr.h | 7 ++-----
include/openssl/bioerr.h | 7 ++-----
include/openssl/bnerr.h | 7 ++-----
include/openssl/buffererr.h | 7 ++-----
include/openssl/cmserr.h | 5 +----
include/openssl/comperr.h | 5 +----
include/openssl/conferr.h | 7 ++-----
include/openssl/cryptoerr.h | 7 ++-----
include/openssl/cterr.h | 5 +----
include/openssl/dherr.h | 5 +----
include/openssl/dsaerr.h | 5 +----
include/openssl/ecerr.h | 5 +----
include/openssl/engineerr.h | 5 +----
include/openssl/evperr.h | 5 +----
include/openssl/kdferr.h | 7 ++-----
include/openssl/objectserr.h | 7 ++-----
include/openssl/ocsperr.h | 5 +----
include/openssl/pemerr.h | 7 ++-----
include/openssl/pkcs12err.h | 7 ++-----
include/openssl/pkcs7err.h | 7 ++-----
include/openssl/randerr.h | 5 +----
include/openssl/rsaerr.h | 7 ++-----
include/openssl/sslerr.h | 5 +----
include/openssl/storeerr.h | 7 ++-----
include/openssl/tserr.h | 5 +----
include/openssl/uierr.h | 7 ++-----
include/openssl/x509err.h | 7 ++-----
include/openssl/x509v3err.h | 7 ++-----
util/mkerr.pl | 5 +----
32 files changed, 51 insertions(+), 143 deletions(-)
diff --git a/crypto/ocsp/ocsp_err.c b/crypto/ocsp/ocsp_err.c
index a97177e..660e193 100644
--- a/crypto/ocsp/ocsp_err.c
+++ b/crypto/ocsp/ocsp_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -18,7 +18,8 @@ static const ERR_STRING_DATA OCSP_str_functs[] = {
{ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_ADD1_STATUS, 0),
"OCSP_basic_add1_status"},
{ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_SIGN, 0), "OCSP_basic_sign"},
- {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_SIGN_CTX, 0), "OCSP_basic_sign_ctx"},
+ {ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_SIGN_CTX, 0),
+ "OCSP_basic_sign_ctx"},
{ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_BASIC_VERIFY, 0), "OCSP_basic_verify"},
{ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CERT_ID_NEW, 0), "OCSP_cert_id_new"},
{ERR_PACK(ERR_LIB_OCSP, OCSP_F_OCSP_CHECK_DELEGATED, 0),
diff --git a/include/internal/dsoerr.h b/include/internal/dsoerr.h
index 7017990..a54a185 100644
--- a/include/internal/dsoerr.h
+++ b/include/internal/dsoerr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_DSO
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_DSO_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* DSO function codes.
diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h
index c02bb0f..7da927f 100644
--- a/include/openssl/asn1err.h
+++ b/include/openssl/asn1err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_ASN1ERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_ASN1_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* ASN1 function codes.
diff --git a/include/openssl/asyncerr.h b/include/openssl/asyncerr.h
index a9bb86e..5fcddaf 100644
--- a/include/openssl/asyncerr.h
+++ b/include/openssl/asyncerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_ASYNCERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_ASYNC_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* ASYNC function codes.
diff --git a/include/openssl/bioerr.h b/include/openssl/bioerr.h
index 2510230..b0dee2b 100644
--- a/include/openssl/bioerr.h
+++ b/include/openssl/bioerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_BIOERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_BIO_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* BIO function codes.
diff --git a/include/openssl/bnerr.h b/include/openssl/bnerr.h
index b63af9d..c9a21c7 100644
--- a/include/openssl/bnerr.h
+++ b/include/openssl/bnerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_BNERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_BN_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* BN function codes.
diff --git a/include/openssl/buffererr.h b/include/openssl/buffererr.h
index 9007586..3aee132 100644
--- a/include/openssl/buffererr.h
+++ b/include/openssl/buffererr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_BUFERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_BUF_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* BUF function codes.
diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h
index 7cb2242..7b9daed 100644
--- a/include/openssl/cmserr.h
+++ b/include/openssl/cmserr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_CMS
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_CMS_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* CMS function codes.
diff --git a/include/openssl/comperr.h b/include/openssl/comperr.h
index 96a4ce6..5a1c8df 100644
--- a/include/openssl/comperr.h
+++ b/include/openssl/comperr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_COMP
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_COMP_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* COMP function codes.
diff --git a/include/openssl/conferr.h b/include/openssl/conferr.h
index 4348e62..d623cea 100644
--- a/include/openssl/conferr.h
+++ b/include/openssl/conferr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_CONFERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_CONF_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* CONF function codes.
diff --git a/include/openssl/cryptoerr.h b/include/openssl/cryptoerr.h
index 98fc278..12684ea 100644
--- a/include/openssl/cryptoerr.h
+++ b/include/openssl/cryptoerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_CRYPTOERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_CRYPTO_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* CRYPTO function codes.
diff --git a/include/openssl/cterr.h b/include/openssl/cterr.h
index 7f0a7d8..764e1a2 100644
--- a/include/openssl/cterr.h
+++ b/include/openssl/cterr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_CT
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_CT_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* CT function codes.
diff --git a/include/openssl/dherr.h b/include/openssl/dherr.h
index f225cc3..0a071b6 100644
--- a/include/openssl/dherr.h
+++ b/include/openssl/dherr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_DH
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_DH_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* DH function codes.
diff --git a/include/openssl/dsaerr.h b/include/openssl/dsaerr.h
index d54642f..a5248ab 100644
--- a/include/openssl/dsaerr.h
+++ b/include/openssl/dsaerr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_DSA
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_DSA_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* DSA function codes.
diff --git a/include/openssl/ecerr.h b/include/openssl/ecerr.h
index 6dc16c0..289cd8c 100644
--- a/include/openssl/ecerr.h
+++ b/include/openssl/ecerr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_EC
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_EC_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* EC function codes.
diff --git a/include/openssl/engineerr.h b/include/openssl/engineerr.h
index f6025f6..64efc2f 100644
--- a/include/openssl/engineerr.h
+++ b/include/openssl/engineerr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_ENGINE
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_ENGINE_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* ENGINE function codes.
diff --git a/include/openssl/evperr.h b/include/openssl/evperr.h
index ff46657..45e9fcf 100644
--- a/include/openssl/evperr.h
+++ b/include/openssl/evperr.h
@@ -12,12 +12,9 @@
# define HEADER_EVPERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_EVP_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* EVP function codes.
diff --git a/include/openssl/kdferr.h b/include/openssl/kdferr.h
index 8f045f0..ea30fb9 100644
--- a/include/openssl/kdferr.h
+++ b/include/openssl/kdferr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_KDFERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_KDF_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* KDF function codes.
diff --git a/include/openssl/objectserr.h b/include/openssl/objectserr.h
index a6051c8..4f3156e 100644
--- a/include/openssl/objectserr.h
+++ b/include/openssl/objectserr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_OBJERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_OBJ_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* OBJ function codes.
diff --git a/include/openssl/ocsperr.h b/include/openssl/ocsperr.h
index f78f232..7d93b12 100644
--- a/include/openssl/ocsperr.h
+++ b/include/openssl/ocsperr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_OCSP
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_OCSP_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* OCSP function codes.
diff --git a/include/openssl/pemerr.h b/include/openssl/pemerr.h
index 12eb5cb..d0b8a9c 100644
--- a/include/openssl/pemerr.h
+++ b/include/openssl/pemerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_PEMERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_PEM_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* PEM function codes.
diff --git a/include/openssl/pkcs12err.h b/include/openssl/pkcs12err.h
index 6bbd232..ba82043 100644
--- a/include/openssl/pkcs12err.h
+++ b/include/openssl/pkcs12err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_PKCS12ERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_PKCS12_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* PKCS12 function codes.
diff --git a/include/openssl/pkcs7err.h b/include/openssl/pkcs7err.h
index 5e5f708..0ba418d 100644
--- a/include/openssl/pkcs7err.h
+++ b/include/openssl/pkcs7err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_PKCS7ERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_PKCS7_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* PKCS7 function codes.
diff --git a/include/openssl/randerr.h b/include/openssl/randerr.h
index 50c1a38..ae5a2ea 100644
--- a/include/openssl/randerr.h
+++ b/include/openssl/randerr.h
@@ -12,12 +12,9 @@
# define HEADER_RANDERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_RAND_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* RAND function codes.
diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h
index 94bfd93..c1b826a 100644
--- a/include/openssl/rsaerr.h
+++ b/include/openssl/rsaerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_RSAERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_RSA_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* RSA function codes.
diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h
index a84a62d..1a02268 100644
--- a/include/openssl/sslerr.h
+++ b/include/openssl/sslerr.h
@@ -12,12 +12,9 @@
# define HEADER_SSLERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_SSL_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* SSL function codes.
diff --git a/include/openssl/storeerr.h b/include/openssl/storeerr.h
index cffe8de..5476d00 100644
--- a/include/openssl/storeerr.h
+++ b/include/openssl/storeerr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_OSSL_STOREERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_OSSL_STORE_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* OSSL_STORE function codes.
diff --git a/include/openssl/tserr.h b/include/openssl/tserr.h
index 01ebfef..3e04925 100644
--- a/include/openssl/tserr.h
+++ b/include/openssl/tserr.h
@@ -16,12 +16,9 @@
# ifndef OPENSSL_NO_TS
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_TS_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* TS function codes.
diff --git a/include/openssl/uierr.h b/include/openssl/uierr.h
index f7c77f2..3e4b297 100644
--- a/include/openssl/uierr.h
+++ b/include/openssl/uierr.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_UIERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_UI_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* UI function codes.
diff --git a/include/openssl/x509err.h b/include/openssl/x509err.h
index 4b57c3d..08692a5 100644
--- a/include/openssl/x509err.h
+++ b/include/openssl/x509err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_X509ERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_X509_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* X509 function codes.
diff --git a/include/openssl/x509v3err.h b/include/openssl/x509v3err.h
index 5349d9d..e8308ef 100644
--- a/include/openssl/x509v3err.h
+++ b/include/openssl/x509v3err.h
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -12,12 +12,9 @@
# define HEADER_X509V3ERR_H
# ifdef __cplusplus
-extern "C" {
+extern "C"
# endif
int ERR_load_X509V3_strings(void);
-# ifdef __cplusplus
-}
-# endif
/*
* X509V3 function codes.
diff --git a/util/mkerr.pl b/util/mkerr.pl
index 1740e40..0ea0296 100755
--- a/util/mkerr.pl
+++ b/util/mkerr.pl
@@ -471,12 +471,9 @@ EOF
}
print OUT <<"EOF";
#${indent}ifdef __cplusplus
-extern \"C\" {
+extern \"C\"
#${indent}endif
int ERR_load_${lib}_strings(void);
-#${indent}ifdef __cplusplus
-}
-#${indent}endif
EOF
} else {
print OUT <<"EOF";
From builds at travis-ci.org Fri Feb 9 12:37:15 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 12:37:15 +0000
Subject: [openssl-commits] Still Failing: openssl/openssl#16200 (master -
a699b8e)
In-Reply-To:
Message-ID: <5a7d968dbc2fc_43f9e98599b58924127@f0ddcd00-8376-4938-bd0e-d7bf1c278eb1.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16200
Status: Still Failing
Duration: 33 minutes and 29 seconds
Commit: a699b8e (master)
Author: FdaSilvaYY
Message: Small simplification in mkerr.pl
As suggested in https://github.com/openssl/openssl/pull/5275
Reviewed-by: Richard Levitte
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5288)
View the changeset: https://github.com/openssl/openssl/compare/2e8b0ef8f4d4...a699b8e4ca10
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339425247?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Fri Feb 9 13:06:57 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 09 Feb 2018 13:06:57 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518181617.629081.15968.nullmailer@dev.openssl.org>
The branch master has been updated
via f3ac964ba431c91b3a8b47f2ad2e82ee52fcc5ff (commit)
from a699b8e4ca106a1aade0cc741eca63a61d44b90f (commit)
- Log -----------------------------------------------------------------
commit f3ac964ba431c91b3a8b47f2ad2e82ee52fcc5ff
Author: Richard Levitte
Date: Fri Feb 9 13:45:58 2018 +0100
Turn off printf format checking for BIO_printf et al on Mac OS/X
Mac OS/X has a type for %j that doesn't agree with how we define it,
which gives incorrect warnings. The easiest way out of that situation
is simply to turn off that check on Mac OS/X.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5302)
-----------------------------------------------------------------------
Summary of changes:
include/openssl/bio.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index 54a833c..d8d8ac4 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -735,7 +735,8 @@ void BIO_copy_next_retry(BIO *b);
*/
# define __bio_h__attr__(x)
-# if defined(__GNUC__) && defined(__STDC_VERSION__)
+# if defined(__GNUC__) && defined(__STDC_VERSION__) \
+ && !defined(__APPLE__)
/*
* Because we support the 'z' modifier, which made its appearance in C99,
* we can't use __attribute__ with pre C99 dialects.
From levitte at openssl.org Fri Feb 9 13:28:07 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 09 Feb 2018 13:28:07 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518182887.583377.19307.nullmailer@dev.openssl.org>
The branch master has been updated
via 368297d17352c7eb30efff443509caf7cf59f65f (commit)
from f3ac964ba431c91b3a8b47f2ad2e82ee52fcc5ff (commit)
- Log -----------------------------------------------------------------
commit 368297d17352c7eb30efff443509caf7cf59f65f
Author: Richard Levitte
Date: Thu Feb 8 23:26:22 2018 +0100
Configuration: move the handling of zlib_include to config files
It was a bit absurd to have this being specially handled in the build
file templates, especially that we have the 'includes' attribute.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5296)
-----------------------------------------------------------------------
Summary of changes:
Configurations/00-base-templates.conf | 18 ++++++++++++++++++
Configurations/10-main.conf | 11 ++++++-----
Configurations/descrip.mms.tmpl | 11 ++---------
Configurations/unix-Makefile.tmpl | 5 -----
Configurations/windows-makefile.tmpl | 5 -----
5 files changed, 26 insertions(+), 24 deletions(-)
diff --git a/Configurations/00-base-templates.conf b/Configurations/00-base-templates.conf
index 0d0f8b8..951aeaa 100644
--- a/Configurations/00-base-templates.conf
+++ b/Configurations/00-base-templates.conf
@@ -7,6 +7,7 @@ my %targets=(
cppflags => "",
lflags => "",
defines => [],
+ includes => [],
thread_scheme => "(unknown)", # Assume we don't know
thread_defines => [],
@@ -70,6 +71,13 @@ my %targets=(
push @defs, "ZLIB_SHARED" unless $disabled{"zlib-dynamic"};
return [ @defs ];
},
+ includes =>
+ sub {
+ my @incs = ();
+ push @incs, $withargs{zlib_include}
+ if !$disabled{zlib} && $withargs{zlib_include};
+ return [ @incs ];
+ },
},
BASE_unix => {
@@ -129,6 +137,16 @@ my %targets=(
inherit_from => [ "BASE_common" ],
template => 1,
+ includes =>
+ add(sub {
+ my @incs = ();
+ # GNV$ZLIB_INCLUDE is the standard logical name for later
+ # zlib incarnations.
+ push @incs, 'GNV$ZLIB_INCLUDE:'
+ if !$disabled{zlib} && !$withargs{zlib_include};
+ return [ @incs ];
+ }),
+
build_file => "descrip.mms",
build_scheme => [ "unified", "VMS" ],
},
diff --git a/Configurations/10-main.conf b/Configurations/10-main.conf
index 70b0104..b17a780 100644
--- a/Configurations/10-main.conf
+++ b/Configurations/10-main.conf
@@ -580,7 +580,7 @@ my %targets = (
cc => "gcc",
cflags => "-O3",
cppflags => "-D_ENDIAN -DBN_DIV2W -D_POSIX_SOURCE -D_SOCKET_SOURCE",
- includes => [ "/SYSLOG/PUB" ],
+ includes => add("/SYSLOG/PUB"),
sys_id => "MPE",
lflags => add("-L/SYSLOG/PUB"),
ex_libs => add("-lsyslog -lsocket -lcurses"),
@@ -1444,10 +1444,11 @@ my %targets = (
"NO_CHMOD", "OPENSSL_SMALL_FOOTPRINT" ],
debug => [ "DEBUG", "_DEBUG" ]),
includes =>
- combine(sub { defined(env('WCECOMPAT'))
- ? '$(WCECOMPAT)/include' : (); },
- sub { defined(env('PORTSDK_LIBPATH'))
- ? '$(PORTSDK_LIBPATH)/../../include' : (); }),
+ add(combine(sub { defined(env('WCECOMPAT'))
+ ? '$(WCECOMPAT)/include' : (); },
+ sub { defined(env('PORTSDK_LIBPATH'))
+ ? '$(PORTSDK_LIBPATH)/../../include'
+ : (); })),
lflags => add(combine("/nologo /opt:ref",
sub { vc_wince_info()->{lflags}; },
sub { defined(env('PORTSDK_LIBPATH'))
diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl
index 2b2e4d0..e3b1700 100644
--- a/Configurations/descrip.mms.tmpl
+++ b/Configurations/descrip.mms.tmpl
@@ -640,13 +640,6 @@ EOF
$cflags .= '/DEFINE=('.$defines.')';
$cflags .= "/INCLUDE=('tmp_includes')";
- my @incs = ();
- push @incs, @{$args{incs}} if @{$args{incs}};
- unless ($disabled{zlib}) {
- # GNV$ZLIB_INCLUDE is the standard logical name for later zlib
- # incarnations.
- push @incs, ($withargs{zlib_include} || 'GNV$ZLIB_INCLUDE:');
- }
# We create a logical name TMP_INCLUDES: to hold the list of internal
# includes. However, we cannot use it directly, as logical names can't
# hold zero entries, so we also create a symbol with the same name and
@@ -666,13 +659,13 @@ EOF
."\n\t".$incs_add;
my $incs_off = 'DELETE/SYMBOL/LOCAL tmp_includes'
."\n\t".'DELETE/SYMBOL/LOCAL tmp_add';
- if (@incs) {
+ if (@{$args{incs}}) {
$incs_on =
'DEFINE tmp_includes '
.join(",-\n\t\t\t", map {
file_name_is_absolute($_)
? $_ : catdir($backward,$_)
- } @incs)
+ } @{$args{incs}})
."\n\t".$incs_on
."\n\t".'IF tmp_includes .NES. "" THEN tmp_includes = "," + tmp_includes'
."\n\t".'tmp_includes = "tmp_includes:" + tmp_includes';
diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index 9e05fd1..3c80fec 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -891,11 +891,6 @@ EOF
my $srcs = join(" ", @srcs);
my $deps = join(" ", @srcs, @{$args{deps}});
my $incs = join("", map { " -I".$_ } @{$args{incs}});
- unless ($disabled{zlib}) {
- if ($withargs{zlib_include}) {
- $incs .= " -I".$withargs{zlib_include};
- }
- }
my $cmd = '$(CC)';
my $cmdflags = '$(CFLAGS)';
my $cmdcompile = ' -c';
diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl
index 0abe6ea..86bc086 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -466,11 +466,6 @@ EOF
my $srcs = '"'.join('" "', @srcs).'"';
my $deps = '"'.join('" "', @srcs, @{$args{deps}}).'"';
my $incs = join("", map { ' /I "'.$_.'"' } @{$args{incs}});
- unless ($disabled{zlib}) {
- if ($withargs{zlib_include}) {
- $incs .= ' /I "'.$withargs{zlib_include}.'"';
- }
- }
my $cflags = '$(CFLAGS)';
$cflags .= { lib => ' $(LIB_CFLAGS)',
dso => ' $(DSO_CFLAGS)',
From builds at travis-ci.org Fri Feb 9 13:42:32 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 13:42:32 +0000
Subject: [openssl-commits] Fixed: openssl/openssl#16205 (master - f3ac964)
In-Reply-To:
Message-ID: <5a7da548a6466_43fc59aefdc70655298@6d40c516-40fe-402c-a43b-6e583071f2f2.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16205
Status: Fixed
Duration: 34 minutes and 49 seconds
Commit: f3ac964 (master)
Author: Richard Levitte
Message: Turn off printf format checking for BIO_printf et al on Mac OS/X
Mac OS/X has a type for %j that doesn't agree with how we define it,
which gives incorrect warnings. The easiest way out of that situation
is simply to turn off that check on Mac OS/X.
Reviewed-by: Matt Caswell
(Merged from https://github.com/openssl/openssl/pull/5302)
View the changeset: https://github.com/openssl/openssl/compare/a699b8e4ca10...f3ac964ba431
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339446605?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From openssl at openssl.org Fri Feb 9 14:16:29 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 09 Feb 2018 14:16:29 +0000
Subject: [openssl-commits] Still FAILED build of OpenSSL branch master with
options -d --strict-warnings 386
Message-ID: <1518185789.958423.10740.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings 386
Commit log since last time:
71cff96 Fix no-chacha and no-poly1305
b53fdad util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
22626b9 With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
Build log ended with (last 100 lines):
-ldl -pthread
ar: creating libcrypto.a
ranlib libcrypto.a || echo Never mind.
rm -f test/asn1_internal_test
rm -f test/chacha_internal_test
${LDCMD:-clang} -Wall -O0 -g -pthread -m64 -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -Wno-unknown-warning-option -L. \
-o test/chacha_internal_test test/chacha_internal_test.o \
test/libtestutil.a libcrypto.a -ldl -pthread
${LDCMD:-clang} -Wall -O0 -g -pthread -m64 -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -Wno-unknown-warning-option -L. \
-o test/asn1_internal_test test/asn1_internal_test.o \
test/libtestutil.a libcrypto.a -ldl -pthread
rm -f test/ctype_internal_test
${LDCMD:-clang} -Wall -O0 -g -pthread -m64 -Wextra -Qunused-arguments -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -Wno-unknown-warning-option -L. \
-o test/ctype_internal_test test/ctype_internal_test.o \
test/libtestutil.a libcrypto.a -ldl -pthread
libcrypto.a(init.o): In function `ossl_init_base':
/home/openssl/run-checker/386/../openssl/crypto/init.c:89: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(rand_lib.o): In function `get_timer_bits':
/home/openssl/run-checker/386/../openssl/crypto/rand/rand_lib.c:206: undefined reference to `OPENSSL_rdtsc'
libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_all.c:16: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(eng_rdrand.o): In function `get_random_bytes':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:30: undefined reference to `OPENSSL_ia32_rdrand'
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:38: undefined reference to `OPENSSL_ia32_rdrand'
libcrypto.a(e_aes.o): In function `aes_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:2906: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3458: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3393: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:428: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:713: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o):/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:648: more undefined references to `CRYPTO_memcmp' follow
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Makefile:8695: recipe for target 'test/chacha_internal_test' failed
make[1]: *** [test/chacha_internal_test] Error 1
make[1]: *** Waiting for unfinished jobs....
libcrypto.a(ecx_meth.o): In function `ecx_pub_cmp':
/home/openssl/run-checker/386/../openssl/crypto/ec/ecx_meth.c:143: undefined reference to `CRYPTO_memcmp'
libcrypto.a(init.o): In function `ossl_init_base':
/home/openssl/run-checker/386/../openssl/crypto/init.c:89: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(rand_lib.o): In function `get_timer_bits':
/home/openssl/run-checker/386/../openssl/crypto/rand/rand_lib.c:206: undefined reference to `OPENSSL_rdtsc'
libcrypto.a(curve25519.o): In function `ED25519_verify':
/home/openssl/run-checker/386/../openssl/crypto/ec/curve25519.c:5149: undefined reference to `CRYPTO_memcmp'
libcrypto.a(curve25519.o): In function `X25519':
/home/openssl/run-checker/386/../openssl/crypto/ec/curve25519.c:5174: undefined reference to `CRYPTO_memcmp'
libcrypto.a(curve25519.o): In function `fe_isnonzero':
/home/openssl/run-checker/386/../openssl/crypto/ec/curve25519.c:1235: undefined reference to `CRYPTO_memcmp'
libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_all.c:16: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(eng_rdrand.o): In function `get_random_bytes':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:30: undefined reference to `OPENSSL_ia32_rdrand'
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:38: undefined reference to `OPENSSL_ia32_rdrand'
libcrypto.a(e_aes.o): In function `aes_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:2906: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3458: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3393: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:428: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:713: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o):/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:648: more undefined references to `CRYPTO_memcmp' follow
if [ 'libcrypto.so' != 'libcrypto.so.1.1' ]; then \
rm -f libcrypto.so; \
ln -s libcrypto.so.1.1 libcrypto.so; \
fi
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Makefile:7074: recipe for target 'test/asn1_internal_test' failed
make[1]: *** [test/asn1_internal_test] Error 1
libcrypto.a(init.o): In function `ossl_init_base':
/home/openssl/run-checker/386/../openssl/crypto/init.c:89: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(rand_lib.o): In function `get_timer_bits':
/home/openssl/run-checker/386/../openssl/crypto/rand/rand_lib.c:206: undefined reference to `OPENSSL_rdtsc'
libcrypto.a(eng_all.o): In function `ENGINE_load_builtin_engines':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_all.c:16: undefined reference to `OPENSSL_cpuid_setup'
libcrypto.a(eng_rdrand.o): In function `get_random_bytes':
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:30: undefined reference to `OPENSSL_ia32_rdrand'
/home/openssl/run-checker/386/../openssl/crypto/engine/eng_rdrand.c:38: undefined reference to `OPENSSL_ia32_rdrand'
libcrypto.a(e_aes.o): In function `aes_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:2906: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3458: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aes.o): In function `aes_ccm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aes.c:3393: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_gcm_tls_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:428: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o): In function `aria_ccm_cipher':
/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:713: undefined reference to `CRYPTO_memcmp'
libcrypto.a(e_aria.o):/home/openssl/run-checker/386/../openssl/crypto/evp/e_aria.c:648: more undefined references to `CRYPTO_memcmp' follow
clang: error: linker command failed with exit code 1 (use -v to see invocation)
Makefile:8799: recipe for target 'test/ctype_internal_test' failed
make[1]: *** [test/ctype_internal_test] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/386'
Makefile:143: recipe for target 'all' failed
make: *** [all] Error 2
From builds at travis-ci.org Fri Feb 9 14:27:40 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 14:27:40 +0000
Subject: [openssl-commits] Fixed: openssl/openssl#16209 (master - 368297d)
In-Reply-To:
Message-ID: <5a7dafdc18cb0_43fc5720c13287120f1@6d40c516-40fe-402c-a43b-6e583071f2f2.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16209
Status: Fixed
Duration: 34 minutes and 37 seconds
Commit: 368297d (master)
Author: Richard Levitte
Message: Configuration: move the handling of zlib_include to config files
It was a bit absurd to have this being specially handled in the build
file templates, especially that we have the 'includes' attribute.
Reviewed-by: Rich Salz
(Merged from https://github.com/openssl/openssl/pull/5296)
View the changeset: https://github.com/openssl/openssl/compare/f3ac964ba431...368297d17352
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339454253?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From matt at openssl.org Fri Feb 9 15:36:37 2018
From: matt at openssl.org (Matt Caswell)
Date: Fri, 09 Feb 2018 15:36:37 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518190597.857088.683.nullmailer@dev.openssl.org>
The branch master has been updated
via 5d671101739f9e9b259126375a9e8b2fa42ac45f (commit)
from 368297d17352c7eb30efff443509caf7cf59f65f (commit)
- Log -----------------------------------------------------------------
commit 5d671101739f9e9b259126375a9e8b2fa42ac45f
Author: Matt Caswell
Date: Thu Feb 8 14:48:51 2018 +0000
Don't calculate the Finished MAC twice
In <= TLSv1.2 a Finished message always comes immediately after a CCS
except in the case of NPN where there is an additional message between
the CCS and Finished. Historically we always calculated the Finished MAC
when we processed the CCS. However to deal with NPN we also calculated it
when we receive the Finished message. Really this should only have been
done if we hand negotiated NPN.
This simplifies the code to only calculate the MAC when we receive the
Finished. In 1.1.1 we need to do it this way anyway because there is no
CCS (except in middlebox compat mode) in TLSv1.3.
Coincidentally, this commit also fixes the fact that no-nextprotoneg does
not currently work in master.
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5285)
-----------------------------------------------------------------------
Summary of changes:
ssl/s3_msg.c | 23 -----------------------
ssl/statem/statem_dtls.c | 9 +++++++++
ssl/statem/statem_lib.c | 34 +++++++++++++++++-----------------
ssl/statem/statem_locl.h | 1 +
4 files changed, 27 insertions(+), 40 deletions(-)
diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
index 5e6e7c4..6e102a1 100644
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@@ -12,9 +12,6 @@
int ssl3_do_change_cipher_spec(SSL *s)
{
int i;
- size_t finish_md_len;
- const char *sender;
- size_t slen;
if (s->server)
i = SSL3_CHANGE_CIPHER_SERVER_READ;
@@ -36,26 +33,6 @@ int ssl3_do_change_cipher_spec(SSL *s)
if (!s->method->ssl3_enc->change_cipher_state(s, i))
return 0;
- /*
- * we have to record the message digest at this point so we can get it
- * before we read the finished message
- */
- if (!s->server) {
- sender = s->method->ssl3_enc->server_finished_label;
- slen = s->method->ssl3_enc->server_finished_label_len;
- } else {
- sender = s->method->ssl3_enc->client_finished_label;
- slen = s->method->ssl3_enc->client_finished_label_len;
- }
-
- finish_md_len = s->method->ssl3_enc->final_finish_mac(s, sender, slen,
- s->s3->tmp.peer_finish_md);
- if (finish_md_len == 0) {
- SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- s->s3->tmp.peer_finish_md_len = finish_md_len;
-
return 1;
}
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 8604d5b..0ac60cb 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -376,6 +376,15 @@ int dtls_get_message(SSL *s, int *mt, size_t *len)
msg_len += DTLS1_HM_HEADER_LENGTH;
}
+ /*
+ * If receiving Finished, record MAC of prior handshake messages for
+ * Finished verification.
+ */
+ if (*mt == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {
+ /* SSLfatal() already called */
+ return 0;
+ }
+
if (!ssl3_finish_mac(s, p, msg_len))
return 0;
if (s->msg_callback)
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index f57f33c..82a7119 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -646,21 +646,15 @@ MSG_PROCESS_RETURN tls_process_key_update(SSL *s, PACKET *pkt)
return MSG_PROCESS_FINISHED_READING;
}
-#ifndef OPENSSL_NO_NEXTPROTONEG
/*
* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
* to far.
*/
-static void ssl3_take_mac(SSL *s)
+int ssl3_take_mac(SSL *s)
{
const char *sender;
size_t slen;
- /*
- * If no new cipher setup return immediately: other functions will set
- * the appropriate error.
- */
- if (s->s3->tmp.new_cipher == NULL)
- return;
+
if (!s->server) {
sender = s->method->ssl3_enc->server_finished_label;
slen = s->method->ssl3_enc->server_finished_label_len;
@@ -669,12 +663,17 @@ static void ssl3_take_mac(SSL *s)
slen = s->method->ssl3_enc->client_finished_label_len;
}
- s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- sender,
- slen,
- s->s3->tmp.peer_finish_md);
+ s->s3->tmp.peer_finish_md_len =
+ s->method->ssl3_enc->final_finish_mac(s, sender, slen,
+ s->s3->tmp.peer_finish_md);
+
+ if (s->s3->tmp.peer_finish_md_len == 0) {
+ /* SSLfatal() already called */
+ return 0;
+ }
+
+ return 1;
}
-#endif
MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt)
{
@@ -1227,14 +1226,15 @@ int tls_get_message_body(SSL *s, size_t *len)
n -= readbytes;
}
-#ifndef OPENSSL_NO_NEXTPROTONEG
/*
* If receiving Finished, record MAC of prior handshake messages for
* Finished verification.
*/
- if (*s->init_buf->data == SSL3_MT_FINISHED)
- ssl3_take_mac(s);
-#endif
+ if (*(s->init_buf->data) == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {
+ /* SSLfatal() already called */
+ *len = 0;
+ return 0;
+ }
/* Feed this message into MAC computation. */
if (RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h
index af081eb..25e56e4 100644
--- a/ssl/statem/statem_locl.h
+++ b/ssl/statem/statem_locl.h
@@ -54,6 +54,7 @@ typedef enum {
typedef int (*confunc_f) (SSL *s, WPACKET *pkt);
+int ssl3_take_mac(SSL *s);
int check_in_list(SSL *s, uint16_t group_id, const uint16_t *groups,
size_t num_groups, int checkallow);
int create_synthetic_message_hash(SSL *s, const unsigned char *hashval,
From matt at openssl.org Fri Feb 9 15:37:01 2018
From: matt at openssl.org (Matt Caswell)
Date: Fri, 09 Feb 2018 15:37:01 +0000
Subject: [openssl-commits] [openssl] OpenSSL_1_1_0-stable update
Message-ID: <1518190621.709751.1446.nullmailer@dev.openssl.org>
The branch OpenSSL_1_1_0-stable has been updated
via 622ddb57798bb5c895b0fe40e3fd89fdb4cdbc65 (commit)
from 30562caa34de5f23dead9b246aaf284748e184bf (commit)
- Log -----------------------------------------------------------------
commit 622ddb57798bb5c895b0fe40e3fd89fdb4cdbc65
Author: Matt Caswell
Date: Thu Feb 8 14:48:51 2018 +0000
Don't calculate the Finished MAC twice
In <= TLSv1.2 a Finished message always comes immediately after a CCS
except in the case of NPN where there is an additional message between
the CCS and Finished. Historically we always calculated the Finished MAC
when we processed the CCS. However to deal with NPN we also calculated it
when we receive the Finished message. Really this should only have been
done if we hand negotiated NPN.
This simplifies the code to only calculate the MAC when we receive the
Finished. In 1.1.1 we need to do it this way anyway because there is no
CCS (except in middlebox compat mode) in TLSv1.3.
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5286)
-----------------------------------------------------------------------
Summary of changes:
include/openssl/ssl.h | 1 +
ssl/s3_msg.c | 25 +------------------------
ssl/ssl_err.c | 3 ++-
ssl/statem/statem_dtls.c | 9 +++++++++
ssl/statem/statem_lib.c | 34 +++++++++++++++++-----------------
ssl/statem/statem_locl.h | 1 +
6 files changed, 31 insertions(+), 42 deletions(-)
diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h
index 9ff9b60..abe4406 100644
--- a/include/openssl/ssl.h
+++ b/include/openssl/ssl.h
@@ -2131,6 +2131,7 @@ int ERR_load_SSL_strings(void);
# define SSL_F_SSL3_SETUP_KEY_BLOCK 157
# define SSL_F_SSL3_SETUP_READ_BUFFER 156
# define SSL_F_SSL3_SETUP_WRITE_BUFFER 291
+# define SSL_F_SSL3_TAKE_MAC 425
# define SSL_F_SSL3_WRITE_BYTES 158
# define SSL_F_SSL3_WRITE_PENDING 159
# define SSL_F_SSL_ADD_CERT_CHAIN 316
diff --git a/ssl/s3_msg.c b/ssl/s3_msg.c
index 82513d2..8b08ba0 100644
--- a/ssl/s3_msg.c
+++ b/ssl/s3_msg.c
@@ -13,8 +13,6 @@
int ssl3_do_change_cipher_spec(SSL *s)
{
int i;
- const char *sender;
- int slen;
if (s->server)
i = SSL3_CHANGE_CIPHER_SERVER_READ;
@@ -36,28 +34,7 @@ int ssl3_do_change_cipher_spec(SSL *s)
if (!s->method->ssl3_enc->change_cipher_state(s, i))
return (0);
- /*
- * we have to record the message digest at this point so we can get it
- * before we read the finished message
- */
- if (!s->server) {
- sender = s->method->ssl3_enc->server_finished_label;
- slen = s->method->ssl3_enc->server_finished_label_len;
- } else {
- sender = s->method->ssl3_enc->client_finished_label;
- slen = s->method->ssl3_enc->client_finished_label_len;
- }
-
- i = s->method->ssl3_enc->final_finish_mac(s,
- sender, slen,
- s->s3->tmp.peer_finish_md);
- if (i == 0) {
- SSLerr(SSL_F_SSL3_DO_CHANGE_CIPHER_SPEC, ERR_R_INTERNAL_ERROR);
- return 0;
- }
- s->s3->tmp.peer_finish_md_len = i;
-
- return (1);
+ return 1;
}
int ssl3_send_alert(SSL *s, int level, int desc)
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
index 96edd96..3c2ebe1 100644
--- a/ssl/ssl_err.c
+++ b/ssl/ssl_err.c
@@ -1,6 +1,6 @@
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -75,6 +75,7 @@ static ERR_STRING_DATA SSL_str_functs[] = {
{ERR_FUNC(SSL_F_SSL3_SETUP_KEY_BLOCK), "ssl3_setup_key_block"},
{ERR_FUNC(SSL_F_SSL3_SETUP_READ_BUFFER), "ssl3_setup_read_buffer"},
{ERR_FUNC(SSL_F_SSL3_SETUP_WRITE_BUFFER), "ssl3_setup_write_buffer"},
+ {ERR_FUNC(SSL_F_SSL3_TAKE_MAC), "ssl3_take_mac"},
{ERR_FUNC(SSL_F_SSL3_WRITE_BYTES), "ssl3_write_bytes"},
{ERR_FUNC(SSL_F_SSL3_WRITE_PENDING), "ssl3_write_pending"},
{ERR_FUNC(SSL_F_SSL_ADD_CERT_CHAIN), "ssl_add_cert_chain"},
diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c
index 37e7fea..22be871 100644
--- a/ssl/statem/statem_dtls.c
+++ b/ssl/statem/statem_dtls.c
@@ -371,6 +371,15 @@ int dtls_get_message(SSL *s, int *mt, unsigned long *len)
msg_len += DTLS1_HM_HEADER_LENGTH;
}
+ /*
+ * If receiving Finished, record MAC of prior handshake messages for
+ * Finished verification.
+ */
+ if (*mt == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {
+ /* SSLfatal() already called */
+ return 0;
+ }
+
if (!ssl3_finish_mac(s, p, msg_len))
return 0;
if (s->msg_callback)
diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c
index 637c610..5702145 100644
--- a/ssl/statem/statem_lib.c
+++ b/ssl/statem/statem_lib.c
@@ -95,21 +95,15 @@ int tls_construct_finished(SSL *s, const char *sender, int slen)
return 1;
}
-#ifndef OPENSSL_NO_NEXTPROTONEG
/*
* ssl3_take_mac calculates the Finished MAC for the handshakes messages seen
* to far.
*/
-static void ssl3_take_mac(SSL *s)
+int ssl3_take_mac(SSL *s)
{
const char *sender;
int slen;
- /*
- * If no new cipher setup return immediately: other functions will set
- * the appropriate error.
- */
- if (s->s3->tmp.new_cipher == NULL)
- return;
+
if (!s->server) {
sender = s->method->ssl3_enc->server_finished_label;
slen = s->method->ssl3_enc->server_finished_label_len;
@@ -118,12 +112,17 @@ static void ssl3_take_mac(SSL *s)
slen = s->method->ssl3_enc->client_finished_label_len;
}
- s->s3->tmp.peer_finish_md_len = s->method->ssl3_enc->final_finish_mac(s,
- sender,
- slen,
- s->s3->tmp.peer_finish_md);
+ s->s3->tmp.peer_finish_md_len =
+ s->method->ssl3_enc->final_finish_mac(s, sender, slen,
+ s->s3->tmp.peer_finish_md);
+
+ if (s->s3->tmp.peer_finish_md_len == 0) {
+ SSLerr(SSL_F_SSL3_TAKE_MAC, ERR_R_INTERNAL_ERROR);
+ return 0;
+ }
+
+ return 1;
}
-#endif
MSG_PROCESS_RETURN tls_process_change_cipher_spec(SSL *s, PACKET *pkt)
{
@@ -465,14 +464,15 @@ int tls_get_message_body(SSL *s, unsigned long *len)
n -= i;
}
-#ifndef OPENSSL_NO_NEXTPROTONEG
/*
* If receiving Finished, record MAC of prior handshake messages for
* Finished verification.
*/
- if (*s->init_buf->data == SSL3_MT_FINISHED)
- ssl3_take_mac(s);
-#endif
+ if (*(s->init_buf->data) == SSL3_MT_FINISHED && !ssl3_take_mac(s)) {
+ /* SSLfatal() already called */
+ *len = 0;
+ return 0;
+ }
/* Feed this message into MAC computation. */
if (RECORD_LAYER_is_sslv2_record(&s->rlayer)) {
diff --git a/ssl/statem/statem_locl.h b/ssl/statem/statem_locl.h
index a46e6c7..98e41fe 100644
--- a/ssl/statem/statem_locl.h
+++ b/ssl/statem/statem_locl.h
@@ -42,6 +42,7 @@ typedef enum {
/* Flush the write BIO */
int statem_flush(SSL *s);
+int ssl3_take_mac(SSL *s);
/*
* TLS/DTLS client state machine functions
From openssl at openssl.org Fri Feb 9 15:59:10 2018
From: openssl at openssl.org (OpenSSL run-checker)
Date: Fri, 09 Feb 2018 15:59:10 +0000
Subject: [openssl-commits] Still FAILED build of OpenSSL branch master with
options -d --strict-warnings no-tls1_2
Message-ID: <1518191950.080866.10321.nullmailer@run.openssl.org>
Platform and configuration command:
$ uname -a
Linux run 4.4.0-96-generic #119-Ubuntu SMP Tue Sep 12 14:59:54 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-tls1_2
Commit log since last time:
71cff96 Fix no-chacha and no-poly1305
b53fdad util/mkdef.pl: use better array in search of 'DEPRECATEDIN_'
22626b9 With nmake, invoking $(MAKE) needs /$(MAKEFLAGS)
Build log ended with (last 100 lines):
SRCTOP=../../openssl \
BLDTOP=../. \
RESULT_D=test-runs \
PERL="/usr/bin/perl" \
EXE_EXT= \
OPENSSL_ENGINES=`cd .././engines; pwd` \
OPENSSL_DEBUG_MEMORY=on \
/usr/bin/perl ../../openssl/test/run_tests.pl )
../../openssl/test/recipes/01-test_abort.t .................... ok
../../openssl/test/recipes/01-test_sanity.t ................... ok
../../openssl/test/recipes/01-test_symbol_presence.t .......... ok
../../openssl/test/recipes/01-test_test.t ..................... ok
../../openssl/test/recipes/02-test_internal_ctype.t ........... ok
../../openssl/test/recipes/02-test_lhash.t .................... ok
../../openssl/test/recipes/02-test_ordinals.t ................. ok
../../openssl/test/recipes/02-test_stack.t .................... ok
../../openssl/test/recipes/03-test_exdata.t ................... ok
../../openssl/test/recipes/03-test_internal_asn1.t ............ ok
../../openssl/test/recipes/03-test_internal_chacha.t .......... ok
../../openssl/test/recipes/03-test_internal_mdc2.t ............ ok
../../openssl/test/recipes/03-test_internal_modes.t ........... ok
../../openssl/test/recipes/03-test_internal_poly1305.t ........ ok
../../openssl/test/recipes/03-test_internal_siphash.t ......... ok
../../openssl/test/recipes/03-test_internal_sm4.t ............. ok
../../openssl/test/recipes/03-test_internal_ssl_cert_table.t .. ok
../../openssl/test/recipes/03-test_internal_x509.t ............ ok
../../openssl/test/recipes/03-test_ui.t ....................... ok
../../openssl/test/recipes/04-test_asn1_encode.t .............. ok
../../openssl/test/recipes/04-test_asn1_string_table.t ........ ok
../../openssl/test/recipes/04-test_bioprint.t ................. ok
../../openssl/test/recipes/04-test_pem.t ...................... ok
../../openssl/test/recipes/05-test_bf.t ....................... ok
../../openssl/test/recipes/05-test_cast.t ..................... ok
../../openssl/test/recipes/05-test_des.t ...................... ok
../../openssl/test/recipes/05-test_hmac.t ..................... ok
../../openssl/test/recipes/05-test_idea.t ..................... ok
../../openssl/test/recipes/05-test_md2.t ...................... skipped: md2 is not supported by this OpenSSL build
../../openssl/test/recipes/05-test_mdc2.t ..................... ok
../../openssl/test/recipes/05-test_rand.t ..................... ok
../../openssl/test/recipes/05-test_rc2.t ...................... ok
../../openssl/test/recipes/05-test_rc4.t ...................... ok
../../openssl/test/recipes/05-test_rc5.t ...................... skipped: rc5 is not supported by this OpenSSL build
../../openssl/test/recipes/10-test_bn.t ....................... ok
../../openssl/test/recipes/10-test_exp.t ...................... ok
../../openssl/test/recipes/15-test_dh.t ....................... ok
../../openssl/test/recipes/15-test_dsa.t ...................... ok
../../openssl/test/recipes/15-test_ec.t ....................... ok
../../openssl/test/recipes/15-test_ecdsa.t .................... ok
../../openssl/test/recipes/15-test_ecparam.t .................. ok
../../openssl/test/recipes/15-test_genrsa.t ................... ok
../../openssl/test/recipes/15-test_mp_rsa.t ................... ok
../../openssl/test/recipes/15-test_rsa.t ...................... ok
../../openssl/test/recipes/15-test_rsapss.t ................... ok
../../openssl/test/recipes/20-test_enc.t ...................... ok
../../openssl/test/recipes/20-test_enc_more.t ................. ok
../../openssl/test/recipes/20-test_passwd.t ................... ok
../../openssl/test/recipes/25-test_crl.t ...................... ok
../../openssl/test/recipes/25-test_d2i.t ...................... ok
../../openssl/test/recipes/25-test_pkcs7.t .................... ok
../../openssl/test/recipes/25-test_req.t ...................... ok
../../openssl/test/recipes/25-test_sid.t ...................... ok
../../openssl/test/recipes/25-test_verify.t ................... ok
../../openssl/test/recipes/25-test_x509.t ..................... ok
../../openssl/test/recipes/30-test_afalg.t .................... ok
../../openssl/test/recipes/30-test_engine.t ................... ok
../../openssl/test/recipes/30-test_evp.t ...................... ok
../../openssl/test/recipes/30-test_evp_extra.t ................ ok
../../openssl/test/recipes/30-test_pbelu.t .................... ok
../../openssl/test/recipes/30-test_pkey_meth.t ................ ok
../../openssl/test/recipes/30-test_pkey_meth_kdf.t ............ ok
../../openssl/test/recipes/40-test_rehash.t ................... ok
../../openssl/test/recipes/60-test_x509_check_cert_pkey.t ..... ok
../../openssl/test/recipes/60-test_x509_dup_cert.t ............ ok
../../openssl/test/recipes/60-test_x509_store.t ............... ok
../../openssl/test/recipes/60-test_x509_time.t ................ ok
../../openssl/test/recipes/70-test_asyncio.t .................. ok
../../openssl/test/recipes/70-test_bad_dtls.t ................. ok
../../openssl/test/recipes/70-test_clienthello.t ..............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_comp.t ..................... ok
../../openssl/test/recipes/70-test_key_share.t ................
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/22 subtests
../../openssl/test/recipes/70-test_packet.t ................... ok
../../openssl/test/recipes/70-test_recordlen.t ................ ok
../../openssl/test/recipes/70-test_renegotiation.t ............ skipped: test_renegotiation needs TLS <= 1.2 enabled
../../openssl/test/recipes/70-test_servername.t ............... ok
../../openssl/test/recipes/70-test_sslcbcpadding.t ............ skipped: test_sslcbcpadding needs TLSv1.2 enabled
../../openssl/test/recipes/70-test_sslcertstatus.t ............
Dubious, test returned 1 (wstat 256, 0x100)
Failed 1/1 subtests
../../openssl/test/recipes/70-test_sslextension.t .............
Dubious, test returned 255 (wstat 65280, 0xff00)
No subtests run
make[1]: *** wait: No child processes. Stop.
make[1]: *** Waiting for unfinished jobs....
make[1]: *** wait: No child processes. Stop.
Makefile:169: recipe for target 'tests' failed
make: *** [tests] Terminated
From builds at travis-ci.org Fri Feb 9 16:05:27 2018
From: builds at travis-ci.org (Travis CI)
Date: Fri, 09 Feb 2018 16:05:27 +0000
Subject: [openssl-commits] Errored: openssl/openssl#16216 (master - 5d67110)
In-Reply-To:
Message-ID: <5a7dc72ce49cc_43fc58c5cce988702b8@6d40c516-40fe-402c-a43b-6e583071f2f2.mail>
Build Update for openssl/openssl
-------------------------------------
Build: #16216
Status: Errored
Duration: 29 minutes and 41 seconds
Commit: 5d67110 (master)
Author: Matt Caswell
Message: Don't calculate the Finished MAC twice
In <= TLSv1.2 a Finished message always comes immediately after a CCS
except in the case of NPN where there is an additional message between
the CCS and Finished. Historically we always calculated the Finished MAC
when we processed the CCS. However to deal with NPN we also calculated it
when we receive the Finished message. Really this should only have been
done if we hand negotiated NPN.
This simplifies the code to only calculate the MAC when we receive the
Finished. In 1.1.1 we need to do it this way anyway because there is no
CCS (except in middlebox compat mode) in TLSv1.3.
Coincidentally, this commit also fixes the fact that no-nextprotoneg does
not currently work in master.
Reviewed-by: Andy Polyakov
(Merged from https://github.com/openssl/openssl/pull/5285)
View the changeset: https://github.com/openssl/openssl/compare/368297d17352...5d671101739f
View the full build log and details: https://travis-ci.org/openssl/openssl/builds/339511350?utm_source=email&utm_medium=notification
--
You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
From levitte at openssl.org Fri Feb 9 16:49:32 2018
From: levitte at openssl.org (Richard Levitte)
Date: Fri, 09 Feb 2018 16:49:32 +0000
Subject: [openssl-commits] [openssl] master update
Message-ID: <1518194972.371256.10006.nullmailer@dev.openssl.org>
The branch master has been updated
via 83739b39e55fcdd9dd395bc619b1b7fafcc32f5c (commit)
via 41e9afa9452407f5e0a651d1058ae5c73c7d1fd6 (commit)
via 5773f7bee4a12774977acba47ad89779c7a89bcd (commit)
via a5d0d6b8fd1645c150e1b276863157bb29f0f598 (commit)
from 5d671101739f9e9b259126375a9e8b2fa42ac45f (commit)
- Log -----------------------------------------------------------------
commit 83739b39e55fcdd9dd395bc619b1b7fafcc32f5c
Author: Nick Mathewson
Date: Fri Feb 9 09:03:07 2018 -0500
Run "make update"
Reviewed-by: Rich Salz
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5150)
commit 41e9afa9452407f5e0a651d1058ae5c73c7d1fd6
Author: Nick Mathewson
Date: Tue Jan 23 10:49:53 2018 -0500
In err_all.c, include the *err.h headers.
Reviewed-by: Rich Salz
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5150)
commit 5773f7bee4a12774977acba47ad89779c7a89bcd
Author: Nick Mathewson
Date: Tue Jan 23 10:48:35 2018 -0500
Improve #include structure of pem{,2}.h
- pem2.h is empty, so pem.h doesn't need to include it.
- pem2.h once declared ERR_load_PEM_strings(), so it should now
include pemerr.h
Reviewed-by: Rich Salz
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5150)
commit a5d0d6b8fd1645c150e1b276863157bb29f0f598
Author: Nick Mathewson
Date: Tue Jan 23 09:46:13 2018 -0500
Remove redundant declarations of ERR_load_*_strings()
In commit 52df25cf2e656146cb3b206d8220124f0417d03f, the
ERR_load_FOO_strings() functions were moved from their original
location in foo.h into new headers called fooerr.h. But they were
never removed from their original locations. This duplication
causes redundant-declaration warnings on programs that use OpenSSL's
headers with such warnings enabled.
Reviewed-by: Rich Salz
Reviewed-by: Richard Levitte
(Merged from https://github.com/openssl/openssl/pull/5150)
-----------------------------------------------------------------------
Summary of changes:
crypto/err/err_all.c | 53 ++++++++++++++++++++++++-----------------------
include/openssl/async.h | 1 -
include/openssl/bio.h | 1 -
include/openssl/bn.h | 1 -
include/openssl/buffer.h | 1 -
include/openssl/cms.h | 1 -
include/openssl/comp.h | 1 -
include/openssl/conf.h | 1 -
include/openssl/crypto.h | 1 -
include/openssl/ct.h | 1 -
include/openssl/dh.h | 1 -
include/openssl/dsa.h | 1 -
include/openssl/ec.h | 1 -
include/openssl/engine.h | 1 -
include/openssl/evp.h | 1 -
include/openssl/kdf.h | 1 -
include/openssl/objects.h | 1 -
include/openssl/ocsp.h | 1 -
include/openssl/pem.h | 2 --
include/openssl/pem2.h | 13 +++---------
include/openssl/rand.h | 1 -
include/openssl/rsa.h | 1 -
include/openssl/ssl.h | 1 -
include/openssl/store.h | 6 ------
include/openssl/ts.h | 1 -
include/openssl/ui.h | 1 -
util/libcrypto.num | 2 +-
27 files changed, 31 insertions(+), 67 deletions(-)
diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
index a2759f4..6f03886 100644
--- a/crypto/err/err_all.c
+++ b/crypto/err/err_all.c
@@ -9,34 +9,35 @@
#include
#include "internal/err_int.h"
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
-#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
#include "internal/dso.h"
-#include
-#include
-#include
+#include
+#include
+#include
#include
-#include
-#include
-#include
-#include
-#include
-#include
+#include
+#include
+#include
+#include
+#include
+#include
int err_load_crypto_strings_int(void)
{
diff --git a/include/openssl/async.h b/include/openssl/async.h
index 45ff30a..4db02c3 100644
--- a/include/openssl/async.h
+++ b/include/openssl/async.h
@@ -69,7 +69,6 @@ ASYNC_WAIT_CTX *ASYNC_get_wait_ctx(ASYNC_JOB *job);
void ASYNC_block_pause(void);
void ASYNC_unblock_pause(void);
-int ERR_load_ASYNC_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/bio.h b/include/openssl/bio.h
index d8d8ac4..4a32a0d 100644
--- a/include/openssl/bio.h
+++ b/include/openssl/bio.h
@@ -790,7 +790,6 @@ long (*BIO_meth_get_callback_ctrl(BIO_METHOD *biom))
int BIO_meth_set_callback_ctrl(BIO_METHOD *biom,
long (*callback_ctrl) (BIO *, int,
BIO_info_cb *));
-int ERR_load_BIO_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/bn.h b/include/openssl/bn.h
index 93c8fe9..ebca6f9 100644
--- a/include/openssl/bn.h
+++ b/include/openssl/bn.h
@@ -481,7 +481,6 @@ BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn);
int BN_bntest_rand(BIGNUM *rnd, int bits, int top, int bottom);
-int ERR_load_BN_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/buffer.h b/include/openssl/buffer.h
index 6f243ba..8868e85 100644
--- a/include/openssl/buffer.h
+++ b/include/openssl/buffer.h
@@ -51,7 +51,6 @@ size_t BUF_MEM_grow(BUF_MEM *str, size_t len);
size_t BUF_MEM_grow_clean(BUF_MEM *str, size_t len);
void BUF_reverse(unsigned char *out, const unsigned char *in, size_t siz);
-int ERR_load_BUF_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/cms.h b/include/openssl/cms.h
index c9294e5..7910127 100644
--- a/include/openssl/cms.h
+++ b/include/openssl/cms.h
@@ -335,7 +335,6 @@ int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \
CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE
-int ERR_load_CMS_strings(void);
# ifdef __cplusplus
}
# endif
diff --git a/include/openssl/comp.h b/include/openssl/comp.h
index 27ff659..6b20aac 100644
--- a/include/openssl/comp.h
+++ b/include/openssl/comp.h
@@ -45,7 +45,6 @@ const BIO_METHOD *BIO_f_zlib(void);
# endif
# endif
-int ERR_load_COMP_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/conf.h b/include/openssl/conf.h
index 702dceb..bca8a05 100644
--- a/include/openssl/conf.h
+++ b/include/openssl/conf.h
@@ -161,7 +161,6 @@ int CONF_parse_list(const char *list, int sep, int nospc,
void OPENSSL_load_builtin_modules(void);
-int ERR_load_CONF_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 478f9e2..4daf0c7 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -439,7 +439,6 @@ int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key);
CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void);
int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b);
-int ERR_load_CRYPTO_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/ct.h b/include/openssl/ct.h
index 96f3b7c..68c5d41 100644
--- a/include/openssl/ct.h
+++ b/include/openssl/ct.h
@@ -469,7 +469,6 @@ __owur int CTLOG_STORE_load_file(CTLOG_STORE *store, const char *file);
*/
__owur int CTLOG_STORE_load_default_file(CTLOG_STORE *store);
-int ERR_load_CT_strings(void);
# ifdef __cplusplus
}
# endif
diff --git a/include/openssl/dh.h b/include/openssl/dh.h
index 0085824..2a12b9d 100644
--- a/include/openssl/dh.h
+++ b/include/openssl/dh.h
@@ -327,7 +327,6 @@ int DH_meth_set_generate_params(DH_METHOD *dhm,
# define EVP_PKEY_DH_KDF_X9_42 2
# endif
-int ERR_load_DH_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/dsa.h b/include/openssl/dsa.h
index d8e680c..39f0f57 100644
--- a/include/openssl/dsa.h
+++ b/include/openssl/dsa.h
@@ -224,7 +224,6 @@ int DSA_meth_set_paramgen(DSA_METHOD *dsam,
int (*DSA_meth_get_keygen(const DSA_METHOD *dsam)) (DSA *);
int DSA_meth_set_keygen(DSA_METHOD *dsam, int (*keygen) (DSA *));
-int ERR_load_DSA_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 65800dd..a8627cf 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -1346,7 +1346,6 @@ void EC_KEY_METHOD_get_verify(const EC_KEY_METHOD *meth,
# define EVP_PKEY_ECDH_KDF_NONE 1
# define EVP_PKEY_ECDH_KDF_X9_62 2
-int ERR_load_EC_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/engine.h b/include/openssl/engine.h
index 9f59757..89722b0 100644
--- a/include/openssl/engine.h
+++ b/include/openssl/engine.h
@@ -743,7 +743,6 @@ void *ENGINE_get_static_state(void);
DEPRECATEDIN_1_1_0(void ENGINE_setup_bsd_cryptodev(void))
# endif
-int ERR_load_ENGINE_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 4a3fee1..268e90f 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1587,7 +1587,6 @@ void EVP_PKEY_meth_get_param_check(EVP_PKEY_METHOD *pmeth,
void EVP_add_alg_module(void);
-int ERR_load_EVP_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
index 26380ca..c1733a5 100644
--- a/include/openssl/kdf.h
+++ b/include/openssl/kdf.h
@@ -90,7 +90,6 @@ extern "C" {
EVP_PKEY_CTX_ctrl_uint64(pctx, -1, EVP_PKEY_OP_DERIVE, \
EVP_PKEY_CTRL_SCRYPT_MAXMEM_BYTES, maxmem_bytes)
-int ERR_load_KDF_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/objects.h b/include/openssl/objects.h
index 54b42ee..484562d 100644
--- a/include/openssl/objects.h
+++ b/include/openssl/objects.h
@@ -168,7 +168,6 @@ int OBJ_find_sigid_by_algs(int *psignid, int dig_nid, int pkey_nid);
int OBJ_add_sigid(int signid, int dig_id, int pkey_id);
void OBJ_sigid_free(void);
-int ERR_load_OBJ_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/ocsp.h b/include/openssl/ocsp.h
index 0b89a64..a5c4476 100644
--- a/include/openssl/ocsp.h
+++ b/include/openssl/ocsp.h
@@ -345,7 +345,6 @@ int OCSP_RESPONSE_print(BIO *bp, OCSP_RESPONSE *o, unsigned long flags);
int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
X509_STORE *st, unsigned long flags);
-int ERR_load_OCSP_strings(void);
# ifdef __cplusplus
}
diff --git a/include/openssl/pem.h b/include/openssl/pem.h
index 10b19a5..55bcd71 100644
--- a/include/openssl/pem.h
+++ b/include/openssl/pem.h
@@ -15,7 +15,6 @@
# include
# include