[openssl-commits] Still Failing: openssl/openssl#16951 (master - 37933ac)

Travis CI builds at travis-ci.org
Fri Mar 9 17:13:27 UTC 2018


Build Update for openssl/openssl
-------------------------------------

Build: #16951
Status: Still Failing

Duration: 37 minutes and 49 seconds
Commit: 37933ac (master)
Author: Todd Short
Message: Add SSL/SSL_CTX_use_cert_and_key()

Add functions that will do the work of assigning certificate, privatekey
and chain certs to an SSL or SSL_CTX. If no privatekey is given, use the
publickey. This will permit the keys to pass validation for both ECDSA
and RSA. If a private key has already been set for the certificate, it
is discarded. A real private key can be set later.

This is an all-or-nothing setting of these parameters. Unlike the
SSL/SSL_CTX_use_certificate() and SSL/SSL_CTX_use_PrivateKey() functions,
the existing cert or privatekey is not modified (i.e. parameters copied).
This permits the existing cert/privatekey to be replaced.

It replaces the sequence of:
* SSL_use_certificate()
* SSL_use_privatekey()
* SSL_set1_chain()
And may actually be faster, as multiple checks are consolidated.

The private key can be NULL, if so an ENGINE module needs to contain the
actual private key that is to be used.

Note that ECDH (using the certificate's ECDSA key) ciphers do not work
without the private key being present, based on how the private key is
used in ECDH. ECDH does not offer PFS; ECDHE ciphers should be used instead.

Reviewed-by: Tim Hudson <tjh at openssl.org>
Reviewed-by: Ben Kaduk <kaduk at mit.edu>
(Merged from https://github.com/openssl/openssl/pull/1130)

View the changeset: https://github.com/openssl/openssl/compare/5936e8884bc6...37933acbeafe

View the full build log and details: https://travis-ci.org/openssl/openssl/builds/351383616?utm_source=email&utm_medium=notification

--

You can configure recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications







This email was sent to openssl-commits at openssl.org (mailto:openssl-commits at openssl.org)
unsubscribe from this list (http://clicks.travis-ci.com/track/unsub.php?u=14313403&id=caaf0d1fb1a14e8d911e6d0975d8b30c.S4RW6Clmvqc3YBhWrklxhpwfgC8%3D&r=https%3A%2F%2Fmandrillapp.com%2Funsub%3Fmd_email%3Dopenssl-commits%2540openssl.org)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-commits/attachments/20180309/5f2909b4/attachment.html>


More information about the openssl-commits mailing list