From pauli at openssl.org Thu Oct 1 00:34:44 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 01 Oct 2020 00:34:44 +0000 Subject: [openssl] master update Message-ID: <1601512484.619252.2641.nullmailer@dev.openssl.org> The branch master has been updated via 592dcfd3df129235fa94144e866812800e2941e8 (commit) via 5b60f9c3e05bfb8c24e6933964b86c738f5ad072 (commit) from 13a574d8bb2523181f8150de49bc041c9841f59d (commit) - Log ----------------------------------------------------------------- commit 592dcfd3df129235fa94144e866812800e2941e8 Author: Pauli Date: Tue Sep 29 17:40:26 2020 +1000 prov: prefix all exposed 'cipher' symbols with ossl_ Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13030) commit 5b60f9c3e05bfb8c24e6933964b86c738f5ad072 Author: Pauli Date: Tue Sep 29 16:40:58 2020 +1000 prov: prefix aes-cbc-cts functions with ossl_ Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13030) ----------------------------------------------------------------------- Summary of changes: providers/common/include/prov/providercommon.h | 4 +- providers/defltprov.c | 8 +- providers/fips/fipsprov.c | 8 +- providers/implementations/ciphers/cipher_aes.c | 2 +- .../ciphers/cipher_aes_cbc_hmac_sha.c | 26 ++--- .../ciphers/cipher_aes_cbc_hmac_sha.h | 4 +- .../ciphers/cipher_aes_cbc_hmac_sha1_hw.c | 4 +- .../ciphers/cipher_aes_cbc_hmac_sha256_hw.c | 4 +- providers/implementations/ciphers/cipher_aes_cts.h | 8 +- .../implementations/ciphers/cipher_aes_cts.inc | 24 ++-- .../implementations/ciphers/cipher_aes_cts_fips.c | 8 +- providers/implementations/ciphers/cipher_aes_hw.c | 2 +- .../ciphers/cipher_aes_hw_aesni.inc | 10 +- .../ciphers/cipher_aes_hw_s390x.inc | 6 +- providers/implementations/ciphers/cipher_aes_ocb.c | 14 +-- providers/implementations/ciphers/cipher_aes_siv.c | 4 +- providers/implementations/ciphers/cipher_aes_wrp.c | 20 ++-- providers/implementations/ciphers/cipher_aes_xts.c | 17 +-- providers/implementations/ciphers/cipher_aria.c | 2 +- providers/implementations/ciphers/cipher_aria_hw.c | 2 +- .../implementations/ciphers/cipher_blowfish.c | 2 +- .../implementations/ciphers/cipher_camellia.c | 2 +- .../implementations/ciphers/cipher_camellia_hw.c | 2 +- providers/implementations/ciphers/cipher_cast5.c | 2 +- .../implementations/ciphers/cipher_chacha20.c | 34 +++--- .../ciphers/cipher_chacha20_poly1305.c | 34 +++--- providers/implementations/ciphers/cipher_des.c | 26 ++--- providers/implementations/ciphers/cipher_idea.c | 2 +- providers/implementations/ciphers/cipher_null.c | 4 +- providers/implementations/ciphers/cipher_rc2.c | 28 ++--- providers/implementations/ciphers/cipher_rc4.c | 30 ++--- .../implementations/ciphers/cipher_rc4_hmac_md5.c | 29 ++--- providers/implementations/ciphers/cipher_rc5.c | 30 ++--- providers/implementations/ciphers/cipher_seed.c | 2 +- providers/implementations/ciphers/cipher_sm4.c | 2 +- providers/implementations/ciphers/cipher_sm4_hw.c | 2 +- providers/implementations/ciphers/cipher_tdes.h | 45 ++++---- .../implementations/ciphers/cipher_tdes_common.c | 10 +- .../ciphers/cipher_tdes_default_hw.c | 21 ++-- providers/implementations/ciphers/cipher_tdes_hw.c | 15 +-- .../implementations/ciphers/cipher_tdes_wrap.c | 12 +- .../implementations/ciphers/cipher_tdes_wrap_hw.c | 2 +- providers/implementations/ciphers/ciphercommon.c | 87 +++++++------- .../implementations/ciphers/ciphercommon_hw.c | 36 +++--- .../implementations/include/prov/ciphercommon.h | 128 ++++++++++----------- .../include/prov/ciphercommon_aead.h | 8 +- 46 files changed, 392 insertions(+), 380 deletions(-) diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h index 44e9c812aa..d90492c723 100644 --- a/providers/common/include/prov/providercommon.h +++ b/providers/common/include/prov/providercommon.h @@ -14,8 +14,8 @@ const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *ctx); const char *ossl_prov_util_nid_to_name(int nid); -int cipher_capable_aes_cbc_hmac_sha1(void); -int cipher_capable_aes_cbc_hmac_sha256(void); +int ossl_cipher_capable_aes_cbc_hmac_sha1(void); +int ossl_cipher_capable_aes_cbc_hmac_sha256(void); OSSL_FUNC_provider_get_capabilities_fn provider_get_capabilities; diff --git a/providers/defltprov.c b/providers/defltprov.c index 06ce516041..48f0c88098 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -205,13 +205,13 @@ static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = { ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", ossl_aes128wrappad_functions), ALGC("AES-128-CBC-HMAC-SHA1", ossl_aes128cbc_hmac_sha1_functions, - cipher_capable_aes_cbc_hmac_sha1), + ossl_cipher_capable_aes_cbc_hmac_sha1), ALGC("AES-256-CBC-HMAC-SHA1", ossl_aes256cbc_hmac_sha1_functions, - cipher_capable_aes_cbc_hmac_sha1), + ossl_cipher_capable_aes_cbc_hmac_sha1), ALGC("AES-128-CBC-HMAC-SHA256", ossl_aes128cbc_hmac_sha256_functions, - cipher_capable_aes_cbc_hmac_sha256), + ossl_cipher_capable_aes_cbc_hmac_sha256), ALGC("AES-256-CBC-HMAC-SHA256", ossl_aes256cbc_hmac_sha256_functions, - cipher_capable_aes_cbc_hmac_sha256), + ossl_cipher_capable_aes_cbc_hmac_sha256), #ifndef OPENSSL_NO_ARIA ALG("ARIA-256-GCM", ossl_aria256gcm_functions), ALG("ARIA-192-GCM", ossl_aria192gcm_functions), diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 1cbe5ed454..005ad2bb54 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -385,13 +385,13 @@ static const OSSL_ALGORITHM_CAPABLE fips_ciphers[] = { ALG("AES-128-WRAP-PAD:id-aes128-wrap-pad:AES128-WRAP-PAD", ossl_aes128wrappad_functions), ALGC("AES-128-CBC-HMAC-SHA1", ossl_aes128cbc_hmac_sha1_functions, - cipher_capable_aes_cbc_hmac_sha1), + ossl_cipher_capable_aes_cbc_hmac_sha1), ALGC("AES-256-CBC-HMAC-SHA1", ossl_aes256cbc_hmac_sha1_functions, - cipher_capable_aes_cbc_hmac_sha1), + ossl_cipher_capable_aes_cbc_hmac_sha1), ALGC("AES-128-CBC-HMAC-SHA256", ossl_aes128cbc_hmac_sha256_functions, - cipher_capable_aes_cbc_hmac_sha256), + ossl_cipher_capable_aes_cbc_hmac_sha256), ALGC("AES-256-CBC-HMAC-SHA256", ossl_aes256cbc_hmac_sha256_functions, - cipher_capable_aes_cbc_hmac_sha256), + ossl_cipher_capable_aes_cbc_hmac_sha256), #ifndef OPENSSL_NO_DES ALG("DES-EDE3-ECB:DES-EDE3", ossl_tdes_ede3_ecb_functions), ALG("DES-EDE3-CBC:DES3", ossl_tdes_ede3_cbc_functions), diff --git a/providers/implementations/ciphers/cipher_aes.c b/providers/implementations/ciphers/cipher_aes.c index f2d75d7010..2f469c131a 100644 --- a/providers/implementations/ciphers/cipher_aes.c +++ b/providers/implementations/ciphers/cipher_aes.c @@ -27,7 +27,7 @@ static void aes_freectx(void *vctx) { PROV_AES_CTX *ctx = (PROV_AES_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c index 16916fdc47..1ff2a29590 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.c @@ -42,12 +42,12 @@ static OSSL_FUNC_cipher_get_ctx_params_fn aes_get_ctx_params; static OSSL_FUNC_cipher_gettable_ctx_params_fn aes_gettable_ctx_params; static OSSL_FUNC_cipher_set_ctx_params_fn aes_set_ctx_params; static OSSL_FUNC_cipher_settable_ctx_params_fn aes_settable_ctx_params; -# define aes_gettable_params cipher_generic_gettable_params -# define aes_einit cipher_generic_einit -# define aes_dinit cipher_generic_dinit -# define aes_update cipher_generic_stream_update -# define aes_final cipher_generic_stream_final -# define aes_cipher cipher_generic_cipher +# define aes_gettable_params ossl_cipher_generic_gettable_params +# define aes_einit ossl_cipher_generic_einit +# define aes_dinit ossl_cipher_generic_dinit +# define aes_update ossl_cipher_generic_stream_update +# define aes_final ossl_cipher_generic_stream_final +# define aes_cipher ossl_cipher_generic_cipher static const OSSL_PARAM cipher_aes_known_settable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_MAC_KEY, NULL, 0), @@ -290,9 +290,9 @@ static void base_init(void *provctx, PROV_AES_HMAC_SHA_CTX *ctx, size_t kbits, size_t blkbits, size_t ivbits, uint64_t flags) { - cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, - EVP_CIPH_CBC_MODE, flags, - &meths->base, provctx); + ossl_cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, + EVP_CIPH_CBC_MODE, flags, + &meths->base, provctx); ctx->hw = (PROV_CIPHER_HW_AES_HMAC_SHA *)ctx->base.hw; } @@ -318,7 +318,7 @@ static void aes_cbc_hmac_sha1_freectx(void *vctx) PROV_AES_HMAC_SHA1_CTX *ctx = (PROV_AES_HMAC_SHA1_CTX *)vctx; if (ctx != NULL) { - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } @@ -345,7 +345,7 @@ static void aes_cbc_hmac_sha256_freectx(void *vctx) PROV_AES_HMAC_SHA256_CTX *ctx = (PROV_AES_HMAC_SHA256_CTX *)vctx; if (ctx != NULL) { - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } @@ -359,8 +359,8 @@ static void *nm##_##kbits##_##sub##_newctx(void *provctx) \ static OSSL_FUNC_cipher_get_params_fn nm##_##kbits##_##sub##_get_params; \ static int nm##_##kbits##_##sub##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_CBC_MODE, \ - flags, kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_CBC_MODE, \ + flags, kbits, blkbits, ivbits); \ } \ const OSSL_DISPATCH ossl_##nm##kbits##sub##_functions[] = { \ { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))nm##_##kbits##_##sub##_newctx },\ diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h index 75c450c350..6aaf3f06fb 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha.h @@ -10,8 +10,8 @@ #include "prov/ciphercommon.h" #include "crypto/aes_platform.h" -int cipher_capable_aes_cbc_hmac_sha1(void); -int cipher_capable_aes_cbc_hmac_sha256(void); +int ossl_cipher_capable_aes_cbc_hmac_sha1(void); +int ossl_cipher_capable_aes_cbc_hmac_sha256(void); typedef struct prov_cipher_hw_aes_hmac_sha_ctx_st { PROV_CIPHER_HW base; /* must be first */ diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c index b3aebbe052..f8db563d18 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha1_hw.c @@ -17,7 +17,7 @@ #include "cipher_aes_cbc_hmac_sha.h" #if !defined(AES_CBC_HMAC_SHA_CAPABLE) || !defined(AESNI_CAPABLE) -int cipher_capable_aes_cbc_hmac_sha1(void) +int ossl_cipher_capable_aes_cbc_hmac_sha1(void) { return 0; } @@ -37,7 +37,7 @@ void aesni_cbc_sha1_enc(const void *inp, void *out, size_t blocks, const AES_KEY *key, unsigned char iv[16], SHA_CTX *ctx, const void *in0); -int cipher_capable_aes_cbc_hmac_sha1(void) +int ossl_cipher_capable_aes_cbc_hmac_sha1(void) { return AESNI_CBC_HMAC_SHA_CAPABLE; } diff --git a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c index 8e738bcd10..8587c414cd 100644 --- a/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c +++ b/providers/implementations/ciphers/cipher_aes_cbc_hmac_sha256_hw.c @@ -17,7 +17,7 @@ #include "cipher_aes_cbc_hmac_sha.h" #if !defined(AES_CBC_HMAC_SHA_CAPABLE) || !defined(AESNI_CAPABLE) -int cipher_capable_aes_cbc_hmac_sha256(void) +int ossl_cipher_capable_aes_cbc_hmac_sha256(void) { return 0; } @@ -37,7 +37,7 @@ int aesni_cbc_sha256_enc(const void *inp, void *out, size_t blocks, const AES_KEY *key, unsigned char iv[16], SHA256_CTX *ctx, const void *in0); -int cipher_capable_aes_cbc_hmac_sha256(void) +int ossl_cipher_capable_aes_cbc_hmac_sha256(void) { return AESNI_CBC_HMAC_SHA_CAPABLE && aesni_cbc_sha256_enc(NULL, NULL, 0, NULL, NULL, NULL, NULL); diff --git a/providers/implementations/ciphers/cipher_aes_cts.h b/providers/implementations/ciphers/cipher_aes_cts.h index 6b0dfdd2c1..37dd3df329 100644 --- a/providers/implementations/ciphers/cipher_aes_cts.h +++ b/providers/implementations/ciphers/cipher_aes_cts.h @@ -9,8 +9,8 @@ #include "crypto/evp.h" -OSSL_FUNC_cipher_update_fn aes_cbc_cts_block_update; -OSSL_FUNC_cipher_final_fn aes_cbc_cts_block_final; +OSSL_FUNC_cipher_update_fn ossl_aes_cbc_cts_block_update; +OSSL_FUNC_cipher_final_fn ossl_aes_cbc_cts_block_final; -const char *aes_cbc_cts_mode_id2name(unsigned int id); -int aes_cbc_cts_mode_name2id(const char *name); +const char *ossl_aes_cbc_cts_mode_id2name(unsigned int id); +int ossl_aes_cbc_cts_mode_name2id(const char *name); diff --git a/providers/implementations/ciphers/cipher_aes_cts.inc b/providers/implementations/ciphers/cipher_aes_cts.inc index 5163f938c4..6eb85a083f 100644 --- a/providers/implementations/ciphers/cipher_aes_cts.inc +++ b/providers/implementations/ciphers/cipher_aes_cts.inc @@ -28,14 +28,14 @@ static int aes_cbc_cts_get_ctx_params(void *vctx, OSSL_PARAM params[]) p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_CTS_MODE); if (p != NULL) { - const char *name = aes_cbc_cts_mode_id2name(ctx->cts_mode); + const char *name = ossl_aes_cbc_cts_mode_id2name(ctx->cts_mode); if (name == NULL || !OSSL_PARAM_set_utf8_string(p, name)) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; } } - return cipher_generic_get_ctx_params(vctx, params); + return ossl_cipher_generic_get_ctx_params(vctx, params); } CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(aes_cbc_cts) @@ -52,13 +52,13 @@ static int aes_cbc_cts_set_ctx_params(void *vctx, const OSSL_PARAM params[]) if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING) goto err; - id = aes_cbc_cts_mode_name2id(p->data); + id = ossl_aes_cbc_cts_mode_name2id(p->data); if (id < 0) goto err; ctx->cts_mode = (unsigned int)id; } - return cipher_generic_set_ctx_params(vctx, params); + return ossl_cipher_generic_set_ctx_params(vctx, params); err: ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); return 0; @@ -70,25 +70,25 @@ err: static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ static int alg##_cts_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ - kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ + kbits, blkbits, ivbits); \ } \ const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_cts_functions[] = { \ { OSSL_FUNC_CIPHER_NEWCTX, \ (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit }, \ { OSSL_FUNC_CIPHER_UPDATE, \ - (void (*)(void)) alg##_##lcmode##_cts_block_update }, \ + (void (*)(void)) ossl_##alg##_##lcmode##_cts_block_update }, \ { OSSL_FUNC_CIPHER_FINAL, \ - (void (*)(void)) alg##_##lcmode##_cts_block_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + (void (*)(void)) ossl_##alg##_##lcmode##_cts_block_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_cts_##kbits##_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ (void (*)(void))aes_cbc_cts_get_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ diff --git a/providers/implementations/ciphers/cipher_aes_cts_fips.c b/providers/implementations/ciphers/cipher_aes_cts_fips.c index 81e81ad5f2..48d3ea8b09 100644 --- a/providers/implementations/ciphers/cipher_aes_cts_fips.c +++ b/providers/implementations/ciphers/cipher_aes_cts_fips.c @@ -72,7 +72,7 @@ static CTS_MODE_NAME2ID cts_modes[] = #endif }; -const char *aes_cbc_cts_mode_id2name(unsigned int id) +const char *ossl_aes_cbc_cts_mode_id2name(unsigned int id) { size_t i; @@ -83,7 +83,7 @@ const char *aes_cbc_cts_mode_id2name(unsigned int id) return NULL; } -int aes_cbc_cts_mode_name2id(const char *name) +int ossl_aes_cbc_cts_mode_name2id(const char *name) { size_t i; @@ -307,7 +307,7 @@ static size_t cts128_cs2_decrypt(PROV_CIPHER_CTX *ctx, const unsigned char *in, } #endif -int aes_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *outl, +int ossl_aes_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *outl, size_t outsize, const unsigned char *in, size_t inl) { @@ -360,7 +360,7 @@ int aes_cbc_cts_block_update(void *vctx, unsigned char *out, size_t *outl, return 1; } -int aes_cbc_cts_block_final(void *vctx, unsigned char *out, size_t *outl, +int ossl_aes_cbc_cts_block_final(void *vctx, unsigned char *out, size_t *outl, size_t outsize) { *outl = 0; diff --git a/providers/implementations/ciphers/cipher_aes_hw.c b/providers/implementations/ciphers/cipher_aes_hw.c index 50809313ec..0b6f06f915 100644 --- a/providers/implementations/ciphers/cipher_aes_hw.c +++ b/providers/implementations/ciphers/cipher_aes_hw.c @@ -126,7 +126,7 @@ IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aes_copyctx, PROV_AES_CTX) #define PROV_CIPHER_HW_aes_mode(mode) \ static const PROV_CIPHER_HW aes_##mode = { \ cipher_hw_aes_initkey, \ - cipher_hw_generic_##mode, \ + ossl_cipher_hw_generic_##mode, \ cipher_hw_aes_copyctx \ }; \ PROV_CIPHER_HW_declare(mode) \ diff --git a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc index 8d3aef69b7..22bc1ce1db 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc @@ -12,11 +12,11 @@ * This file is included by cipher_aes_hw.c */ -#define cipher_hw_aesni_ofb128 cipher_hw_generic_ofb128 -#define cipher_hw_aesni_cfb128 cipher_hw_generic_cfb128 -#define cipher_hw_aesni_cfb8 cipher_hw_generic_cfb8 -#define cipher_hw_aesni_cfb1 cipher_hw_generic_cfb1 -#define cipher_hw_aesni_ctr cipher_hw_generic_ctr +#define cipher_hw_aesni_ofb128 ossl_cipher_hw_generic_ofb128 +#define cipher_hw_aesni_cfb128 ossl_cipher_hw_generic_cfb128 +#define cipher_hw_aesni_cfb8 ossl_cipher_hw_generic_cfb8 +#define cipher_hw_aesni_cfb1 ossl_cipher_hw_generic_cfb1 +#define cipher_hw_aesni_ctr ossl_cipher_hw_generic_ctr static int cipher_hw_aesni_initkey(PROV_CIPHER_CTX *dat, const unsigned char *key, size_t keylen) diff --git a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc index 523e869c79..f6f5e68559 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc @@ -17,9 +17,9 @@ #define s390x_aes_cbc_initkey cipher_hw_aes_initkey #define s390x_aes_cfb1_initkey cipher_hw_aes_initkey #define s390x_aes_ctr_initkey cipher_hw_aes_initkey -#define s390x_aes_cbc_cipher_hw cipher_hw_generic_cbc -#define s390x_aes_cfb1_cipher_hw cipher_hw_generic_cfb1 -#define s390x_aes_ctr_cipher_hw cipher_hw_generic_ctr +#define s390x_aes_cbc_cipher_hw ossl_cipher_hw_generic_cbc +#define s390x_aes_cfb1_cipher_hw ossl_cipher_hw_generic_cfb1 +#define s390x_aes_ctr_cipher_hw ossl_cipher_hw_generic_ctr #define S390X_aes_128_ofb128_CAPABLE S390X_aes_128_ofb_CAPABLE #define S390X_aes_192_ofb128_CAPABLE S390X_aes_192_ofb_CAPABLE diff --git a/providers/implementations/ciphers/cipher_aes_ocb.c b/providers/implementations/ciphers/cipher_aes_ocb.c index c96718bf22..7cb3f6a764 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.c +++ b/providers/implementations/ciphers/cipher_aes_ocb.c @@ -122,7 +122,7 @@ static int aes_ocb_init(void *vctx, const unsigned char *key, size_t keylen, } ctx->base.ivlen = ivlen; } - if (!cipher_generic_initiv(&ctx->base, iv, ivlen)) + if (!ossl_cipher_generic_initiv(&ctx->base, iv, ivlen)) return 0; ctx->iv_state = IV_STATE_BUFFERED; } @@ -307,8 +307,8 @@ static void *aes_ocb_newctx(void *provctx, size_t kbits, size_t blkbits, ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { - cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, - ossl_prov_cipher_hw_aes_ocb(kbits), NULL); + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, + ossl_prov_cipher_hw_aes_ocb(kbits), NULL); ctx->taglen = OCB_DEFAULT_TAG_LEN; } return ctx; @@ -320,7 +320,7 @@ static void aes_ocb_freectx(void *vctx) if (ctx != NULL) { aes_generic_ocb_cleanup(ctx); - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } @@ -509,8 +509,8 @@ static int aes_ocb_cipher(void *vctx, unsigned char *out, size_t *outl, static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##mode##_get_params; \ static int aes_##kbits##_##mode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ } \ static OSSL_FUNC_cipher_newctx_fn aes_##kbits##_##mode##_newctx; \ static void *aes_##kbits##_##mode##_newctx(void *provctx) \ @@ -535,7 +535,7 @@ const OSSL_DISPATCH ossl_##aes##kbits##mode##_functions[] = { \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ (void (*)(void))aes_##mode##_set_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ (void (*)(void))cipher_ocb_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c index e427c6baf3..6e986554f1 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.c +++ b/providers/implementations/ciphers/cipher_aes_siv.c @@ -258,7 +258,7 @@ static OSSL_FUNC_cipher_settable_ctx_params_fn \ alg##_##lc##_settable_ctx_params; \ static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ flags, 2*kbits, blkbits, ivbits); \ } \ static void * alg##kbits##lc##_newctx(void *provctx) \ @@ -278,7 +278,7 @@ const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = { \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_##kbits##_##lc##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ (void (*)(void)) alg##_##lc##_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ diff --git a/providers/implementations/ciphers/cipher_aes_wrp.c b/providers/implementations/ciphers/cipher_aes_wrp.c index 50c56eba1f..3918161b46 100644 --- a/providers/implementations/ciphers/cipher_aes_wrp.c +++ b/providers/implementations/ciphers/cipher_aes_wrp.c @@ -59,8 +59,8 @@ static void *aes_wrap_newctx(size_t kbits, size_t blkbits, wctx = OPENSSL_zalloc(sizeof(*wctx)); ctx = (PROV_CIPHER_CTX *)wctx; if (ctx != NULL) { - cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, - NULL, NULL); + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, + NULL, NULL); ctx->pad = (ctx->ivlen == AES_WRAP_PAD_IVLEN); } return wctx; @@ -70,7 +70,7 @@ static void aes_wrap_freectx(void *vctx) { PROV_AES_WRAP_CTX *wctx = (PROV_AES_WRAP_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(wctx, sizeof(*wctx)); } @@ -92,7 +92,7 @@ static int aes_wrap_init(void *vctx, const unsigned char *key, wctx->wrapfn = enc ? CRYPTO_128_wrap : CRYPTO_128_unwrap; if (iv != NULL) { - if (!cipher_generic_initiv(ctx, iv, ivlen)) + if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) return 0; } if (key != NULL) { @@ -228,8 +228,8 @@ static int aes_wrap_set_ctx_params(void *vctx, const OSSL_PARAM params[]) static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##fname##_get_params; \ static int aes_##kbits##_##fname##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ - flags, kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE,\ + flags, kbits, blkbits, ivbits); \ } \ static OSSL_FUNC_cipher_newctx_fn aes_##kbits##fname##_newctx; \ static void *aes_##kbits##fname##_newctx(void *provctx) \ @@ -248,15 +248,15 @@ static int aes_wrap_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void))aes_##kbits##_##fname##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_get_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ (void (*)(void))aes_wrap_set_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_gettable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ { 0, NULL } \ } diff --git a/providers/implementations/ciphers/cipher_aes_xts.c b/providers/implementations/ciphers/cipher_aes_xts.c index ca40bbde0e..7ccad56198 100644 --- a/providers/implementations/ciphers/cipher_aes_xts.c +++ b/providers/implementations/ciphers/cipher_aes_xts.c @@ -82,7 +82,7 @@ static int aes_xts_init(void *vctx, const unsigned char *key, size_t keylen, ctx->enc = enc; if (iv != NULL) { - if (!cipher_generic_initiv(vctx, iv, ivlen)) + if (!ossl_cipher_generic_initiv(vctx, iv, ivlen)) return 0; } if (key != NULL) { @@ -115,8 +115,9 @@ static void *aes_xts_newctx(void *provctx, unsigned int mode, uint64_t flags, PROV_AES_XTS_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { - cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, mode, flags, - ossl_prov_cipher_hw_aes_xts(kbits), NULL); + ossl_cipher_generic_initkey(&ctx->base, kbits, blkbits, ivbits, mode, + flags, ossl_prov_cipher_hw_aes_xts(kbits), + NULL); } return ctx; } @@ -125,7 +126,7 @@ static void aes_xts_freectx(void *vctx) { PROV_AES_XTS_CTX *ctx = (PROV_AES_XTS_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } @@ -256,7 +257,7 @@ static int aes_xts_set_ctx_params(void *vctx, const OSSL_PARAM params[]) static OSSL_FUNC_cipher_get_params_fn aes_##kbits##_##lcmode##_get_params; \ static int aes_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ flags, 2 * kbits, AES_XTS_BLOCK_BITS, \ AES_XTS_IV_BITS); \ } \ @@ -278,11 +279,11 @@ const OSSL_DISPATCH ossl_aes##kbits##xts_functions[] = { \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void))aes_##kbits##_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_get_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_gettable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ (void (*)(void))aes_xts_set_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ diff --git a/providers/implementations/ciphers/cipher_aria.c b/providers/implementations/ciphers/cipher_aria.c index a85162fad5..be69c39bab 100644 --- a/providers/implementations/ciphers/cipher_aria.c +++ b/providers/implementations/ciphers/cipher_aria.c @@ -20,7 +20,7 @@ static void aria_freectx(void *vctx) { PROV_ARIA_CTX *ctx = (PROV_ARIA_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_aria_hw.c b/providers/implementations/ciphers/cipher_aria_hw.c index 6486474ec2..e5490e68b4 100644 --- a/providers/implementations/ciphers/cipher_aria_hw.c +++ b/providers/implementations/ciphers/cipher_aria_hw.c @@ -34,7 +34,7 @@ IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_aria_copyctx, PROV_ARIA_CTX) # define PROV_CIPHER_HW_aria_mode(mode) \ static const PROV_CIPHER_HW aria_##mode = { \ cipher_hw_aria_initkey, \ - cipher_hw_chunked_##mode, \ + ossl_cipher_hw_chunked_##mode, \ cipher_hw_aria_copyctx \ }; \ const PROV_CIPHER_HW *ossl_prov_cipher_hw_aria_##mode(size_t keybits) \ diff --git a/providers/implementations/ciphers/cipher_blowfish.c b/providers/implementations/ciphers/cipher_blowfish.c index f4ab8f5352..6320f560a0 100644 --- a/providers/implementations/ciphers/cipher_blowfish.c +++ b/providers/implementations/ciphers/cipher_blowfish.c @@ -28,7 +28,7 @@ static void blowfish_freectx(void *vctx) { PROV_BLOWFISH_CTX *ctx = (PROV_BLOWFISH_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_camellia.c b/providers/implementations/ciphers/cipher_camellia.c index 90cb1c18be..02bef547fd 100644 --- a/providers/implementations/ciphers/cipher_camellia.c +++ b/providers/implementations/ciphers/cipher_camellia.c @@ -26,7 +26,7 @@ static void camellia_freectx(void *vctx) { PROV_CAMELLIA_CTX *ctx = (PROV_CAMELLIA_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_camellia_hw.c b/providers/implementations/ciphers/cipher_camellia_hw.c index af4db4405a..e8ada99a7e 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw.c +++ b/providers/implementations/ciphers/cipher_camellia_hw.c @@ -54,7 +54,7 @@ IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_camellia_copyctx, PROV_CAMELLIA_CTX) #define PROV_CIPHER_HW_camellia_mode(mode) \ static const PROV_CIPHER_HW camellia_##mode = { \ cipher_hw_camellia_initkey, \ - cipher_hw_generic_##mode, \ + ossl_cipher_hw_generic_##mode, \ cipher_hw_camellia_copyctx \ }; \ PROV_CIPHER_HW_declare(mode) \ diff --git a/providers/implementations/ciphers/cipher_cast5.c b/providers/implementations/ciphers/cipher_cast5.c index 1551f690ad..7c686013d8 100644 --- a/providers/implementations/ciphers/cipher_cast5.c +++ b/providers/implementations/ciphers/cipher_cast5.c @@ -29,7 +29,7 @@ static void cast5_freectx(void *vctx) { PROV_CAST_CTX *ctx = (PROV_CAST_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_chacha20.c b/providers/implementations/ciphers/cipher_chacha20.c index 89493c3fbc..8e0727ae47 100644 --- a/providers/implementations/ciphers/cipher_chacha20.c +++ b/providers/implementations/ciphers/cipher_chacha20.c @@ -27,19 +27,19 @@ static OSSL_FUNC_cipher_get_ctx_params_fn chacha20_get_ctx_params; static OSSL_FUNC_cipher_set_ctx_params_fn chacha20_set_ctx_params; static OSSL_FUNC_cipher_gettable_ctx_params_fn chacha20_gettable_ctx_params; static OSSL_FUNC_cipher_settable_ctx_params_fn chacha20_settable_ctx_params; -#define chacha20_cipher cipher_generic_cipher -#define chacha20_update cipher_generic_stream_update -#define chacha20_final cipher_generic_stream_final -#define chacha20_gettable_params cipher_generic_gettable_params +#define chacha20_cipher ossl_cipher_generic_cipher +#define chacha20_update ossl_cipher_generic_stream_update +#define chacha20_final ossl_cipher_generic_stream_final +#define chacha20_gettable_params ossl_cipher_generic_gettable_params void chacha20_initctx(PROV_CHACHA20_CTX *ctx) { - cipher_generic_initkey(ctx, CHACHA20_KEYLEN * 8, - CHACHA20_BLKLEN * 8, - CHACHA20_IVLEN * 8, - 0, CHACHA20_FLAGS, - ossl_prov_cipher_hw_chacha20(CHACHA20_KEYLEN * 8), - NULL); + ossl_cipher_generic_initkey(ctx, CHACHA20_KEYLEN * 8, + CHACHA20_BLKLEN * 8, + CHACHA20_IVLEN * 8, + 0, CHACHA20_FLAGS, + ossl_prov_cipher_hw_chacha20(CHACHA20_KEYLEN * 8), + NULL); } static void *chacha20_newctx(void *provctx) @@ -60,17 +60,17 @@ static void chacha20_freectx(void *vctx) PROV_CHACHA20_CTX *ctx = (PROV_CHACHA20_CTX *)vctx; if (ctx != NULL) { - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } static int chacha20_get_params(OSSL_PARAM params[]) { - return cipher_generic_get_params(params, 0, CHACHA20_FLAGS, - CHACHA20_KEYLEN * 8, - CHACHA20_BLKLEN * 8, - CHACHA20_IVLEN * 8); + return ossl_cipher_generic_get_params(params, 0, CHACHA20_FLAGS, + CHACHA20_KEYLEN * 8, + CHACHA20_BLKLEN * 8, + CHACHA20_IVLEN * 8); } static int chacha20_get_ctx_params(void *vctx, OSSL_PARAM params[]) @@ -147,7 +147,7 @@ int chacha20_einit(void *vctx, const unsigned char *key, size_t keylen, int ret; /* The generic function checks for ossl_prov_is_running() */ - ret= cipher_generic_einit(vctx, key, keylen, iv, ivlen); + ret= ossl_cipher_generic_einit(vctx, key, keylen, iv, ivlen); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; PROV_CIPHER_HW_CHACHA20 *hw = (PROV_CIPHER_HW_CHACHA20 *)ctx->hw; @@ -163,7 +163,7 @@ int chacha20_dinit(void *vctx, const unsigned char *key, size_t keylen, int ret; /* The generic function checks for ossl_prov_is_running() */ - ret= cipher_generic_dinit(vctx, key, keylen, iv, ivlen); + ret= ossl_cipher_generic_dinit(vctx, key, keylen, iv, ivlen); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; PROV_CIPHER_HW_CHACHA20 *hw = (PROV_CIPHER_HW_CHACHA20 *)ctx->hw; diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.c b/providers/implementations/ciphers/cipher_chacha20_poly1305.c index 474d43b7fe..7a9cc5c20f 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.c +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.c @@ -38,8 +38,8 @@ static OSSL_FUNC_cipher_set_ctx_params_fn chacha20_poly1305_set_ctx_params; static OSSL_FUNC_cipher_cipher_fn chacha20_poly1305_cipher; static OSSL_FUNC_cipher_final_fn chacha20_poly1305_final; static OSSL_FUNC_cipher_gettable_ctx_params_fn chacha20_poly1305_gettable_ctx_params; -#define chacha20_poly1305_settable_ctx_params cipher_aead_settable_ctx_params -#define chacha20_poly1305_gettable_params cipher_generic_gettable_params +#define chacha20_poly1305_settable_ctx_params ossl_cipher_aead_settable_ctx_params +#define chacha20_poly1305_gettable_params ossl_cipher_generic_gettable_params #define chacha20_poly1305_update chacha20_poly1305_cipher static void *chacha20_poly1305_newctx(void *provctx) @@ -51,14 +51,14 @@ static void *chacha20_poly1305_newctx(void *provctx) ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) { - cipher_generic_initkey(&ctx->base, CHACHA20_POLY1305_KEYLEN * 8, - CHACHA20_POLY1305_BLKLEN * 8, - CHACHA20_POLY1305_IVLEN * 8, - CHACHA20_POLY1305_MODE, - CHACHA20_POLY1305_FLAGS, - ossl_prov_cipher_hw_chacha20_poly1305( - CHACHA20_POLY1305_KEYLEN * 8), - NULL); + ossl_cipher_generic_initkey(&ctx->base, CHACHA20_POLY1305_KEYLEN * 8, + CHACHA20_POLY1305_BLKLEN * 8, + CHACHA20_POLY1305_IVLEN * 8, + CHACHA20_POLY1305_MODE, + CHACHA20_POLY1305_FLAGS, + ossl_prov_cipher_hw_chacha20_poly1305( + CHACHA20_POLY1305_KEYLEN * 8), + NULL); ctx->nonce_len = CHACHA20_POLY1305_IVLEN; ctx->tls_payload_length = NO_TLS_PAYLOAD_LENGTH; chacha20_initctx(&ctx->chacha); @@ -71,17 +71,17 @@ static void chacha20_poly1305_freectx(void *vctx) PROV_CHACHA20_POLY1305_CTX *ctx = (PROV_CHACHA20_POLY1305_CTX *)vctx; if (ctx != NULL) { - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } } static int chacha20_poly1305_get_params(OSSL_PARAM params[]) { - return cipher_generic_get_params(params, 0, CHACHA20_POLY1305_FLAGS, - CHACHA20_POLY1305_KEYLEN * 8, - CHACHA20_POLY1305_BLKLEN * 8, - CHACHA20_POLY1305_IVLEN * 8); + return ossl_cipher_generic_get_params(params, 0, CHACHA20_POLY1305_FLAGS, + CHACHA20_POLY1305_KEYLEN * 8, + CHACHA20_POLY1305_BLKLEN * 8, + CHACHA20_POLY1305_IVLEN * 8); } static int chacha20_poly1305_get_ctx_params(void *vctx, OSSL_PARAM params[]) @@ -235,7 +235,7 @@ static int chacha20_poly1305_einit(void *vctx, const unsigned char *key, int ret; /* The generic function checks for ossl_prov_is_running() */ - ret = cipher_generic_einit(vctx, key, keylen, iv, ivlen); + ret = ossl_cipher_generic_einit(vctx, key, keylen, iv, ivlen); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = @@ -253,7 +253,7 @@ static int chacha20_poly1305_dinit(void *vctx, const unsigned char *key, int ret; /* The generic function checks for ossl_prov_is_running() */ - ret = cipher_generic_dinit(vctx, key, keylen, iv, ivlen); + ret = ossl_cipher_generic_dinit(vctx, key, keylen, iv, ivlen); if (ret && iv != NULL) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; PROV_CIPHER_HW_CHACHA20_POLY1305 *hw = diff --git a/providers/implementations/ciphers/cipher_des.c b/providers/implementations/ciphers/cipher_des.c index 7b6f2d7da5..345adfab60 100644 --- a/providers/implementations/ciphers/cipher_des.c +++ b/providers/implementations/ciphers/cipher_des.c @@ -40,8 +40,8 @@ static void *des_newctx(void *provctx, size_t kbits, size_t blkbits, ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) - cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, hw, - provctx); + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, mode, flags, + hw, provctx); return ctx; } @@ -67,7 +67,7 @@ static void des_freectx(void *vctx) { PROV_DES_CTX *ctx = (PROV_DES_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } @@ -84,7 +84,7 @@ static int des_init(void *vctx, const unsigned char *key, size_t keylen, ctx->enc = enc; if (iv != NULL) { - if (!cipher_generic_initiv(ctx, iv, ivlen)) + if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) return 0; } @@ -131,7 +131,7 @@ static int des_get_ctx_params(void *vctx, OSSL_PARAM params[]) PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; OSSL_PARAM *p; - if (!cipher_generic_get_ctx_params(vctx, params)) + if (!ossl_cipher_generic_get_ctx_params(vctx, params)) return 0; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY); @@ -154,16 +154,16 @@ static void *des_##lcmode##_newctx(void *provctx) \ static OSSL_FUNC_cipher_get_params_fn des_##lcmode##_get_params; \ static int des_##lcmode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ - kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ } \ const OSSL_DISPATCH ossl_##des_##lcmode##_functions[] = { \ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))des_einit }, \ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))des_dinit }, \ { OSSL_FUNC_CIPHER_UPDATE, \ - (void (*)(void))cipher_generic_##block##_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##block##_final },\ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + (void (*)(void))ossl_cipher_generic_##block##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##block##_final },\ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_NEWCTX, \ (void (*)(void))des_##lcmode##_newctx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))des_dupctx }, \ @@ -171,14 +171,14 @@ const OSSL_DISPATCH ossl_##des_##lcmode##_functions[] = { \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void))des_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))des_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ (void (*)(void))des_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_set_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ { 0, NULL } \ } diff --git a/providers/implementations/ciphers/cipher_idea.c b/providers/implementations/ciphers/cipher_idea.c index 624c8cb8fc..bc716290a4 100644 --- a/providers/implementations/ciphers/cipher_idea.c +++ b/providers/implementations/ciphers/cipher_idea.c @@ -27,7 +27,7 @@ static void idea_freectx(void *vctx) { PROV_IDEA_CTX *ctx = (PROV_IDEA_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_null.c b/providers/implementations/ciphers/cipher_null.c index ce8edcf785..c3ebb25c28 100644 --- a/providers/implementations/ciphers/cipher_null.c +++ b/providers/implementations/ciphers/cipher_null.c @@ -100,7 +100,7 @@ static int null_final(void *vctx, unsigned char *out, size_t *outl, static OSSL_FUNC_cipher_get_params_fn null_get_params; static int null_get_params(OSSL_PARAM params[]) { - return cipher_generic_get_params(params, 0, 0, 0, 8, 0); + return ossl_cipher_generic_get_params(params, 0, 0, 0, 8, 0); } static const OSSL_PARAM null_known_gettable_ctx_params[] = { @@ -182,7 +182,7 @@ const OSSL_DISPATCH ossl_null_functions[] = { { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))null_cipher }, { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void)) null_get_params }, { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, - (void (*)(void))cipher_generic_gettable_params }, + (void (*)(void))ossl_cipher_generic_gettable_params }, { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))null_get_ctx_params }, { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, (void (*)(void))null_gettable_ctx_params }, diff --git a/providers/implementations/ciphers/cipher_rc2.c b/providers/implementations/ciphers/cipher_rc2.c index 2a303ceef4..b7c244f245 100644 --- a/providers/implementations/ciphers/cipher_rc2.c +++ b/providers/implementations/ciphers/cipher_rc2.c @@ -33,7 +33,7 @@ static void rc2_freectx(void *vctx) { PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } @@ -88,7 +88,7 @@ static int rc2_get_ctx_params(void *vctx, OSSL_PARAM params[]) PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; OSSL_PARAM *p; - if (!cipher_generic_get_ctx_params(vctx, params)) + if (!ossl_cipher_generic_get_ctx_params(vctx, params)) return 0; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RC2_KEYBITS); if (p != NULL && !OSSL_PARAM_set_size_t(p, ctx->key_bits)) { @@ -142,7 +142,7 @@ static int rc2_set_ctx_params(void *vctx, OSSL_PARAM params[]) PROV_RC2_CTX *ctx = (PROV_RC2_CTX *)vctx; const OSSL_PARAM *p; - if (!cipher_var_keylen_set_ctx_params(vctx, params)) + if (!ossl_cipher_var_keylen_set_ctx_params(vctx, params)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_RC2_KEYBITS); if (p != NULL) { @@ -165,7 +165,7 @@ static int rc2_set_ctx_params(void *vctx, OSSL_PARAM params[]) || ((size_t)ASN1_TYPE_get_int_octetstring(type, &num, iv, ctx->base.ivlen) != ctx->base.ivlen) - || !cipher_generic_initiv(&ctx->base, iv, ctx->base.ivlen) + || !ossl_cipher_generic_initiv(&ctx->base, iv, ctx->base.ivlen) || (ctx->key_bits = rc2_magic_to_keybits(num)) == 0) { ERR_raise(ERR_LIB_PROV, PROV_R_FAILED_TO_SET_PARAMETER); ret = 0; @@ -197,18 +197,18 @@ CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(rc2) static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ - kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ } \ static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \ { \ PROV_##UCALG##_CTX *ctx; \ - if (!ossl_prov_is_running()) \ + if (!ossl_prov_is_running()) \ return NULL; \ ctx = OPENSSL_zalloc(sizeof(*ctx)); \ if (ctx != NULL) { \ - cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ EVP_CIPH_##UCMODE##_MODE, flags, \ ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ NULL); \ @@ -221,15 +221,15 @@ const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ (void (*)(void))rc2_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ diff --git a/providers/implementations/ciphers/cipher_rc4.c b/providers/implementations/ciphers/cipher_rc4.c index d92d036ab5..91644fca59 100644 --- a/providers/implementations/ciphers/cipher_rc4.c +++ b/providers/implementations/ciphers/cipher_rc4.c @@ -29,7 +29,7 @@ static void rc4_freectx(void *vctx) { PROV_RC4_CTX *ctx = (PROV_RC4_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } @@ -55,19 +55,19 @@ static void *rc4_dupctx(void *ctx) static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_get_params; \ static int alg##_##kbits##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, 0, flags, \ + return ossl_cipher_generic_get_params(params, 0, flags, \ kbits, blkbits, ivbits); \ } \ static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_newctx; \ static void * alg##_##kbits##_newctx(void *provctx) \ { \ PROV_##UCALG##_CTX *ctx; \ - if (!ossl_prov_is_running()) \ + if (!ossl_prov_is_running()) \ return NULL; \ ctx = OPENSSL_zalloc(sizeof(*ctx)); \ if (ctx != NULL) { \ - cipher_generic_initkey(ctx, kbits, blkbits, ivbits, 0, flags, \ - ossl_prov_cipher_hw_##alg(kbits), NULL); \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, 0, flags, \ + ossl_prov_cipher_hw_##alg(kbits), NULL); \ } \ return ctx; \ } \ @@ -76,23 +76,23 @@ const OSSL_DISPATCH ossl_##alg##kbits##_functions[] = { \ (void (*)(void)) alg##_##kbits##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_##kbits##_get_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_get_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))cipher_var_keylen_set_ctx_params }, \ + (void (*)(void))ossl_cipher_var_keylen_set_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_gettable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_var_keylen_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_var_keylen_settable_ctx_params }, \ { 0, NULL } \ }; diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c index 964597beba..69d47b03fe 100644 --- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.c +++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.c @@ -38,12 +38,12 @@ static OSSL_FUNC_cipher_gettable_ctx_params_fn rc4_hmac_md5_gettable_ctx_params; static OSSL_FUNC_cipher_set_ctx_params_fn rc4_hmac_md5_set_ctx_params; static OSSL_FUNC_cipher_settable_ctx_params_fn rc4_hmac_md5_settable_ctx_params; static OSSL_FUNC_cipher_get_params_fn rc4_hmac_md5_get_params; -#define rc4_hmac_md5_gettable_params cipher_generic_gettable_params -#define rc4_hmac_md5_einit cipher_generic_einit -#define rc4_hmac_md5_dinit cipher_generic_dinit -#define rc4_hmac_md5_update cipher_generic_stream_update -#define rc4_hmac_md5_final cipher_generic_stream_final -#define rc4_hmac_md5_cipher cipher_generic_cipher +#define rc4_hmac_md5_gettable_params ossl_cipher_generic_gettable_params +#define rc4_hmac_md5_einit ossl_cipher_generic_einit +#define rc4_hmac_md5_dinit ossl_cipher_generic_dinit +#define rc4_hmac_md5_update ossl_cipher_generic_stream_update +#define rc4_hmac_md5_final ossl_cipher_generic_stream_final +#define rc4_hmac_md5_cipher ossl_cipher_generic_cipher static void *rc4_hmac_md5_newctx(void *provctx) { @@ -54,12 +54,13 @@ static void *rc4_hmac_md5_newctx(void *provctx) ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL) - cipher_generic_initkey(ctx, RC4_HMAC_MD5_KEY_BITS, - RC4_HMAC_MD5_BLOCK_BITS, - RC4_HMAC_MD5_IV_BITS, - RC4_HMAC_MD5_MODE, RC4_HMAC_MD5_FLAGS, - ossl_prov_cipher_hw_rc4_hmac_md5(RC4_HMAC_MD5_KEY_BITS), - NULL); + ossl_cipher_generic_initkey(ctx, RC4_HMAC_MD5_KEY_BITS, + RC4_HMAC_MD5_BLOCK_BITS, + RC4_HMAC_MD5_IV_BITS, + RC4_HMAC_MD5_MODE, RC4_HMAC_MD5_FLAGS, + ossl_prov_cipher_hw_rc4_hmac_md5( + RC4_HMAC_MD5_KEY_BITS + ), NULL); return ctx; } @@ -67,7 +68,7 @@ static void rc4_hmac_md5_freectx(void *vctx) { PROV_RC4_HMAC_MD5_CTX *ctx = (PROV_RC4_HMAC_MD5_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } @@ -173,7 +174,7 @@ static int rc4_hmac_md5_set_ctx_params(void *vctx, const OSSL_PARAM params[]) static int rc4_hmac_md5_get_params(OSSL_PARAM params[]) { - return cipher_generic_get_params(params, RC4_HMAC_MD5_MODE, + return ossl_cipher_generic_get_params(params, RC4_HMAC_MD5_MODE, RC4_HMAC_MD5_FLAGS, RC4_HMAC_MD5_KEY_BITS, RC4_HMAC_MD5_BLOCK_BITS, diff --git a/providers/implementations/ciphers/cipher_rc5.c b/providers/implementations/ciphers/cipher_rc5.c index dba0a3aaae..80de5f4bdd 100644 --- a/providers/implementations/ciphers/cipher_rc5.c +++ b/providers/implementations/ciphers/cipher_rc5.c @@ -29,7 +29,7 @@ static void rc5_freectx(void *vctx) { PROV_RC5_CTX *ctx = (PROV_RC5_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } @@ -56,7 +56,7 @@ static int rc5_set_ctx_params(void *vctx, const OSSL_PARAM params[]) PROV_RC5_CTX *ctx = (PROV_RC5_CTX *)vctx; const OSSL_PARAM *p; - if (!cipher_var_keylen_set_ctx_params(vctx, params)) + if (!ossl_cipher_var_keylen_set_ctx_params(vctx, params)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_ROUNDS); @@ -93,7 +93,7 @@ static int rc5_get_ctx_params(void *vctx, OSSL_PARAM params[]) PROV_RC5_CTX *ctx = (PROV_RC5_CTX *)vctx; OSSL_PARAM *p; - if (!cipher_generic_get_ctx_params(vctx, params)) + if (!ossl_cipher_generic_get_ctx_params(vctx, params)) return 0; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_ROUNDS); if (p != NULL && !OSSL_PARAM_set_uint(p, ctx->rounds)) { @@ -108,20 +108,20 @@ static int rc5_get_ctx_params(void *vctx, OSSL_PARAM params[]) static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ - kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ } \ static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \ { \ PROV_##UCALG##_CTX *ctx; \ - if (!ossl_prov_is_running()) \ + if (!ossl_prov_is_running()) \ return NULL; \ ctx = OPENSSL_zalloc(sizeof(*ctx)); \ if (ctx != NULL) { \ - cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags, \ - ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags, \ + ossl_prov_cipher_hw_##alg##_##lcmode(kbits),\ NULL); \ ctx->rounds = RC5_12_ROUNDS; \ } \ @@ -132,15 +132,15 @@ const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit },\ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit },\ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ (void (*)(void))rc5_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ diff --git a/providers/implementations/ciphers/cipher_seed.c b/providers/implementations/ciphers/cipher_seed.c index c91e776f31..bae6a8e530 100644 --- a/providers/implementations/ciphers/cipher_seed.c +++ b/providers/implementations/ciphers/cipher_seed.c @@ -26,7 +26,7 @@ static void seed_freectx(void *vctx) { PROV_SEED_CTX *ctx = (PROV_SEED_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_sm4.c b/providers/implementations/ciphers/cipher_sm4.c index 011d36ab71..6cf2731c6d 100644 --- a/providers/implementations/ciphers/cipher_sm4.c +++ b/providers/implementations/ciphers/cipher_sm4.c @@ -20,7 +20,7 @@ static void sm4_freectx(void *vctx) { PROV_SM4_CTX *ctx = (PROV_SM4_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } diff --git a/providers/implementations/ciphers/cipher_sm4_hw.c b/providers/implementations/ciphers/cipher_sm4_hw.c index bc13517186..49cde3421d 100644 --- a/providers/implementations/ciphers/cipher_sm4_hw.c +++ b/providers/implementations/ciphers/cipher_sm4_hw.c @@ -31,7 +31,7 @@ IMPLEMENT_CIPHER_HW_COPYCTX(cipher_hw_sm4_copyctx, PROV_SM4_CTX) # define PROV_CIPHER_HW_sm4_mode(mode) \ static const PROV_CIPHER_HW sm4_##mode = { \ cipher_hw_sm4_initkey, \ - cipher_hw_chunked_##mode, \ + ossl_cipher_hw_chunked_##mode, \ cipher_hw_sm4_copyctx \ }; \ const PROV_CIPHER_HW *ossl_prov_cipher_hw_sm4_##mode(size_t keybits) \ diff --git a/providers/implementations/ciphers/cipher_tdes.h b/providers/implementations/ciphers/cipher_tdes.h index d3500e71ce..081a00fffa 100644 --- a/providers/implementations/ciphers/cipher_tdes.h +++ b/providers/implementations/ciphers/cipher_tdes.h @@ -30,28 +30,28 @@ typedef struct prov_tdes_ctx_st { } PROV_TDES_CTX; -#define IMPLEMENT_tdes_cipher(type, UCTYPE, lcmode, UCMODE, flags, \ +#define IMPLEMENT_tdes_cipher(type, UCTYPE, lcmode, UCMODE, flags, \ kbits, blkbits, ivbits, block) \ -static OSSL_FUNC_cipher_newctx_fn tdes_##type##_##lcmode##_newctx; \ +static OSSL_FUNC_cipher_newctx_fn tdes_##type##_##lcmode##_newctx; \ static void *tdes_##type##_##lcmode##_newctx(void *provctx) \ { \ return tdes_newctx(provctx, EVP_CIPH_##UCMODE##_MODE, kbits, blkbits, \ ivbits, flags, \ ossl_prov_cipher_hw_tdes_##type##_##lcmode()); \ } \ -static OSSL_FUNC_cipher_get_params_fn tdes_##type##_##lcmode##_get_params; \ +static OSSL_FUNC_cipher_get_params_fn tdes_##type##_##lcmode##_get_params; \ static int tdes_##type##_##lcmode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ - kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ } \ const OSSL_DISPATCH ossl_tdes_##type##_##lcmode##_functions[] = { \ { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))tdes_einit }, \ { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))tdes_dinit }, \ { OSSL_FUNC_CIPHER_UPDATE, \ - (void (*)(void))cipher_generic_##block##_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##block##_final },\ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + (void (*)(void))ossl_cipher_generic_##block##_update }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##block##_final },\ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_NEWCTX, \ (void (*)(void))tdes_##type##_##lcmode##_newctx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void))tdes_dupctx }, \ @@ -59,14 +59,14 @@ const OSSL_DISPATCH ossl_tdes_##type##_##lcmode##_functions[] = { \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void))tdes_##type##_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))tdes_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ (void (*)(void))tdes_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_set_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ { 0, NULL } \ } @@ -79,24 +79,25 @@ OSSL_FUNC_cipher_decrypt_init_fn tdes_dinit; OSSL_FUNC_cipher_get_ctx_params_fn tdes_get_ctx_params; OSSL_FUNC_cipher_gettable_ctx_params_fn tdes_gettable_ctx_params; -#define PROV_CIPHER_HW_tdes_mode(type, mode) \ +#define PROV_CIPHER_HW_tdes_mode(type, mode) \ static const PROV_CIPHER_HW type##_##mode = { \ - cipher_hw_tdes_##type##_initkey, \ - cipher_hw_tdes_##mode, \ - cipher_hw_tdes_copyctx \ + ossl_cipher_hw_tdes_##type##_initkey, \ + ossl_cipher_hw_tdes_##mode, \ + ossl_cipher_hw_tdes_copyctx \ }; \ const PROV_CIPHER_HW *ossl_prov_cipher_hw_tdes_##type##_##mode(void) \ { \ return &type##_##mode; \ } -int cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, const unsigned char *key, - size_t keylen); -void cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, const PROV_CIPHER_CTX *src); -int cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl); -int cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len); +int ossl_cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, + const unsigned char *key, size_t keylen); +void ossl_cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, + const PROV_CIPHER_CTX *src); +int ossl_cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl); +int ossl_cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len); const PROV_CIPHER_HW *ossl_prov_cipher_hw_tdes_ede3_cbc(void); const PROV_CIPHER_HW *ossl_prov_cipher_hw_tdes_ede3_ecb(void); diff --git a/providers/implementations/ciphers/cipher_tdes_common.c b/providers/implementations/ciphers/cipher_tdes_common.c index 1340c6034b..17b8ce40b0 100644 --- a/providers/implementations/ciphers/cipher_tdes_common.c +++ b/providers/implementations/ciphers/cipher_tdes_common.c @@ -30,8 +30,8 @@ void *tdes_newctx(void *provctx, int mode, size_t kbits, size_t blkbits, tctx = OPENSSL_zalloc(sizeof(*tctx)); if (tctx != NULL) - cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags, hw, - provctx); + ossl_cipher_generic_initkey(tctx, kbits, blkbits, ivbits, mode, flags, + hw, provctx); return tctx; } @@ -57,7 +57,7 @@ void tdes_freectx(void *vctx) { PROV_TDES_CTX *ctx = (PROV_TDES_CTX *)vctx; - cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); + ossl_cipher_generic_reset_ctx((PROV_CIPHER_CTX *)vctx); OPENSSL_clear_free(ctx, sizeof(*ctx)); } @@ -74,7 +74,7 @@ static int tdes_init(void *vctx, const unsigned char *key, size_t keylen, ctx->enc = enc; if (iv != NULL) { - if (!cipher_generic_initiv(ctx, iv, ivlen)) + if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) return 0; } @@ -127,7 +127,7 @@ int tdes_get_ctx_params(void *vctx, OSSL_PARAM params[]) PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; OSSL_PARAM *p; - if (!cipher_generic_get_ctx_params(vctx, params)) + if (!ossl_cipher_generic_get_ctx_params(vctx, params)) return 0; p = OSSL_PARAM_locate(params, OSSL_CIPHER_PARAM_RANDOM_KEY); diff --git a/providers/implementations/ciphers/cipher_tdes_default_hw.c b/providers/implementations/ciphers/cipher_tdes_default_hw.c index 4bb99bd327..b7c7ea11f7 100644 --- a/providers/implementations/ciphers/cipher_tdes_default_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_default_hw.c @@ -19,8 +19,9 @@ #define ks2 tks.ks[1] #define ks3 tks.ks[2] -static int cipher_hw_tdes_ede2_initkey(PROV_CIPHER_CTX *ctx, - const unsigned char *key, size_t keylen) +static int ossl_cipher_hw_tdes_ede2_initkey(PROV_CIPHER_CTX *ctx, + const unsigned char *key, + size_t keylen) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; DES_cblock *deskey = (DES_cblock *)key; @@ -44,8 +45,8 @@ static int cipher_hw_tdes_ede2_initkey(PROV_CIPHER_CTX *ctx, return 1; } -static int cipher_hw_tdes_ofb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossl_cipher_hw_tdes_ofb(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; int num = ctx->num; @@ -65,8 +66,8 @@ static int cipher_hw_tdes_ofb(PROV_CIPHER_CTX *ctx, unsigned char *out, return 1; } -static int cipher_hw_tdes_cfb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossl_cipher_hw_tdes_cfb(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; int num = ctx->num; @@ -93,8 +94,8 @@ static int cipher_hw_tdes_cfb(PROV_CIPHER_CTX *ctx, unsigned char *out, * Although we have a CFB-r implementation for 3-DES, it doesn't pack the * right way, so wrap it here */ -static int cipher_hw_tdes_cfb1(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossl_cipher_hw_tdes_cfb1(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; size_t n; @@ -114,8 +115,8 @@ static int cipher_hw_tdes_cfb1(PROV_CIPHER_CTX *ctx, unsigned char *out, return 1; } -static int cipher_hw_tdes_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +static int ossl_cipher_hw_tdes_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; diff --git a/providers/implementations/ciphers/cipher_tdes_hw.c b/providers/implementations/ciphers/cipher_tdes_hw.c index 82f232a602..4382969f44 100644 --- a/providers/implementations/ciphers/cipher_tdes_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_hw.c @@ -20,8 +20,8 @@ #define ks2 tks.ks[1] #define ks3 tks.ks[2] -int cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, const unsigned char *key, - size_t keylen) +int ossl_cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, + const unsigned char *key, size_t keylen) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; DES_cblock *deskey = (DES_cblock *)key; @@ -45,7 +45,8 @@ int cipher_hw_tdes_ede3_initkey(PROV_CIPHER_CTX *ctx, const unsigned char *key, return 1; } -void cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, const PROV_CIPHER_CTX *src) +void ossl_cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, + const PROV_CIPHER_CTX *src) { PROV_TDES_CTX *sctx = (PROV_TDES_CTX *)src; PROV_TDES_CTX *dctx = (PROV_TDES_CTX *)dst; @@ -54,8 +55,8 @@ void cipher_hw_tdes_copyctx(PROV_CIPHER_CTX *dst, const PROV_CIPHER_CTX *src) dst->ks = &dctx->tks.ks; } -int cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t inl) +int ossl_cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t inl) { PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; @@ -77,8 +78,8 @@ int cipher_hw_tdes_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, return 1; } -int cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) +int ossl_cipher_hw_tdes_ecb(PROV_CIPHER_CTX *ctx, unsigned char *out, + const unsigned char *in, size_t len) { size_t i; PROV_TDES_CTX *tctx = (PROV_TDES_CTX *)ctx; diff --git a/providers/implementations/ciphers/cipher_tdes_wrap.c b/providers/implementations/ciphers/cipher_tdes_wrap.c index 2c8450586a..6d908a3ed5 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap.c @@ -180,8 +180,8 @@ static void *tdes_wrap_newctx(void *provctx) \ static OSSL_FUNC_cipher_get_params_fn tdes_wrap_get_params; \ static int tdes_wrap_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_WRAP_MODE, flags, \ - kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_WRAP_MODE, flags, \ + kbits, blkbits, ivbits); \ } \ const OSSL_DISPATCH ossl_tdes_wrap_cbc_functions[] = \ { \ @@ -191,17 +191,17 @@ const OSSL_DISPATCH ossl_tdes_wrap_cbc_functions[] = \ { OSSL_FUNC_CIPHER_NEWCTX, (void (*)(void))tdes_wrap_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void))tdes_freectx }, \ { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))tdes_wrap_update }, \ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_stream_final }, \ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_stream_final },\ { OSSL_FUNC_CIPHER_GET_PARAMS, (void (*)(void))tdes_wrap_get_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, (void (*)(void))tdes_get_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ (void (*)(void))tdes_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_set_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ { 0, NULL } \ } diff --git a/providers/implementations/ciphers/cipher_tdes_wrap_hw.c b/providers/implementations/ciphers/cipher_tdes_wrap_hw.c index 477089ff86..3c8c833320 100644 --- a/providers/implementations/ciphers/cipher_tdes_wrap_hw.c +++ b/providers/implementations/ciphers/cipher_tdes_wrap_hw.c @@ -15,6 +15,6 @@ #include "cipher_tdes_default.h" -#define cipher_hw_tdes_wrap_initkey cipher_hw_tdes_ede3_initkey +#define ossl_cipher_hw_tdes_wrap_initkey ossl_cipher_hw_tdes_ede3_initkey PROV_CIPHER_HW_tdes_mode(wrap, cbc) diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c index 08693080bd..f191074605 100644 --- a/providers/implementations/ciphers/ciphercommon.c +++ b/providers/implementations/ciphers/ciphercommon.c @@ -30,14 +30,14 @@ static const OSSL_PARAM cipher_known_gettable_params[] = { { OSSL_CIPHER_PARAM_TLS_MAC, OSSL_PARAM_OCTET_PTR, NULL, 0, OSSL_PARAM_UNMODIFIED }, OSSL_PARAM_END }; -const OSSL_PARAM *cipher_generic_gettable_params(void *provctx) +const OSSL_PARAM *ossl_cipher_generic_gettable_params(void *provctx) { return cipher_known_gettable_params; } -int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, - unsigned long flags, - size_t kbits, size_t blkbits, size_t ivbits) +int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, + unsigned long flags, + size_t kbits, size_t blkbits, size_t ivbits) { OSSL_PARAM *p; @@ -69,24 +69,24 @@ int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, return 1; } -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(cipher_generic) -CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(cipher_generic) +CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_START(ossl_cipher_generic) +CIPHER_DEFAULT_GETTABLE_CTX_PARAMS_END(ossl_cipher_generic) -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(cipher_generic) +CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_generic) OSSL_PARAM_uint(OSSL_CIPHER_PARAM_TLS_VERSION, NULL), OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_TLS_MAC_SIZE, NULL), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(cipher_generic) +CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_generic) /* * Variable key length cipher functions for OSSL_PARAM settables */ -int cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) +int ossl_cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; const OSSL_PARAM *p; - if (!cipher_generic_set_ctx_params(vctx, params)) + if (!ossl_cipher_generic_set_ctx_params(vctx, params)) return 0; p = OSSL_PARAM_locate_const(params, OSSL_CIPHER_PARAM_KEYLEN); if (p != NULL) { @@ -101,9 +101,9 @@ int cipher_var_keylen_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(cipher_var_keylen) +CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_START(ossl_cipher_var_keylen) OSSL_PARAM_size_t(OSSL_CIPHER_PARAM_KEYLEN, NULL), -CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(cipher_var_keylen) +CIPHER_DEFAULT_SETTABLE_CTX_PARAMS_END(ossl_cipher_var_keylen) /*- * AEAD cipher functions for OSSL_PARAM gettables and settables @@ -119,7 +119,9 @@ static const OSSL_PARAM cipher_aead_known_gettable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN, NULL, 0), OSSL_PARAM_END }; -const OSSL_PARAM *cipher_aead_gettable_ctx_params(ossl_unused void *provctx) +const OSSL_PARAM *ossl_cipher_aead_gettable_ctx_params( + ossl_unused void *provctx + ) { return cipher_aead_known_gettable_ctx_params; } @@ -132,12 +134,14 @@ static const OSSL_PARAM cipher_aead_known_settable_ctx_params[] = { OSSL_PARAM_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_SET_IV_INV, NULL, 0), OSSL_PARAM_END }; -const OSSL_PARAM *cipher_aead_settable_ctx_params(ossl_unused void *provctx) +const OSSL_PARAM *ossl_cipher_aead_settable_ctx_params( + ossl_unused void *provctx + ) { return cipher_aead_known_settable_ctx_params; } -void cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx) +void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx) { if (ctx != NULL && ctx->alloced) { OPENSSL_free(ctx->tlsmac); @@ -160,7 +164,7 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, return 0; if (iv != NULL && ctx->mode != EVP_CIPH_ECB_MODE) { - if (!cipher_generic_initiv(ctx, iv, ivlen)) + if (!ossl_cipher_generic_initiv(ctx, iv, ivlen)) return 0; } if (key != NULL) { @@ -177,15 +181,17 @@ static int cipher_generic_init_internal(PROV_CIPHER_CTX *ctx, return 1; } -int cipher_generic_einit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen) +int ossl_cipher_generic_einit(void *vctx, const unsigned char *key, + size_t keylen, const unsigned char *iv, + size_t ivlen) { return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, iv, ivlen, 1); } -int cipher_generic_dinit(void *vctx, const unsigned char *key, size_t keylen, - const unsigned char *iv, size_t ivlen) +int ossl_cipher_generic_dinit(void *vctx, const unsigned char *key, + size_t keylen, const unsigned char *iv, + size_t ivlen) { return cipher_generic_init_internal((PROV_CIPHER_CTX *)vctx, key, keylen, iv, ivlen, 0); @@ -194,9 +200,9 @@ int cipher_generic_dinit(void *vctx, const unsigned char *key, size_t keylen, /* Max padding including padding length byte */ #define MAX_PADDING 256 -int cipher_generic_block_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) +int ossl_cipher_generic_block_update(void *vctx, unsigned char *out, + size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { size_t outlint = 0; PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -332,8 +338,8 @@ int cipher_generic_block_update(void *vctx, unsigned char *out, size_t *outl, return inl == 0; } -int cipher_generic_block_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) +int ossl_cipher_generic_block_final(void *vctx, unsigned char *out, + size_t *outl, size_t outsize) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; size_t blksz = ctx->blocksize; @@ -401,9 +407,9 @@ int cipher_generic_block_final(void *vctx, unsigned char *out, size_t *outl, return 1; } -int cipher_generic_stream_update(void *vctx, unsigned char *out, size_t *outl, - size_t outsize, const unsigned char *in, - size_t inl) +int ossl_cipher_generic_stream_update(void *vctx, unsigned char *out, + size_t *outl, size_t outsize, + const unsigned char *in, size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -437,8 +443,8 @@ int cipher_generic_stream_update(void *vctx, unsigned char *out, size_t *outl, return 1; } -int cipher_generic_stream_final(void *vctx, unsigned char *out, size_t *outl, - size_t outsize) +int ossl_cipher_generic_stream_final(void *vctx, unsigned char *out, + size_t *outl, size_t outsize) { if (!ossl_prov_is_running()) return 0; @@ -447,9 +453,9 @@ int cipher_generic_stream_final(void *vctx, unsigned char *out, size_t *outl, return 1; } -int cipher_generic_cipher(void *vctx, - unsigned char *out, size_t *outl, size_t outsize, - const unsigned char *in, size_t inl) +int ossl_cipher_generic_cipher(void *vctx, unsigned char *out, size_t *outl, + size_t outsize, const unsigned char *in, + size_t inl) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; @@ -470,7 +476,7 @@ int cipher_generic_cipher(void *vctx, return 1; } -int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) +int ossl_cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; OSSL_PARAM *p; @@ -518,7 +524,7 @@ int cipher_generic_get_ctx_params(void *vctx, OSSL_PARAM params[]) return 1; } -int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) +int ossl_cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; const OSSL_PARAM *p; @@ -560,8 +566,8 @@ int cipher_generic_set_ctx_params(void *vctx, const OSSL_PARAM params[]) return 1; } -int cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, - size_t ivlen) +int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, + size_t ivlen) { if (ivlen != ctx->ivlen || ivlen > sizeof(ctx->iv)) { @@ -574,9 +580,10 @@ int cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, return 1; } -void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, - size_t ivbits, unsigned int mode, uint64_t flags, - const PROV_CIPHER_HW *hw, void *provctx) +void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, + size_t ivbits, unsigned int mode, + uint64_t flags, const PROV_CIPHER_HW *hw, + void *provctx) { PROV_CIPHER_CTX *ctx = (PROV_CIPHER_CTX *)vctx; diff --git a/providers/implementations/ciphers/ciphercommon_hw.c b/providers/implementations/ciphers/ciphercommon_hw.c index 31062f1bc6..d52c570d7f 100644 --- a/providers/implementations/ciphers/ciphercommon_hw.c +++ b/providers/implementations/ciphers/ciphercommon_hw.c @@ -13,7 +13,7 @@ * The generic cipher functions for cipher modes cbc, ecb, ofb, cfb and ctr. * Used if there is no special hardware implementations. */ -int cipher_hw_generic_cbc(PROV_CIPHER_CTX *dat, unsigned char *out, +int ossl_cipher_hw_generic_cbc(PROV_CIPHER_CTX *dat, unsigned char *out, const unsigned char *in, size_t len) { if (dat->stream.cbc) @@ -26,7 +26,7 @@ int cipher_hw_generic_cbc(PROV_CIPHER_CTX *dat, unsigned char *out, return 1; } -int cipher_hw_generic_ecb(PROV_CIPHER_CTX *dat, unsigned char *out, +int ossl_cipher_hw_generic_ecb(PROV_CIPHER_CTX *dat, unsigned char *out, const unsigned char *in, size_t len) { size_t i, bl = dat->blocksize; @@ -45,7 +45,7 @@ int cipher_hw_generic_ecb(PROV_CIPHER_CTX *dat, unsigned char *out, return 1; } -int cipher_hw_generic_ofb128(PROV_CIPHER_CTX *dat, unsigned char *out, +int ossl_cipher_hw_generic_ofb128(PROV_CIPHER_CTX *dat, unsigned char *out, const unsigned char *in, size_t len) { int num = dat->num; @@ -56,8 +56,8 @@ int cipher_hw_generic_ofb128(PROV_CIPHER_CTX *dat, unsigned char *out, return 1; } -int cipher_hw_generic_cfb128(PROV_CIPHER_CTX *dat, unsigned char *out, - const unsigned char *in, size_t len) +int ossl_cipher_hw_generic_cfb128(PROV_CIPHER_CTX *dat, unsigned char *out, + const unsigned char *in, size_t len) { int num = dat->num; @@ -68,7 +68,7 @@ int cipher_hw_generic_cfb128(PROV_CIPHER_CTX *dat, unsigned char *out, return 1; } -int cipher_hw_generic_cfb8(PROV_CIPHER_CTX *dat, unsigned char *out, +int ossl_cipher_hw_generic_cfb8(PROV_CIPHER_CTX *dat, unsigned char *out, const unsigned char *in, size_t len) { int num = dat->num; @@ -80,7 +80,7 @@ int cipher_hw_generic_cfb8(PROV_CIPHER_CTX *dat, unsigned char *out, return 1; } -int cipher_hw_generic_cfb1(PROV_CIPHER_CTX *dat, unsigned char *out, +int ossl_cipher_hw_generic_cfb1(PROV_CIPHER_CTX *dat, unsigned char *out, const unsigned char *in, size_t len) { int num = dat->num; @@ -108,7 +108,7 @@ int cipher_hw_generic_cfb1(PROV_CIPHER_CTX *dat, unsigned char *out, return 1; } -int cipher_hw_generic_ctr(PROV_CIPHER_CTX *dat, unsigned char *out, +int ossl_cipher_hw_generic_ctr(PROV_CIPHER_CTX *dat, unsigned char *out, const unsigned char *in, size_t len) { unsigned int num = dat->num; @@ -129,21 +129,21 @@ int cipher_hw_generic_ctr(PROV_CIPHER_CTX *dat, unsigned char *out, * Used if there is no special hardware implementations. */ -int cipher_hw_chunked_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, +int ossl_cipher_hw_chunked_cbc(PROV_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { while (inl >= MAXCHUNK) { - cipher_hw_generic_cbc(ctx, out, in, MAXCHUNK); + ossl_cipher_hw_generic_cbc(ctx, out, in, MAXCHUNK); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) - cipher_hw_generic_cbc(ctx, out, in, inl); + ossl_cipher_hw_generic_cbc(ctx, out, in, inl); return 1; } -int cipher_hw_chunked_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, +int ossl_cipher_hw_chunked_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { size_t chunk = MAXCHUNK; @@ -151,7 +151,7 @@ int cipher_hw_chunked_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, if (inl < chunk) chunk = inl; while (inl > 0 && inl >= chunk) { - cipher_hw_generic_cfb8(ctx, out, in, inl); + ossl_cipher_hw_generic_cfb8(ctx, out, in, inl); inl -= chunk; in += chunk; out += chunk; @@ -161,7 +161,7 @@ int cipher_hw_chunked_cfb8(PROV_CIPHER_CTX *ctx, unsigned char *out, return 1; } -int cipher_hw_chunked_cfb128(PROV_CIPHER_CTX *ctx, unsigned char *out, +int ossl_cipher_hw_chunked_cfb128(PROV_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { size_t chunk = MAXCHUNK; @@ -169,7 +169,7 @@ int cipher_hw_chunked_cfb128(PROV_CIPHER_CTX *ctx, unsigned char *out, if (inl < chunk) chunk = inl; while (inl > 0 && inl >= chunk) { - cipher_hw_generic_cfb128(ctx, out, in, inl); + ossl_cipher_hw_generic_cfb128(ctx, out, in, inl); inl -= chunk; in += chunk; out += chunk; @@ -179,16 +179,16 @@ int cipher_hw_chunked_cfb128(PROV_CIPHER_CTX *ctx, unsigned char *out, return 1; } -int cipher_hw_chunked_ofb128(PROV_CIPHER_CTX *ctx, unsigned char *out, +int ossl_cipher_hw_chunked_ofb128(PROV_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inl) { while (inl >= MAXCHUNK) { - cipher_hw_generic_ofb128(ctx, out, in, MAXCHUNK); + ossl_cipher_hw_generic_ofb128(ctx, out, in, MAXCHUNK); inl -= MAXCHUNK; in += MAXCHUNK; out += MAXCHUNK; } if (inl > 0) - cipher_hw_generic_ofb128(ctx, out, in, inl); + ossl_cipher_hw_generic_ofb128(ctx, out, in, inl); return 1; } diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h index 137836d7ab..82dae0ba59 100644 --- a/providers/implementations/include/prov/ciphercommon.h +++ b/providers/implementations/include/prov/ciphercommon.h @@ -90,28 +90,28 @@ struct prov_cipher_hw_st { void (*copyctx)(PROV_CIPHER_CTX *dst, const PROV_CIPHER_CTX *src); }; -void cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx); -OSSL_FUNC_cipher_encrypt_init_fn cipher_generic_einit; -OSSL_FUNC_cipher_decrypt_init_fn cipher_generic_dinit; -OSSL_FUNC_cipher_update_fn cipher_generic_block_update; -OSSL_FUNC_cipher_final_fn cipher_generic_block_final; -OSSL_FUNC_cipher_update_fn cipher_generic_stream_update; -OSSL_FUNC_cipher_final_fn cipher_generic_stream_final; -OSSL_FUNC_cipher_cipher_fn cipher_generic_cipher; -OSSL_FUNC_cipher_get_ctx_params_fn cipher_generic_get_ctx_params; -OSSL_FUNC_cipher_set_ctx_params_fn cipher_generic_set_ctx_params; -OSSL_FUNC_cipher_gettable_params_fn cipher_generic_gettable_params; -OSSL_FUNC_cipher_gettable_ctx_params_fn cipher_generic_gettable_ctx_params; -OSSL_FUNC_cipher_settable_ctx_params_fn cipher_generic_settable_ctx_params; -OSSL_FUNC_cipher_set_ctx_params_fn cipher_var_keylen_set_ctx_params; -OSSL_FUNC_cipher_settable_ctx_params_fn cipher_var_keylen_settable_ctx_params; -OSSL_FUNC_cipher_gettable_ctx_params_fn cipher_aead_gettable_ctx_params; -OSSL_FUNC_cipher_settable_ctx_params_fn cipher_aead_settable_ctx_params; - -int cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, +void ossl_cipher_generic_reset_ctx(PROV_CIPHER_CTX *ctx); +OSSL_FUNC_cipher_encrypt_init_fn ossl_cipher_generic_einit; +OSSL_FUNC_cipher_decrypt_init_fn ossl_cipher_generic_dinit; +OSSL_FUNC_cipher_update_fn ossl_cipher_generic_block_update; +OSSL_FUNC_cipher_final_fn ossl_cipher_generic_block_final; +OSSL_FUNC_cipher_update_fn ossl_cipher_generic_stream_update; +OSSL_FUNC_cipher_final_fn ossl_cipher_generic_stream_final; +OSSL_FUNC_cipher_cipher_fn ossl_cipher_generic_cipher; +OSSL_FUNC_cipher_get_ctx_params_fn ossl_cipher_generic_get_ctx_params; +OSSL_FUNC_cipher_set_ctx_params_fn ossl_cipher_generic_set_ctx_params; +OSSL_FUNC_cipher_gettable_params_fn ossl_cipher_generic_gettable_params; +OSSL_FUNC_cipher_gettable_ctx_params_fn ossl_cipher_generic_gettable_ctx_params; +OSSL_FUNC_cipher_settable_ctx_params_fn ossl_cipher_generic_settable_ctx_params; +OSSL_FUNC_cipher_set_ctx_params_fn ossl_cipher_var_keylen_set_ctx_params; +OSSL_FUNC_cipher_settable_ctx_params_fn ossl_cipher_var_keylen_settable_ctx_params; +OSSL_FUNC_cipher_gettable_ctx_params_fn ossl_cipher_aead_gettable_ctx_params; +OSSL_FUNC_cipher_settable_ctx_params_fn ossl_cipher_aead_settable_ctx_params; + +int ossl_cipher_generic_get_params(OSSL_PARAM params[], unsigned int md, unsigned long flags, size_t kbits, size_t blkbits, size_t ivbits); -void cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, +void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, size_t ivbits, unsigned int mode, uint64_t flags, const PROV_CIPHER_HW *hw, void *provctx); @@ -122,23 +122,23 @@ const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit }, \ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit }, \ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_get_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_set_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_set_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_gettable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_settable_ctx_params }, \ { 0, NULL } \ }; @@ -149,45 +149,45 @@ const OSSL_DISPATCH ossl_##alg##kbits##lcmode##_functions[] = { \ (void (*)(void)) alg##_##kbits##_##lcmode##_newctx }, \ { OSSL_FUNC_CIPHER_FREECTX, (void (*)(void)) alg##_freectx }, \ { OSSL_FUNC_CIPHER_DUPCTX, (void (*)(void)) alg##_dupctx }, \ - { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))cipher_generic_einit }, \ - { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))cipher_generic_dinit }, \ - { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))cipher_generic_##typ##_update },\ - { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))cipher_generic_##typ##_final }, \ - { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))cipher_generic_cipher }, \ + { OSSL_FUNC_CIPHER_ENCRYPT_INIT, (void (*)(void))ossl_cipher_generic_einit },\ + { OSSL_FUNC_CIPHER_DECRYPT_INIT, (void (*)(void))ossl_cipher_generic_dinit },\ + { OSSL_FUNC_CIPHER_UPDATE, (void (*)(void))ossl_cipher_generic_##typ##_update },\ + { OSSL_FUNC_CIPHER_FINAL, (void (*)(void))ossl_cipher_generic_##typ##_final }, \ + { OSSL_FUNC_CIPHER_CIPHER, (void (*)(void))ossl_cipher_generic_cipher }, \ { OSSL_FUNC_CIPHER_GET_PARAMS, \ (void (*)(void)) alg##_##kbits##_##lcmode##_get_params }, \ { OSSL_FUNC_CIPHER_GET_CTX_PARAMS, \ - (void (*)(void))cipher_generic_get_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_get_ctx_params }, \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ - (void (*)(void))cipher_var_keylen_set_ctx_params }, \ + (void (*)(void))ossl_cipher_var_keylen_set_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_generic_gettable_ctx_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_var_keylen_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_var_keylen_settable_ctx_params }, \ { 0, NULL } \ }; #define IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, \ kbits, blkbits, ivbits, typ) \ -static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ +static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lcmode##_get_params; \ static int alg##_##kbits##_##lcmode##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, flags, \ - kbits, blkbits, ivbits); \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + flags, kbits, blkbits, ivbits); \ } \ -static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ +static OSSL_FUNC_cipher_newctx_fn alg##_##kbits##_##lcmode##_newctx; \ static void * alg##_##kbits##_##lcmode##_newctx(void *provctx) \ { \ PROV_##UCALG##_CTX *ctx = ossl_prov_is_running() ? OPENSSL_zalloc(sizeof(*ctx))\ : NULL; \ if (ctx != NULL) { \ - cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ - EVP_CIPH_##UCMODE##_MODE, flags, \ - ossl_prov_cipher_hw_##alg##_##lcmode(kbits), \ - provctx); \ + ossl_cipher_generic_initkey(ctx, kbits, blkbits, ivbits, \ + EVP_CIPH_##UCMODE##_MODE, flags, \ + ossl_prov_cipher_hw_##alg##_##lcmode(kbits),\ + provctx); \ } \ return ctx; \ } \ @@ -206,20 +206,20 @@ IMPLEMENT_generic_cipher_genfn(alg, UCALG, lcmode, UCMODE, flags, kbits, \ IMPLEMENT_var_keylen_cipher_func(alg, UCALG, lcmode, UCMODE, flags, kbits, \ blkbits, ivbits, typ) -PROV_CIPHER_HW_FN cipher_hw_generic_cbc; -PROV_CIPHER_HW_FN cipher_hw_generic_ecb; -PROV_CIPHER_HW_FN cipher_hw_generic_ofb128; -PROV_CIPHER_HW_FN cipher_hw_generic_cfb128; -PROV_CIPHER_HW_FN cipher_hw_generic_cfb8; -PROV_CIPHER_HW_FN cipher_hw_generic_cfb1; -PROV_CIPHER_HW_FN cipher_hw_generic_ctr; -PROV_CIPHER_HW_FN cipher_hw_chunked_cbc; -PROV_CIPHER_HW_FN cipher_hw_chunked_cfb8; -PROV_CIPHER_HW_FN cipher_hw_chunked_cfb128; -PROV_CIPHER_HW_FN cipher_hw_chunked_ofb128; -#define cipher_hw_chunked_ecb cipher_hw_generic_ecb -#define cipher_hw_chunked_ctr cipher_hw_generic_ctr -#define cipher_hw_chunked_cfb1 cipher_hw_generic_cfb1 +PROV_CIPHER_HW_FN ossl_cipher_hw_generic_cbc; +PROV_CIPHER_HW_FN ossl_cipher_hw_generic_ecb; +PROV_CIPHER_HW_FN ossl_cipher_hw_generic_ofb128; +PROV_CIPHER_HW_FN ossl_cipher_hw_generic_cfb128; +PROV_CIPHER_HW_FN ossl_cipher_hw_generic_cfb8; +PROV_CIPHER_HW_FN ossl_cipher_hw_generic_cfb1; +PROV_CIPHER_HW_FN ossl_cipher_hw_generic_ctr; +PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_cbc; +PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_cfb8; +PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_cfb128; +PROV_CIPHER_HW_FN ossl_cipher_hw_chunked_ofb128; +#define ossl_cipher_hw_chunked_ecb ossl_cipher_hw_generic_ecb +#define ossl_cipher_hw_chunked_ctr ossl_cipher_hw_generic_ctr +#define ossl_cipher_hw_chunked_cfb1 ossl_cipher_hw_generic_cfb1 #define IMPLEMENT_CIPHER_HW_OFB(MODE, NAME, CTX_NAME, KEY_NAME, FUNC_PREFIX) \ static int cipher_hw_##NAME##_##MODE##_cipher(PROV_CIPHER_CTX *ctx, \ @@ -338,8 +338,8 @@ const OSSL_PARAM * name##_settable_ctx_params(ossl_unused void *provctx) \ return name##_known_settable_ctx_params; \ } -int cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, - size_t ivlen); +int ossl_cipher_generic_initiv(PROV_CIPHER_CTX *ctx, const unsigned char *iv, + size_t ivlen); size_t fillblock(unsigned char *buf, size_t *buflen, size_t blocksize, const unsigned char **in, size_t *inlen); diff --git a/providers/implementations/include/prov/ciphercommon_aead.h b/providers/implementations/include/prov/ciphercommon_aead.h index 5c82efccae..47175f7247 100644 --- a/providers/implementations/include/prov/ciphercommon_aead.h +++ b/providers/implementations/include/prov/ciphercommon_aead.h @@ -20,7 +20,7 @@ static OSSL_FUNC_cipher_get_params_fn alg##_##kbits##_##lc##_get_params; \ static int alg##_##kbits##_##lc##_get_params(OSSL_PARAM params[]) \ { \ - return cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ + return ossl_cipher_generic_get_params(params, EVP_CIPH_##UCMODE##_MODE, \ flags, kbits, blkbits, ivbits); \ } \ static OSSL_FUNC_cipher_newctx_fn alg##kbits##lc##_newctx; \ @@ -43,10 +43,10 @@ const OSSL_DISPATCH ossl_##alg##kbits##lc##_functions[] = { \ { OSSL_FUNC_CIPHER_SET_CTX_PARAMS, \ (void (*)(void)) lc##_set_ctx_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_PARAMS, \ - (void (*)(void))cipher_generic_gettable_params }, \ + (void (*)(void))ossl_cipher_generic_gettable_params }, \ { OSSL_FUNC_CIPHER_GETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_aead_gettable_ctx_params }, \ + (void (*)(void))ossl_cipher_aead_gettable_ctx_params }, \ { OSSL_FUNC_CIPHER_SETTABLE_CTX_PARAMS, \ - (void (*)(void))cipher_aead_settable_ctx_params }, \ + (void (*)(void))ossl_cipher_aead_settable_ctx_params }, \ { 0, NULL } \ } From no-reply at appveyor.com Thu Oct 1 00:35:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 00:35:27 +0000 Subject: Build completed: openssl master.37303 Message-ID: <20201001003527.1.B30715CE128F578B@appveyor.com> An HTML attachment was scrubbed... URL: From shane.lontis at oracle.com Thu Oct 1 00:54:22 2020 From: shane.lontis at oracle.com (shane.lontis at oracle.com) Date: Thu, 01 Oct 2020 00:54:22 +0000 Subject: [openssl] master update Message-ID: <1601513662.559147.6707.nullmailer@dev.openssl.org> The branch master has been updated via c4232b9edbeb242583a804dfb0bafaf57610e6fb (commit) from 592dcfd3df129235fa94144e866812800e2941e8 (commit) - Log ----------------------------------------------------------------- commit c4232b9edbeb242583a804dfb0bafaf57610e6fb Author: Shane Lontis Date: Mon Sep 28 07:46:29 2020 +1000 rsa_mp_coeff_names should only have one entry in it for fips mode. Reported by Tim Hudson Reviewed-by: Richard Levitte Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/13011) ----------------------------------------------------------------------- Summary of changes: crypto/rsa/rsa_mp_names.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rsa/rsa_mp_names.c b/crypto/rsa/rsa_mp_names.c index 15b1b9e0da..2fb1f53c43 100644 --- a/crypto/rsa/rsa_mp_names.c +++ b/crypto/rsa/rsa_mp_names.c @@ -62,8 +62,8 @@ const char *rsa_mp_exp_names[] = { */ const char *rsa_mp_coeff_names[] = { OSSL_PKEY_PARAM_RSA_COEFFICIENT1, - OSSL_PKEY_PARAM_RSA_COEFFICIENT2, #ifndef FIPS_MODULE + OSSL_PKEY_PARAM_RSA_COEFFICIENT2, OSSL_PKEY_PARAM_RSA_COEFFICIENT3, OSSL_PKEY_PARAM_RSA_COEFFICIENT4, OSSL_PKEY_PARAM_RSA_COEFFICIENT5, From openssl at openssl.org Thu Oct 1 01:18:43 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 01:18:43 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-pic Message-ID: <1601515123.722505.11831.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-pic Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider From pauli at openssl.org Thu Oct 1 01:25:56 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 01 Oct 2020 01:25:56 +0000 Subject: [openssl] master update Message-ID: <1601515556.371016.12780.nullmailer@dev.openssl.org> The branch master has been updated via 012903063900340b972a6a8d20c0a18c37a89428 (commit) via a55b00bdbc00b1632e551cf71bce72137e683c12 (commit) from c4232b9edbeb242583a804dfb0bafaf57610e6fb (commit) - Log ----------------------------------------------------------------- commit 012903063900340b972a6a8d20c0a18c37a89428 Author: Pauli Date: Wed Sep 30 13:59:20 2020 +1000 der: _ossl prefix der_oid_ and der_aid_ functions Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13038) commit a55b00bdbc00b1632e551cf71bce72137e683c12 Author: Pauli Date: Wed Sep 30 12:15:12 2020 +1000 der: _ossl prefix DER functions Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13038) ----------------------------------------------------------------------- Summary of changes: crypto/asn1_dsa.c | 16 ++--- crypto/der_writer.c | 27 ++++---- crypto/dsa/dsa_sign.c | 2 +- crypto/ec/ec_asn1.c | 2 +- ..._sequence.pod => ossl_DER_w_begin_sequence.pod} | 8 +-- .../man3/{DER_w_bn.pod => ossl_DER_w_bn.pod} | 32 +++++----- ..._precompiled.pod => ossl_DER_w_precompiled.pod} | 14 ++--- doc/internal/man7/DERlib.pod | 41 +++++++------ include/crypto/asn1_dsa.h | 8 +-- include/internal/der.h | 23 +++---- providers/common/der/der_dsa.h.in | 6 +- providers/common/der/der_dsa_key.c | 9 +-- providers/common/der/der_dsa_sig.c | 14 ++--- providers/common/der/der_ec.h.in | 6 +- providers/common/der/der_ec_key.c | 10 +-- providers/common/der/der_ec_sig.c | 24 ++++---- providers/common/der/der_ecx.h.in | 8 +-- providers/common/der/der_ecx_key.c | 40 ++++++------ providers/common/der/der_rsa.h.in | 10 +-- providers/common/der/der_rsa_key.c | 71 +++++++++++----------- providers/common/der/der_rsa_sig.c | 30 ++++----- providers/common/der/der_sm2_key.c | 8 +-- providers/common/der/der_sm2_sig.c | 12 ++-- providers/common/der/oids_to_c.pm | 4 +- .../implementations/encode_decode/encode_key2any.c | 2 +- providers/implementations/kdfs/x942kdf.c | 29 +++++---- providers/implementations/signature/dsa.c | 4 +- providers/implementations/signature/ecdsa.c | 3 +- providers/implementations/signature/eddsa.c | 4 +- providers/implementations/signature/rsa.c | 5 +- providers/implementations/storemgmt/file_store.c | 3 +- .../implementations/storemgmt/file_store_der2obj.c | 2 +- .../implementations/storemgmt/file_store_local.h | 2 +- test/asn1_dsa_internal_test.c | 18 +++--- 34 files changed, 254 insertions(+), 243 deletions(-) rename doc/internal/man3/{DER_w_begin_sequence.pod => ossl_DER_w_begin_sequence.pod} (83%) rename doc/internal/man3/{DER_w_bn.pod => ossl_DER_w_bn.pod} (55%) rename doc/internal/man3/{DER_w_precompiled.pod => ossl_DER_w_precompiled.pod} (73%) diff --git a/crypto/asn1_dsa.c b/crypto/asn1_dsa.c index 34835a5214..6578b8f606 100644 --- a/crypto/asn1_dsa.c +++ b/crypto/asn1_dsa.c @@ -152,7 +152,7 @@ int encode_der_dsa_sig(WPACKET *pkt, const BIGNUM *r, const BIGNUM *s) * * Returns 1 on success or 0 on failure. */ -int decode_der_length(PACKET *pkt, PACKET *subpkt) +int ossl_decode_der_length(PACKET *pkt, PACKET *subpkt) { unsigned int byte; @@ -184,7 +184,7 @@ int decode_der_length(PACKET *pkt, PACKET *subpkt) * trailing garbage then it is up to the caller to verify that all bytes * were consumed. */ -int decode_der_integer(PACKET *pkt, BIGNUM *n) +int ossl_decode_der_integer(PACKET *pkt, BIGNUM *n) { PACKET contpkt, tmppkt; unsigned int tag, tmp; @@ -192,7 +192,7 @@ int decode_der_integer(PACKET *pkt, BIGNUM *n) /* Check we have an integer and get the content bytes */ if (!PACKET_get_1(pkt, &tag) || tag != ID_INTEGER - || !decode_der_length(pkt, &contpkt)) + || !ossl_decode_der_length(pkt, &contpkt)) return 0; /* Peek ahead at the first bytes to check for proper encoding */ @@ -230,8 +230,8 @@ int decode_der_integer(PACKET *pkt, BIGNUM *n) * trailing garbage then it is up to the caller to verify that all bytes * were consumed. */ -size_t decode_der_dsa_sig(BIGNUM *r, BIGNUM *s, const unsigned char **ppin, - size_t len) +size_t ossl_decode_der_dsa_sig(BIGNUM *r, BIGNUM *s, + const unsigned char **ppin, size_t len) { size_t consumed; PACKET pkt, contpkt; @@ -240,9 +240,9 @@ size_t decode_der_dsa_sig(BIGNUM *r, BIGNUM *s, const unsigned char **ppin, if (!PACKET_buf_init(&pkt, *ppin, len) || !PACKET_get_1(&pkt, &tag) || tag != ID_SEQUENCE - || !decode_der_length(&pkt, &contpkt) - || !decode_der_integer(&contpkt, r) - || !decode_der_integer(&contpkt, s) + || !ossl_decode_der_length(&pkt, &contpkt) + || !ossl_decode_der_integer(&contpkt, r) + || !ossl_decode_der_integer(&contpkt, s) || PACKET_remaining(&contpkt) != 0) return 0; diff --git a/crypto/der_writer.c b/crypto/der_writer.c index 8210327f06..c6fd4c4298 100644 --- a/crypto/der_writer.c +++ b/crypto/der_writer.c @@ -48,15 +48,16 @@ static int int_end_context(WPACKET *pkt, int tag) && (size1 == size2 || WPACKET_put_bytes_u8(pkt, tag)); } -int DER_w_precompiled(WPACKET *pkt, int tag, - const unsigned char *precompiled, size_t precompiled_n) +int ossl_DER_w_precompiled(WPACKET *pkt, int tag, + const unsigned char *precompiled, + size_t precompiled_n) { return int_start_context(pkt, tag) && WPACKET_memcpy(pkt, precompiled, precompiled_n) && int_end_context(pkt, tag); } -int DER_w_boolean(WPACKET *pkt, int tag, int b) +int ossl_DER_w_boolean(WPACKET *pkt, int tag, int b) { return int_start_context(pkt, tag) && WPACKET_start_sub_packet(pkt) @@ -66,8 +67,8 @@ int DER_w_boolean(WPACKET *pkt, int tag, int b) && int_end_context(pkt, tag); } -int DER_w_octet_string(WPACKET *pkt, int tag, - const unsigned char *data, size_t data_n) +int ossl_DER_w_octet_string(WPACKET *pkt, int tag, + const unsigned char *data, size_t data_n) { return int_start_context(pkt, tag) && WPACKET_start_sub_packet(pkt) @@ -77,7 +78,7 @@ int DER_w_octet_string(WPACKET *pkt, int tag, && int_end_context(pkt, tag); } -int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value) +int ossl_DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value) { unsigned char tmp[4] = { 0, 0, 0, 0 }; unsigned char *pbuf = tmp + (sizeof(tmp) - 1); @@ -86,7 +87,7 @@ int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value) *pbuf-- = (value & 0xFF); value >>= 8; } - return DER_w_octet_string(pkt, tag, tmp, sizeof(tmp)); + return ossl_DER_w_octet_string(pkt, tag, tmp, sizeof(tmp)); } static int int_der_w_integer(WPACKET *pkt, int tag, @@ -124,7 +125,7 @@ static int int_put_bytes_ulong(WPACKET *pkt, const void *v, } /* For integers, we only support unsigned values for now */ -int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v) +int ossl_DER_w_ulong(WPACKET *pkt, int tag, unsigned long v) { return int_der_w_integer(pkt, tag, int_put_bytes_ulong, &v); } @@ -147,17 +148,17 @@ static int int_put_bytes_bn(WPACKET *pkt, const void *v, return 1; } -int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v) +int ossl_DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v) { if (v == NULL || BN_is_negative(v)) return 0; if (BN_is_zero(v)) - return DER_w_ulong(pkt, tag, 0); + return ossl_DER_w_ulong(pkt, tag, 0); return int_der_w_integer(pkt, tag, int_put_bytes_bn, v); } -int DER_w_null(WPACKET *pkt, int tag) +int ossl_DER_w_null(WPACKET *pkt, int tag) { return int_start_context(pkt, tag) && WPACKET_start_sub_packet(pkt) @@ -167,13 +168,13 @@ int DER_w_null(WPACKET *pkt, int tag) } /* Constructed things need a start and an end */ -int DER_w_begin_sequence(WPACKET *pkt, int tag) +int ossl_DER_w_begin_sequence(WPACKET *pkt, int tag) { return int_start_context(pkt, tag) && WPACKET_start_sub_packet(pkt); } -int DER_w_end_sequence(WPACKET *pkt, int tag) +int ossl_DER_w_end_sequence(WPACKET *pkt, int tag) { /* * If someone set the flag WPACKET_FLAGS_ABANDON_ON_ZERO_LENGTH on this diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c index 71a60bb39b..6a887d8190 100644 --- a/crypto/dsa/dsa_sign.c +++ b/crypto/dsa/dsa_sign.c @@ -65,7 +65,7 @@ DSA_SIG *d2i_DSA_SIG(DSA_SIG **psig, const unsigned char **ppin, long len) sig->r = BN_new(); if (sig->s == NULL) sig->s = BN_new(); - if (decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { + if (ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { if (psig == NULL || *psig == NULL) DSA_SIG_free(sig); return NULL; diff --git a/crypto/ec/ec_asn1.c b/crypto/ec/ec_asn1.c index b50e2edbc8..e95cffd42c 100644 --- a/crypto/ec/ec_asn1.c +++ b/crypto/ec/ec_asn1.c @@ -1218,7 +1218,7 @@ ECDSA_SIG *d2i_ECDSA_SIG(ECDSA_SIG **psig, const unsigned char **ppin, long len) sig->r = BN_new(); if (sig->s == NULL) sig->s = BN_new(); - if (decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { + if (ossl_decode_der_dsa_sig(sig->r, sig->s, ppin, (size_t)len) == 0) { if (psig == NULL || *psig == NULL) ECDSA_SIG_free(sig); return NULL; diff --git a/doc/internal/man3/DER_w_begin_sequence.pod b/doc/internal/man3/ossl_DER_w_begin_sequence.pod similarity index 83% rename from doc/internal/man3/DER_w_begin_sequence.pod rename to doc/internal/man3/ossl_DER_w_begin_sequence.pod index 3d221a942f..b78056f6e1 100644 --- a/doc/internal/man3/DER_w_begin_sequence.pod +++ b/doc/internal/man3/ossl_DER_w_begin_sequence.pod @@ -2,15 +2,15 @@ =head1 NAME -DER_w_begin_sequence, DER_w_end_sequence +ossl_DER_w_begin_sequence, ossl_DER_w_end_sequence - internal DER writers for DER constructed elements =head1 SYNOPSIS #include "internal/der.h" - int DER_w_begin_sequence(WPACKET *pkt, int tag); - int DER_w_end_sequence(WPACKET *pkt, int tag); + int ossl_DER_w_begin_sequence(WPACKET *pkt, int tag); + int ossl_DER_w_end_sequence(WPACKET *pkt, int tag); =head1 DESCRIPTION @@ -22,7 +22,7 @@ and B. When using these, special care must be taken to ensure that the ASN.1 tag value I is the same in the matching C and C function calls. -DER_w_begin_sequence() and DER_w_end_sequence() begins and ends a +ossl_DER_w_begin_sequence() and ossl_DER_w_end_sequence() begins and ends a SEQUENCE. =head1 RETURN VALUES diff --git a/doc/internal/man3/DER_w_bn.pod b/doc/internal/man3/ossl_DER_w_bn.pod similarity index 55% rename from doc/internal/man3/DER_w_bn.pod rename to doc/internal/man3/ossl_DER_w_bn.pod index deea5de346..a5bdd848bf 100644 --- a/doc/internal/man3/DER_w_bn.pod +++ b/doc/internal/man3/ossl_DER_w_bn.pod @@ -2,21 +2,21 @@ =head1 NAME -DER_w_boolean, DER_w_ulong, DER_w_bn, DER_w_null, -DER_w_octet_string, DER_w_octet_string_uint32 +ossl_DER_w_boolean, ossl_DER_w_ulong, ossl_DER_w_bn, ossl_DER_w_null, +ossl_DER_w_octet_string, ossl_DER_w_octet_string_uint32 - internal DER writers for DER primitives =head1 SYNOPSIS #include "internal/der.h" - int DER_w_boolean(WPACKET *pkt, int tag, int b); - int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v); - int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v); - int DER_w_null(WPACKET *pkt, int tag); - int DER_w_octet_string(WPACKET *pkt, int tag, - const unsigned char *data, size_t data_n); - int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value); + int ossl_DER_w_boolean(WPACKET *pkt, int tag, int b); + int ossl_DER_w_ulong(WPACKET *pkt, int tag, unsigned long v); + int ossl_DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v); + int ossl_DER_w_null(WPACKET *pkt, int tag); + int ossl_DER_w_octet_string(WPACKET *pkt, int tag, + const unsigned char *data, size_t data_n); + int ossl_DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value); =head1 DESCRIPTION @@ -25,23 +25,23 @@ All functions described here behave the same way, they prepend their respective value to the already written output buffer held by I. -DER_w_boolean() writes the primitive BOOLEAN using the value I. +ossl_DER_w_boolean() writes the primitive BOOLEAN using the value I. Any value that evaluates as true will render a B BOOLEAN, otherwise a B BOOLEAN. -DER_w_ulong() and DER_w_bn() both write the primitive INTEGER using +ossl_DER_w_ulong() and ossl_DER_w_bn() both write the primitive INTEGER using the value I. =for comment Other similar functions for diverse C integers should be added. -DER_w_null() writes the primitive NULL. +ossl_DER_w_null() writes the primitive NULL. -DER_w_octet_string() writes the primitive OCTET STRING using the bytes from -I with a length of I. +ossl_DER_w_octet_string() writes the primitive OCTET STRING using the bytes +from I with a length of I. -DER_w_octet_string_uint32() writes the primitive OCTET STRING using a 32 bit -value in I. +ossl_DER_w_octet_string_uint32() writes the primitive OCTET STRING using a +32 bit value in I. =head1 RETURN VALUES diff --git a/doc/internal/man3/DER_w_precompiled.pod b/doc/internal/man3/ossl_DER_w_precompiled.pod similarity index 73% rename from doc/internal/man3/DER_w_precompiled.pod rename to doc/internal/man3/ossl_DER_w_precompiled.pod index 81a92526af..aa7fa3930f 100644 --- a/doc/internal/man3/DER_w_precompiled.pod +++ b/doc/internal/man3/ossl_DER_w_precompiled.pod @@ -2,16 +2,16 @@ =head1 NAME -DER_w_precompiled +ossl_DER_w_precompiled - internal DER writers for precompiled DER blobs =head1 SYNOPSIS #include "internal/der.h" - int DER_w_precompiled(WPACKET *pkt, int tag, - const unsigned char *precompiled, - size_t precompiled_n); + int ossl_DER_w_precompiled(WPACKET *pkt, int tag, + const unsigned char *precompiled, + size_t precompiled_n); =head1 DESCRIPTION @@ -19,15 +19,15 @@ There may be already existing DER blobs that can simply be copied to the buffer held by I. For example, precompiled values, such as OIDs (for example, C) or complete AlgorithmIdentifiers (for example, C). To add those as an element in a -structure being DER encoded, use DER_w_precompiled(). +structure being DER encoded, use ossl_DER_w_precompiled(). -DER_w_precompiled() will simply take the DER encoded blob given as +ossl_DER_w_precompiled() will simply take the DER encoded blob given as I with length I and add it to the buffer held by I. =head1 RETURN VALUES -DER_w_precompiled() returns 1 on success and 0 on failure. Failure +ossl_DER_w_precompiled() returns 1 on success and 0 on failure. Failure may mean that the buffer held by the I is too small, but may also mean that the values given to the functions are invalid, such as the provided I value being too large for the implementation. diff --git a/doc/internal/man7/DERlib.pod b/doc/internal/man7/DERlib.pod index 2577df0caa..7085a2cb6d 100644 --- a/doc/internal/man7/DERlib.pod +++ b/doc/internal/man7/DERlib.pod @@ -50,10 +50,10 @@ which is defined like this in ASN.1 terms: With the DER library, this is the corresponding code, given two OpenSSL Bs I and I: - int ok = DER_w_begin_sequence(pkt, -1) - && DER_w_bn(pkg, -1, s) - && DER_w_bn(pkg, -1, r) - && DER_w_end_sequence(pkt, -1); + int ok = ossl_DER_w_begin_sequence(pkt, -1) + && ossl_DER_w_bn(pkg, -1, s) + && ossl_DER_w_bn(pkg, -1, r) + && ossl_DER_w_end_sequence(pkt, -1); As an example of the use of I, an ASN.1 element like this: @@ -61,7 +61,7 @@ As an example of the use of I, an ASN.1 element like this: Would be encoded like this: - DER_w_bn(pkt, 1, v) + ossl_DER_w_bn(pkt, 1, v) =begin comment @@ -116,25 +116,26 @@ value: int tag, RSA *rsa) { - return DER_w_begin_sequence(pkt, tag) - && (DER_w_begin_sequence(pkt, DER_NO_CONTEXT) - && DER_w_ulong(pkt, 2, 20) - && DER_w_precompiled(pkt, 1, - der_mgf1SHA256Identifier, - sizeof(der_mgf1SHA256Identifier)) - && DER_w_precompiled(pkt, 0, - der_sha256Identifier, - sizeof(der_sha256Identifier)) - && DER_w_end_sequence(pkt, DER_NO_CONTEXT)) - && DER_w_precompiled(pkt, DER_NO_CONTEXT, - der_id_RSASSA_PSS, - sizeof(der_id_RSASSA_PSS)) - && DER_w_end_sequence(pkt, tag); + return ossl_DER_w_begin_sequence(pkt, tag) + && (ossl_DER_w_begin_sequence(pkt, DER_NO_CONTEXT) + && ossl_DER_w_ulong(pkt, 2, 20) + && ossl_DER_w_precompiled(pkt, 1, + der_mgf1SHA256Identifier, + sizeof(der_mgf1SHA256Identifier)) + && ossl_DER_w_precompiled(pkt, 0, + der_sha256Identifier, + sizeof(der_sha256Identifier)) + && ossl_DER_w_end_sequence(pkt, DER_NO_CONTEXT)) + && ossl_DER_w_precompiled(pkt, DER_NO_CONTEXT, + der_id_RSASSA_PSS, + sizeof(der_id_RSASSA_PSS)) + && ossl_DER_w_end_sequence(pkt, tag); } =head1 SEE ALSO -L, L, L +L, L, +L =head1 COPYRIGHT diff --git a/include/crypto/asn1_dsa.h b/include/crypto/asn1_dsa.h index caf0349968..a51de6faf0 100644 --- a/include/crypto/asn1_dsa.h +++ b/include/crypto/asn1_dsa.h @@ -15,9 +15,9 @@ int encode_der_length(WPACKET *pkt, size_t cont_len); int encode_der_integer(WPACKET *pkt, const BIGNUM *n); int encode_der_dsa_sig(WPACKET *pkt, const BIGNUM *r, const BIGNUM *s); -int decode_der_length(PACKET *pkt, PACKET *subpkt); -int decode_der_integer(PACKET *pkt, BIGNUM *n); -size_t decode_der_dsa_sig(BIGNUM *r, BIGNUM *s, const unsigned char **ppin, - size_t len); +int ossl_decode_der_length(PACKET *pkt, PACKET *subpkt); +int ossl_decode_der_integer(PACKET *pkt, BIGNUM *n); +size_t ossl_decode_der_dsa_sig(BIGNUM *r, BIGNUM *s, const unsigned char **ppin, + size_t len); #endif diff --git a/include/internal/der.h b/include/internal/der.h index ce667dc869..a3e56d0dce 100644 --- a/include/internal/der.h +++ b/include/internal/der.h @@ -69,19 +69,20 @@ /* This can be used for all items that don't have a context */ #define DER_NO_CONTEXT -1 -int DER_w_precompiled(WPACKET *pkt, int tag, - const unsigned char *precompiled, size_t precompiled_n); +int ossl_DER_w_precompiled(WPACKET *pkt, int tag, + const unsigned char *precompiled, + size_t precompiled_n); -int DER_w_boolean(WPACKET *pkt, int tag, int b); -int DER_w_ulong(WPACKET *pkt, int tag, unsigned long v); -int DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v); -int DER_w_null(WPACKET *pkt, int tag); -int DER_w_octet_string(WPACKET *pkt, int tag, - const unsigned char *data, size_t data_n); -int DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value); +int ossl_DER_w_boolean(WPACKET *pkt, int tag, int b); +int ossl_DER_w_ulong(WPACKET *pkt, int tag, unsigned long v); +int ossl_DER_w_bn(WPACKET *pkt, int tag, const BIGNUM *v); +int ossl_DER_w_null(WPACKET *pkt, int tag); +int ossl_DER_w_octet_string(WPACKET *pkt, int tag, + const unsigned char *data, size_t data_n); +int ossl_DER_w_octet_string_uint32(WPACKET *pkt, int tag, uint32_t value); /* * All constructors for constructed elements have a begin and a end function */ -int DER_w_begin_sequence(WPACKET *pkt, int tag); -int DER_w_end_sequence(WPACKET *pkt, int tag); +int ossl_DER_w_begin_sequence(WPACKET *pkt, int tag); +int ossl_DER_w_end_sequence(WPACKET *pkt, int tag); diff --git a/providers/common/der/der_dsa.h.in b/providers/common/der/der_dsa.h.in index e9a8718fc6..e24c9845a9 100644 --- a/providers/common/der/der_dsa.h.in +++ b/providers/common/der/der_dsa.h.in @@ -17,7 +17,7 @@ -} /* Subject Public Key Info */ -int DER_w_algorithmIdentifier_DSA(WPACKET *pkt, int tag, DSA *dsa); +int ossl_DER_w_algorithmIdentifier_DSA(WPACKET *pkt, int tag, DSA *dsa); /* Signature */ -int DER_w_algorithmIdentifier_DSA_with_MD(WPACKET *pkt, int tag, - DSA *dsa, int mdnid); +int ossl_DER_w_algorithmIdentifier_DSA_with_MD(WPACKET *pkt, int tag, + DSA *dsa, int mdnid); diff --git a/providers/common/der/der_dsa_key.c b/providers/common/der/der_dsa_key.c index 6118b275fb..1a369faa81 100644 --- a/providers/common/der/der_dsa_key.c +++ b/providers/common/der/der_dsa_key.c @@ -11,10 +11,11 @@ #include "internal/packet.h" #include "prov/der_dsa.h" -int DER_w_algorithmIdentifier_DSA(WPACKET *pkt, int tag, DSA *dsa) +int ossl_DER_w_algorithmIdentifier_DSA(WPACKET *pkt, int tag, DSA *dsa) { - return DER_w_begin_sequence(pkt, tag) + return ossl_DER_w_begin_sequence(pkt, tag) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, der_oid_id_dsa, sizeof(der_oid_id_dsa)) - && DER_w_end_sequence(pkt, tag); + && ossl_DER_w_precompiled(pkt, -1, ossl_der_oid_id_dsa, + sizeof(ossl_der_oid_id_dsa)) + && ossl_DER_w_end_sequence(pkt, tag); } diff --git a/providers/common/der/der_dsa_sig.c b/providers/common/der/der_dsa_sig.c index c96a617dad..37ee5f459d 100644 --- a/providers/common/der/der_dsa_sig.c +++ b/providers/common/der/der_dsa_sig.c @@ -13,12 +13,12 @@ #define MD_CASE(name) \ case NID_##name: \ - precompiled = der_oid_id_dsa_with_##name; \ - precompiled_sz = sizeof(der_oid_id_dsa_with_##name); \ + precompiled = ossl_der_oid_id_dsa_with_##name; \ + precompiled_sz = sizeof(ossl_der_oid_id_dsa_with_##name); \ break; -int DER_w_algorithmIdentifier_DSA_with_MD(WPACKET *pkt, int tag, - DSA *dsa, int mdnid) +int ossl_DER_w_algorithmIdentifier_DSA_with_MD(WPACKET *pkt, int tag, + DSA *dsa, int mdnid) { const unsigned char *precompiled = NULL; size_t precompiled_sz = 0; @@ -37,8 +37,8 @@ int DER_w_algorithmIdentifier_DSA_with_MD(WPACKET *pkt, int tag, return 0; } - return DER_w_begin_sequence(pkt, tag) + return ossl_DER_w_begin_sequence(pkt, tag) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) - && DER_w_end_sequence(pkt, tag); + && ossl_DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) + && ossl_DER_w_end_sequence(pkt, tag); } diff --git a/providers/common/der/der_ec.h.in b/providers/common/der/der_ec.h.in index 86a754e4ff..2d56119ba1 100644 --- a/providers/common/der/der_ec.h.in +++ b/providers/common/der/der_ec.h.in @@ -17,7 +17,7 @@ -} /* Subject Public Key Info */ -int DER_w_algorithmIdentifier_EC(WPACKET *pkt, int cont, EC_KEY *ec); +int ossl_DER_w_algorithmIdentifier_EC(WPACKET *pkt, int cont, EC_KEY *ec); /* Signature */ -int DER_w_algorithmIdentifier_ECDSA_with_MD(WPACKET *pkt, int cont, - EC_KEY *ec, int mdnid); +int ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(WPACKET *pkt, int cont, + EC_KEY *ec, int mdnid); diff --git a/providers/common/der/der_ec_key.c b/providers/common/der/der_ec_key.c index 058596a96e..ae0775af53 100644 --- a/providers/common/der/der_ec_key.c +++ b/providers/common/der/der_ec_key.c @@ -11,11 +11,11 @@ #include "internal/packet.h" #include "prov/der_ec.h" -int DER_w_algorithmIdentifier_EC(WPACKET *pkt, int cont, EC_KEY *ec) +int ossl_DER_w_algorithmIdentifier_EC(WPACKET *pkt, int cont, EC_KEY *ec) { - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, der_oid_id_ecPublicKey, - sizeof(der_oid_id_ecPublicKey)) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, ossl_der_oid_id_ecPublicKey, + sizeof(ossl_der_oid_id_ecPublicKey)) + && ossl_DER_w_end_sequence(pkt, cont); } diff --git a/providers/common/der/der_ec_sig.c b/providers/common/der/der_ec_sig.c index 687ec49c1f..25b672dab2 100644 --- a/providers/common/der/der_ec_sig.c +++ b/providers/common/der/der_ec_sig.c @@ -12,20 +12,20 @@ #include "prov/der_ec.h" /* Aliases so we can have a uniform MD_CASE */ -#define der_oid_id_ecdsa_with_sha1 der_oid_ecdsa_with_SHA1 -#define der_oid_id_ecdsa_with_sha224 der_oid_ecdsa_with_SHA224 -#define der_oid_id_ecdsa_with_sha256 der_oid_ecdsa_with_SHA256 -#define der_oid_id_ecdsa_with_sha384 der_oid_ecdsa_with_SHA384 -#define der_oid_id_ecdsa_with_sha512 der_oid_ecdsa_with_SHA512 +#define ossl_der_oid_id_ecdsa_with_sha1 ossl_der_oid_ecdsa_with_SHA1 +#define ossl_der_oid_id_ecdsa_with_sha224 ossl_der_oid_ecdsa_with_SHA224 +#define ossl_der_oid_id_ecdsa_with_sha256 ossl_der_oid_ecdsa_with_SHA256 +#define ossl_der_oid_id_ecdsa_with_sha384 ossl_der_oid_ecdsa_with_SHA384 +#define ossl_der_oid_id_ecdsa_with_sha512 ossl_der_oid_ecdsa_with_SHA512 #define MD_CASE(name) \ case NID_##name: \ - precompiled = der_oid_id_ecdsa_with_##name; \ - precompiled_sz = sizeof(der_oid_id_ecdsa_with_##name); \ + precompiled = ossl_der_oid_id_ecdsa_with_##name; \ + precompiled_sz = sizeof(ossl_der_oid_id_ecdsa_with_##name); \ break; -int DER_w_algorithmIdentifier_ECDSA_with_MD(WPACKET *pkt, int cont, - EC_KEY *ec, int mdnid) +int ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(WPACKET *pkt, int cont, + EC_KEY *ec, int mdnid) { const unsigned char *precompiled = NULL; size_t precompiled_sz = 0; @@ -44,8 +44,8 @@ int DER_w_algorithmIdentifier_ECDSA_with_MD(WPACKET *pkt, int cont, return 0; } - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) + && ossl_DER_w_end_sequence(pkt, cont); } diff --git a/providers/common/der/der_ecx.h.in b/providers/common/der/der_ecx.h.in index 9d9a82e399..ae2310c829 100644 --- a/providers/common/der/der_ecx.h.in +++ b/providers/common/der/der_ecx.h.in @@ -17,7 +17,7 @@ filter => \&oids_to_c::filter_to_H }); -} -int DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec); -int DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec); -int DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec); -int DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec); +int ossl_DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec); +int ossl_DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec); +int ossl_DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec); +int ossl_DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec); diff --git a/providers/common/der/der_ecx_key.c b/providers/common/der/der_ecx_key.c index 206795ed93..c00a11cac8 100644 --- a/providers/common/der/der_ecx_key.c +++ b/providers/common/der/der_ecx_key.c @@ -11,38 +11,38 @@ #include "internal/packet.h" #include "prov/der_ecx.h" -int DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec) +int ossl_DER_w_algorithmIdentifier_X25519(WPACKET *pkt, int cont, ECX_KEY *ec) { - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, der_oid_id_X25519, - sizeof(der_oid_id_X25519)) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, ossl_der_oid_id_X25519, + sizeof(ossl_der_oid_id_X25519)) + && ossl_DER_w_end_sequence(pkt, cont); } -int DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec) +int ossl_DER_w_algorithmIdentifier_X448(WPACKET *pkt, int cont, ECX_KEY *ec) { - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, der_oid_id_X448, - sizeof(der_oid_id_X448)) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, ossl_der_oid_id_X448, + sizeof(ossl_der_oid_id_X448)) + && ossl_DER_w_end_sequence(pkt, cont); } -int DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec) +int ossl_DER_w_algorithmIdentifier_ED25519(WPACKET *pkt, int cont, ECX_KEY *ec) { - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, der_oid_id_Ed25519, - sizeof(der_oid_id_Ed25519)) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, ossl_der_oid_id_Ed25519, + sizeof(ossl_der_oid_id_Ed25519)) + && ossl_DER_w_end_sequence(pkt, cont); } -int DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec) +int ossl_DER_w_algorithmIdentifier_ED448(WPACKET *pkt, int cont, ECX_KEY *ec) { - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, der_oid_id_Ed448, - sizeof(der_oid_id_Ed448)) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, ossl_der_oid_id_Ed448, + sizeof(ossl_der_oid_id_Ed448)) + && ossl_DER_w_end_sequence(pkt, cont); } diff --git a/providers/common/der/der_rsa.h.in b/providers/common/der/der_rsa.h.in index c744fc25c5..412d5bbe7f 100644 --- a/providers/common/der/der_rsa.h.in +++ b/providers/common/der/der_rsa.h.in @@ -19,10 +19,10 @@ -} /* PSS parameters */ -int DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, - const RSA_PSS_PARAMS_30 *pss); +int ossl_DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, + const RSA_PSS_PARAMS_30 *pss); /* Subject Public Key Info */ -int DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa); +int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa); /* Signature */ -int DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, - RSA *rsa, int mdnid); +int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, + RSA *rsa, int mdnid); diff --git a/providers/common/der/der_rsa_key.c b/providers/common/der/der_rsa_key.c index bd2de4a6c3..6e8a37699d 100644 --- a/providers/common/der/der_rsa_key.c +++ b/providers/common/der/der_rsa_key.c @@ -64,66 +64,66 @@ const unsigned char der_aid_sha1Identifier[] = { DER_OID_SZ_id_sha224 + DER_SZ_NULL, \ DER_OID_V_id_sha224, \ DER_V_NULL -extern const unsigned char der_aid_sha224Identifier[]; -const unsigned char der_aid_sha224Identifier[] = { +extern const unsigned char ossl_der_aid_sha224Identifier[]; +const unsigned char ossl_der_aid_sha224Identifier[] = { DER_AID_V_sha224Identifier }; -#define DER_AID_SZ_sha224Identifier sizeof(der_aid_sha224Identifier) +#define DER_AID_SZ_sha224Identifier sizeof(ossl_der_aid_sha224Identifier) #define DER_AID_V_sha256Identifier \ DER_P_SEQUENCE|DER_F_CONSTRUCTED, \ DER_OID_SZ_id_sha256 + DER_SZ_NULL, \ DER_OID_V_id_sha256, \ DER_V_NULL -extern const unsigned char der_aid_sha256Identifier[]; -const unsigned char der_aid_sha256Identifier[] = { +extern const unsigned char ossl_der_aid_sha256Identifier[]; +const unsigned char ossl_der_aid_sha256Identifier[] = { DER_AID_V_sha256Identifier }; -#define DER_AID_SZ_sha256Identifier sizeof(der_aid_sha256Identifier) +#define DER_AID_SZ_sha256Identifier sizeof(ossl_der_aid_sha256Identifier) #define DER_AID_V_sha384Identifier \ DER_P_SEQUENCE|DER_F_CONSTRUCTED, \ DER_OID_SZ_id_sha384 + DER_SZ_NULL, \ DER_OID_V_id_sha384, \ DER_V_NULL -extern const unsigned char der_aid_sha384Identifier[]; -const unsigned char der_aid_sha384Identifier[] = { +extern const unsigned char ossl_der_aid_sha384Identifier[]; +const unsigned char ossl_der_aid_sha384Identifier[] = { DER_AID_V_sha384Identifier }; -#define DER_AID_SZ_sha384Identifier sizeof(der_aid_sha384Identifier) +#define DER_AID_SZ_sha384Identifier sizeof(ossl_der_aid_sha384Identifier) #define DER_AID_V_sha512Identifier \ DER_P_SEQUENCE|DER_F_CONSTRUCTED, \ DER_OID_SZ_id_sha512 + DER_SZ_NULL, \ DER_OID_V_id_sha512, \ DER_V_NULL -extern const unsigned char der_aid_sha512Identifier[]; -const unsigned char der_aid_sha512Identifier[] = { +extern const unsigned char ossl_der_aid_sha512Identifier[]; +const unsigned char ossl_der_aid_sha512Identifier[] = { DER_AID_V_sha512Identifier }; -#define DER_AID_SZ_sha512Identifier sizeof(der_aid_sha512Identifier) +#define DER_AID_SZ_sha512Identifier sizeof(ossl_der_aid_sha512Identifier) #define DER_AID_V_sha512_224Identifier \ DER_P_SEQUENCE|DER_F_CONSTRUCTED, \ DER_OID_SZ_id_sha512_224 + DER_SZ_NULL, \ DER_OID_V_id_sha512_224, \ DER_V_NULL -extern const unsigned char der_aid_sha512_224Identifier[]; -const unsigned char der_aid_sha512_224Identifier[] = { +extern const unsigned char ossl_der_aid_sha512_224Identifier[]; +const unsigned char ossl_der_aid_sha512_224Identifier[] = { DER_AID_V_sha512_224Identifier }; -#define DER_AID_SZ_sha512_224Identifier sizeof(der_aid_sha512_224Identifier) +#define DER_AID_SZ_sha512_224Identifier sizeof(ossl_der_aid_sha512_224Identifier) #define DER_AID_V_sha512_256Identifier \ DER_P_SEQUENCE|DER_F_CONSTRUCTED, \ DER_OID_SZ_id_sha512_256 + DER_SZ_NULL, \ DER_OID_V_id_sha512_256, \ DER_V_NULL -extern const unsigned char der_aid_sha512_256Identifier[]; -const unsigned char der_aid_sha512_256Identifier[] = { +extern const unsigned char ossl_der_aid_sha512_256Identifier[]; +const unsigned char ossl_der_aid_sha512_256Identifier[] = { DER_AID_V_sha512_256Identifier }; -#define DER_AID_SZ_sha512_256Identifier sizeof(der_aid_sha512_256Identifier) +#define DER_AID_SZ_sha512_256Identifier sizeof(ossl_der_aid_sha512_256Identifier) /*- * From https://tools.ietf.org/html/rfc8017#appendix-A.2.1 @@ -264,18 +264,19 @@ static int DER_w_MaskGenAlgorithm(WPACKET *pkt, int tag, if (maskgenalg == NULL) return 1; - return DER_w_precompiled(pkt, tag, maskgenalg, maskgenalg_sz); + return ossl_DER_w_precompiled(pkt, tag, maskgenalg, maskgenalg_sz); } return 0; } #define OAEP_PSS_MD_CASE(name, var) \ case NID_##name: \ - var = der_oid_id_##name; \ - var##_sz = sizeof(der_oid_id_##name); \ + var = ossl_der_oid_id_##name; \ + var##_sz = sizeof(ossl_der_oid_id_##name); \ break; -int DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, const RSA_PSS_PARAMS_30 *pss) +int ossl_DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, + const RSA_PSS_PARAMS_30 *pss) { int hashalg_nid, default_hashalg_nid; int saltlen, default_saltlen; @@ -329,26 +330,26 @@ int DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, const RSA_PSS_PARAMS_30 *pss) return 0; } - return DER_w_begin_sequence(pkt, tag) + return ossl_DER_w_begin_sequence(pkt, tag) && (trailerfield == default_trailerfield - || DER_w_ulong(pkt, 3, trailerfield)) - && (saltlen == default_saltlen || DER_w_ulong(pkt, 2, saltlen)) + || ossl_DER_w_ulong(pkt, 3, trailerfield)) + && (saltlen == default_saltlen || ossl_DER_w_ulong(pkt, 2, saltlen)) && DER_w_MaskGenAlgorithm(pkt, 1, pss) && (hashalg_nid == default_hashalg_nid - || DER_w_precompiled(pkt, 0, hashalg, hashalg_sz)) - && DER_w_end_sequence(pkt, tag); + || ossl_DER_w_precompiled(pkt, 0, hashalg, hashalg_sz)) + && ossl_DER_w_end_sequence(pkt, tag); } /* Aliases so we can have a uniform RSA_CASE */ -#define der_oid_rsassaPss der_oid_id_RSASSA_PSS +#define ossl_der_oid_rsassaPss ossl_der_oid_id_RSASSA_PSS #define RSA_CASE(name, var) \ var##_nid = NID_##name; \ - var##_oid = der_oid_##name; \ - var##_oid_sz = sizeof(der_oid_##name); \ + var##_oid = ossl_der_oid_##name; \ + var##_oid_sz = sizeof(ossl_der_oid_##name); \ break; -int DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa) +int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa) { int rsa_nid = NID_undef; const unsigned char *rsa_oid = NULL; @@ -365,10 +366,10 @@ int DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa) if (rsa_oid == NULL) return 0; - return DER_w_begin_sequence(pkt, tag) + return ossl_DER_w_begin_sequence(pkt, tag) && (rsa_nid != NID_rsassaPss || rsa_pss_params_30_is_unrestricted(pss_params) - || DER_w_RSASSA_PSS_params(pkt, -1, pss_params)) - && DER_w_precompiled(pkt, -1, rsa_oid, rsa_oid_sz) - && DER_w_end_sequence(pkt, tag); + || ossl_DER_w_RSASSA_PSS_params(pkt, -1, pss_params)) + && ossl_DER_w_precompiled(pkt, -1, rsa_oid, rsa_oid_sz) + && ossl_DER_w_end_sequence(pkt, tag); } diff --git a/providers/common/der/der_rsa_sig.c b/providers/common/der/der_rsa_sig.c index a1ab263dc1..1ff9bf789b 100644 --- a/providers/common/der/der_rsa_sig.c +++ b/providers/common/der/der_rsa_sig.c @@ -13,23 +13,23 @@ #include "prov/der_digests.h" /* Aliases so we can have a uniform MD_with_RSA_CASE */ -#define der_oid_sha3_224WithRSAEncryption \ - der_oid_id_rsassa_pkcs1_v1_5_with_sha3_224 -#define der_oid_sha3_256WithRSAEncryption \ - der_oid_id_rsassa_pkcs1_v1_5_with_sha3_256 -#define der_oid_sha3_384WithRSAEncryption \ - der_oid_id_rsassa_pkcs1_v1_5_with_sha3_384 -#define der_oid_sha3_512WithRSAEncryption \ - der_oid_id_rsassa_pkcs1_v1_5_with_sha3_512 +#define ossl_der_oid_sha3_224WithRSAEncryption \ + ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_224 +#define ossl_der_oid_sha3_256WithRSAEncryption \ + ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_256 +#define ossl_der_oid_sha3_384WithRSAEncryption \ + ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_384 +#define ossl_der_oid_sha3_512WithRSAEncryption \ + ossl_der_oid_id_rsassa_pkcs1_v1_5_with_sha3_512 #define MD_with_RSA_CASE(name, var) \ case NID_##name: \ - var = der_oid_##name##WithRSAEncryption; \ - var##_sz = sizeof(der_oid_##name##WithRSAEncryption); \ + var = ossl_der_oid_##name##WithRSAEncryption; \ + var##_sz = sizeof(ossl_der_oid_##name##WithRSAEncryption); \ break; -int DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, - RSA *rsa, int mdnid) +int ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, + RSA *rsa, int mdnid) { const unsigned char *precompiled = NULL; size_t precompiled_sz = 0; @@ -57,8 +57,8 @@ int DER_w_algorithmIdentifier_MDWithRSAEncryption(WPACKET *pkt, int tag, return 0; } - return DER_w_begin_sequence(pkt, tag) + return ossl_DER_w_begin_sequence(pkt, tag) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) - && DER_w_end_sequence(pkt, tag); + && ossl_DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) + && ossl_DER_w_end_sequence(pkt, tag); } diff --git a/providers/common/der/der_sm2_key.c b/providers/common/der/der_sm2_key.c index 7167088099..a766bb4f3d 100644 --- a/providers/common/der/der_sm2_key.c +++ b/providers/common/der/der_sm2_key.c @@ -14,10 +14,10 @@ int DER_w_algorithmIdentifier_SM2(WPACKET *pkt, int cont, EC_KEY *ec) { - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ /* It seems SM2 identifier is the same as id_ecPublidKey */ - && DER_w_precompiled(pkt, -1, der_oid_id_ecPublicKey, - sizeof(der_oid_id_ecPublicKey)) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, ossl_der_oid_id_ecPublicKey, + sizeof(ossl_der_oid_id_ecPublicKey)) + && ossl_DER_w_end_sequence(pkt, cont); } diff --git a/providers/common/der/der_sm2_sig.c b/providers/common/der/der_sm2_sig.c index a35755065e..7b710cfa53 100644 --- a/providers/common/der/der_sm2_sig.c +++ b/providers/common/der/der_sm2_sig.c @@ -12,12 +12,12 @@ #include "prov/der_sm2.h" /* Aliases so we can have a uniform MD_CASE */ -#define der_oid_id_sm2_with_sm3 der_oid_sm2_with_SM3 +#define ossl_der_oid_id_sm2_with_sm3 ossl_der_oid_sm2_with_SM3 #define MD_CASE(name) \ case NID_##name: \ - precompiled = der_oid_id_sm2_with_##name; \ - precompiled_sz = sizeof(der_oid_id_sm2_with_##name); \ + precompiled = ossl_der_oid_id_sm2_with_##name; \ + precompiled_sz = sizeof(ossl_der_oid_id_sm2_with_##name); \ break; int DER_w_algorithmIdentifier_SM2_with_MD(WPACKET *pkt, int cont, @@ -32,8 +32,8 @@ int DER_w_algorithmIdentifier_SM2_with_MD(WPACKET *pkt, int cont, return 0; } - return DER_w_begin_sequence(pkt, cont) + return ossl_DER_w_begin_sequence(pkt, cont) /* No parameters (yet?) */ - && DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) - && DER_w_end_sequence(pkt, cont); + && ossl_DER_w_precompiled(pkt, -1, precompiled, precompiled_sz) + && ossl_DER_w_end_sequence(pkt, cont); } diff --git a/providers/common/der/oids_to_c.pm b/providers/common/der/oids_to_c.pm index dee326316b..aa5b80cc12 100644 --- a/providers/common/der/oids_to_c.pm +++ b/providers/common/der/oids_to_c.pm @@ -40,7 +40,7 @@ sub filter_to_H { $C_comment #define DER_OID_V_${C_name} DER_P_OBJECT, $oid_size, ${C_bytes} #define DER_OID_SZ_${C_name} ${C_bytes_size} -extern const unsigned char der_oid_${C_name}[DER_OID_SZ_${C_name}]; +extern const unsigned char ossl_der_oid_${C_name}[DER_OID_SZ_${C_name}]; _____ } @@ -58,7 +58,7 @@ sub filter_to_C { return <<"_____"; $C_comment -const unsigned char der_oid_${C_name}[DER_OID_SZ_${C_name}] = { +const unsigned char ossl_der_oid_${C_name}[DER_OID_SZ_${C_name}] = { DER_OID_V_${C_name} }; _____ diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index c3402c875c..2a4a31fe5b 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -657,7 +657,7 @@ static int prepare_rsa_params(const void *rsa, int nid, } break; } - if (!DER_w_RSASSA_PSS_params(&pkt, -1, pss) + if (!ossl_DER_w_RSASSA_PSS_params(&pkt, -1, pss) || !WPACKET_finish(&pkt) || !WPACKET_get_total_written(&pkt, &str_sz)) goto err; diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c index da051d691d..3377350bf3 100644 --- a/providers/implementations/kdfs/x942kdf.c +++ b/providers/implementations/kdfs/x942kdf.c @@ -58,12 +58,15 @@ static const struct { size_t oid_len; size_t keklen; /* size in bytes */ } kek_algs[] = { - { "AES-128-WRAP", der_oid_id_aes128_wrap, DER_OID_SZ_id_aes128_wrap, 16 }, - { "AES-192-WRAP", der_oid_id_aes192_wrap, DER_OID_SZ_id_aes192_wrap, 24 }, - { "AES-256-WRAP", der_oid_id_aes256_wrap, DER_OID_SZ_id_aes256_wrap, 32 }, -#ifndef FIPS_MODULE - { "DES3-WRAP", der_oid_id_alg_CMS3DESwrap, DER_OID_SZ_id_alg_CMS3DESwrap, + { "AES-128-WRAP", ossl_der_oid_id_aes128_wrap, DER_OID_SZ_id_aes128_wrap, + 16 }, + { "AES-192-WRAP", ossl_der_oid_id_aes192_wrap, DER_OID_SZ_id_aes192_wrap, 24 }, + { "AES-256-WRAP", ossl_der_oid_id_aes256_wrap, DER_OID_SZ_id_aes256_wrap, + 32 }, +#ifndef FIPS_MODULE + { "DES3-WRAP", ossl_der_oid_id_alg_CMS3DESwrap, + DER_OID_SZ_id_alg_CMS3DESwrap, 24 }, #endif }; @@ -94,14 +97,14 @@ static int DER_w_keyinfo(WPACKET *pkt, const unsigned char *der_oid, size_t der_oidlen, unsigned char **pcounter) { - return DER_w_begin_sequence(pkt, -1) + return ossl_DER_w_begin_sequence(pkt, -1) /* Store the initial value of 1 into the counter */ - && DER_w_octet_string_uint32(pkt, -1, 1) + && ossl_DER_w_octet_string_uint32(pkt, -1, 1) /* Remember where we stored the counter in the buffer */ && (pcounter == NULL || (*pcounter = WPACKET_get_curr(pkt)) != NULL) - && DER_w_precompiled(pkt, -1, der_oid, der_oidlen) - && DER_w_end_sequence(pkt, -1); + && ossl_DER_w_precompiled(pkt, -1, der_oid, der_oidlen) + && ossl_DER_w_end_sequence(pkt, -1); } static int der_encode_sharedinfo(WPACKET *pkt, unsigned char *buf, size_t buflen, @@ -111,11 +114,11 @@ static int der_encode_sharedinfo(WPACKET *pkt, unsigned char *buf, size_t buflen { return (buf != NULL ? WPACKET_init_der(pkt, buf, buflen) : WPACKET_init_null_der(pkt)) - && DER_w_begin_sequence(pkt, -1) - && DER_w_octet_string_uint32(pkt, 2, keylen_bits) - && (ukm == NULL || DER_w_octet_string(pkt, 0, ukm, ukmlen)) + && ossl_DER_w_begin_sequence(pkt, -1) + && ossl_DER_w_octet_string_uint32(pkt, 2, keylen_bits) + && (ukm == NULL || ossl_DER_w_octet_string(pkt, 0, ukm, ukmlen)) && DER_w_keyinfo(pkt, der_oid, der_oidlen, pcounter) - && DER_w_end_sequence(pkt, -1) + && ossl_DER_w_end_sequence(pkt, -1) && WPACKET_finish(pkt); } diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c index 0e954febbb..c7c1f095a3 100644 --- a/providers/implementations/signature/dsa.c +++ b/providers/implementations/signature/dsa.c @@ -157,8 +157,8 @@ static int dsa_setup_md(PROV_DSA_CTX *ctx, */ ctx->aid_len = 0; if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) - && DER_w_algorithmIdentifier_DSA_with_MD(&pkt, -1, ctx->dsa, - md_nid) + && ossl_DER_w_algorithmIdentifier_DSA_with_MD(&pkt, -1, ctx->dsa, + md_nid) && WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, &ctx->aid_len); ctx->aid = WPACKET_get_curr(&pkt); diff --git a/providers/implementations/signature/ecdsa.c b/providers/implementations/signature/ecdsa.c index 11a8682be4..7d4a7ebd11 100644 --- a/providers/implementations/signature/ecdsa.c +++ b/providers/implementations/signature/ecdsa.c @@ -233,7 +233,8 @@ static int ecdsa_digest_signverify_init(void *vctx, const char *mdname, */ ctx->aid_len = 0; if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) - && DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec, md_nid) + && ossl_DER_w_algorithmIdentifier_ECDSA_with_MD(&pkt, -1, ctx->ec, + md_nid) && WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, &ctx->aid_len); ctx->aid = WPACKET_get_curr(&pkt); diff --git a/providers/implementations/signature/eddsa.c b/providers/implementations/signature/eddsa.c index e4d0fb5831..dd99b53a61 100644 --- a/providers/implementations/signature/eddsa.c +++ b/providers/implementations/signature/eddsa.c @@ -94,10 +94,10 @@ static int eddsa_digest_signverify_init(void *vpeddsactx, const char *mdname, ret = WPACKET_init_der(&pkt, peddsactx->aid_buf, sizeof(peddsactx->aid_buf)); switch (edkey->type) { case ECX_KEY_TYPE_ED25519: - ret = ret && DER_w_algorithmIdentifier_ED25519(&pkt, -1, edkey); + ret = ret && ossl_DER_w_algorithmIdentifier_ED25519(&pkt, -1, edkey); break; case ECX_KEY_TYPE_ED448: - ret = ret && DER_w_algorithmIdentifier_ED448(&pkt, -1, edkey); + ret = ret && ossl_DER_w_algorithmIdentifier_ED448(&pkt, -1, edkey); break; default: /* Should never happen */ diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index 5613d1d2c9..dbebf7d7b1 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -221,8 +221,9 @@ static int rsa_setup_md(PROV_RSA_CTX *ctx, const char *mdname, */ ctx->aid_len = 0; if (WPACKET_init_der(&pkt, ctx->aid_buf, sizeof(ctx->aid_buf)) - && DER_w_algorithmIdentifier_MDWithRSAEncryption(&pkt, -1, ctx->rsa, - md_nid) + && ossl_DER_w_algorithmIdentifier_MDWithRSAEncryption(&pkt, -1, + ctx->rsa, + md_nid) && WPACKET_finish(&pkt)) { WPACKET_get_total_written(&pkt, &ctx->aid_len); ctx->aid = WPACKET_get_curr(&pkt); diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index 5b0616e26a..c194578937 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -557,7 +557,8 @@ static int file_setup_decoders(struct file_ctx_st *ctx) * The decoder doesn't need any identification or to be attached to * any provider, since it's only used locally. */ - to_obj = ossl_decoder_from_dispatch(0, &der_to_obj_algorithm, NULL); + to_obj = ossl_decoder_from_dispatch(0, &ossl_der_to_obj_algorithm, + NULL); if (to_obj == NULL) goto err; to_obj_inst = ossl_decoder_instance_new(to_obj, ctx->provctx); diff --git a/providers/implementations/storemgmt/file_store_der2obj.c b/providers/implementations/storemgmt/file_store_der2obj.c index 6613c8b5f2..8c9168b125 100644 --- a/providers/implementations/storemgmt/file_store_der2obj.c +++ b/providers/implementations/storemgmt/file_store_der2obj.c @@ -130,5 +130,5 @@ static const OSSL_DISPATCH der_to_obj_decoder_functions[] = { { 0, NULL } }; -const OSSL_ALGORITHM der_to_obj_algorithm = +const OSSL_ALGORITHM ossl_der_to_obj_algorithm = { "obj", NULL, der_to_obj_decoder_functions }; diff --git a/providers/implementations/storemgmt/file_store_local.h b/providers/implementations/storemgmt/file_store_local.h index a95f5fe87c..b25dacc18b 100644 --- a/providers/implementations/storemgmt/file_store_local.h +++ b/providers/implementations/storemgmt/file_store_local.h @@ -7,5 +7,5 @@ * https://www.openssl.org/source/license.html */ -extern const OSSL_ALGORITHM der_to_obj_algorithm; +extern const OSSL_ALGORITHM ossl_der_to_obj_algorithm; diff --git a/test/asn1_dsa_internal_test.c b/test/asn1_dsa_internal_test.c index 21e574d3fb..89e3c33a15 100644 --- a/test/asn1_dsa_internal_test.c +++ b/test/asn1_dsa_internal_test.c @@ -93,7 +93,7 @@ static int test_decode(void) /* Positive tests */ pder = t_dsa_sig; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig)) == 0 + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig)) == 0 || !TEST_ptr_eq(pder, (t_dsa_sig + sizeof(t_dsa_sig))) || !TEST_BN_eq_word(r, 1) || !TEST_BN_eq_word(s, 2)) { TEST_info("asn1_dsa test_decode: t_dsa_sig failed"); @@ -103,7 +103,7 @@ static int test_decode(void) BN_clear(r); BN_clear(s); pder = t_dsa_sig_extra; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_extra)) == 0 + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_extra)) == 0 || !TEST_ptr_eq(pder, (t_dsa_sig_extra + sizeof(t_dsa_sig_extra) - 2)) || !TEST_BN_eq_word(r, 1) || !TEST_BN_eq_word(s, 2)) { @@ -114,7 +114,7 @@ static int test_decode(void) BN_clear(r); BN_clear(s); pder = t_dsa_sig_msb; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_msb)) == 0 + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_msb)) == 0 || !TEST_ptr_eq(pder, (t_dsa_sig_msb + sizeof(t_dsa_sig_msb))) || !TEST_BN_eq_word(r, 0x81) || !TEST_BN_eq_word(s, 0x82)) { TEST_info("asn1_dsa test_decode: t_dsa_sig_msb failed"); @@ -124,7 +124,7 @@ static int test_decode(void) BN_clear(r); BN_clear(s); pder = t_dsa_sig_two; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_two)) == 0 + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_dsa_sig_two)) == 0 || !TEST_ptr_eq(pder, (t_dsa_sig_two + sizeof(t_dsa_sig_two))) || !TEST_BN_eq_word(r, 0x100) || !TEST_BN_eq_word(s, 0x200)) { TEST_info("asn1_dsa test_decode: t_dsa_sig_two failed"); @@ -133,7 +133,7 @@ static int test_decode(void) /* Negative tests */ pder = t_invalid_int_zero; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_invalid_int_zero)) != 0) { + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_invalid_int_zero)) != 0) { TEST_info("asn1_dsa test_decode: Expected t_invalid_int_zero to fail"); goto fail; } @@ -141,7 +141,7 @@ static int test_decode(void) BN_clear(r); BN_clear(s); pder = t_invalid_int; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_invalid_int)) != 0) { + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_invalid_int)) != 0) { TEST_info("asn1_dsa test_decode: Expected t_invalid_int to fail"); goto fail; } @@ -149,7 +149,7 @@ static int test_decode(void) BN_clear(r); BN_clear(s); pder = t_neg_int; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_neg_int)) != 0) { + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_neg_int)) != 0) { TEST_info("asn1_dsa test_decode: Expected t_neg_int to fail"); goto fail; } @@ -157,7 +157,7 @@ static int test_decode(void) BN_clear(r); BN_clear(s); pder = t_trunc_der; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_trunc_der)) != 0) { + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_trunc_der)) != 0) { TEST_info("asn1_dsa test_decode: Expected fail t_trunc_der"); goto fail; } @@ -165,7 +165,7 @@ static int test_decode(void) BN_clear(r); BN_clear(s); pder = t_trunc_seq; - if (decode_der_dsa_sig(r, s, &pder, sizeof(t_trunc_seq)) != 0) { + if (ossl_decode_der_dsa_sig(r, s, &pder, sizeof(t_trunc_seq)) != 0) { TEST_info("asn1_dsa test_decode: Expected fail t_trunc_seq"); goto fail; } From openssl at openssl.org Thu Oct 1 01:38:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 01:38:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1601516325.128674.31922.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl.pod.in > doc/man1/openssl-crl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4269: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3148: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From builds at travis-ci.com Thu Oct 1 01:57:47 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 01 Oct 2020 01:57:47 +0000 Subject: Still Failing: openssl/openssl#37840 (master - 592dcfd) In-Reply-To: Message-ID: <5f75379f1e4f6_13fcf1e2bd34c85326@travis-pro-tasks-7747bb88c9-zf5tt.mail> Build Update for openssl/openssl ------------------------------------- Build: #37840 Status: Still Failing Duration: 1 hr, 21 mins, and 55 secs Commit: 592dcfd (master) Author: Pauli Message: prov: prefix all exposed 'cipher' symbols with ossl_ Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13030) View the changeset: https://github.com/openssl/openssl/compare/13a574d8bb25...592dcfd3df12 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187509415?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 1 02:20:04 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 02:20:04 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1601518804.633336.7519.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C080CC37A47F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3563, 670 wallclock secs (13.54 usr 1.29 sys + 608.35 cusr 55.97 csys = 679.15 CPU) Result: FAIL Makefile:3178: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3176: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 1 02:52:09 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 02:52:09 +0000 Subject: Build failed: openssl master.37305 Message-ID: <20201001025209.1.4D55BDB3FE0C7B21@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 03:55:20 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 03:55:20 +0000 Subject: Build completed: openssl master.37306 Message-ID: <20201001035520.1.A3FF4D9748559130@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 1 04:45:44 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 01 Oct 2020 04:45:44 +0000 Subject: Still Failing: openssl/openssl#37843 (master - c4232b9) In-Reply-To: Message-ID: <5f755ef8ca55_13f7fc06b87b02943f@travis-pro-tasks-5d5dddb56b-qzqvq.mail> Build Update for openssl/openssl ------------------------------------- Build: #37843 Status: Still Failing Duration: 1 hr, 19 mins, and 50 secs Commit: c4232b9 (master) Author: Shane Lontis Message: rsa_mp_coeff_names should only have one entry in it for fips mode. Reported by Tim Hudson Reviewed-by: Richard Levitte Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/13011) View the changeset: https://github.com/openssl/openssl/compare/592dcfd3df12...c4232b9edbeb View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187510709?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 1 05:50:59 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 01 Oct 2020 05:50:59 +0000 Subject: Still Failing: openssl/openssl#37844 (master - 0129030) In-Reply-To: Message-ID: <5f756e429f1e6_13f7fc06b84f4782d9@travis-pro-tasks-5d5dddb56b-qzqvq.mail> Build Update for openssl/openssl ------------------------------------- Build: #37844 Status: Still Failing Duration: 52 mins and 39 secs Commit: 0129030 (master) Author: Pauli Message: der: _ossl prefix der_oid_ and der_aid_ functions Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13038) View the changeset: https://github.com/openssl/openssl/compare/c4232b9edbeb...012903063900 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187512839?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 05:55:35 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 05:55:35 +0000 Subject: Build failed: openssl master.37308 Message-ID: <20201001055535.1.6AB1C5A36A922EC3@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 1 06:05:05 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 06:05:05 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1601532305.206290.8277.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c Makefile:4278: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3157: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Thu Oct 1 06:59:57 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 06:59:57 +0000 Subject: Build completed: openssl master.37309 Message-ID: <20201001065957.1.DF7B7C8FF8DAAAC1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 08:13:56 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 08:13:56 +0000 Subject: Build failed: openssl master.37310 Message-ID: <20201001081356.1.F030DE28A0D395A8@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 09:20:22 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 09:20:22 +0000 Subject: Build completed: openssl master.37311 Message-ID: <20201001092022.1.2294ED47EB58CB63@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Thu Oct 1 09:28:06 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 01 Oct 2020 09:28:06 +0000 Subject: [openssl] master update Message-ID: <1601544486.193933.21639.nullmailer@dev.openssl.org> The branch master has been updated via 746f3674896845460946ace7e963e52b547fbf35 (commit) via d8652be06e2778e8898453a391deb7253e1a35a2 (commit) via aedac96c1172ca9a9efe72e027e935504b599e2f (commit) from 012903063900340b972a6a8d20c0a18c37a89428 (commit) - Log ----------------------------------------------------------------- commit 746f3674896845460946ace7e963e52b547fbf35 Author: Matt Caswell Date: Thu Sep 24 10:56:03 2020 +0100 Fix some things the rename script didn't quite get right The previous commit ran an automated rename throughout the codebase. There are a small number of things it didn't quite get right so we fix those in this commit. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12970) commit d8652be06e2778e8898453a391deb7253e1a35a2 Author: Matt Caswell Date: Thu Sep 24 10:42:23 2020 +0100 Run the withlibctx.pl script Automatically rename all instances of _with_libctx() to _ex() as per our coding style. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12970) commit aedac96c1172ca9a9efe72e027e935504b599e2f Author: Matt Caswell Date: Tue Sep 22 08:16:44 2020 +0100 Perl util to do with_libctx renaming Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12970) ----------------------------------------------------------------------- Summary of changes: apps/ca.c | 2 +- apps/cms.c | 19 ++- apps/lib/apps.c | 18 ++- apps/pkcs12.c | 3 +- apps/pkcs7.c | 2 +- apps/req.c | 3 +- apps/smime.c | 7 +- apps/storeutl.c | 4 +- apps/ts.c | 7 +- apps/x509.c | 6 +- crypto/asn1/a_digest.c | 9 +- crypto/asn1/a_sign.c | 16 +-- crypto/asn1/a_verify.c | 14 +- crypto/asn1/asn_mime.c | 13 +- crypto/asn1/d2i_pr.c | 6 +- crypto/cmp/cmp_protect.c | 6 +- crypto/cmp/cmp_util.c | 2 +- crypto/cmp/cmp_vfy.c | 14 +- crypto/cms/cms_cd.c | 2 +- crypto/cms/cms_dd.c | 2 +- crypto/cms/cms_env.c | 19 ++- crypto/cms/cms_ess.c | 13 +- crypto/cms/cms_io.c | 10 +- crypto/cms/cms_lib.c | 7 +- crypto/cms/cms_sd.c | 20 ++- crypto/cms/cms_smime.c | 65 +++++----- crypto/conf/conf_lib.c | 4 +- crypto/conf/conf_mod.c | 9 +- crypto/context.c | 2 +- crypto/crmf/crmf_lib.c | 16 +-- crypto/ct/ct_b64.c | 11 +- crypto/ct/ct_log.c | 14 +- crypto/ct/ct_policy.c | 6 +- crypto/ct/ct_vfy.c | 5 +- crypto/dh/dh_ameth.c | 2 +- crypto/dh/dh_gen.c | 2 +- crypto/dh/dh_group_params.c | 6 +- crypto/dh/dh_lib.c | 2 +- crypto/ec/ec_ameth.c | 15 +-- crypto/ec/ec_curve.c | 12 +- crypto/ec/ec_cvt.c | 4 +- crypto/ec/ec_key.c | 15 +-- crypto/ec/ec_lib.c | 13 +- crypto/ec/ec_local.h | 4 +- crypto/ec/ecx_meth.c | 13 +- crypto/evp/digest.c | 9 +- crypto/evp/evp_pkey.c | 10 +- crypto/evp/m_sigver.c | 14 +- crypto/evp/p5_crpt2.c | 13 +- crypto/evp/p_lib.c | 25 ++-- crypto/evp/p_sign.c | 8 +- crypto/evp/p_verify.c | 8 +- crypto/pem/pem_info.c | 21 ++- crypto/pkcs7/pk7_asn1.c | 2 +- crypto/pkcs7/pk7_doit.c | 13 +- crypto/pkcs7/pk7_mime.c | 9 +- crypto/pkcs7/pk7_smime.c | 22 ++-- crypto/rsa/rsa_local.h | 12 +- crypto/rsa/rsa_oaep.c | 22 ++-- crypto/rsa/rsa_ossl.c | 11 +- crypto/rsa/rsa_pk1.c | 9 +- crypto/rsa/rsa_ssl.c | 7 +- crypto/store/store_lib.c | 19 ++- crypto/store/store_local.h | 2 +- crypto/store/store_register.c | 8 +- crypto/store/store_result.c | 2 +- crypto/trace.c | 0 crypto/x509/by_dir.c | 28 ++-- crypto/x509/by_file.c | 53 ++++---- crypto/x509/by_store.c | 24 ++-- crypto/x509/x509_d2.c | 41 +++--- crypto/x509/x509_local.h | 11 +- crypto/x509/x509_lu.c | 32 +++-- crypto/x509/x509_vfy.c | 5 +- crypto/x509/x_all.c | 23 ++-- crypto/x509/x_x509.c | 4 +- doc/man3/CMS_EncryptedData_encrypt.pod | 20 +-- doc/man3/CMS_EnvelopedData_create.pod | 24 ++-- doc/man3/CMS_data_create.pod | 15 +-- doc/man3/CMS_digest_create.pod | 16 +-- doc/man3/CMS_encrypt.pod | 18 ++- doc/man3/CMS_get1_ReceiptRequest.pod | 12 +- doc/man3/CMS_sign.pod | 18 +-- doc/man3/CONF_modules_free.pod | 2 +- doc/man3/CONF_modules_load_file.pod | 29 ++--- doc/man3/CTLOG_STORE_new.pod | 11 +- doc/man3/CTLOG_new.pod | 24 ++-- doc/man3/CT_POLICY_EVAL_CTX_new.pod | 14 +- doc/man3/EC_GROUP_new.pod | 12 +- doc/man3/EC_KEY_new.pod | 18 +-- doc/man3/EVP_DigestSignInit.pod | 23 ++-- doc/man3/EVP_DigestVerifyInit.pod | 23 ++-- doc/man3/EVP_PKEY_new.pod | 54 ++++---- doc/man3/EVP_SignInit.pod | 15 +-- doc/man3/EVP_VerifyInit.pod | 16 +-- ...{NCONF_new_with_libctx.pod => NCONF_new_ex.pod} | 12 +- doc/man3/OSSL_STORE_LOADER.pod | 34 ++--- doc/man3/OSSL_STORE_open.pod | 21 ++- doc/man3/PEM_X509_INFO_read_bio_ex.pod | 62 +++++++++ doc/man3/PEM_X509_INFO_read_bio_with_libctx.pod | 65 ---------- doc/man3/PEM_read_bio_PrivateKey.pod | 2 +- doc/man3/PKCS7_encrypt.pod | 16 +-- doc/man3/PKCS7_sign.pod | 16 +-- doc/man3/SMIME_read_ASN1.pod | 2 +- doc/man3/SMIME_read_CMS.pod | 2 +- doc/man3/SMIME_read_PKCS7.pod | 2 +- doc/man3/SMIME_write_ASN1.pod | 14 +- doc/man3/SSL_CTX_new.pod | 12 +- doc/man3/SSL_load_client_CA_file.pod | 14 +- doc/man3/X509_LOOKUP.pod | 77 ++++++----- doc/man3/X509_LOOKUP_hash_dir.pod | 18 ++- doc/man3/X509_STORE_CTX_new.pod | 11 +- doc/man3/X509_STORE_add_cert.pod | 60 +++++---- doc/man3/X509_dup.pod | 8 +- doc/man3/X509_new.pod | 10 +- doc/man3/X509_sign.pod | 2 +- doc/man3/X509_verify.pod | 12 +- engines/e_loader_attic.c | 11 +- include/crypto/asn1.h | 2 +- include/crypto/dh.h | 4 +- include/crypto/evp.h | 14 +- include/crypto/rsa.h | 12 +- include/crypto/x509.h | 7 +- include/openssl/asn1.h.in | 28 ++-- include/openssl/cms.h.in | 55 ++++---- include/openssl/conf.h.in | 6 +- include/openssl/ct.h.in | 24 ++-- include/openssl/ec.h | 14 +- include/openssl/evp.h | 52 ++++---- include/openssl/pem.h | 11 +- include/openssl/pkcs7.h.in | 14 +- include/openssl/ssl.h.in | 8 +- include/openssl/store.h | 15 +-- include/openssl/x509.h.in | 10 +- include/openssl/x509_vfy.h.in | 64 +++++----- providers/implementations/asymciphers/rsa_enc.c | 11 +- providers/implementations/kdfs/scrypt.c | 8 +- providers/implementations/keymgmt/dh_kmgmt.c | 8 +- providers/implementations/keymgmt/ec_kmgmt.c | 6 +- ssl/ssl_cert.c | 14 +- ssl/ssl_conf.c | 7 +- ssl/ssl_lib.c | 28 ++-- ssl/ssl_rsa.c | 12 +- ssl/statem/extensions.c | 12 +- ssl/statem/extensions_srvr.c | 27 ++-- ssl/statem/statem_clnt.c | 9 +- ssl/statem/statem_lib.c | 17 +-- ssl/statem/statem_srvr.c | 9 +- ssl/t1_enc.c | 13 +- test/acvp_test.c | 16 +-- test/asynctest.c | 18 +-- test/cmp_msg_test.c | 10 +- test/cmp_testlib.c | 2 +- test/cmp_testlib.h | 2 +- test/evp_extra_test.c | 9 +- test/evp_libctx_test.c | 2 +- test/evp_test.c | 31 ++--- test/ossl_store_test.c | 5 +- test/ssl_test.c | 30 ++--- test/ssl_test_ctx.c | 2 +- test/sslapitest.c | 24 ++-- test/ssltest_old.c | 6 +- test/ssltestlib.c | 4 +- util/libcrypto.num | 94 +++++++------- util/libssl.num | 4 +- util/missingcrypto.txt | 6 +- util/other.syms | 8 +- util/withlibctx.pl | 141 +++++++++++++++++++++ 168 files changed, 1342 insertions(+), 1351 deletions(-) mode change 100755 => 100644 crypto/trace.c rename doc/man3/{NCONF_new_with_libctx.pod => NCONF_new_ex.pod} (75%) create mode 100644 doc/man3/PEM_X509_INFO_read_bio_ex.pod delete mode 100644 doc/man3/PEM_X509_INFO_read_bio_with_libctx.pod create mode 100755 util/withlibctx.pl diff --git a/apps/ca.c b/apps/ca.c index 58126b95a0..4a67d61477 100644 --- a/apps/ca.c +++ b/apps/ca.c @@ -1652,7 +1652,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, BIO_printf(bio_err, "Everything appears to be ok, creating and signing the certificate\n"); - if ((ret = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL) + if ((ret = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL) goto end; #ifdef X509_V3 diff --git a/apps/cms.c b/apps/cms.c index ad8f64fcaa..9312c37fc2 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -237,7 +237,7 @@ static CMS_ContentInfo *load_content_info(int informat, BIO *in, BIO **indata, { CMS_ContentInfo *ret, *ci; - ret = CMS_ContentInfo_new_with_libctx(libctx, propq); + ret = CMS_ContentInfo_new_ex(libctx, propq); if (ret == NULL) { BIO_printf(bio_err, "Error allocating CMS_contentinfo\n"); return NULL; @@ -926,15 +926,15 @@ int cms_main(int argc, char **argv) ret = 3; if (operation == SMIME_DATA_CREATE) { - cms = CMS_data_create_with_libctx(in, flags, libctx, propq); + cms = CMS_data_create_ex(in, flags, libctx, propq); } else if (operation == SMIME_DIGEST_CREATE) { - cms = CMS_digest_create_with_libctx(in, sign_md, flags, libctx, propq); + cms = CMS_digest_create_ex(in, sign_md, flags, libctx, propq); } else if (operation == SMIME_COMPRESS) { cms = CMS_compress(in, -1, flags); } else if (operation == SMIME_ENCRYPT) { int i; flags |= CMS_PARTIAL; - cms = CMS_encrypt_with_libctx(NULL, in, cipher, flags, libctx, propq); + cms = CMS_encrypt_ex(NULL, in, cipher, flags, libctx, propq); if (cms == NULL) goto end; for (i = 0; i < sk_X509_num(encerts); i++) { @@ -999,9 +999,8 @@ int cms_main(int argc, char **argv) goto end; } } else if (operation == SMIME_ENCRYPTED_ENCRYPT) { - cms = CMS_EncryptedData_encrypt_with_libctx(in, cipher, secret_key, - secret_keylen, flags, - libctx, propq); + cms = CMS_EncryptedData_encrypt_ex(in, cipher, secret_key, + secret_keylen, flags, libctx, propq); } else if (operation == SMIME_SIGN_RECEIPT) { CMS_ContentInfo *srcms = NULL; @@ -1029,7 +1028,7 @@ int cms_main(int argc, char **argv) flags |= CMS_STREAM; } flags |= CMS_PARTIAL; - cms = CMS_sign_with_libctx(NULL, NULL, other, in, flags, libctx, propq); + cms = CMS_sign_ex(NULL, NULL, other, in, flags, libctx, propq); if (cms == NULL) goto end; if (econtent_type != NULL) @@ -1416,8 +1415,8 @@ static CMS_ReceiptRequest *make_receipt_request( } else { rct_from = NULL; } - rr = CMS_ReceiptRequest_create0_with_libctx(NULL, -1, rr_allorfirst, - rct_from, rct_to, libctx, propq); + rr = CMS_ReceiptRequest_create0_ex(NULL, -1, rr_allorfirst, rct_from, + rct_to, libctx, propq); return rr; err: sk_GENERAL_NAMES_pop_free(rct_to, GENERAL_NAMES_free); diff --git a/apps/lib/apps.c b/apps/lib/apps.c index fa015aa4ea..decd5df7f7 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -364,7 +364,7 @@ CONF *app_load_config_bio(BIO *in, const char *filename) CONF *conf; int i; - conf = NCONF_new_with_libctx(app_libctx, NULL); + conf = NCONF_new_ex(app_libctx, NULL); i = NCONF_load_bio(conf, in, &errorline); if (i > 0) return conf; @@ -756,8 +756,8 @@ int load_key_certs_crls(const char *uri, int maybe_stdin, ctx = OSSL_STORE_attach(bio, "file", libctx, propq, get_ui_method(), &uidata, NULL, NULL); } else { - ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, get_ui_method(), - &uidata, NULL, NULL); + ctx = OSSL_STORE_open_ex(uri, libctx, propq, get_ui_method(), &uidata, + NULL, NULL); } if (ctx == NULL) { BIO_printf(bio_err, "Could not open file or uri for loading"); @@ -1116,16 +1116,14 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, if (lookup == NULL) goto end; if (CAfile != NULL) { - if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile, - X509_FILETYPE_PEM, - libctx, propq)) { + if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, + libctx, propq)) { BIO_printf(bio_err, "Error loading file %s\n", CAfile); goto end; } } else { - X509_LOOKUP_load_file_with_libctx(lookup, NULL, - X509_FILETYPE_DEFAULT, - libctx, propq); + X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, + libctx, propq); } } @@ -1147,7 +1145,7 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, lookup = X509_STORE_add_lookup(store, X509_LOOKUP_store()); if (lookup == NULL) goto end; - if (!X509_LOOKUP_add_store_with_libctx(lookup, CAstore, libctx, propq)) { + if (!X509_LOOKUP_add_store_ex(lookup, CAstore, libctx, propq)) { if (CAstore != NULL) BIO_printf(bio_err, "Error loading store URI %s\n", CAstore); goto end; diff --git a/apps/pkcs12.c b/apps/pkcs12.c index b0f03232a7..1432d2b930 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -897,8 +897,7 @@ static int get_cert_chain(X509 *cert, X509_STORE *store, STACK_OF(X509) *chn = NULL; int i = 0; - store_ctx = X509_STORE_CTX_new_with_libctx(app_get0_libctx(), - app_get0_propq()); + store_ctx = X509_STORE_CTX_new_ex(app_get0_libctx(), app_get0_propq()); if (store_ctx == NULL) { i = X509_V_ERR_UNSPECIFIED; goto end; diff --git a/apps/pkcs7.c b/apps/pkcs7.c index e6ac26e6f9..9efe3aa108 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -118,7 +118,7 @@ int pkcs7_main(int argc, char **argv) if (in == NULL) goto end; - p7 = PKCS7_new_with_libctx(libctx, propq); + p7 = PKCS7_new_ex(libctx, propq); if (p7 == NULL) { BIO_printf(bio_err, "unable to allocate PKCS7 object\n"); ERR_print_errors(bio_err); diff --git a/apps/req.c b/apps/req.c index 62abf226ac..a3abc0b7b7 100644 --- a/apps/req.c +++ b/apps/req.c @@ -741,8 +741,7 @@ int req_main(int argc, char **argv) if (x509) { EVP_PKEY *tmppkey; X509V3_CTX ext_ctx; - if ((x509ss = X509_new_with_libctx(app_get0_libctx(), - app_get0_propq())) == NULL) + if ((x509ss = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL) goto end; /* Set version to V3 */ diff --git a/apps/smime.c b/apps/smime.c index e6d539457e..57b323cfa2 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -491,7 +491,7 @@ int smime_main(int argc, char **argv) if (operation & SMIME_IP) { PKCS7 *p7_in = NULL; - p7 = PKCS7_new_with_libctx(libctx, propq); + p7 = PKCS7_new_ex(libctx, propq); if (p7 == NULL) { BIO_printf(bio_err, "Error allocating PKCS7 object\n"); goto end; @@ -538,7 +538,7 @@ int smime_main(int argc, char **argv) if (operation == SMIME_ENCRYPT) { if (indef) flags |= PKCS7_STREAM; - p7 = PKCS7_encrypt_with_libctx(encerts, in, cipher, flags, libctx, propq); + p7 = PKCS7_encrypt_ex(encerts, in, cipher, flags, libctx, propq); } else if (operation & SMIME_SIGNERS) { int i; /* @@ -553,8 +553,7 @@ int smime_main(int argc, char **argv) flags |= PKCS7_STREAM; } flags |= PKCS7_PARTIAL; - p7 = PKCS7_sign_with_libctx(NULL, NULL, other, in, flags, libctx, - propq); + p7 = PKCS7_sign_ex(NULL, NULL, other, in, flags, libctx, propq); if (p7 == NULL) goto end; if (flags & PKCS7_NOCERTS) { diff --git a/apps/storeutl.c b/apps/storeutl.c index 3d9498dc46..b28c345fd3 100644 --- a/apps/storeutl.c +++ b/apps/storeutl.c @@ -356,8 +356,8 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata, OSSL_STORE_CTX *store_ctx = NULL; int ret = 1, items = 0; - if ((store_ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, - uimeth, uidata, NULL, NULL)) + if ((store_ctx = OSSL_STORE_open_ex(uri, libctx, propq, uimeth, uidata, + NULL, NULL)) == NULL) { BIO_printf(bio_err, "Couldn't open file or uri %s\n", uri); ERR_print_errors(bio_err); diff --git a/apps/ts.c b/apps/ts.c index 09c586b44f..50dd263399 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -980,9 +980,8 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, BIO_printf(bio_err, "memory allocation failure\n"); goto err; } - if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile, - X509_FILETYPE_PEM, - libctx, propq)) { + if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, libctx, + propq)) { BIO_printf(bio_err, "Error loading file %s\n", CAfile); goto err; } @@ -994,7 +993,7 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, BIO_printf(bio_err, "memory allocation failure\n"); goto err; } - if (!X509_LOOKUP_load_store_with_libctx(lookup, CAstore, libctx, propq)) { + if (!X509_LOOKUP_load_store_ex(lookup, CAstore, libctx, propq)) { BIO_printf(bio_err, "Error loading store URI %s\n", CAstore); goto err; } diff --git a/apps/x509.c b/apps/x509.c index 367cbf45f1..509d6e8741 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -506,8 +506,8 @@ int x509_main(int argc, char **argv) goto end; } - if (!X509_STORE_set_default_paths_with_libctx(ctx, app_get0_libctx(), - app_get0_propq())) { + if (!X509_STORE_set_default_paths_ex(ctx, app_get0_libctx(), + app_get0_propq())) { ERR_print_errors(bio_err); goto end; } @@ -605,7 +605,7 @@ int x509_main(int argc, char **argv) "We need a private key to sign with, use -signkey or -CAkey or -CA with private key\n"); goto end; } - if ((x = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL) + if ((x = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL) goto end; if (sno == NULL) { diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 9211d7a968..66c99862e5 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -53,10 +53,9 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, #endif -int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *md, - void *asn, unsigned char *data, - unsigned int *len, OPENSSL_CTX *libctx, - const char *propq) +int asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *md, void *asn, + unsigned char *data, unsigned int *len, + OPENSSL_CTX *libctx, const char *propq) { int i, ret = 0; unsigned char *str = NULL; @@ -90,6 +89,6 @@ err: int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *md, void *asn, unsigned char *data, unsigned int *len) { - return asn1_item_digest_with_libctx(it, md, asn, data, len, NULL, NULL); + return asn1_item_digest_ex(it, md, asn, data, len, NULL, NULL); } diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 04edd1b28c..4242e9a70e 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -119,18 +119,18 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, const void *data, EVP_PKEY *pkey, const EVP_MD *md) { - return ASN1_item_sign_with_libctx(it, algor1, algor2, signature, data, NULL, - pkey, md, NULL, NULL); + return ASN1_item_sign_ex(it, algor1, algor2, signature, data, NULL, pkey, + md, NULL, NULL); } -int ASN1_item_sign_with_libctx(const ASN1_ITEM *it, X509_ALGOR *algor1, - X509_ALGOR *algor2, ASN1_BIT_STRING *signature, - const void *data, const ASN1_OCTET_STRING *id, - EVP_PKEY *pkey, const EVP_MD *md, - OPENSSL_CTX *libctx, const char *propq) +int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1, + X509_ALGOR *algor2, ASN1_BIT_STRING *signature, + const void *data, const ASN1_OCTET_STRING *id, + EVP_PKEY *pkey, const EVP_MD *md, OPENSSL_CTX *libctx, + const char *propq) { int rv = 0; - EVP_MD_CTX *ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq); + EVP_MD_CTX *ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq); if (ctx == NULL) { ASN1err(0, ERR_R_MALLOC_FAILURE); diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index e3471c8141..d8cea688d5 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -89,20 +89,18 @@ int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg, const ASN1_BIT_STRING *signature, const void *data, EVP_PKEY *pkey) { - return ASN1_item_verify_with_libctx(it, alg, signature, data, NULL, pkey, - NULL, NULL); + return ASN1_item_verify_ex(it, alg, signature, data, NULL, pkey, NULL, NULL); } -int ASN1_item_verify_with_libctx(const ASN1_ITEM *it, const X509_ALGOR *alg, - const ASN1_BIT_STRING *signature, - const void *data, - const ASN1_OCTET_STRING *id, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq) +int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg, + const ASN1_BIT_STRING *signature, const void *data, + const ASN1_OCTET_STRING *id, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq) { EVP_MD_CTX *ctx; int rv = -1; - if ((ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq)) != NULL) { + if ((ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq)) != NULL) { rv = ASN1_item_verify_ctx(it, alg, signature, data, ctx); EVP_PKEY_CTX_free(EVP_MD_CTX_pkey_ctx(ctx)); EVP_MD_CTX_free(ctx); diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 596b32a57e..adf368f72f 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -229,11 +229,10 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) /* SMIME sender */ -int SMIME_write_ASN1_with_libctx(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, - int ctype_nid, int econt_nid, - STACK_OF(X509_ALGOR) *mdalgs, - const ASN1_ITEM *it, - OPENSSL_CTX *libctx, const char *propq) +int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, + int ctype_nid, int econt_nid, + STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it, + OPENSSL_CTX *libctx, const char *propq) { char bound[33], c; int i; @@ -326,8 +325,8 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it) { - return SMIME_write_ASN1_with_libctx(bio, val, data, flags, ctype_nid, - econt_nid, mdalgs, it, NULL, NULL); + return SMIME_write_ASN1_ex(bio, val, data, flags, ctype_nid, econt_nid, + mdalgs, it, NULL, NULL); } /* Handle output of ASN1 data */ diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index fcf8d2f8d0..838ce25b90 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -48,13 +48,13 @@ EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp, if (!ret->ameth->old_priv_decode || !ret->ameth->old_priv_decode(ret, &p, length)) { if (ret->ameth->priv_decode != NULL - || ret->ameth->priv_decode_with_libctx != NULL) { + || ret->ameth->priv_decode_ex != NULL) { EVP_PKEY *tmp; PKCS8_PRIV_KEY_INFO *p8 = NULL; p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length); if (p8 == NULL) goto err; - tmp = EVP_PKCS82PKEY_with_libctx(p8, libctx, propq); + tmp = EVP_PKCS82PKEY_ex(p8, libctx, propq); PKCS8_PRIV_KEY_INFO_free(p8); if (tmp == NULL) goto err; @@ -121,7 +121,7 @@ EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp, ASN1err(0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); return NULL; } - ret = EVP_PKCS82PKEY_with_libctx(p8, libctx, propq); + ret = EVP_PKCS82PKEY_ex(p8, libctx, propq); PKCS8_PRIV_KEY_INFO_free(p8); if (ret == NULL) return NULL; diff --git a/crypto/cmp/cmp_protect.c b/crypto/cmp/cmp_protect.c index eb162e382d..9b28f1b09b 100644 --- a/crypto/cmp/cmp_protect.c +++ b/crypto/cmp/cmp_protect.c @@ -119,9 +119,9 @@ ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx, if ((prot = ASN1_BIT_STRING_new()) == NULL) return NULL; - if (ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART), - NULL, NULL, prot, &prot_part, NULL, - ctx->pkey, md, ctx->libctx, ctx->propq)) + if (ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART), NULL, + NULL, prot, &prot_part, NULL, ctx->pkey, md, + ctx->libctx, ctx->propq)) return prot; ASN1_BIT_STRING_free(prot); return NULL; diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c index 12afe57028..2eb58da21c 100644 --- a/crypto/cmp/cmp_util.c +++ b/crypto/cmp/cmp_util.c @@ -230,7 +230,7 @@ STACK_OF(X509) goto err; } - if ((csc = X509_STORE_CTX_new_with_libctx(libctx, propq)) == NULL) + if ((csc = X509_STORE_CTX_new_ex(libctx, propq)) == NULL) goto err; if (store == NULL && certs != NULL && !ossl_cmp_X509_STORE_add1_certs(ts, certs, 0)) diff --git a/crypto/cmp/cmp_vfy.c b/crypto/cmp/cmp_vfy.c index 00757c11ae..f9981c2330 100644 --- a/crypto/cmp/cmp_vfy.c +++ b/crypto/cmp/cmp_vfy.c @@ -50,10 +50,10 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx, prot_part.header = msg->header; prot_part.body = msg->body; - if (ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART), - msg->header->protectionAlg, - msg->protection, &prot_part, NULL, pubkey, - cmp_ctx->libctx, cmp_ctx->propq) > 0) { + if (ASN1_item_verify_ex(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART), + msg->header->protectionAlg, msg->protection, + &prot_part, NULL, pubkey, cmp_ctx->libctx, + cmp_ctx->propq) > 0) { res = 1; goto end; } @@ -118,7 +118,7 @@ int OSSL_CMP_validate_cert_path(const OSSL_CMP_CTX *ctx, return 0; } - if ((csc = X509_STORE_CTX_new_with_libctx(ctx->libctx, ctx->propq)) == NULL + if ((csc = X509_STORE_CTX_new_ex(ctx->libctx, ctx->propq)) == NULL || !X509_STORE_CTX_init(csc, trusted_store, cert, ctx->untrusted)) goto err; @@ -825,8 +825,8 @@ int ossl_cmp_verify_popo(const OSSL_CMP_CTX *ctx, { X509_REQ *req = msg->body->value.p10cr; - if (X509_REQ_verify_with_libctx(req, X509_REQ_get0_pubkey(req), - ctx->libctx, ctx->propq) <= 0) { + if (X509_REQ_verify_ex(req, X509_REQ_get0_pubkey(req), ctx->libctx, + ctx->propq) <= 0) { #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION CMPerr(0, CMP_R_REQUEST_NOT_ACCEPTED); return 0; diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c index c596eab2c2..2abc867a59 100644 --- a/crypto/cms/cms_cd.c +++ b/crypto/cms/cms_cd.c @@ -36,7 +36,7 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OPENSSL_CTX *libctx, CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM); return NULL; } - cms = CMS_ContentInfo_new_with_libctx(libctx, propq); + cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms == NULL) return NULL; diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c index 2b2d970acd..6b3796e7c0 100644 --- a/crypto/cms/cms_dd.c +++ b/crypto/cms/cms_dd.c @@ -23,7 +23,7 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md, CMS_ContentInfo *cms; CMS_DigestedData *dd; - cms = CMS_ContentInfo_new_with_libctx(libctx, propq); + cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms == NULL) return NULL; diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 068696586e..b1bba4c2d6 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -203,14 +203,14 @@ EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri) return NULL; } -CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, - const char *propq) +CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, + OPENSSL_CTX *libctx, + const char *propq) { CMS_ContentInfo *cms; CMS_EnvelopedData *env; - cms = CMS_ContentInfo_new_with_libctx(libctx, propq); + cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms == NULL) goto merr; env = cms_enveloped_data_init(cms); @@ -229,18 +229,17 @@ CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher) { - return CMS_EnvelopedData_create_with_libctx(cipher, NULL, NULL); + return CMS_EnvelopedData_create_ex(cipher, NULL, NULL); } CMS_ContentInfo * -CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, - const char *propq) +CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + const char *propq) { CMS_ContentInfo *cms; CMS_AuthEnvelopedData *aenv; - cms = CMS_ContentInfo_new_with_libctx(libctx, propq); + cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms == NULL) goto merr; aenv = cms_auth_enveloped_data_init(cms); @@ -259,7 +258,7 @@ CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher) { - return CMS_AuthEnvelopedData_create_with_libctx(cipher, NULL, NULL); + return CMS_AuthEnvelopedData_create_ex(cipher, NULL, NULL); } /* Key Transport Recipient Info (KTRI) routines */ diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c index fa81b65c7b..7a617c3419 100644 --- a/crypto/cms/cms_ess.c +++ b/crypto/cms/cms_ess.c @@ -114,7 +114,7 @@ int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain) return ret; } -CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx( +CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo, OPENSSL_CTX *libctx, const char *propq) @@ -159,9 +159,8 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo) { - return CMS_ReceiptRequest_create0_with_libctx(id, idlen, allorfirst, - receiptList, receiptsTo, - NULL, NULL); + return CMS_ReceiptRequest_create0_ex(id, idlen, allorfirst, receiptList, + receiptsTo, NULL, NULL); } int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr) @@ -221,9 +220,9 @@ static int cms_msgSigDigest(CMS_SignerInfo *si, if (md == NULL) return 0; - if (!asn1_item_digest_with_libctx(ASN1_ITEM_rptr(CMS_Attributes_Verify), md, - si->signedAttrs, dig, diglen, - si->cms_ctx->libctx, si->cms_ctx->propq)) + if (!asn1_item_digest_ex(ASN1_ITEM_rptr(CMS_Attributes_Verify), md, + si->signedAttrs, dig, diglen, si->cms_ctx->libctx, + si->cms_ctx->propq)) return 0; return 1; } diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c index 70a7c652e9..55a2510ad6 100644 --- a/crypto/cms/cms_io.c +++ b/crypto/cms/cms_io.c @@ -83,11 +83,11 @@ int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags) else mdalgs = NULL; - return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)cms, data, flags, - ctype_nid, econt_nid, mdalgs, - ASN1_ITEM_rptr(CMS_ContentInfo), - cms_ctx_get0_libctx(ctx), - cms_ctx_get0_propq(ctx)); + return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)cms, data, flags, ctype_nid, + econt_nid, mdalgs, + ASN1_ITEM_rptr(CMS_ContentInfo), + cms_ctx_get0_libctx(ctx), + cms_ctx_get0_propq(ctx)); } CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **cms) diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index bc7da7ff94..f35e503308 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -40,8 +40,7 @@ int i2d_CMS_ContentInfo(const CMS_ContentInfo *a, unsigned char **out) return ASN1_item_i2d((const ASN1_VALUE *)a, out, (CMS_ContentInfo_it())); } -CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq) +CMS_ContentInfo *CMS_ContentInfo_new_ex(OPENSSL_CTX *libctx, const char *propq) { CMS_ContentInfo *ci; @@ -63,7 +62,7 @@ CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx, CMS_ContentInfo *CMS_ContentInfo_new(void) { - return CMS_ContentInfo_new_with_libctx(NULL, NULL); + return CMS_ContentInfo_new_ex(NULL, NULL); } void CMS_ContentInfo_free(CMS_ContentInfo *cms) @@ -120,7 +119,7 @@ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms) CMS_ContentInfo *cms_Data_create(OPENSSL_CTX *libctx, const char *propq) { - CMS_ContentInfo *cms = CMS_ContentInfo_new_with_libctx(libctx, propq); + CMS_ContentInfo *cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms != NULL) { cms->contentType = OBJ_nid2obj(NID_pkcs7_data); diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 121390a8d5..1338211072 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -411,10 +411,8 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, goto err; if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0) goto err; - } else if (EVP_DigestSignInit_with_libctx(si->mctx, &si->pctx, - EVP_MD_name(md), - ctx->libctx, ctx->propq, - pk) <= 0) { + } else if (EVP_DigestSignInit_ex(si->mctx, &si->pctx, EVP_MD_name(md), + ctx->libctx, ctx->propq, pk) <= 0) { goto err; } } @@ -676,8 +674,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms, CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE); goto err; } - if (!EVP_SignFinal_with_libctx(mctx, sig, &siglen, si->pkey, - ctx->libctx, ctx->propq)) { + if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey, ctx->libctx, + ctx->propq)) { CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR); OPENSSL_free(sig); goto err; @@ -735,9 +733,8 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si) pctx = si->pctx; else { EVP_MD_CTX_reset(mctx); - if (EVP_DigestSignInit_with_libctx(mctx, &pctx, - md_name, ctx->libctx, ctx->propq, - si->pkey) <= 0) + if (EVP_DigestSignInit_ex(mctx, &pctx, md_name, ctx->libctx, ctx->propq, + si->pkey) <= 0) goto err; si->pctx = pctx; } @@ -844,9 +841,8 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si) goto err; } mctx = si->mctx; - if (EVP_DigestVerifyInit_with_libctx(mctx, &si->pctx, - EVP_MD_name(md), ctx->libctx, NULL, - si->pkey) <= 0) + if (EVP_DigestVerifyInit_ex(mctx, &si->pctx, EVP_MD_name(md), ctx->libctx, + NULL, si->pkey) <= 0) goto err; if (!cms_sd_asn1_ctrl(si, 1)) diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index a50eee9fa9..f9a851950f 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -118,9 +118,8 @@ int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags) return r; } -CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags, - OPENSSL_CTX *libctx, - const char *propq) +CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, + OPENSSL_CTX *libctx, const char *propq) { CMS_ContentInfo *cms = cms_Data_create(libctx, propq); @@ -136,7 +135,7 @@ CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags, CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags) { - return CMS_data_create_with_libctx(in, flags, NULL, NULL); + return CMS_data_create_ex(in, flags, NULL, NULL); } int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, @@ -164,11 +163,9 @@ int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, return r; } -CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in, - const EVP_MD *md, - unsigned int flags, - OPENSSL_CTX *ctx, - const char *propq) +CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, + unsigned int flags, OPENSSL_CTX *ctx, + const char *propq) { CMS_ContentInfo *cms; @@ -191,7 +188,7 @@ CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in, CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags) { - return CMS_digest_create_with_libctx(in, md, flags, NULL, NULL); + return CMS_digest_create_ex(in, md, flags, NULL, NULL); } int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, @@ -220,13 +217,11 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, return r; } -CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in, - const EVP_CIPHER *cipher, - const unsigned char *key, - size_t keylen, - unsigned int flags, - OPENSSL_CTX *libctx, - const char *propq) +CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher, + const unsigned char *key, + size_t keylen, unsigned int flags, + OPENSSL_CTX *libctx, + const char *propq) { CMS_ContentInfo *cms; @@ -234,7 +229,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in, CMSerr(0, CMS_R_NO_CIPHER); return NULL; } - cms = CMS_ContentInfo_new_with_libctx(libctx, propq); + cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms == NULL) return NULL; if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen)) @@ -255,8 +250,8 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, unsigned int flags) { - return CMS_EncryptedData_encrypt_with_libctx(in, cipher, key, keylen, flags, - NULL, NULL); + return CMS_EncryptedData_encrypt_ex(in, cipher, key, keylen, flags, NULL, + NULL); } static int cms_signerinfo_verify_cert(CMS_SignerInfo *si, @@ -270,7 +265,7 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si, X509 *signer; int i, j, r = 0; - ctx = X509_STORE_CTX_new_with_libctx(cms_ctx->libctx, cms_ctx->propq); + ctx = X509_STORE_CTX_new_ex(cms_ctx->libctx, cms_ctx->propq); if (ctx == NULL) { CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE); goto err; @@ -503,15 +498,15 @@ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, return cms_Receipt_verify(rcms, ocms); } -CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, BIO *data, - unsigned int flags, - OPENSSL_CTX *libctx, const char *propq) +CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, + STACK_OF(X509) *certs, BIO *data, + unsigned int flags, OPENSSL_CTX *libctx, + const char *propq) { CMS_ContentInfo *cms; int i; - cms = CMS_ContentInfo_new_with_libctx(libctx, propq); + cms = CMS_ContentInfo_new_ex(libctx, propq); if (cms == NULL || !CMS_SignedData_init(cms)) goto merr; if (flags & CMS_ASCIICRLF @@ -551,7 +546,7 @@ CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags) { - return CMS_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL); + return CMS_sign_ex(signcert, pkey, certs, data, flags, NULL, NULL); } CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, @@ -575,8 +570,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, /* Initialize signed data */ - cms = CMS_sign_with_libctx(NULL, NULL, certs, NULL, flags, - ctx->libctx, ctx->propq); + cms = CMS_sign_ex(NULL, NULL, certs, NULL, flags, ctx->libctx, ctx->propq); if (cms == NULL) goto err; @@ -623,10 +617,9 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, } -CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs, - BIO *data, const EVP_CIPHER *cipher, - unsigned int flags, - OPENSSL_CTX *libctx, const char *propq) +CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *data, + const EVP_CIPHER *cipher, unsigned int flags, + OPENSSL_CTX *libctx, const char *propq) { CMS_ContentInfo *cms; int i; @@ -634,8 +627,8 @@ CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs, cms = (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) - ? CMS_AuthEnvelopedData_create_with_libctx(cipher, libctx, propq) - : CMS_EnvelopedData_create_with_libctx(cipher, libctx, propq); + ? CMS_AuthEnvelopedData_create_ex(cipher, libctx, propq) + : CMS_EnvelopedData_create_ex(cipher, libctx, propq); if (cms == NULL) goto merr; for (i = 0; i < sk_X509_num(certs); i++) { @@ -665,7 +658,7 @@ CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs, CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data, const EVP_CIPHER *cipher, unsigned int flags) { - return CMS_encrypt_with_libctx(certs, data, cipher, flags, NULL, NULL); + return CMS_encrypt_ex(certs, data, cipher, flags, NULL, NULL); } static int cms_kari_set1_pkey_and_peer(CMS_ContentInfo *cms, diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index a9d960b721..4cc698400c 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -174,7 +174,7 @@ int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out) * the "CONF classic" functions, for consistency. */ -CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth) +CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth) { CONF *ret; @@ -193,7 +193,7 @@ CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth) CONF *NCONF_new(CONF_METHOD *meth) { - return NCONF_new_with_libctx(NULL, meth); + return NCONF_new_ex(NULL, meth); } void NCONF_free(CONF *conf) diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index fa7f6b9d9f..5359a7e06d 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -145,15 +145,14 @@ int CONF_modules_load(const CONF *cnf, const char *appname, } -int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, - const char *filename, - const char *appname, unsigned long flags) +int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, + const char *appname, unsigned long flags) { char *file = NULL; CONF *conf = NULL; int ret = 0, diagnostics = 0; - conf = NCONF_new_with_libctx(libctx, NULL); + conf = NCONF_new_ex(libctx, NULL); if (conf == NULL) goto err; @@ -191,7 +190,7 @@ int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, int CONF_modules_load_file(const char *filename, const char *appname, unsigned long flags) { - return CONF_modules_load_file_with_libctx(NULL, filename, appname, flags); + return CONF_modules_load_file_ex(NULL, filename, appname, flags); } DEFINE_RUN_ONCE_STATIC(do_load_builtin_modules) diff --git a/crypto/context.c b/crypto/context.c index de289fcb68..1bc4bee290 100644 --- a/crypto/context.c +++ b/crypto/context.c @@ -170,7 +170,7 @@ OPENSSL_CTX *OPENSSL_CTX_new(void) #ifndef FIPS_MODULE int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file) { - return CONF_modules_load_file_with_libctx(ctx, config_file, NULL, 0) > 0; + return CONF_modules_load_file_ex(ctx, config_file, NULL, 0) > 0; } #endif diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c index 5a6cdb7e82..3e971c7769 100644 --- a/crypto/crmf/crmf_lib.c +++ b/crypto/crmf/crmf_lib.c @@ -365,10 +365,9 @@ static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps, return 0; } - return ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST), - ps->algorithmIdentifier, NULL, - ps->signature, cr, NULL, pkey, digest, - libctx, propq); + return ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST), + ps->algorithmIdentifier, NULL, ps->signature, cr, + NULL, pkey, digest, libctx, propq); } @@ -502,10 +501,9 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, it = ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST); asn = req->certReq; } - if (ASN1_item_verify_with_libctx(it, sig->algorithmIdentifier, - sig->signature, asn, NULL, - X509_PUBKEY_get0(pubkey), - libctx, propq) < 1) + if (ASN1_item_verify_ex(it, sig->algorithmIdentifier, sig->signature, + asn, NULL, X509_PUBKEY_get0(pubkey), libctx, + propq) < 1) return 0; break; case OSSL_CRMF_POPO_KEYENC: @@ -680,7 +678,7 @@ X509 outlen += n; /* convert decrypted certificate from DER to internal ASN.1 structure */ - if ((cert = X509_new_with_libctx(libctx, propq)) == NULL) + if ((cert = X509_new_ex(libctx, propq)) == NULL) goto end; if (d2i_X509(&cert, &p, outlen) == NULL) CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT, diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c index ab4aaf82c1..575524e1db 100644 --- a/crypto/ct/ct_b64.c +++ b/crypto/ct/ct_b64.c @@ -132,9 +132,9 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, * 0 on decoding failure, or invalid parameter if any * -1 on internal (malloc) failure */ -int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64, - const char *name, OPENSSL_CTX *libctx, - const char *propq) +int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64, + const char *name, OPENSSL_CTX *libctx, + const char *propq) { unsigned char *pkey_der = NULL; int pkey_der_len; @@ -160,7 +160,7 @@ int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64, return 0; } - *ct_log = CTLOG_new_with_libctx(pkey, name, libctx, propq); + *ct_log = CTLOG_new_ex(pkey, name, libctx, propq); if (*ct_log == NULL) { EVP_PKEY_free(pkey); return 0; @@ -172,6 +172,5 @@ int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64, int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64, const char *name) { - return CTLOG_new_from_base64_with_libctx(ct_log, pkey_base64, name, NULL, - NULL); + return CTLOG_new_from_base64_ex(ct_log, pkey_base64, name, NULL, NULL); } diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c index 32a29ed699..9a32054c41 100644 --- a/crypto/ct/ct_log.c +++ b/crypto/ct/ct_log.c @@ -100,7 +100,7 @@ err: return ret; } -CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq) +CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq) { CTLOG_STORE *ret = OPENSSL_zalloc(sizeof(*ret)); @@ -132,7 +132,7 @@ err: CTLOG_STORE *CTLOG_STORE_new(void) { - return CTLOG_STORE_new_with_libctx(NULL, NULL); + return CTLOG_STORE_new_ex(NULL, NULL); } void CTLOG_STORE_free(CTLOG_STORE *store) @@ -161,8 +161,8 @@ static int ctlog_new_from_conf(CTLOG_STORE *store, CTLOG **ct_log, return 0; } - return CTLOG_new_from_base64_with_libctx(ct_log, pkey_base64, description, - store->libctx, store->propq); + return CTLOG_new_from_base64_ex(ct_log, pkey_base64, description, + store->libctx, store->propq); } int CTLOG_STORE_load_default_file(CTLOG_STORE *store) @@ -264,8 +264,8 @@ end: * Takes ownership of the public key. * Copies the name. */ -CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name, - OPENSSL_CTX *libctx, const char *propq) +CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OPENSSL_CTX *libctx, + const char *propq) { CTLOG *ret = OPENSSL_zalloc(sizeof(*ret)); @@ -301,7 +301,7 @@ err: CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name) { - return CTLOG_new_with_libctx(public_key, name, NULL, NULL); + return CTLOG_new_ex(public_key, name, NULL, NULL); } /* Frees CT log and associated structures */ diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c index e067fd8ea5..268ef22b58 100644 --- a/crypto/ct/ct_policy.c +++ b/crypto/ct/ct_policy.c @@ -25,8 +25,8 @@ */ static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300; -CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq) +CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx, + const char *propq) { CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX)); @@ -54,7 +54,7 @@ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx, CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void) { - return CT_POLICY_EVAL_CTX_new_with_libctx(NULL, NULL); + return CT_POLICY_EVAL_CTX_new_ex(NULL, NULL); } void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx) diff --git a/crypto/ct/ct_vfy.c b/crypto/ct/ct_vfy.c index b05e77b8a1..db0a3d83bd 100644 --- a/crypto/ct/ct_vfy.c +++ b/crypto/ct/ct_vfy.c @@ -122,9 +122,8 @@ int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct) if (ctx == NULL) goto end; - if (!EVP_DigestVerifyInit_with_libctx(ctx, NULL, - "SHA2-256", sctx->libctx, sctx->propq, - sctx->pkey)) + if (!EVP_DigestVerifyInit_ex(ctx, NULL, "SHA2-256", sctx->libctx, + sctx->propq, sctx->pkey)) goto end; if (!sct_ctx_update(ctx, sctx, sct)) diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index f89dd44ffd..cd318654cf 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -560,7 +560,7 @@ static int dh_pkey_import_from_type(const OSSL_PARAM params[], void *vpctx, { EVP_PKEY_CTX *pctx = vpctx; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - DH *dh = dh_new_with_libctx(pctx->libctx); + DH *dh = dh_new_ex(pctx->libctx); if (dh == NULL) { ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 52f3151bc8..096cf12886 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -100,7 +100,7 @@ static int dh_gen_named_group(OPENSSL_CTX *libctx, DH *ret, int prime_len) if (nid == NID_undef) return 0; - dh = dh_new_by_nid_with_libctx(libctx, nid); + dh = dh_new_by_nid_ex(libctx, nid); if (dh != NULL && ffc_params_copy(&ret->params, &dh->params)) { ok = 1; diff --git a/crypto/dh/dh_group_params.c b/crypto/dh/dh_group_params.c index e0daa6ebc4..7a19f71b4d 100644 --- a/crypto/dh/dh_group_params.c +++ b/crypto/dh/dh_group_params.c @@ -103,7 +103,7 @@ const char *ffc_named_group_from_uid(int uid) static DH *dh_param_init(OPENSSL_CTX *libctx, int uid, const BIGNUM *p, const BIGNUM *q, const BIGNUM *g) { - DH *dh = dh_new_with_libctx(libctx); + DH *dh = dh_new_ex(libctx); if (dh == NULL) return NULL; @@ -136,7 +136,7 @@ static DH *dh_new_by_group_name(OPENSSL_CTX *libctx, const char *name) return NULL; } -DH *dh_new_by_nid_with_libctx(OPENSSL_CTX *libctx, int nid) +DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid) { const char *name = ffc_named_group_from_uid(nid); @@ -145,7 +145,7 @@ DH *dh_new_by_nid_with_libctx(OPENSSL_CTX *libctx, int nid) DH *DH_new_by_nid(int nid) { - return dh_new_by_nid_with_libctx(NULL, nid); + return dh_new_by_nid_ex(NULL, nid); } int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index a6f4e64137..6c6eda27a2 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -63,7 +63,7 @@ DH *DH_new_method(ENGINE *engine) } #endif /* !FIPS_MODULE */ -DH *dh_new_with_libctx(OPENSSL_CTX *libctx) +DH *dh_new_ex(OPENSSL_CTX *libctx) { return dh_new_intern(NULL, libctx); } diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 3312faa336..4bbbabff07 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -112,7 +112,7 @@ static EC_KEY *eckey_type2param(int ptype, const void *pval, EC_KEY *eckey = NULL; EC_GROUP *group = NULL; - if ((eckey = EC_KEY_new_with_libctx(libctx, propq)) == NULL) { + if ((eckey = EC_KEY_new_ex(libctx, propq)) == NULL) { ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE); goto ecerr; } @@ -134,8 +134,7 @@ static EC_KEY *eckey_type2param(int ptype, const void *pval, * type == V_ASN1_OBJECT => the parameters are given by an asn1 OID */ - group = EC_GROUP_new_by_curve_name_with_libctx(libctx, propq, - OBJ_obj2nid(poid)); + group = EC_GROUP_new_by_curve_name_ex(libctx, propq, OBJ_obj2nid(poid)); if (group == NULL) goto ecerr; EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); @@ -206,10 +205,8 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) return -2; } -static int eckey_priv_decode_with_libctx(EVP_PKEY *pkey, - const PKCS8_PRIV_KEY_INFO *p8, - OPENSSL_CTX *libctx, - const char *propq) +static int eckey_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8, + OPENSSL_CTX *libctx, const char *propq) { const unsigned char *p = NULL; const void *pval; @@ -744,7 +741,7 @@ static int ec_pkey_import_from(const OSSL_PARAM params[], void *vpctx) { EVP_PKEY_CTX *pctx = vpctx; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - EC_KEY *ec = EC_KEY_new_with_libctx(pctx->libctx, pctx->propquery); + EC_KEY *ec = EC_KEY_new_ex(pctx->libctx, pctx->propquery); if (ec == NULL) { ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE); @@ -808,7 +805,7 @@ const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = { ec_pkey_dirty_cnt, ec_pkey_export_to, ec_pkey_import_from, - eckey_priv_decode_with_libctx + eckey_priv_decode_ex }; #if !defined(OPENSSL_NO_SM2) diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index a63a8535c3..d8f46f4849 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3197,8 +3197,8 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, /* If no curve data curve method must handle everything */ if (curve.data == NULL) - return ec_group_new_with_libctx(libctx, propq, - curve.meth != NULL ? curve.meth() : NULL); + return ec_group_new_ex(libctx, propq, + curve.meth != NULL ? curve.meth() : NULL); if ((ctx = BN_CTX_new_ex(libctx)) == NULL) { ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE); @@ -3220,7 +3220,7 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, if (curve.meth != 0) { meth = curve.meth(); - if (((group = ec_group_new_with_libctx(libctx, propq, meth)) == NULL) || + if (((group = ec_group_new_ex(libctx, propq, meth)) == NULL) || (!(group->meth->group_set_curve(group, p, a, b, ctx)))) { ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB); goto err; @@ -3290,8 +3290,8 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, return group; } -EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx, - const char *propq, int nid) +EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq, + int nid) { EC_GROUP *ret = NULL; const ec_list_element *curve; @@ -3311,7 +3311,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx, #ifndef FIPS_MODULE EC_GROUP *EC_GROUP_new_by_curve_name(int nid) { - return EC_GROUP_new_by_curve_name_with_libctx(NULL, NULL, nid); + return EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid); } #endif diff --git a/crypto/ec/ec_cvt.c b/crypto/ec/ec_cvt.c index e5e6f10ce4..57e53d752e 100644 --- a/crypto/ec/ec_cvt.c +++ b/crypto/ec/ec_cvt.c @@ -54,7 +54,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, meth = EC_GFp_mont_method(); #endif - ret = ec_group_new_with_libctx(bn_get_lib_ctx(ctx), NULL, meth); + ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth); if (ret == NULL) return NULL; @@ -75,7 +75,7 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, meth = EC_GF2m_simple_method(); - ret = ec_group_new_with_libctx(bn_get_lib_ctx(ctx), NULL, meth); + ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth); if (ret == NULL) return NULL; diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 89a28622bb..807b5e670a 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -34,18 +34,18 @@ EC_KEY *EC_KEY_new(void) } #endif -EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq) +EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq) { return ec_key_new_method_int(ctx, propq, NULL); } -EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, - const char *propq, int nid) +EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq, + int nid) { - EC_KEY *ret = EC_KEY_new_with_libctx(ctx, propq); + EC_KEY *ret = EC_KEY_new_ex(ctx, propq); if (ret == NULL) return NULL; - ret->group = EC_GROUP_new_by_curve_name_with_libctx(ctx, propq, nid); + ret->group = EC_GROUP_new_by_curve_name_ex(ctx, propq, nid); if (ret->group == NULL) { EC_KEY_free(ret); return NULL; @@ -61,7 +61,7 @@ EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, #ifndef FIPS_MODULE EC_KEY *EC_KEY_new_by_curve_name(int nid) { - return EC_KEY_new_by_curve_name_with_libctx(NULL, NULL, nid); + return EC_KEY_new_by_curve_name_ex(NULL, NULL, nid); } #endif @@ -122,8 +122,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src) if (src->group != NULL) { /* clear the old group */ EC_GROUP_free(dest->group); - dest->group = ec_group_new_with_libctx(src->libctx, src->propq, - src->group->meth); + dest->group = ec_group_new_ex(src->libctx, src->propq, src->group->meth); if (dest->group == NULL) return NULL; if (!EC_GROUP_copy(dest->group, src->group)) diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 222df55632..72ada1f723 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -26,8 +26,8 @@ /* functions for EC_GROUP objects */ -EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, - const EC_METHOD *meth) +EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq, + const EC_METHOD *meth) { EC_GROUP *ret; @@ -81,7 +81,7 @@ EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, # ifndef FIPS_MODULE EC_GROUP *EC_GROUP_new(const EC_METHOD *meth) { - return ec_group_new_with_libctx(NULL, NULL, meth); + return ec_group_new_ex(NULL, NULL, meth); } # endif #endif @@ -271,7 +271,7 @@ EC_GROUP *EC_GROUP_dup(const EC_GROUP *a) if (a == NULL) return NULL; - if ((t = ec_group_new_with_libctx(a->libctx, a->propq, a->meth)) == NULL) + if ((t = ec_group_new_ex(a->libctx, a->propq, a->meth)) == NULL) return NULL; if (!EC_GROUP_copy(t, a)) goto err; @@ -1438,8 +1438,7 @@ static EC_GROUP *ec_group_explicit_to_named(const EC_GROUP *group, curve_name_nid = NID_secp224r1; #endif /* !def(OPENSSL_NO_EC_NISTP_64_GCC_128) */ - ret_group = EC_GROUP_new_by_curve_name_with_libctx(libctx, propq, - curve_name_nid); + ret_group = EC_GROUP_new_by_curve_name_ex(libctx, propq, curve_name_nid); if (ret_group == NULL) goto err; @@ -1522,7 +1521,7 @@ static EC_GROUP *group_new_from_name(const OSSL_PARAM *p, ECerr(0, EC_R_INVALID_CURVE); return NULL; } else { - return EC_GROUP_new_by_curve_name_with_libctx(libctx, propq, nid); + return EC_GROUP_new_by_curve_name_ex(libctx, propq, nid); } } return NULL; diff --git a/crypto/ec/ec_local.h b/crypto/ec/ec_local.h index 11fab6b985..33f40167aa 100644 --- a/crypto/ec/ec_local.h +++ b/crypto/ec/ec_local.h @@ -601,8 +601,8 @@ int ec_group_simple_order_bits(const EC_GROUP *group); * \param meth EC_METHOD to use * \return newly created EC_GROUP object or NULL in case of an error. */ -EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, - const EC_METHOD *meth); +EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq, + const EC_METHOD *meth); #ifdef ECP_NISTZ256_ASM /** Returns GFp methods using montgomery multiplication, with x86-64 optimized diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 99f1e480c1..9aab96a050 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -149,9 +149,8 @@ static int ecx_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) return CRYPTO_memcmp(akey->pubkey, bkey->pubkey, KEYLEN(a)) == 0; } -static int ecx_priv_decode_with_libctx(EVP_PKEY *pkey, - const PKCS8_PRIV_KEY_INFO *p8, - OPENSSL_CTX *libctx, const char *propq) +static int ecx_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8, + OPENSSL_CTX *libctx, const char *propq) { const unsigned char *p; int plen; @@ -505,7 +504,7 @@ const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth = { ecx_pkey_export_to, x25519_import_from, - ecx_priv_decode_with_libctx + ecx_priv_decode_ex }; static int x448_import_from(const OSSL_PARAM params[], void *vpctx) @@ -558,7 +557,7 @@ const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth = { ecx_pkey_export_to, x448_import_from, - ecx_priv_decode_with_libctx + ecx_priv_decode_ex }; static int ecd_size25519(const EVP_PKEY *pkey) @@ -684,7 +683,7 @@ const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth = { ecx_pkey_export_to, ed25519_import_from, - ecx_priv_decode_with_libctx + ecx_priv_decode_ex }; static int ed448_import_from(const OSSL_PARAM params[], void *vpctx) @@ -736,7 +735,7 @@ const EVP_PKEY_ASN1_METHOD ed448_asn1_meth = { ecx_pkey_export_to, ed448_import_from, - ecx_priv_decode_with_libctx + ecx_priv_decode_ex }; static int pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index fb29ab5f08..524d3ede8d 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -82,9 +82,8 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) } #ifndef FIPS_MODULE -EVP_MD_CTX *evp_md_ctx_new_with_libctx(EVP_PKEY *pkey, - const ASN1_OCTET_STRING *id, - OPENSSL_CTX *libctx, const char *propq) +EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id, + OPENSSL_CTX *libctx, const char *propq) { EVP_MD_CTX *ctx; EVP_PKEY_CTX *pctx = NULL; @@ -351,8 +350,8 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count) * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate(). * Some code calls EVP_DigestUpdate() directly even when initialised - * with EVP_DigestSignInit_with_libctx() or - * EVP_DigestVerifyInit_with_libctx(), so we detect that and redirect to + * with EVP_DigestSignInit_ex() or + * EVP_DigestVerifyInit_ex(), so we detect that and redirect to * the correct EVP_Digest*Update() function */ if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX) diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 45666a2c42..b9fabf29f0 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -18,8 +18,8 @@ /* Extract a private key from a PKCS8 structure */ -EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8, - OPENSSL_CTX *libctx, const char *propq) +EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx, + const char *propq) { EVP_PKEY *pkey = NULL; const ASN1_OBJECT *algoid; @@ -40,8 +40,8 @@ EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8, goto error; } - if (pkey->ameth->priv_decode_with_libctx != NULL) { - if (!pkey->ameth->priv_decode_with_libctx(pkey, p8, libctx, propq)) + if (pkey->ameth->priv_decode_ex != NULL) { + if (!pkey->ameth->priv_decode_ex(pkey, p8, libctx, propq)) goto error; } else if (pkey->ameth->priv_decode != NULL) { if (!pkey->ameth->priv_decode(pkey, p8)) { @@ -62,7 +62,7 @@ EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8, EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8) { - return EVP_PKCS82PKEY_with_libctx(p8, NULL, NULL); + return EVP_PKCS82PKEY_ex(p8, NULL, NULL); } /* Turn a private key into a PKCS8 structure */ diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index e83a7e654a..faf5191234 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -310,10 +310,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, return ret > 0 ? 1 : 0; } -int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey) +int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey) { return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0); } @@ -324,10 +323,9 @@ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0); } -int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey) +int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey) { return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1); } diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index 7b8f99d511..b827899445 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -19,11 +19,10 @@ #include "crypto/evp.h" #include "evp_local.h" -int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen, - const unsigned char *salt, int saltlen, - int iter, const EVP_MD *digest, int keylen, - unsigned char *out, - OPENSSL_CTX *libctx, const char *propq) +int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen, + const unsigned char *salt, int saltlen, int iter, + const EVP_MD *digest, int keylen, unsigned char *out, + OPENSSL_CTX *libctx, const char *propq) { const char *empty = ""; int rv = 1, mode = 1; @@ -84,8 +83,8 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out) { - return pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, iter, - digest, keylen, out, NULL, NULL); + return pkcs5_pbkdf2_hmac_ex(pass, passlen, salt, saltlen, iter, digest, + keylen, out, NULL, NULL); } diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index f3ada343fc..e3a885cd7a 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -450,11 +450,10 @@ static EVP_PKEY *new_raw_key_int(OPENSSL_CTX *libctx, return pkey; } -EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *priv, - size_t len) +EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *priv, size_t len) { return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, priv, len, 1); @@ -467,11 +466,9 @@ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, return new_raw_key_int(NULL, NULL, NULL, type, e, priv, len, 1); } -EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *pub, - size_t len) +EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx, + const char *keytype, const char *propq, + const unsigned char *pub, size_t len) { return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, pub, len, 0); @@ -636,11 +633,9 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, # endif } -EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv, - size_t len, - const char *cipher_name, - OPENSSL_CTX *libctx, - const char *propq) +EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len, + const char *cipher_name, OPENSSL_CTX *libctx, + const char *propq) { return new_cmac_key_int(priv, len, cipher_name, NULL, libctx, propq, NULL); } diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 2c4f49a528..f530091a3e 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -14,9 +14,9 @@ #include #include "crypto/evp.h" -int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq) +int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *sigret, + unsigned int *siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx, + const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; @@ -65,5 +65,5 @@ int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret, int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen, EVP_PKEY *pkey) { - return EVP_SignFinal_with_libctx(ctx, sigret, siglen, pkey, NULL, NULL); + return EVP_SignFinal_ex(ctx, sigret, siglen, pkey, NULL, NULL); } diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index db14866af0..dc1ee84c15 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -14,9 +14,9 @@ #include #include "crypto/evp.h" -int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq) +int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx, + const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; unsigned int m_len = 0; @@ -59,5 +59,5 @@ int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey) { - return EVP_VerifyFinal_with_libctx(ctx, sigbuf, siglen, pkey, NULL, NULL); + return EVP_VerifyFinal_ex(ctx, sigbuf, siglen, pkey, NULL, NULL); } diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index ef023205c0..57e02e9db3 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -25,9 +25,8 @@ #ifndef OPENSSL_NO_STDIO STACK_OF(X509_INFO) -*PEM_X509_INFO_read_with_libctx(FILE *fp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq) +*PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, + void *u, OPENSSL_CTX *libctx, const char *propq) { BIO *b; STACK_OF(X509_INFO) *ret; @@ -37,7 +36,7 @@ STACK_OF(X509_INFO) return 0; } BIO_set_fp(b, fp, BIO_NOCLOSE); - ret = PEM_X509_INFO_read_bio_with_libctx(b, sk, cb, u, libctx, propq); + ret = PEM_X509_INFO_read_bio_ex(b, sk, cb, u, libctx, propq); BIO_free(b); return ret; } @@ -45,14 +44,14 @@ STACK_OF(X509_INFO) STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { - return PEM_X509_INFO_read_with_libctx(fp, sk, cb, u, NULL, NULL); + return PEM_X509_INFO_read_ex(fp, sk, cb, u, NULL, NULL); } #endif STACK_OF(X509_INFO) -*PEM_X509_INFO_read_bio_with_libctx(BIO *bp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq) +*PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, + pem_password_cb *cb, void *u, OPENSSL_CTX *libctx, + const char *propq) { X509_INFO *xi = NULL; char *name = NULL, *header = NULL; @@ -98,7 +97,7 @@ STACK_OF(X509_INFO) goto err; goto start; } - xi->x509 = X509_new_with_libctx(libctx, propq); + xi->x509 = X509_new_ex(libctx, propq); if (xi->x509 == NULL) goto err; pp = &(xi->x509); @@ -111,7 +110,7 @@ STACK_OF(X509_INFO) goto err; goto start; } - xi->x509 = X509_new_with_libctx(libctx, propq); + xi->x509 = X509_new_ex(libctx, propq); if (xi->x509 == NULL) goto err; pp = &(xi->x509); @@ -268,7 +267,7 @@ STACK_OF(X509_INFO) STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u) { - return PEM_X509_INFO_read_bio_with_libctx(bp, sk, cb, u, NULL, NULL); + return PEM_X509_INFO_read_bio_ex(bp, sk, cb, u, NULL, NULL); } /* A TJH addition */ diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c index f04e4b34ce..b0027cec2d 100644 --- a/crypto/pkcs7/pk7_asn1.c +++ b/crypto/pkcs7/pk7_asn1.c @@ -83,7 +83,7 @@ PKCS7 *PKCS7_new(void) return (PKCS7 *)ASN1_item_new(ASN1_ITEM_rptr(PKCS7)); } -PKCS7 *PKCS7_new_with_libctx(OPENSSL_CTX *libctx, const char *propq) +PKCS7 *PKCS7_new_ex(OPENSSL_CTX *libctx, const char *propq) { PKCS7 *pkcs7 = PKCS7_new(); diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index bc9bfd8589..cde158d56a 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -847,8 +847,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) if (abuf == NULL) goto err; - if (!EVP_SignFinal_with_libctx(ctx_tmp, abuf, &abuflen, si->pkey, - p7_ctx->libctx, p7_ctx->propq)) { + if (!EVP_SignFinal_ex(ctx_tmp, abuf, &abuflen, si->pkey, + p7_ctx->libctx, p7_ctx->propq)) { OPENSSL_free(abuf); PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB); goto err; @@ -919,9 +919,8 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si) goto err; } - if (EVP_DigestSignInit_with_libctx(mctx, &pctx, - EVP_MD_name(md), ctx->libctx, ctx->propq, - si->pkey) <= 0) + if (EVP_DigestSignInit_ex(mctx, &pctx, EVP_MD_name(md), ctx->libctx, + ctx->propq, si->pkey) <= 0) goto err; /* @@ -1171,8 +1170,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, goto err; } - i = EVP_VerifyFinal_with_libctx(mdc_tmp, os->data, os->length, pkey, - ctx->libctx, ctx->propq); + i = EVP_VerifyFinal_ex(mdc_tmp, os->data, os->length, pkey, ctx->libctx, + ctx->propq); if (i <= 0) { PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE); ret = -1; diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c index 2099e8d9ef..c505b23648 100644 --- a/crypto/pkcs7/pk7_mime.c +++ b/crypto/pkcs7/pk7_mime.c @@ -40,11 +40,10 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags) flags ^= SMIME_OLDMIME; - return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)p7, data, flags, - ctype_nid, NID_undef, mdalgs, - ASN1_ITEM_rptr(PKCS7), - pkcs7_ctx_get0_libctx(ctx), - pkcs7_ctx_get0_propq(ctx)); + return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)p7, data, flags, ctype_nid, + NID_undef, mdalgs, ASN1_ITEM_rptr(PKCS7), + pkcs7_ctx_get0_libctx(ctx), + pkcs7_ctx_get0_propq(ctx)); } PKCS7 *SMIME_read_PKCS7_ex(BIO *bio, BIO **bcont, PKCS7 **p7) diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index 3347544bb8..5cbc18c63e 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -20,14 +20,14 @@ static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si); -PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, BIO *data, int flags, - OPENSSL_CTX *libctx, const char *propq) +PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, + BIO *data, int flags, OPENSSL_CTX *libctx, + const char *propq) { PKCS7 *p7; int i; - if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) { + if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) { PKCS7err(0, ERR_R_MALLOC_FAILURE); return NULL; } @@ -67,7 +67,7 @@ PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags) { - return PKCS7_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL); + return PKCS7_sign_ex(signcert, pkey, certs, data, flags, NULL, NULL); } @@ -268,7 +268,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, /* Now verify the certificates */ p7_ctx = pkcs7_get0_ctx(p7); - cert_ctx = X509_STORE_CTX_new_with_libctx(p7_ctx->libctx, p7_ctx->propq); + cert_ctx = X509_STORE_CTX_new_ex(p7_ctx->libctx, p7_ctx->propq); if (cert_ctx == NULL) goto err; if (!(flags & PKCS7_NOVERIFY)) @@ -443,16 +443,16 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, /* Build a complete PKCS#7 enveloped data */ -PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in, - const EVP_CIPHER *cipher, int flags, - OPENSSL_CTX *libctx, const char *propq) +PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in, + const EVP_CIPHER *cipher, int flags, + OPENSSL_CTX *libctx, const char *propq) { PKCS7 *p7; BIO *p7bio = NULL; int i; X509 *x509; - if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) { + if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) { PKCS7err(0, ERR_R_MALLOC_FAILURE); return NULL; } @@ -489,7 +489,7 @@ PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in, PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags) { - return PKCS7_encrypt_with_libctx(certs, in, cipher, flags, NULL, NULL); + return PKCS7_encrypt_ex(certs, in, cipher, flags, NULL, NULL); } diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index 666e18ec65..cc03132d17 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -196,12 +196,10 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); -int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen); -int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx, - unsigned char *to, int tlen, - const unsigned char *from, - int flen); +int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, + const unsigned char *from, int flen); +int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); #endif /* OSSL_CRYPTO_RSA_LOCAL_H */ diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index ce98802070..ea9ce0dee4 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -40,9 +40,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen) { - return rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(NULL, to, tlen, from, - flen, param, plen, NULL, - NULL); + return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, + plen, NULL, NULL); } /* @@ -52,13 +51,11 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, * Step numbers are included here but not in the constant time inverse below * to avoid complicating an already difficult enough function. */ -int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx, - unsigned char *to, int tlen, - const unsigned char *from, - int flen, - const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md) +int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen, const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md) { int rv = 0; int i, emlen = tlen - 1; @@ -141,9 +138,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { - return rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(NULL, to, tlen, from, - flen, param, plen, md, - mgf1md); + return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, + plen, md, mgf1md); } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index b996e4d05e..d1e8535226 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -111,18 +111,15 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, switch (padding) { case RSA_PKCS1_PADDING: - i = rsa_padding_add_PKCS1_type_2_with_libctx(rsa->libctx, buf, num, - from, flen); + i = rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, from, flen); break; case RSA_PKCS1_OAEP_PADDING: - i = rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(rsa->libctx, buf, num, - from, flen, NULL, 0, - NULL, NULL); + i = rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, from, + flen, NULL, 0, NULL, NULL); break; #ifndef FIPS_MODULE case RSA_SSLV23_PADDING: - i = rsa_padding_add_SSLv23_with_libctx(rsa->libctx, buf, num, from, - flen); + i = rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen); break; #endif case RSA_NO_PADDING: diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index b594534563..05c2933407 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -124,10 +124,9 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, return j; } -int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx, - unsigned char *to, int tlen, - const unsigned char *from, - int flen) +int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen) { int i, j; unsigned char *p; @@ -165,7 +164,7 @@ int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx, int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, const unsigned char *from, int flen) { - return rsa_padding_add_PKCS1_type_2_with_libctx(NULL, to, tlen, from, flen); + return rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen); } int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 1cca8d0b09..3565b8c8d6 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -21,9 +21,8 @@ #include "internal/constant_time.h" #include "rsa_local.h" -int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen) +int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, + const unsigned char *from, int flen) { int i, j; unsigned char *p; @@ -63,7 +62,7 @@ int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to, int RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from, int flen) { - return rsa_padding_add_SSLv23_with_libctx(NULL, to, tlen, from, flen); + return rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen); } /* diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 0f686fb119..94f47d0394 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -32,11 +32,10 @@ static int ossl_store_close_it(OSSL_STORE_CTX *ctx); OSSL_STORE_CTX * -OSSL_STORE_open_with_libctx(const char *uri, - OPENSSL_CTX *libctx, const char *propq, - const UI_METHOD *ui_method, void *ui_data, - OSSL_STORE_post_process_info_fn post_process, - void *post_process_data) +OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq, + const UI_METHOD *ui_method, void *ui_data, + OSSL_STORE_post_process_info_fn post_process, + void *post_process_data) { const OSSL_STORE_LOADER *loader = NULL; OSSL_STORE_LOADER *fetched_loader = NULL; @@ -85,9 +84,9 @@ OSSL_STORE_open_with_libctx(const char *uri, OSSL_TRACE1(STORE, "Looking up scheme %s\n", schemes[i]); #ifndef OPENSSL_NO_DEPRECATED_3_0 if ((loader = ossl_store_get0_loader_int(schemes[i])) != NULL) { - if (loader->open_with_libctx != NULL) - loader_ctx = loader->open_with_libctx(loader, uri, libctx, propq, - ui_method, ui_data); + if (loader->open_ex != NULL) + loader_ctx = loader->open_ex(loader, uri, libctx, propq, + ui_method, ui_data); else loader_ctx = loader->open(loader, uri, ui_method, ui_data); } @@ -187,8 +186,8 @@ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, OSSL_STORE_post_process_info_fn post_process, void *post_process_data) { - return OSSL_STORE_open_with_libctx(uri, NULL, NULL, ui_method, ui_data, - post_process, post_process_data); + return OSSL_STORE_open_ex(uri, NULL, NULL, ui_method, ui_data, post_process, + post_process_data); } #ifndef OPENSSL_NO_DEPRECATED_3_0 diff --git a/crypto/store/store_local.h b/crypto/store/store_local.h index ef9815fa69..e5488606e4 100644 --- a/crypto/store/store_local.h +++ b/crypto/store/store_local.h @@ -93,7 +93,7 @@ struct ossl_store_loader_st { OSSL_STORE_eof_fn eof; OSSL_STORE_error_fn error; OSSL_STORE_close_fn close; - OSSL_STORE_open_with_libctx_fn open_with_libctx; + OSSL_STORE_open_ex_fn open_ex; #endif /* Provider stuff */ diff --git a/crypto/store/store_register.c b/crypto/store/store_register.c index 7bc233ca9d..f426a82ecc 100644 --- a/crypto/store/store_register.c +++ b/crypto/store/store_register.c @@ -70,11 +70,11 @@ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader, return 1; } -int OSSL_STORE_LOADER_set_open_with_libctx +int OSSL_STORE_LOADER_set_open_ex (OSSL_STORE_LOADER *loader, - OSSL_STORE_open_with_libctx_fn open_with_libctx_function) + OSSL_STORE_open_ex_fn open_ex_function) { - loader->open_with_libctx = open_with_libctx_function; + loader->open_ex = open_ex_function; return 1; } @@ -222,7 +222,7 @@ const OSSL_STORE_LOADER *ossl_store_get0_loader_int(const char *scheme) template.load = NULL; template.eof = NULL; template.close = NULL; - template.open_with_libctx = NULL; + template.open_ex = NULL; if (!ossl_store_init_once()) return NULL; diff --git a/crypto/store/store_result.c b/crypto/store/store_result.c index 363d25adbf..a591ef23ec 100644 --- a/crypto/store/store_result.c +++ b/crypto/store/store_result.c @@ -335,7 +335,7 @@ static EVP_PKEY *try_key_value_legacy(struct extracted_param_data_st *data, p8info = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, der_len); RESET_ERR_MARK(); if (p8info != NULL) { - pk = EVP_PKCS82PKEY_with_libctx(p8info, libctx, propq); + pk = EVP_PKCS82PKEY_ex(p8info, libctx, propq); PKCS8_PRIV_KEY_INFO_free(p8info); } } diff --git a/crypto/trace.c b/crypto/trace.c old mode 100755 new mode 100644 diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index da04daf902..3f44d541cf 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -47,12 +47,9 @@ static void free_dir(X509_LOOKUP *lu); static int add_cert_dir(BY_DIR *ctx, const char *dir, int type); static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret); -static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl, - X509_LOOKUP_TYPE type, - const X509_NAME *name, - X509_OBJECT *ret, - OPENSSL_CTX *libctx, - const char *propq); +static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, + const X509_NAME *name, X509_OBJECT *ret, + OPENSSL_CTX *libctx, const char *propq); static X509_LOOKUP_METHOD x509_dir_lookup = { "Load certs from files in a directory", new_dir, /* new_item */ @@ -64,8 +61,8 @@ static X509_LOOKUP_METHOD x509_dir_lookup = { NULL, /* get_by_issuer_serial */ NULL, /* get_by_fingerprint */ NULL, /* get_by_alias */ - get_cert_by_subject_with_libctx, /* get_by_subject_with_libctx */ - NULL, /* ctrl_with_libctx */ + get_cert_by_subject_ex, /* get_by_subject_ex */ + NULL, /* ctrl_ex */ }; X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) @@ -217,12 +214,9 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) return 1; } -static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl, - X509_LOOKUP_TYPE type, - const X509_NAME *name, - X509_OBJECT *ret, - OPENSSL_CTX *libctx, - const char *propq) +static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, + const X509_NAME *name, X509_OBJECT *ret, + OPENSSL_CTX *libctx, const char *propq) { BY_DIR *ctx; union { @@ -327,8 +321,8 @@ static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl, #endif /* found one. */ if (type == X509_LU_X509) { - if ((X509_load_cert_file_with_libctx(xl, b->data, ent->dir_type, - libctx, propq)) == 0) + if ((X509_load_cert_file_ex(xl, b->data, ent->dir_type, libctx, + propq)) == 0) break; } else if (type == X509_LU_CRL) { if ((X509_load_crl_file(xl, b->data, ent->dir_type)) == 0) @@ -406,5 +400,5 @@ static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl, static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret) { - return get_cert_by_subject_with_libctx(xl, type, name, ret, NULL, NULL); + return get_cert_by_subject_ex(xl, type, name, ret, NULL, NULL); } diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index a4ec328312..c5010c4e7e 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -19,9 +19,9 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); -static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, - const char *argc, long argl, char **ret, - OPENSSL_CTX *libctx, const char *propq); +static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, + long argl, char **ret, OPENSSL_CTX *libctx, + const char *propq); static X509_LOOKUP_METHOD x509_file_lookup = { @@ -35,8 +35,8 @@ static X509_LOOKUP_METHOD x509_file_lookup = { NULL, /* get_by_issuer_serial */ NULL, /* get_by_fingerprint */ NULL, /* get_by_alias */ - NULL, /* get_by_subject_with_libctx */ - by_file_ctrl_with_libctx, /* ctrl_with_libctx */ + NULL, /* get_by_subject_ex */ + by_file_ctrl_ex, /* ctrl_ex */ }; X509_LOOKUP_METHOD *X509_LOOKUP_file(void) @@ -44,9 +44,9 @@ X509_LOOKUP_METHOD *X509_LOOKUP_file(void) return &x509_file_lookup; } -static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, - const char *argp, long argl, char **ret, - OPENSSL_CTX *libctx, const char *propq) +static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, + long argl, char **ret, OPENSSL_CTX *libctx, + const char *propq) { int ok = 0; const char *file; @@ -56,12 +56,11 @@ static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, if (argl == X509_FILETYPE_DEFAULT) { file = ossl_safe_getenv(X509_get_default_cert_file_env()); if (file) - ok = (X509_load_cert_crl_file_with_libctx(ctx, file, - X509_FILETYPE_PEM, - libctx, propq) != 0); + ok = (X509_load_cert_crl_file_ex(ctx, file, X509_FILETYPE_PEM, + libctx, propq) != 0); else - ok = (X509_load_cert_crl_file_with_libctx( + ok = (X509_load_cert_crl_file_ex( ctx, X509_get_default_cert_file(), X509_FILETYPE_PEM, libctx, propq) != 0); @@ -70,12 +69,11 @@ static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, } } else { if (argl == X509_FILETYPE_PEM) - ok = (X509_load_cert_crl_file_with_libctx(ctx, argp, - X509_FILETYPE_PEM, - libctx, propq) != 0); + ok = (X509_load_cert_crl_file_ex(ctx, argp, X509_FILETYPE_PEM, + libctx, propq) != 0); else - ok = (X509_load_cert_file_with_libctx(ctx, argp, (int)argl, - libctx, propq) != 0); + ok = (X509_load_cert_file_ex(ctx, argp, (int)argl, libctx, + propq) != 0); } break; } @@ -85,11 +83,11 @@ static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, char **ret) { - return by_file_ctrl_with_libctx(ctx, cmd, argp, argl, ret, NULL, NULL); + return by_file_ctrl_ex(ctx, cmd, argp, argl, ret, NULL, NULL); } -int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq) +int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, + OPENSSL_CTX *libctx, const char *propq) { int ret = 0; BIO *in = NULL; @@ -107,7 +105,7 @@ int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type X509err(0, X509_R_BAD_X509_FILETYPE); goto err; } - x = X509_new_with_libctx(libctx, propq); + x = X509_new_ex(libctx, propq); if (x == NULL) { X509err(0, ERR_R_MALLOC_FAILURE); goto err; @@ -153,7 +151,7 @@ int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) { - return X509_load_cert_file_with_libctx(ctx, file, type, NULL, NULL); + return X509_load_cert_file_ex(ctx, file, type, NULL, NULL); } int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) @@ -213,9 +211,8 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) return ret; } -int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file, - int type, OPENSSL_CTX *libctx, - const char *propq) +int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type, + OPENSSL_CTX *libctx, const char *propq) { STACK_OF(X509_INFO) *inf; X509_INFO *itmp; @@ -223,13 +220,13 @@ int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file, int i, count = 0; if (type != X509_FILETYPE_PEM) - return X509_load_cert_file_with_libctx(ctx, file, type, libctx, propq); + return X509_load_cert_file_ex(ctx, file, type, libctx, propq); in = BIO_new_file(file, "r"); if (!in) { X509err(0, ERR_R_SYS_LIB); return 0; } - inf = PEM_X509_INFO_read_bio_with_libctx(in, NULL, NULL, "", libctx, propq); + inf = PEM_X509_INFO_read_bio_ex(in, NULL, NULL, "", libctx, propq); BIO_free(in); if (!inf) { X509err(0, ERR_R_PEM_LIB); @@ -257,6 +254,6 @@ int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file, int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type) { - return X509_load_cert_crl_file_with_libctx(ctx, file, type, NULL, NULL); + return X509_load_cert_crl_file_ex(ctx, file, type, NULL, NULL); } diff --git a/crypto/x509/by_store.c b/crypto/x509/by_store.c index 7822da8cd5..e29e74f917 100644 --- a/crypto/x509/by_store.c +++ b/crypto/x509/by_store.c @@ -21,8 +21,7 @@ static int cache_objects(X509_LOOKUP *lctx, const char *uri, OSSL_STORE_CTX *ctx = NULL; X509_STORE *xstore = X509_LOOKUP_get_store(lctx); - if ((ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, - NULL, NULL, NULL, NULL)) == NULL) + if ((ctx = OSSL_STORE_open_ex(uri, libctx, propq, NULL, NULL, NULL, NULL)) == NULL) return 0; /* @@ -105,10 +104,9 @@ static void by_store_free(X509_LOOKUP *ctx) sk_OPENSSL_STRING_pop_free(uris, free_uri); } -static int by_store_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, - const char *argp, long argl, - char **retp, - OPENSSL_CTX *libctx, const char *propq) +static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, + long argl, char **retp, OPENSSL_CTX *libctx, + const char *propq) { switch (cmd) { case X509_L_ADD_STORE: @@ -138,7 +136,7 @@ static int by_store_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, static int by_store_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, char **retp) { - return by_store_ctrl_with_libctx(ctx, cmd, argp, argl, retp, NULL, NULL); + return by_store_ctrl_ex(ctx, cmd, argp, argl, retp, NULL, NULL); } static int by_store(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, @@ -159,9 +157,9 @@ static int by_store(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, return ok; } -static int by_store_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq) +static int by_store_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, + const X509_NAME *name, X509_OBJECT *ret, + OPENSSL_CTX *libctx, const char *propq) { OSSL_STORE_SEARCH *criterion = OSSL_STORE_SEARCH_by_name((X509_NAME *)name); /* won't modify it */ @@ -216,7 +214,7 @@ static int by_store_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, static int by_store_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret) { - return by_store_subject_with_libctx(ctx, type, name, ret, NULL, NULL); + return by_store_subject_ex(ctx, type, name, ret, NULL, NULL); } /* @@ -236,8 +234,8 @@ static X509_LOOKUP_METHOD x509_store_lookup = { NULL, /* get_by_issuer_serial */ NULL, /* get_by_fingerprint */ NULL, /* get_by_alias */ - by_store_subject_with_libctx, - by_store_ctrl_with_libctx + by_store_subject_ex, + by_store_ctrl_ex }; X509_LOOKUP_METHOD *X509_LOOKUP_store(void) diff --git a/crypto/x509/x509_d2.c b/crypto/x509/x509_d2.c index 512c7ae13e..40f751cde6 100644 --- a/crypto/x509/x509_d2.c +++ b/crypto/x509/x509_d2.c @@ -12,17 +12,15 @@ #include #include -int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx, - OPENSSL_CTX *libctx, - const char *propq) +int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx, + const char *propq) { X509_LOOKUP *lookup; lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file()); if (lookup == NULL) return 0; - X509_LOOKUP_load_file_with_libctx(lookup, NULL, X509_FILETYPE_DEFAULT, - libctx, propq); + X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, libctx, propq); lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir()); if (lookup == NULL) @@ -32,7 +30,7 @@ int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx, lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_store()); if (lookup == NULL) return 0; - X509_LOOKUP_add_store_with_libctx(lookup, NULL, libctx, propq); + X509_LOOKUP_add_store_ex(lookup, NULL, libctx, propq); /* clear any errors */ ERR_clear_error(); @@ -41,18 +39,18 @@ int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx, } int X509_STORE_set_default_paths(X509_STORE *ctx) { - return X509_STORE_set_default_paths_with_libctx(ctx, NULL, NULL); + return X509_STORE_set_default_paths_ex(ctx, NULL, NULL); } -int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file, - OPENSSL_CTX *libctx, const char *propq) +int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file, + OPENSSL_CTX *libctx, const char *propq) { X509_LOOKUP *lookup; if (file == NULL || (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file())) == NULL - || X509_LOOKUP_load_file_with_libctx(lookup, file, X509_FILETYPE_PEM, - libctx, propq) == 0) + || X509_LOOKUP_load_file_ex(lookup, file, X509_FILETYPE_PEM, libctx, + propq) == 0) return 0; return 1; @@ -60,7 +58,7 @@ int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file, int X509_STORE_load_file(X509_STORE *ctx, const char *file) { - return X509_STORE_load_file_with_libctx(ctx, file, NULL, NULL); + return X509_STORE_load_file_ex(ctx, file, NULL, NULL); } int X509_STORE_load_path(X509_STORE *ctx, const char *path) @@ -75,14 +73,14 @@ int X509_STORE_load_path(X509_STORE *ctx, const char *path) return 1; } -int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *uri, - OPENSSL_CTX *libctx, const char *propq) +int X509_STORE_load_store_ex(X509_STORE *ctx, const char *uri, + OPENSSL_CTX *libctx, const char *propq) { X509_LOOKUP *lookup; if (uri == NULL || (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_store())) == NULL - || X509_LOOKUP_add_store_with_libctx(lookup, uri, libctx, propq) == 0) + || X509_LOOKUP_add_store_ex(lookup, uri, libctx, propq) == 0) return 0; return 1; @@ -90,17 +88,16 @@ int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *uri, int X509_STORE_load_store(X509_STORE *ctx, const char *uri) { - return X509_STORE_load_store_with_libctx(ctx, uri, NULL, NULL); + return X509_STORE_load_store_ex(ctx, uri, NULL, NULL); } -int X509_STORE_load_locations_with_libctx(X509_STORE *ctx, const char *file, - const char *path, - OPENSSL_CTX *libctx, const char *propq) +int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file, + const char *path, OPENSSL_CTX *libctx, + const char *propq) { if (file == NULL && path == NULL) return 0; - if (file != NULL && !X509_STORE_load_file_with_libctx(ctx, file, - libctx, propq)) + if (file != NULL && !X509_STORE_load_file_ex(ctx, file, libctx, propq)) return 0; if (path != NULL && !X509_STORE_load_path(ctx, path)) return 0; @@ -110,5 +107,5 @@ int X509_STORE_load_locations_with_libctx(X509_STORE *ctx, const char *file, int X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *path) { - return X509_STORE_load_locations_with_libctx(ctx, file, path, NULL, NULL); + return X509_STORE_load_locations_ex(ctx, file, path, NULL, NULL); } diff --git a/crypto/x509/x509_local.h b/crypto/x509/x509_local.h index 6a2137129c..5d1f984aea 100644 --- a/crypto/x509/x509_local.h +++ b/crypto/x509/x509_local.h @@ -90,12 +90,11 @@ struct x509_lookup_method_st { X509_OBJECT *ret); int (*get_by_alias) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const char *str, int len, X509_OBJECT *ret); - int (*get_by_subject_with_libctx) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq); - int (*ctrl_with_libctx) (X509_LOOKUP *ctx, int cmd, - const char *argc, long argl, char **ret, - OPENSSL_CTX *libctx, const char *propq); + int (*get_by_subject_ex) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, + const X509_NAME *name, X509_OBJECT *ret, + OPENSSL_CTX *libctx, const char *propq); + int (*ctrl_ex) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl, + char **ret, OPENSSL_CTX *libctx, const char *propq); }; /* This is the functions plus an instance of the local variables. */ diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index de81fad513..69517e0b5e 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -71,15 +71,13 @@ int X509_LOOKUP_shutdown(X509_LOOKUP *ctx) return 1; } -int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret, - OPENSSL_CTX *libctx, const char *propq) +int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, + char **ret, OPENSSL_CTX *libctx, const char *propq) { if (ctx->method == NULL) return -1; - if (ctx->method->ctrl_with_libctx != NULL) - return ctx->method->ctrl_with_libctx(ctx, cmd, argc, argl, ret, - libctx, propq); + if (ctx->method->ctrl_ex != NULL) + return ctx->method->ctrl_ex(ctx, cmd, argc, argl, ret, libctx, propq); if (ctx->method->ctrl != NULL) return ctx->method->ctrl(ctx, cmd, argc, argl, ret); return 1; @@ -88,21 +86,21 @@ int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc, int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret) { - return X509_LOOKUP_ctrl_with_libctx(ctx, cmd, argc, argl, ret, NULL, NULL); + return X509_LOOKUP_ctrl_ex(ctx, cmd, argc, argl, ret, NULL, NULL); } -int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq) +int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, + const X509_NAME *name, X509_OBJECT *ret, + OPENSSL_CTX *libctx, const char *propq) { if (ctx->skip || ctx->method == NULL || (ctx->method->get_by_subject == NULL - && ctx->method->get_by_subject_with_libctx == NULL)) + && ctx->method->get_by_subject_ex == NULL)) return 0; - if (ctx->method->get_by_subject_with_libctx != NULL) - return ctx->method->get_by_subject_with_libctx(ctx, type, name, ret, - libctx, propq); + if (ctx->method->get_by_subject_ex != NULL) + return ctx->method->get_by_subject_ex(ctx, type, name, ret, libctx, + propq); else return ctx->method->get_by_subject(ctx, type, name, ret); } @@ -110,7 +108,7 @@ int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret) { - return X509_LOOKUP_by_subject_with_libctx(ctx, type, name, ret, NULL, NULL); + return X509_LOOKUP_by_subject_ex(ctx, type, name, ret, NULL, NULL); } int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, @@ -330,8 +328,8 @@ int X509_STORE_CTX_get_by_subject(const X509_STORE_CTX *vs, if (tmp == NULL || type == X509_LU_CRL) { for (i = 0; i < sk_X509_LOOKUP_num(store->get_cert_methods); i++) { lu = sk_X509_LOOKUP_value(store->get_cert_methods, i); - j = X509_LOOKUP_by_subject_with_libctx(lu, type, name, &stmp, - vs->libctx, vs->propq); + j = X509_LOOKUP_by_subject_ex(lu, type, name, &stmp, vs->libctx, + vs->propq); if (j) { tmp = &stmp; break; diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 3d6c665aed..cf89179dfd 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2316,8 +2316,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, return 1; } -X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq) +X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq) { X509_STORE_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); @@ -2341,7 +2340,7 @@ X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx, X509_STORE_CTX *X509_STORE_CTX_new(void) { - return X509_STORE_CTX_new_with_libctx(NULL, NULL); + return X509_STORE_CTX_new_ex(NULL, NULL); } diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index 3e7dc42ef1..a7cf13f7b8 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -32,23 +32,22 @@ int X509_verify(X509 *a, EVP_PKEY *r) if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature)) return 0; - return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg, - &a->signature, &a->cert_info, - a->distinguishing_id, r, - a->libctx, a->propq); + return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg, + &a->signature, &a->cert_info, + a->distinguishing_id, r, a->libctx, a->propq); } -int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx, - const char *propq) +int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx, + const char *propq) { - return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_REQ_INFO), - &a->sig_alg, a->signature, &a->req_info, - a->distinguishing_id, r, libctx, propq); + return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg, + a->signature, &a->req_info, a->distinguishing_id, + r, libctx, propq); } int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) { - return X509_REQ_verify_with_libctx(a, r, NULL, NULL); + return X509_REQ_verify_ex(a, r, NULL, NULL); } int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) @@ -403,8 +402,8 @@ int X509_digest(const X509 *cert, const EVP_MD *md, unsigned char *data, memcpy(data, cert->sha1_hash, sizeof(cert->sha1_hash)); return 1; } - return (asn1_item_digest_with_libctx(ASN1_ITEM_rptr(X509), md, (char *)cert, - data, len, cert->libctx, cert->propq)); + return (asn1_item_digest_ex(ASN1_ITEM_rptr(X509), md, (char *)cert, data, + len, cert->libctx, cert->propq)); } /* calculate cert digest using the same hash algorithm as in its signature */ diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index 315787a5aa..e556eebdae 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -132,7 +132,7 @@ int i2d_X509(const X509 *a, unsigned char **out) /* * This should only be used if the X509 object was embedded inside another * asn1 object and it needs a libctx to operate. - * Use X509_new_with_libctx() instead if possible. + * Use X509_new_ex() instead if possible. */ int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq) { @@ -143,7 +143,7 @@ int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq) return 1; } -X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq) +X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq) { X509 *cert = NULL; diff --git a/doc/man3/CMS_EncryptedData_encrypt.pod b/doc/man3/CMS_EncryptedData_encrypt.pod index cb2672f629..63d5d2a1ff 100644 --- a/doc/man3/CMS_EncryptedData_encrypt.pod +++ b/doc/man3/CMS_EncryptedData_encrypt.pod @@ -2,16 +2,20 @@ =head1 NAME -CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt +CMS_EncryptedData_encrypt_ex, CMS_EncryptedData_encrypt - Create CMS EncryptedData =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in, - const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, - unsigned int flags, OPENSSL_CTX *ctx, const char *propq); + CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, + const EVP_CIPHER *cipher, + const unsigned char *key, + size_t keylen, + unsigned int flags, + OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, @@ -19,7 +23,7 @@ CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt =head1 DESCRIPTION -CMS_EncryptedData_encrypt_with_libctx() creates a B structure +CMS_EncryptedData_encrypt_ex() creates a B structure with a type B. I is a BIO containing the data to encrypt using I and the encryption key I of size I bytes. The library context I and the property query I are used when @@ -34,13 +38,13 @@ its parameters. The B structure can be freed using L. -CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_with_libctx() +CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -If the allocation fails, CMS_EncryptedData_encrypt_with_libctx() and +If the allocation fails, CMS_EncryptedData_encrypt_ex() and CMS_EncryptedData_encrypt() return NULL and set an error code that can be obtained by L. Otherwise they return a pointer to the newly allocated structure. @@ -51,7 +55,7 @@ L, L, L head1 HISTORY -The CMS_EncryptedData_encrypt_with_libctx() method was added in OpenSSL 3.0. +The CMS_EncryptedData_encrypt_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_EnvelopedData_create.pod b/doc/man3/CMS_EnvelopedData_create.pod index 6978aaabcb..97ece28f54 100644 --- a/doc/man3/CMS_EnvelopedData_create.pod +++ b/doc/man3/CMS_EnvelopedData_create.pod @@ -2,8 +2,8 @@ =head1 NAME -CMS_EnvelopedData_create_with_libctx, CMS_EnvelopedData_create, -CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx +CMS_EnvelopedData_create_ex, CMS_EnvelopedData_create, +CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_ex - Create CMS envelope =head1 SYNOPSIS @@ -11,25 +11,23 @@ CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx #include CMS_ContentInfo * - CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, - const char *propq); + CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + const char *propq); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); CMS_ContentInfo * - CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, - const char *propq); + CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + const char *propq); CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher); =head1 DESCRIPTION -CMS_EnvelopedData_create_with_libctx() creates a B structure +CMS_EnvelopedData_create_ex() creates a B structure with a type B. I is the symmetric cipher to use. The library context I and the property query I are used when retrieving algorithms from providers. -CMS_AuthEnvelopedData_create_with_libctx() creates a B +CMS_AuthEnvelopedData_create_ex() creates a B structure with a type B. B is the symmetric AEAD cipher to use. Currently only AES variants with GCM mode are supported. The library context I and the property query I are @@ -45,8 +43,8 @@ The B structure needs to be finalized using L and then freed using L. CMS_EnvelopedData_create() and CMS_AuthEnvelopedData_create are similar to -CMS_EnvelopedData_create_with_libctx() and -CMS_AuthEnvelopedData_create_with_libctx() but use default values of NULL for +CMS_EnvelopedData_create_ex() and +CMS_AuthEnvelopedData_create_ex() but use default values of NULL for the library context I and the property query I. =head1 NOTES @@ -68,7 +66,7 @@ L, L, L, L head1 HISTORY -The CMS_EnvelopedData_create_with_libctx() method was added in OpenSSL 3.0. +The CMS_EnvelopedData_create_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_data_create.pod b/doc/man3/CMS_data_create.pod index b64a7a1d46..2d361af6cc 100644 --- a/doc/man3/CMS_data_create.pod +++ b/doc/man3/CMS_data_create.pod @@ -2,21 +2,20 @@ =head1 NAME -CMS_data_create_with_libctx, CMS_data_create +CMS_data_create_ex, CMS_data_create - Create CMS Data object =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags, - OPENSSL_CTX *libctx, - const char *propq); + CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, + OPENSSL_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); =head1 DESCRIPTION -CMS_data_create_with_libctx() creates a B structure +CMS_data_create_ex() creates a B structure with a type B. The data is supplied via the I BIO. The library context I and the property query I are used when retrieving algorithms from providers. The I field supports the @@ -25,13 +24,13 @@ specified. The B structure can be freed using L. -CMS_data_create() is similar to CMS_data_create_with_libctx() +CMS_data_create() is similar to CMS_data_create_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -If the allocation fails, CMS_data_create_with_libctx() and CMS_data_create() +If the allocation fails, CMS_data_create_ex() and CMS_data_create() return NULL and set an error code that can be obtained by L. Otherwise they return a pointer to the newly allocated structure. @@ -41,7 +40,7 @@ L, L head1 HISTORY -The CMS_data_create_with_libctx() method was added in OpenSSL 3.0. +The CMS_data_create_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_digest_create.pod b/doc/man3/CMS_digest_create.pod index 0eba22cfe6..74bd1fdea2 100644 --- a/doc/man3/CMS_digest_create.pod +++ b/doc/man3/CMS_digest_create.pod @@ -2,23 +2,23 @@ =head1 NAME -CMS_digest_create_with_libctx, CMS_digest_create +CMS_digest_create_ex, CMS_digest_create - Create CMS DigestedData object =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in, - const EVP_MD *md, unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); + CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, + unsigned int flags, OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags); =head1 DESCRIPTION -CMS_digest_create_with_libctx() creates a B structure +CMS_digest_create_ex() creates a B structure with a type B. The data supplied via the I BIO is digested using I. The library context I and the property query I are used when retrieving algorithms from providers. @@ -27,14 +27,14 @@ Internally CMS_final() is called unless B is specified. The B structure can be freed using L. -CMS_digest_create() is similar to CMS_digest_create_with_libctx() +CMS_digest_create() is similar to CMS_digest_create_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -If the allocation fails, CMS_digest_create_with_libctx() and CMS_digest_create() +If the allocation fails, CMS_digest_create_ex() and CMS_digest_create() return NULL and set an error code that can be obtained by L. Otherwise they return a pointer to the newly allocated structure. @@ -44,7 +44,7 @@ L, L> head1 HISTORY -The CMS_digest_create_with_libctx() method was added in OpenSSL 3.0. +The CMS_digest_create_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_encrypt.pod b/doc/man3/CMS_encrypt.pod index 9fe92e3ee6..e78c096c78 100644 --- a/doc/man3/CMS_encrypt.pod +++ b/doc/man3/CMS_encrypt.pod @@ -2,23 +2,21 @@ =head1 NAME -CMS_encrypt_with_libctx, CMS_encrypt - create a CMS envelopedData structure +CMS_encrypt_ex, CMS_encrypt - create a CMS envelopedData structure =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs, - BIO *in, const EVP_CIPHER *cipher, - unsigned int flags, - OPENSSL_CTX *libctx, - const char *propq); + CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in, + const EVP_CIPHER *cipher, unsigned int flags, + OPENSSL_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags); =head1 DESCRIPTION -CMS_encrypt_with_libctx() creates and returns a CMS EnvelopedData or +CMS_encrypt_ex() creates and returns a CMS EnvelopedData or AuthEnvelopedData structure. I is a list of recipient certificates. I is the content to be encrypted. I is the symmetric cipher to use. I is an optional set of flags. The library context I and the @@ -85,12 +83,12 @@ and CMS_add0_recipient_key(). The parameter B may be NULL if B is set and recipients added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key(). -CMS_encrypt() is similar to CMS_encrypt_with_libctx() but uses default values +CMS_encrypt() is similar to CMS_encrypt_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -CMS_encrypt_with_libctx() and CMS_encrypt() return either a CMS_ContentInfo +CMS_encrypt_ex() and CMS_encrypt() return either a CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3). @@ -100,7 +98,7 @@ L, L =head1 HISTORY -The function CMS_encrypt_with_libctx() was added in OpenSSL 3.0. +The function CMS_encrypt_ex() was added in OpenSSL 3.0. The B flag was first supported in OpenSSL 1.0.0. diff --git a/doc/man3/CMS_get1_ReceiptRequest.pod b/doc/man3/CMS_get1_ReceiptRequest.pod index 704d4bac01..6e1d1c1fd2 100644 --- a/doc/man3/CMS_get1_ReceiptRequest.pod +++ b/doc/man3/CMS_get1_ReceiptRequest.pod @@ -2,7 +2,7 @@ =head1 NAME -CMS_ReceiptRequest_create0_with_libctx, CMS_ReceiptRequest_create0, +CMS_ReceiptRequest_create0_ex, CMS_ReceiptRequest_create0, CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values - CMS signed receipt request functions @@ -10,7 +10,7 @@ CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values #include - CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx( + CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo, OPENSSL_CTX *libctx, const char *propq); @@ -26,7 +26,7 @@ CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values =head1 DESCRIPTION -CMS_ReceiptRequest_create0_with_libctx() creates a signed receipt request +CMS_ReceiptRequest_create0_ex() creates a signed receipt request structure. The B field is set using I and I, or it is set to 32 bytes of pseudo random data if I is NULL. If I is NULL the allOrFirstTier option in I is used @@ -36,7 +36,7 @@ parameter specifies the I field value. The library context I and the property query I are used when retrieving algorithms from providers. CMS_ReceiptRequest_create0() is similar to -CMS_ReceiptRequest_create0_with_libctx() but uses default values of NULL for the +CMS_ReceiptRequest_create0_ex() but uses default values of NULL for the library context I and the property query I. The CMS_add1_ReceiptRequest() function adds a signed receipt request B @@ -61,7 +61,7 @@ CMS_verify(). =head1 RETURN VALUES -CMS_ReceiptRequest_create0_with_libctx() and CMS_ReceiptRequest_create0() return +CMS_ReceiptRequest_create0_ex() and CMS_ReceiptRequest_create0() return a signed receipt request structure or NULL if an error occurred. CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred. @@ -78,7 +78,7 @@ L =head1 HISTORY -The function CMS_ReceiptRequest_create0_with_libctx() was added in OpenSSL 3.0. +The function CMS_ReceiptRequest_create0_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CMS_sign.pod b/doc/man3/CMS_sign.pod index cf92d35303..b5af7e0448 100644 --- a/doc/man3/CMS_sign.pod +++ b/doc/man3/CMS_sign.pod @@ -2,22 +2,22 @@ =head1 NAME -CMS_sign, CMS_sign_with_libctx - create a CMS SignedData structure +CMS_sign, CMS_sign_ex - create a CMS SignedData structure =head1 SYNOPSIS #include - CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, BIO *data, - unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); + CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, + STACK_OF(X509) *certs, BIO *data, + unsigned int flags, OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags); =head1 DESCRIPTION -CMS_sign_with_libctx() creates and returns a CMS SignedData structure. +CMS_sign_ex() creates and returns a CMS SignedData structure. I is the certificate to sign with, I is the corresponding private key. I is an optional additional set of certificates to include in the CMS structure (for example any intermediate CAs in the chain). The @@ -29,7 +29,7 @@ The data to be signed is read from BIO B. B is an optional set of flags. -CMS_sign() is similar to CMS_sign_with_libctx() but uses default values of NULL +CMS_sign() is similar to CMS_sign_ex() but uses default values of NULL for the library context I and the property query I. =head1 NOTES @@ -115,7 +115,7 @@ Some attributes such as counter signatures are not supported. =head1 RETURN VALUES -CMS_sign_with_libctx() and CMS_sign() return either a valid CMS_ContentInfo +CMS_sign_ex() and CMS_sign() return either a valid CMS_ContentInfo structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3). @@ -128,7 +128,7 @@ L, L The B flag is only supported for detached data in OpenSSL 0.9.8, it is supported for embedded data in OpenSSL 1.0.0 and later. -The CMS_sign_with_libctx() method was added in OpenSSL 3.0. +The CMS_sign_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/CONF_modules_free.pod b/doc/man3/CONF_modules_free.pod index e7ad3dac29..f47637f62b 100644 --- a/doc/man3/CONF_modules_free.pod +++ b/doc/man3/CONF_modules_free.pod @@ -39,7 +39,7 @@ None of the functions return a value. =head1 SEE ALSO L, L, -L +L =head1 HISTORY diff --git a/doc/man3/CONF_modules_load_file.pod b/doc/man3/CONF_modules_load_file.pod index 7e99bb9d5a..07834a6ba5 100644 --- a/doc/man3/CONF_modules_load_file.pod +++ b/doc/man3/CONF_modules_load_file.pod @@ -2,16 +2,15 @@ =head1 NAME -CONF_modules_load_file_with_libctx, CONF_modules_load_file, CONF_modules_load +CONF_modules_load_file_ex, CONF_modules_load_file, CONF_modules_load - OpenSSL configuration functions =head1 SYNOPSIS #include - int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, - const char *filename, - const char *appname, unsigned long flags); + int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, + const char *appname, unsigned long flags); int CONF_modules_load_file(const char *filename, const char *appname, unsigned long flags); int CONF_modules_load(const CONF *cnf, const char *appname, @@ -19,7 +18,7 @@ CONF_modules_load_file_with_libctx, CONF_modules_load_file, CONF_modules_load =head1 DESCRIPTION -The function CONF_modules_load_file_with_libctx() configures OpenSSL using +The function CONF_modules_load_file_ex() configures OpenSSL using library context B file B and application name B. If B is NULL the standard OpenSSL configuration file is used. If B is NULL the standard OpenSSL application name B is @@ -27,7 +26,7 @@ used. The behaviour can be customized using B. Note that, the error suppressing can be overriden by B as described in L. -CONF_modules_load_file() is the same as CONF_modules_load_file_with_libctx() but +CONF_modules_load_file() is the same as CONF_modules_load_file_ex() but has a NULL library context. CONF_modules_load() is identical to CONF_modules_load_file() except it @@ -49,7 +48,7 @@ returns success. This is used by default in L to ignore any errors in the default system-wide configuration file, as having all OpenSSL applications fail to start when there are potentially minor issues in the file is too risky. -Applications calling B explicitly should not +Applications calling B explicitly should not generally set this flag. If B is set configuration module loading from DSOs is @@ -62,7 +61,7 @@ return an error. B if set and B is not NULL will use the default section pointed to by B if B does not exist. -By using CONF_modules_load_file_with_libctx() with appropriate flags an +By using CONF_modules_load_file_ex() with appropriate flags an application can customise application configuration to best suit its needs. In some cases the use of a configuration file is optional and its absence is not an error: in this case B would be set. @@ -87,7 +86,7 @@ return value of the failing module (this will always be zero or negative). Load a configuration file and print out any errors and exit (missing file considered fatal): - if (CONF_modules_load_file_with_libctx(libctx, NULL, NULL, 0) <= 0) { + if (CONF_modules_load_file_ex(libctx, NULL, NULL, 0) <= 0) { fprintf(stderr, "FATAL: error loading configuration file\n"); ERR_print_errors_fp(stderr); exit(1); @@ -96,8 +95,8 @@ considered fatal): Load default configuration file using the section indicated by "myapp", tolerate missing files, but exit on other errors: - if (CONF_modules_load_file_with_libctx(NULL, NULL, "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { + if (CONF_modules_load_file_ex(NULL, NULL, "myapp", + CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { fprintf(stderr, "FATAL: error loading configuration file\n"); ERR_print_errors_fp(stderr); exit(1); @@ -106,8 +105,8 @@ tolerate missing files, but exit on other errors: Load custom configuration file and section, only print warnings on error, missing configuration file ignored: - if (CONF_modules_load_file_with_libctx(NULL, "/something/app.cnf", "myapp", - CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { + if (CONF_modules_load_file_ex(NULL, "/something/app.cnf", "myapp", + CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) { fprintf(stderr, "WARNING: error loading configuration file\n"); ERR_print_errors_fp(stderr); } @@ -123,7 +122,7 @@ Load and parse configuration file manually, custom error handling: fprintf(stderr, "Error opening configuration file\n"); /* Other missing configuration file behaviour */ } else { - cnf = NCONF_new_with_libctx(libctx, NULL); + cnf = NCONF_new_ex(libctx, NULL); if (NCONF_load_fp(cnf, fp, &eline) == 0) { fprintf(stderr, "Error on line %ld of configuration file\n", eline); ERR_print_errors_fp(stderr); @@ -141,7 +140,7 @@ Load and parse configuration file manually, custom error handling: L, L, -L +L =head1 COPYRIGHT diff --git a/doc/man3/CTLOG_STORE_new.pod b/doc/man3/CTLOG_STORE_new.pod index 50d79a8bf6..25f3952be3 100644 --- a/doc/man3/CTLOG_STORE_new.pod +++ b/doc/man3/CTLOG_STORE_new.pod @@ -2,7 +2,7 @@ =head1 NAME -CTLOG_STORE_new_with_libctx, +CTLOG_STORE_new_ex, CTLOG_STORE_new, CTLOG_STORE_free, CTLOG_STORE_load_default_file, CTLOG_STORE_load_file - Create and populate a Certificate Transparency log list @@ -11,8 +11,7 @@ Create and populate a Certificate Transparency log list #include - CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); + CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq); CTLOG_STORE *CTLOG_STORE_new(void); void CTLOG_STORE_free(CTLOG_STORE *store); @@ -25,10 +24,10 @@ A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency logs). The list can be loaded from one or more files and then searched by LogID (see RFC 6962, Section 3.2, for the definition of a LogID). -CTLOG_STORE_new_with_libctx() creates an empty list of CT logs associated with +CTLOG_STORE_new_ex() creates an empty list of CT logs associated with the library context I and the property query string I. -CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_with_libctx() but with +CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_ex() but with the default library context and property query string. The CTLOG_STORE is then populated by CTLOG_STORE_load_default_file() or @@ -74,7 +73,7 @@ L =head1 HISTORY -CTLOG_STORE_new_with_libctx was added in OpenSSL 3.0. All other functions were +CTLOG_STORE_new_ex was added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/CTLOG_new.pod b/doc/man3/CTLOG_new.pod index 4bb1a1b646..edc4f7d6c3 100644 --- a/doc/man3/CTLOG_new.pod +++ b/doc/man3/CTLOG_new.pod @@ -2,8 +2,8 @@ =head1 NAME -CTLOG_new_with_libctx, CTLOG_new, CTLOG_new_from_base64, -CTLOG_new_from_base64_with_libctx, CTLOG_free, +CTLOG_new_ex, CTLOG_new, CTLOG_new_from_base64, +CTLOG_new_from_base64_ex, CTLOG_free, CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key - encapsulates information about a Certificate Transparency log @@ -11,13 +11,13 @@ encapsulates information about a Certificate Transparency log #include - CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name, - OPENSSL_CTX *libctx, const char *propq); + CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, + OPENSSL_CTX *libctx, const char *propq); CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); - int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64, - const char *name, OPENSSL_CTX *libctx, - const char *propq); + int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64, + const char *name, OPENSSL_CTX *libctx, + const char *propq); int CTLOG_new_from_base64(CTLOG ** ct_log, const char *pkey_base64, const char *name); void CTLOG_free(CTLOG *log); @@ -28,23 +28,23 @@ encapsulates information about a Certificate Transparency log =head1 DESCRIPTION -CTLOG_new_with_libctx() returns a new CTLOG that represents the Certificate +CTLOG_new_ex() returns a new CTLOG that represents the Certificate Transparency (CT) log with the given public key and associates it with the library context I and property query string I. A name must also be provided that can be used to help users identify this log. Ownership of the public key is transferred. -CTLOG_new() does the same thing as CTLOG_new_with_libctx() but with the default +CTLOG_new() does the same thing as CTLOG_new_ex() but with the default library context and the default property query string. -CTLOG_new_from_base64_with_libctx() also creates a new CTLOG, but takes the +CTLOG_new_from_base64_ex() also creates a new CTLOG, but takes the public key in base64-encoded DER form and sets the ct_log pointer to point to the new CTLOG. The base64 will be decoded and the public key parsed. The CTLOG will be associated with the given library context I and property query string I. CTLOG_new_from_base64() does the same thing as -CTLOG_new_from_base64_with_libctx() except that the default library context and +CTLOG_new_from_base64_ex() except that the default library context and property query string are used. Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the @@ -75,7 +75,7 @@ L =head1 HISTORY -The functions CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx() +The functions CTLOG_new_ex() and CTLOG_new_from_base64_ex() were added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/CT_POLICY_EVAL_CTX_new.pod b/doc/man3/CT_POLICY_EVAL_CTX_new.pod index 1266076097..7b20e5f770 100644 --- a/doc/man3/CT_POLICY_EVAL_CTX_new.pod +++ b/doc/man3/CT_POLICY_EVAL_CTX_new.pod @@ -2,7 +2,7 @@ =head1 NAME -CT_POLICY_EVAL_CTX_new_with_libctx, +CT_POLICY_EVAL_CTX_new_ex, CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free, CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert, CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer, @@ -14,8 +14,8 @@ Encapsulates the data required to evaluate whether SCTs meet a Certificate Trans #include - CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); + CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx, + const char *propq); CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void); void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx); X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx); @@ -58,12 +58,12 @@ the current time The above requirements are met using the setters described below. -CT_POLICY_EVAL_CTX_new_with_libctx() creates an empty policy evaluation context +CT_POLICY_EVAL_CTX_new_ex() creates an empty policy evaluation context and associates it with the given library context I and property query string I. CT_POLICY_EVAL_CTX_new() does the same thing as -CT_POLICY_EVAL_CTX_new_with_libctx() except that it uses the default library +CT_POLICY_EVAL_CTX_new_ex() except that it uses the default library context and property query string. The CT_POLICY_EVAL_CTX should then be populated using: @@ -116,7 +116,7 @@ found in the TLS SCT extension or OCSP response. =head1 RETURN VALUES -CT_POLICY_EVAL_CTX_new_with_libctx() and CT_POLICY_EVAL_CTX_new() will return +CT_POLICY_EVAL_CTX_new_ex() and CT_POLICY_EVAL_CTX_new() will return NULL if malloc fails. =head1 SEE ALSO @@ -125,7 +125,7 @@ L =head1 HISTORY -CT_POLICY_EVAL_CTX_new_with_libctx was added in OpenSSL 3.0. All other +CT_POLICY_EVAL_CTX_new_ex was added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0. =head1 COPYRIGHT diff --git a/doc/man3/EC_GROUP_new.pod b/doc/man3/EC_GROUP_new.pod index 918e504ce8..775a27936a 100644 --- a/doc/man3/EC_GROUP_new.pod +++ b/doc/man3/EC_GROUP_new.pod @@ -12,7 +12,7 @@ EC_GROUP_free, EC_GROUP_clear_free, EC_GROUP_new_curve_GFp, EC_GROUP_new_curve_GF2m, -EC_GROUP_new_by_curve_name_with_libctx, +EC_GROUP_new_by_curve_name_ex, EC_GROUP_new_by_curve_name, EC_GROUP_set_curve, EC_GROUP_get_curve, @@ -37,8 +37,8 @@ objects const BIGNUM *b, BN_CTX *ctx); EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); - EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx, - const char *propq, int nid); + EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq, + int nid); EC_GROUP *EC_GROUP_new_by_curve_name(int nid); int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a, @@ -153,14 +153,14 @@ Each EC_builtin_curve item has a unique integer id (I), and a human readable comment string describing the curve. In order to construct a built-in curve use the function -EC_GROUP_new_by_curve_name_with_libctx() and provide the I of the curve to +EC_GROUP_new_by_curve_name_ex() and provide the I of the curve to be constructed, the associated library context to be used in I (see L) and any property query string in I. The I value may be NULL in which case the default library context is used. The I value may also be NULL. EC_GROUP_new_by_curve_name() is the same as -EC_GROUP_new_by_curve_name_with_libctx() except that the default library context +EC_GROUP_new_by_curve_name_ex() except that the default library context is always used along with a NULL property query string. EC_GROUP_free() frees the memory associated with the EC_GROUP. @@ -198,7 +198,7 @@ L, L EC_GROUP_new() was deprecated in OpenSSL 3.0. -EC_GROUP_new_by_curve_name_with_libctx() and EC_GROUP_new_from_params() were +EC_GROUP_new_by_curve_name_ex() and EC_GROUP_new_from_params() were added in OpenSSL 3.0. =item * diff --git a/doc/man3/EC_KEY_new.pod b/doc/man3/EC_KEY_new.pod index c3e90a2474..2af07227ea 100644 --- a/doc/man3/EC_KEY_new.pod +++ b/doc/man3/EC_KEY_new.pod @@ -2,9 +2,9 @@ =head1 NAME -EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_with_libctx, +EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_ex, EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags, -EC_KEY_new_by_curve_name_with_libctx, EC_KEY_new_by_curve_name, EC_KEY_free, +EC_KEY_new_by_curve_name_ex, EC_KEY_new_by_curve_name, EC_KEY_free, EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine, EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key, @@ -20,13 +20,13 @@ EC_KEY objects #include - EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq); + EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq); EC_KEY *EC_KEY_new(void); int EC_KEY_get_flags(const EC_KEY *key); void EC_KEY_set_flags(EC_KEY *key, int flags); void EC_KEY_clear_flags(EC_KEY *key, int flags); - EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, - const char *propq, int nid); + EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq, + int nid); EC_KEY *EC_KEY_new_by_curve_name(int nid); void EC_KEY_free(EC_KEY *key); EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src); @@ -80,16 +80,16 @@ EC_KEY_new() is the same as EC_KEY_new_ex() except that the default library context is always used. Alternatively a new EC_KEY can be constructed by calling -EC_KEY_new_by_curve_name_with_libctx() and supplying the nid of the associated +EC_KEY_new_by_curve_name_ex() and supplying the nid of the associated curve, the library context to be used I (see L) and any property query string I. The I parameter may be NULL in which case the default library context is used. The I value may also be NULL. See L for a description of curve names. This function simply wraps calls to EC_KEY_new_ex() and -EC_GROUP_new_by_curve_name_with_libctx(). +EC_GROUP_new_by_curve_name_ex(). -EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_with_libctx() +EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_ex() except that the default library context is always used and a NULL property query string. @@ -177,7 +177,7 @@ EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer. =head1 RETURN VALUES -EC_KEY_new_with_libctx(), EC_KEY_new(), EC_KEY_new_by_curve_name_with_libctx(), +EC_KEY_new_ex(), EC_KEY_new(), EC_KEY_new_by_curve_name_ex(), EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly created EC_KEY object, or NULL on error. diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index 923de31a31..26f516fb35 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -2,17 +2,16 @@ =head1 NAME -EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate, +EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions =head1 SYNOPSIS #include - int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey); + int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey); int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -27,7 +26,7 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signing takes place. -EVP_DigestSignInit_with_libctx() sets up signing context I to use a digest +EVP_DigestSignInit_ex() sets up signing context I to use a digest with the name I and private key I. The name of the digest to be used is passed to the provider of the signature algorithm in use. How that provider interprets the digest name is provider specific. The provider may @@ -50,17 +49,17 @@ I is not NULL, the EVP_PKEY_CTX of the signing operation will be written to I<*pctx>: this can be used to set alternative signing options. Note that any existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if I is not assigned an -EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx() -(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx() +EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() +(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed automatically when the EVP_MD_CTX is freed). If the -EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it +EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_ex then it will use the B specified in I and the property query string specified in I. The digest I may be NULL if the signing algorithm supports it. The I argument can always be NULL. -No B will be created by EVP_DigestSignInit_with_libctx() if the +No B will be created by EVP_DigestSignInit_ex() if the passed I has already been assigned one via L. See also L. @@ -110,7 +109,7 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. -EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx() +EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex() except that the I parameter will be inferred from the supplied digest I, and I will be NULL. Where supplied the ENGINE I will be used for the signing and digest algorithm implementations. I may be NULL. @@ -184,7 +183,7 @@ L EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal() were added in OpenSSL 1.0.0. -EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0. +EVP_DigestSignInit_ex() was added in OpenSSL 3.0. EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod index f90fb2754f..b48f98e0db 100644 --- a/doc/man3/EVP_DigestVerifyInit.pod +++ b/doc/man3/EVP_DigestVerifyInit.pod @@ -2,17 +2,16 @@ =head1 NAME -EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, +EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions =head1 SYNOPSIS #include - int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey); + int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey); int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt); @@ -26,7 +25,7 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions The EVP signature routines are a high-level interface to digital signatures. Input data is digested first before the signature verification takes place. -EVP_DigestVerifyInit_with_libctx() sets up verification context B to use a +EVP_DigestVerifyInit_ex() sets up verification context B to use a digest with the name B and public key B. The name of the digest to be used is passed to the provider of the signature algorithm in use. How that provider interprets the digest name is provider specific. The provider may @@ -49,14 +48,14 @@ B is not NULL, the EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this can be used to set alternative verification options. Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed directly by the application if B is not assigned -an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx() +an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex() (which means the EVP_PKEY_CTX is created inside -EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the +EVP_DigestVerifyInit_ex() and it will be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by -EVP_DigestVerifyInit_with_libctx then it will use the B specified +EVP_DigestVerifyInit_ex then it will use the B specified in I and the property query string specified in I. -No B will be created by EVP_DigestSignInit_with_libctx() if the +No B will be created by EVP_DigestSignInit_ex() if the passed B has already been assigned one via L. See also L. @@ -102,7 +101,7 @@ Will ignore any digest provided. If RSA-PSS is used and restrictions apply then the digest must match. EVP_DigestVerifyInit() works in the same way as -EVP_DigestVerifyInit_with_libctx() except that the B parameter will be +EVP_DigestVerifyInit_ex() except that the B parameter will be inferred from the supplied digest B, and B will be NULL. Where supplied the ENGINE B will be used for the signature verification and digest algorithm implementations. B may be NULL. @@ -173,7 +172,7 @@ L EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() were added in OpenSSL 1.0.0. -EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0. +EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0. EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL 3.0. diff --git a/doc/man3/EVP_PKEY_new.pod b/doc/man3/EVP_PKEY_new.pod index 0543600704..0c941a6006 100644 --- a/doc/man3/EVP_PKEY_new.pod +++ b/doc/man3/EVP_PKEY_new.pod @@ -5,11 +5,11 @@ EVP_PKEY_new, EVP_PKEY_up_ref, EVP_PKEY_free, -EVP_PKEY_new_raw_private_key_with_libctx, +EVP_PKEY_new_raw_private_key_ex, EVP_PKEY_new_raw_private_key, -EVP_PKEY_new_raw_public_key_with_libctx, +EVP_PKEY_new_raw_public_key_ex, EVP_PKEY_new_raw_public_key, -EVP_PKEY_new_CMAC_key_with_libctx, +EVP_PKEY_new_CMAC_key_ex, EVP_PKEY_new_CMAC_key, EVP_PKEY_new_mac_key, EVP_PKEY_get_raw_private_key, @@ -24,25 +24,23 @@ EVP_PKEY_get_raw_public_key int EVP_PKEY_up_ref(EVP_PKEY *key); void EVP_PKEY_free(EVP_PKEY *key); - EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *key, - size_t keylen); + EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *key, + size_t keylen); EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, const unsigned char *key, size_t keylen); - EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *key, - size_t keylen); + EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *key, + size_t keylen); EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, const unsigned char *key, size_t keylen); - EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv, - size_t len, - const char *cipher_name, - OPENSSL_CTX *libctx, - const char *propq); + EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len, + const char *cipher_name, + OPENSSL_CTX *libctx, const char *propq); EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, const EVP_CIPHER *cipher); EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, @@ -64,7 +62,7 @@ EVP_PKEY_up_ref() increments the reference count of I. EVP_PKEY_free() decrements the reference count of I and, if the reference count is zero, frees it up. If I is NULL, nothing is done. -EVP_PKEY_new_raw_private_key_with_libctx() allocates a new B. Unless +EVP_PKEY_new_raw_private_key_ex() allocates a new B. Unless an engine should be used for the key type, a provider for the key is found using the library context I and the property query string I. The I argument indicates what kind of key this is. The value should be a @@ -78,17 +76,17 @@ appropriate for the type of the key. The public key data will be automatically derived from the given private key data (if appropriate for the algorithm type). EVP_PKEY_new_raw_private_key() does the same as -EVP_PKEY_new_raw_private_key_with_libctx() except that the default library +EVP_PKEY_new_raw_private_key_ex() except that the default library context and default property query are used instead. If I is non-NULL then the new B structure is associated with the engine I. The I argument indicates what kind of key this is. The value should be a NID for a public key algorithm that supports raw private keys, i.e. one of B, B, B, B, B or B. As for -EVP_PKEY_new_raw_private_key_with_libctx() you may also use B. +EVP_PKEY_new_raw_private_key_ex() you may also use B. -EVP_PKEY_new_raw_public_key_with_libctx() works in the same way as -EVP_PKEY_new_raw_private_key_with_libctx() except that I points to the raw +EVP_PKEY_new_raw_public_key_ex() works in the same way as +EVP_PKEY_new_raw_private_key_ex() except that I points to the raw public key data. The B structure will be initialised without any private key information. Algorithm types that support raw public keys are "X25519", "ED25519", "X448" or "ED448". @@ -99,7 +97,7 @@ data. The B structure will be initialised without any private key information. Algorithm types that support raw public keys are B, B, B or B. -EVP_PKEY_new_CMAC_key_with_libctx() works in the same way as +EVP_PKEY_new_CMAC_key_ex() works in the same way as EVP_PKEY_new_raw_private_key() except it is only for the B algorithm type. In addition to the raw private key data, it also takes a cipher algorithm to be used during creation of a CMAC in the I argument. The @@ -108,7 +106,7 @@ ciphers should not be used. Finally it also takes a library context I and property query I which are used when fetching any cryptographic algorithms which may be NULL to use the default values. -EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_with_libctx() +EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_ex() except that the default values are used for I and I. EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key(). @@ -170,9 +168,9 @@ EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(), EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1. -The EVP_PKEY_new_raw_private_key_with_libctx(), -EVP_PKEY_new_raw_public_key_with_libctx() and -EVP_PKEY_new_CMAC_key_with_libctx() functions were added in OpenSSL 3.0. +The EVP_PKEY_new_raw_private_key_ex(), +EVP_PKEY_new_raw_public_key_ex() and +EVP_PKEY_new_CMAC_key_ex() functions were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod index f6165f0468..d2959fabac 100644 --- a/doc/man3/EVP_SignInit.pod +++ b/doc/man3/EVP_SignInit.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, -EVP_SignFinal_with_libctx, EVP_SignFinal +EVP_SignFinal_ex, EVP_SignFinal - EVP signing functions =head1 SYNOPSIS @@ -12,9 +12,8 @@ EVP_SignFinal_with_libctx, EVP_SignFinal int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md, - unsigned int *s, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, + EVP_PKEY *pkey, OPENSSL_CTX *libctx, const char *propq); int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey); @@ -33,7 +32,7 @@ EVP_SignUpdate() hashes I bytes of data at I into the signature context I. This function can be called several times on the same I to include additional data. -EVP_SignFinal_with_libctx() signs the data in I using the private key +EVP_SignFinal_ex() signs the data in I using the private key I and places the signature in I. The library context I and property query I are used when creating a context to use with the key I. I must be at least C bytes in size. I is @@ -42,7 +41,7 @@ The number of bytes of data written (i.e. the length of the signature) will be written to the integer at I, at most C bytes will be written. -EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default +EVP_SignFinal() is similar to EVP_SignFinal_ex() but uses default values of NULL for the library context I and the property query I. EVP_SignInit() initializes a signing context I to use the default @@ -50,7 +49,7 @@ implementation of digest I. =head1 RETURN VALUES -EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and +EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_ex() and EVP_SignFinal() return 1 for success and 0 for failure. The error codes can be obtained by L. @@ -99,7 +98,7 @@ L, L =head1 HISTORY -The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0. +The function EVP_SignFinal_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/EVP_VerifyInit.pod b/doc/man3/EVP_VerifyInit.pod index be5332a55d..d98054bedb 100644 --- a/doc/man3/EVP_VerifyInit.pod +++ b/doc/man3/EVP_VerifyInit.pod @@ -3,7 +3,7 @@ =head1 NAME EVP_VerifyInit_ex, -EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal +EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_ex, EVP_VerifyFinal - EVP signature verification functions =head1 SYNOPSIS @@ -12,9 +12,9 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); - int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); @@ -33,12 +33,12 @@ EVP_VerifyUpdate() hashes I bytes of data at I into the verification context I. This function can be called several times on the same I to include additional data. -EVP_VerifyFinal_with_libctx() verifies the data in I using the public key +EVP_VerifyFinal_ex() verifies the data in I using the public key I and I bytes in I. The library context I and property query I are used when creating a context to use with the key I. -EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default +EVP_VerifyFinal() is similar to EVP_VerifyFinal_ex() but uses default values of NULL for the library context I and the property query I. EVP_VerifyInit() initializes verification context I to use the default @@ -49,7 +49,7 @@ implementation of digest I. EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure. -EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct +EVP_VerifyFinal_ex() and EVP_VerifyFinal() return 1 for a correct signature, 0 for failure and -1 if some other error occurred. The error codes can be obtained by L. @@ -93,7 +93,7 @@ L, L head1 HISTORY -The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0. +The function EVP_VerifyFinal_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/NCONF_new_with_libctx.pod b/doc/man3/NCONF_new_ex.pod similarity index 75% rename from doc/man3/NCONF_new_with_libctx.pod rename to doc/man3/NCONF_new_ex.pod index b976d7f74c..2de14b4f4e 100644 --- a/doc/man3/NCONF_new_with_libctx.pod +++ b/doc/man3/NCONF_new_ex.pod @@ -2,14 +2,14 @@ =head1 NAME -NCONF_new_with_libctx, NCONF_new, NCONF_free, NCONF_default, NCONF_load +NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load - functionality to Load and parse configuration files manually =head1 SYNOPSIS #include - CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth); + CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth); CONF *NCONF_new(CONF_METHOD *meth); void NCONF_free(CONF *conf); CONF_METHOD *NCONF_default(void); @@ -17,11 +17,11 @@ NCONF_new_with_libctx, NCONF_new, NCONF_free, NCONF_default, NCONF_load =head1 DESCRIPTION -NCONF_new_with_libctx() creates a new CONF object in heap memory and assigns to +NCONF_new_ex() creates a new CONF object in heap memory and assigns to it a context I that can be used during loading. If the method table I is set to NULL then the default value of NCONF_default() is used. -NCONF_new() is similar to NCONF_new_with_libctx() but sets the I to NULL. +NCONF_new() is similar to NCONF_new_ex() but sets the I to NULL. NCONF_free() frees the data associated with I and then frees the I object. @@ -36,7 +36,7 @@ NCONF_default() gets the default method table for processing a configuration fil NCONF_load() returns 1 on success or 0 on error. -NCONF_new_with_libctx() and NCONF_new() return a newly created I object +NCONF_new_ex() and NCONF_new() return a newly created I object or NULL if an error occurs. =head1 SEE ALSO @@ -45,7 +45,7 @@ L, =head1 HISTORY -NCONF_new_with_libctx() was added in OpenSSL 3.0. +NCONF_new_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/OSSL_STORE_LOADER.pod b/doc/man3/OSSL_STORE_LOADER.pod index 12e3748c47..e8da59392e 100644 --- a/doc/man3/OSSL_STORE_LOADER.pod +++ b/doc/man3/OSSL_STORE_LOADER.pod @@ -14,13 +14,13 @@ OSSL_STORE_LOADER_do_all_provided, OSSL_STORE_LOADER_names_do_all, OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new, OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme, -OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_with_libctx, +OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_ex, OSSL_STORE_LOADER_set_attach, OSSL_STORE_LOADER_set_ctrl, OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find, OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof, OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close, OSSL_STORE_register_loader, OSSL_STORE_unregister_loader, -OSSL_STORE_open_fn, OSSL_STORE_open_with_libctx_fn, +OSSL_STORE_open_fn, OSSL_STORE_open_ex_fn, OSSL_STORE_attach_fn, OSSL_STORE_ctrl_fn, OSSL_STORE_expect_fn, OSSL_STORE_find_fn, OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn, @@ -69,11 +69,11 @@ L: const char *uri, const UI_METHOD *ui_method, void *ui_data); int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader, OSSL_STORE_open_fn store_open_function); - typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn)( + typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn)( const char *uri, const UI_METHOD *ui_method, void *ui_data); - int OSSL_STORE_LOADER_set_open_with_libctx + int OSSL_STORE_LOADER_set_open_ex (OSSL_STORE_LOADER *store_loader, - OSSL_STORE_open_with_libctx_fn store_open_with_libctx_function); + OSSL_STORE_open_ex_fn store_open_ex_function); typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn) (const OSSL_STORE_LOADER *loader, BIO *bio, OPENSSL_CTX *libctx, const char *propq, @@ -113,7 +113,7 @@ L: =head1 DESCRIPTION B is a method for OSSL_STORE loaders, which implement -OSSL_STORE_open(), OSSL_STORE_open_with_libctx(), OSSL_STORE_load(), +OSSL_STORE_open(), OSSL_STORE_open_ex(), OSSL_STORE_load(), OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for specific storage schemes. @@ -156,7 +156,7 @@ provider implementations, see L. B is a type template, to be defined by each loader using C. -B, B, +B, B, B, B, B, B, B, and B are the function pointer types used within a STORE loader. @@ -164,9 +164,9 @@ The functions pointed at define the functionality of the given loader. =over 4 -=item B and B +=item B and B -B takes a URI and is expected to +B takes a URI and is expected to interpret it in the best manner possible according to the scheme the loader implements. It also takes a B and associated data, to be used any time something needs to be prompted for, as well as a @@ -178,13 +178,13 @@ see above), and to return it. If something goes wrong, this function is expected to return NULL. B does the same thing as -B but uses NULL for the library +B but uses NULL for the library context I and property query I. =item B This function takes a B, otherwise works like -B. +B. =item B @@ -274,7 +274,7 @@ OSSL_STORE_LOADER_get0_scheme() returns the scheme of the I. OSSL_STORE_LOADER_set_open() sets the opener function for the I. -OSSL_STORE_LOADER_set_open_with_libctx() sets the opener with library context +OSSL_STORE_LOADER_set_open_ex() sets the opener with library context function for the I. OSSL_STORE_LOADER_set_attach() sets the attacher function for the @@ -299,7 +299,7 @@ OSSL_STORE_LOADER_free() frees the given I. OSSL_STORE_register_loader() register the given I and thereby makes it available for use with OSSL_STORE_open(), -OSSL_STORE_open_with_libctx(), OSSL_STORE_load(), OSSL_STORE_eof() +OSSL_STORE_open_ex(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(). OSSL_STORE_unregister_loader() unregister the store loader for the given @@ -326,16 +326,16 @@ otherwise 0. OSSL_STORE_LOADER_number() returns an integer. The functions with the types B, -B, B, +B, B, B, B, B and B have the same return values as OSSL_STORE_open(), -OSSL_STORE_open_with_libctx(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), +OSSL_STORE_open_ex(), OSSL_STORE_ctrl(), OSSL_STORE_expect(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively. OSSL_STORE_LOADER_new() returns a pointer to a B on success, or NULL on failure. -OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_open_with_libctx(), +OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_open_ex(), OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(), OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1 on success, or 0 on failure. @@ -358,7 +358,7 @@ OSSL_STORE_LOADER_properties(), OSSL_STORE_LOADER_is_a(), OSSL_STORE_LOADER_number(), OSSL_STORE_LOADER_do_all_provided() and OSSL_STORE_LOADER_names_do_all() were added in OpenSSL 3.0. -OSSL_STORE_open_with_libctx_fn() was added in OpenSSL 3.0. +OSSL_STORE_open_ex_fn() was added in OpenSSL 3.0. B, B, OSSL_STORE_LOADER_new(), OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(), diff --git a/doc/man3/OSSL_STORE_open.pod b/doc/man3/OSSL_STORE_open.pod index 4269dea20a..cd6f7cac74 100644 --- a/doc/man3/OSSL_STORE_open.pod +++ b/doc/man3/OSSL_STORE_open.pod @@ -3,7 +3,7 @@ =head1 NAME OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, -OSSL_STORE_open, OSSL_STORE_open_with_libctx, +OSSL_STORE_open, OSSL_STORE_open_ex, OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, OSSL_STORE_close - Types and functions to read objects from a URI @@ -22,11 +22,10 @@ OSSL_STORE_error, OSSL_STORE_close OSSL_STORE_post_process_info_fn post_process, void *post_process_data); OSSL_STORE_CTX * - OSSL_STORE_open_with_libctx(const char *uri, - OPENSSL_CTX *libctx, const char *propq, - const UI_METHOD *ui_method, void *ui_data, - OSSL_STORE_post_process_info_fn post_process, - void *post_process_data); + OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq, + const UI_METHOD *ui_method, void *ui_data, + OSSL_STORE_post_process_info_fn post_process, + void *post_process_data); OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx); int OSSL_STORE_eof(OSSL_STORE_CTX *ctx); @@ -54,13 +53,13 @@ described in L. =head2 Types B is a context variable that holds all the internal -information for OSSL_STORE_open(), OSSL_STORE_open_with_libctx(), +information for OSSL_STORE_open(), OSSL_STORE_open_ex(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work together. =head2 Functions -OSSL_STORE_open_with_libctx() takes a uri or path I, password UI method +OSSL_STORE_open_ex() takes a uri or path I, password UI method I with associated data I, and post processing callback I with associated data I, a library context I with an associated property query I, @@ -76,7 +75,7 @@ will cause OSSL_STORE_load() to start its process over with loading the next object, until I returns something other than NULL, or the end of data is reached as indicated by OSSL_STORE_eof(). -OSSL_STORE_open() is similar to OSSL_STORE_open_with_libctx() but uses NULL for +OSSL_STORE_open() is similar to OSSL_STORE_open_ex() but uses NULL for the library context I and property query I. OSSL_STORE_ctrl() takes a B, and command number I and @@ -159,7 +158,7 @@ L =head1 HISTORY -OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0. +OSSL_STORE_open_ex() was added in OpenSSL 3.0. B, OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() @@ -168,7 +167,7 @@ were added in OpenSSL 1.1.1. Handling of NULL I argument for OSSL_STORE_close() was introduced in OpenSSL 1.1.1h. -OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0. +OSSL_STORE_open_ex() was added in OpenSSL 3.0. OSSL_STORE_ctrl() and OSSL_STORE_vctrl() were deprecated in OpenSSL 3.0. diff --git a/doc/man3/PEM_X509_INFO_read_bio_ex.pod b/doc/man3/PEM_X509_INFO_read_bio_ex.pod new file mode 100644 index 0000000000..e8eb00aad0 --- /dev/null +++ b/doc/man3/PEM_X509_INFO_read_bio_ex.pod @@ -0,0 +1,62 @@ +=pod + +=head1 NAME + +PEM_X509_INFO_read_bio_ex, PEM_X509_INFO_read_ex +- read a PEM-encoded data structure from a bio into one or more B +object's + +=head1 SYNOPSIS + + #include + + STACK_OF(X509_INFO) *PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, + pem_password_cb *cb, void *u, + OPENSSL_CTX *libctx, + const char *propq); + + STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bio, + STACK_OF(X509_INFO) *sk, + pem_password_cb *cb, void *u, + OPENSSL_CTX *libctx, + const char *propq); + +=head1 DESCRIPTION + +The loaded B object's can contain a CRL, a certificate and a +corresponding private key. + +PEM_X509_INFO_read_ex() loads the B objects from a file I. +The library context I and property query are used for fetching +algorithms from providers. + +PEM_X509_INFO_read_bio_ex loads the B objects using a bio +I. The library context I and property query are used for +fetching algorithms from providers. + + +=head1 RETURN VALUES + +PEM_X509_INFO_read_ex() and PEM_X509_INFO_read_bio_ex() return +a stack of B objects or NULL on failure. + +=head1 SEE ALSO + +L, +L + +=head1 HISTORY + +The functions PEM_X509_INFO_read_ex() and +PEM_X509_INFO_read_bio_ex() were added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/PEM_X509_INFO_read_bio_with_libctx.pod b/doc/man3/PEM_X509_INFO_read_bio_with_libctx.pod deleted file mode 100644 index 6c729109e3..0000000000 --- a/doc/man3/PEM_X509_INFO_read_bio_with_libctx.pod +++ /dev/null @@ -1,65 +0,0 @@ -=pod - -=head1 NAME - -PEM_X509_INFO_read_bio_with_libctx, PEM_X509_INFO_read_with_libctx -- read a PEM-encoded data structure from a bio into one or more B -object's - -=head1 SYNOPSIS - - #include - - STACK_OF(X509_INFO) *PEM_X509_INFO_read_with_libctx(FILE *fp, - STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, - void *u, - OPENSSL_CTX *libctx, - const char *propq); - - STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_with_libctx(BIO *bio, - STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, - void *u, - OPENSSL_CTX *libctx, - const char *propq); - -=head1 DESCRIPTION - -The loaded B object's can contain a CRL, a certificate and a -corresponding private key. - -PEM_X509_INFO_read_with_libctx() loads the B objects from a file I. -The library context I and property query are used for fetching -algorithms from providers. - -PEM_X509_INFO_read_bio_with_libctx loads the B objects using a bio -I. The library context I and property query are used for -fetching algorithms from providers. - - -=head1 RETURN VALUES - -PEM_X509_INFO_read_with_libctx() and PEM_X509_INFO_read_bio_with_libctx() return -a stack of B objects or NULL on failure. - -=head1 SEE ALSO - -L, -L - -=head1 HISTORY - -The functions PEM_X509_INFO_read_with_libctx() and -PEM_X509_INFO_read_bio_with_libctx() were added in OpenSSL 3.0. - -=head1 COPYRIGHT - -Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. - -Licensed under the Apache License 2.0 (the "License"). You may not use -this file except in compliance with the License. You can obtain a copy -in the file LICENSE in the source distribution or at -L. - -=cut diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod index 26f03b5b0d..ddfde85988 100644 --- a/doc/man3/PEM_read_bio_PrivateKey.pod +++ b/doc/man3/PEM_read_bio_PrivateKey.pod @@ -436,7 +436,7 @@ most of them are set to 0 or NULL. To read a certificate with a library context in PEM format from a BIO: - X509 *x = X509_new_with_libctx(libctx, NULL); + X509 *x = X509_new_ex(libctx, NULL); if (x == NULL) /* Error */ diff --git a/doc/man3/PKCS7_encrypt.pod b/doc/man3/PKCS7_encrypt.pod index 36d638c8c6..ff23d1b554 100644 --- a/doc/man3/PKCS7_encrypt.pod +++ b/doc/man3/PKCS7_encrypt.pod @@ -2,22 +2,22 @@ =head1 NAME -PKCS7_encrypt_with_libctx, PKCS7_encrypt +PKCS7_encrypt_ex, PKCS7_encrypt - create a PKCS#7 envelopedData structure =head1 SYNOPSIS #include - PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in, - const EVP_CIPHER *cipher, int flags, - OPENSSL_CTX *libctx, const char *propq); + PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in, + const EVP_CIPHER *cipher, int flags, + OPENSSL_CTX *libctx, const char *propq); PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); =head1 DESCRIPTION -PKCS7_encrypt_with_libctx() creates and returns a PKCS#7 envelopedData structure. +PKCS7_encrypt_ex() creates and returns a PKCS#7 envelopedData structure. I is a list of recipient certificates. I is the content to be encrypted. I is the symmetric cipher to use. I is an optional set of flags. The library context I and the property query I are used @@ -66,12 +66,12 @@ PEM_write_bio_PKCS7_stream() finalize the structure. Alternatively finalization can be performed by obtaining the streaming ASN1 B directly using BIO_new_PKCS7(). -PKCS7_encrypt() is similar to PKCS7_encrypt_with_libctx() but uses default +PKCS7_encrypt() is similar to PKCS7_encrypt_ex() but uses default values of NULL for the library context I and the property query I. =head1 RETURN VALUES -PKCS7_encrypt_with_libctx() and PKCS7_encrypt() return either a PKCS7 structure +PKCS7_encrypt_ex() and PKCS7_encrypt() return either a PKCS7 structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3). =head1 SEE ALSO @@ -80,7 +80,7 @@ L, L =head1 HISTORY -The function PKCS7_encrypt_with_libctx() was added in OpenSSL 3.0. +The function PKCS7_encrypt_ex() was added in OpenSSL 3.0. The B flag was added in OpenSSL 1.0.0. diff --git a/doc/man3/PKCS7_sign.pod b/doc/man3/PKCS7_sign.pod index c5d6fd73c3..43a76e7e59 100644 --- a/doc/man3/PKCS7_sign.pod +++ b/doc/man3/PKCS7_sign.pod @@ -2,22 +2,22 @@ =head1 NAME -PKCS7_sign_with_libctx, PKCS7_sign +PKCS7_sign_ex, PKCS7_sign - create a PKCS#7 signedData structure =head1 SYNOPSIS #include - PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, BIO *data, int flags, - OPENSSL_CTX *libctx, const char *propq); + PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, + BIO *data, int flags, OPENSSL_CTX *libctx, + const char *propq); PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); =head1 DESCRIPTION -PKCS7_sign_with_libctx() creates and returns a PKCS#7 signedData structure. +PKCS7_sign_ex() creates and returns a PKCS#7 signedData structure. I is the certificate to sign with, Ipkey> is the corresponding private key. I is an optional additional set of certificates to include in the PKCS#7 structure (for example any intermediate CAs in the chain). The @@ -94,7 +94,7 @@ PKCS#7 structure is output. In versions of OpenSSL before 1.0.0 the B and B parameters must B be NULL. -PKCS7_sign() is similar to PKCS7_sign_with_libctx() but uses default values of +PKCS7_sign() is similar to PKCS7_sign_ex() but uses default values of NULL for the library context I and the property query I. =head1 BUGS @@ -103,7 +103,7 @@ Some advanced attributes such as counter signatures are not supported. =head1 RETURN VALUES -PKCS7_sign_with_libctx() and PKCS7_sign() return either a valid PKCS7 structure +PKCS7_sign_ex() and PKCS7_sign() return either a valid PKCS7 structure or NULL if an error occurred. The error can be obtained from ERR_get_error(3). =head1 SEE ALSO @@ -112,7 +112,7 @@ L, L =head1 HISTORY -The function PKCS7_sign_with_libctx() was added in OpenSSL 3.0. +The function PKCS7_sign_ex() was added in OpenSSL 3.0. The B flag, and the ability for B, B, and B parameters to be B were added in OpenSSL 1.0.0. diff --git a/doc/man3/SMIME_read_ASN1.pod b/doc/man3/SMIME_read_ASN1.pod index 5b995f1aee..189c1ef5e4 100644 --- a/doc/man3/SMIME_read_ASN1.pod +++ b/doc/man3/SMIME_read_ASN1.pod @@ -59,7 +59,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/doc/man3/SMIME_read_CMS.pod b/doc/man3/SMIME_read_CMS.pod index c7ca845eee..36ef6dc846 100644 --- a/doc/man3/SMIME_read_CMS.pod +++ b/doc/man3/SMIME_read_CMS.pod @@ -27,7 +27,7 @@ error occurred. SMIME_read_CMS_ex() is similar to SMIME_read_CMS() but can optionally supply a previously created I CMS_ContentInfo object. If I is NULL then it is identical to SMIME_read_CMS(). -To create a I object use L. +To create a I object use L. =head1 NOTES diff --git a/doc/man3/SMIME_read_PKCS7.pod b/doc/man3/SMIME_read_PKCS7.pod index 791c49ff75..c2d422c512 100644 --- a/doc/man3/SMIME_read_PKCS7.pod +++ b/doc/man3/SMIME_read_PKCS7.pod @@ -27,7 +27,7 @@ error occurred. SMIME_read_PKCS7_ex() is similar to SMIME_read_PKCS7() but can optionally supply a previously created I PKCS#7 object. If I is NULL then it is identical to SMIME_read_PKCS7(). -To create a I object use L. +To create a I object use L. =head1 NOTES diff --git a/doc/man3/SMIME_write_ASN1.pod b/doc/man3/SMIME_write_ASN1.pod index 5f46ce1b45..41e2e557b6 100644 --- a/doc/man3/SMIME_write_ASN1.pod +++ b/doc/man3/SMIME_write_ASN1.pod @@ -2,17 +2,17 @@ =head1 NAME -SMIME_write_ASN1_with_libctx, SMIME_write_ASN1 +SMIME_write_ASN1_ex, SMIME_write_ASN1 - convert structure to S/MIME format =head1 SYNOPSIS #include - int SMIME_write_ASN1_with_libctx(BIO *out, - ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, - STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it, - OPENSSL_CTX *libctx, const char *propq); + int SMIME_write_ASN1_ex(BIO *out, ASN1_VALUE *val, BIO *data, int flags, + int ctype_nid, int econt_nid, + STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it, + OPENSSL_CTX *libctx, const char *propq); int SMIME_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, @@ -20,7 +20,7 @@ SMIME_write_ASN1_with_libctx, SMIME_write_ASN1 =head1 DESCRIPTION -SMIME_write_ASN1_with_libctx() adds the appropriate MIME headers to an object +SMIME_write_ASN1_ex() adds the appropriate MIME headers to an object structure to produce an S/MIME message. I is the BIO to write the data to. I is the appropriate ASN1_VALUE @@ -61,7 +61,7 @@ content where the content is absent and DER format is used. =head1 RETURN VALUES -SMIME_write_ASN1_with_libctx() and SMIME_write_ASN1() return 1 for success or +SMIME_write_ASN1_ex() and SMIME_write_ASN1() return 1 for success or 0 for failure. =head1 SEE ALSO diff --git a/doc/man3/SSL_CTX_new.pod b/doc/man3/SSL_CTX_new.pod index 5e50f1b449..e15f3e1da2 100644 --- a/doc/man3/SSL_CTX_new.pod +++ b/doc/man3/SSL_CTX_new.pod @@ -3,7 +3,7 @@ =head1 NAME TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method, -SSL_CTX_new, SSL_CTX_new_with_libctx, SSL_CTX_up_ref, SSLv3_method, +SSL_CTX_new, SSL_CTX_new_ex, SSL_CTX_up_ref, SSLv3_method, SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method, TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method, TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method, @@ -18,8 +18,8 @@ functions #include - SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, - const SSL_METHOD *method); + SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq, + const SSL_METHOD *method); SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); int SSL_CTX_up_ref(SSL_CTX *ctx); @@ -73,7 +73,7 @@ functions =head1 DESCRIPTION -SSL_CTX_new_with_libctx() creates a new B object as a framework to +SSL_CTX_new_ex() creates a new B object as a framework to establish TLS/SSL or DTLS enabled connections using the library context I (see L). Any cryptographic algorithms that are used by any B objects created from this B will be fetched from the @@ -81,7 +81,7 @@ I using the property query string I (see L. Either or both the I or I parameters may be NULL. -SSL_CTX_new() does the same as SSL_CTX_new_with_libctx() except that the default +SSL_CTX_new() does the same as SSL_CTX_new_ex() except that the default library context is used and no property query string is specified. An B object is reference counted. Creating an B object for the @@ -224,7 +224,7 @@ and TLS_client_method() functions were added in OpenSSL 1.1.0. All version-specific methods were deprecated in OpenSSL 1.1.0. -SSL_CTX_new_with_libctx() was added in OpenSSL 3.0. +SSL_CTX_new_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/SSL_load_client_CA_file.pod b/doc/man3/SSL_load_client_CA_file.pod index c3f0cd80f9..c3b20d9b6b 100644 --- a/doc/man3/SSL_load_client_CA_file.pod +++ b/doc/man3/SSL_load_client_CA_file.pod @@ -2,7 +2,7 @@ =head1 NAME -SSL_load_client_CA_file_with_libctx, SSL_load_client_CA_file, +SSL_load_client_CA_file_ex, SSL_load_client_CA_file, SSL_add_file_cert_subjects_to_stack, SSL_add_dir_cert_subjects_to_stack, SSL_add_store_cert_subjects_to_stack @@ -12,9 +12,9 @@ SSL_add_store_cert_subjects_to_stack #include - STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file, - OPENSSL_CTX *libctx, - const char *propq); + STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, + OPENSSL_CTX *libctx, + const char *propq); STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, @@ -26,11 +26,11 @@ SSL_add_store_cert_subjects_to_stack =head1 DESCRIPTION -SSL_load_client_CA_file_with_libctx() reads certificates from I and returns +SSL_load_client_CA_file_ex() reads certificates from I and returns a STACK_OF(X509_NAME) with the subject names found. The library context I and property query are used when fetching algorithms from providers. -SSL_load_client_CA_file() is similar to SSL_load_client_CA_file_with_libctx() +SSL_load_client_CA_file() is similar to SSL_load_client_CA_file_ex() but uses NULL for the library context I and property query . SSL_add_file_cert_subjects_to_stack() reads certificates from I, @@ -91,7 +91,7 @@ L =head1 HISTORY -SSL_load_client_CA_file_with_libctx() and SSL_add_store_cert_subjects_to_stack() +SSL_load_client_CA_file_ex() and SSL_add_store_cert_subjects_to_stack() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/X509_LOOKUP.pod b/doc/man3/X509_LOOKUP.pod index a89b94aa48..69d6315ffe 100644 --- a/doc/man3/X509_LOOKUP.pod +++ b/doc/man3/X509_LOOKUP.pod @@ -6,13 +6,13 @@ X509_LOOKUP, X509_LOOKUP_TYPE, X509_LOOKUP_new, X509_LOOKUP_free, X509_LOOKUP_init, X509_LOOKUP_shutdown, X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data, -X509_LOOKUP_ctrl_with_libctx, X509_LOOKUP_ctrl, -X509_LOOKUP_load_file_with_libctx, X509_LOOKUP_load_file, +X509_LOOKUP_ctrl_ex, X509_LOOKUP_ctrl, +X509_LOOKUP_load_file_ex, X509_LOOKUP_load_file, X509_LOOKUP_add_dir, -X509_LOOKUP_add_store_with_libctx, X509_LOOKUP_add_store, -X509_LOOKUP_load_store_with_libctx, X509_LOOKUP_load_store, +X509_LOOKUP_add_store_ex, X509_LOOKUP_add_store, +X509_LOOKUP_load_store_ex, X509_LOOKUP_load_store, X509_LOOKUP_get_store, -X509_LOOKUP_by_subject_with_libctx, X509_LOOKUP_by_subject, +X509_LOOKUP_by_subject_ex, X509_LOOKUP_by_subject, X509_LOOKUP_by_issuer_serial, X509_LOOKUP_by_fingerprint, X509_LOOKUP_by_alias - OpenSSL certificate lookup mechanisms @@ -33,29 +33,28 @@ X509_LOOKUP_by_alias int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data); void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx); - int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret, OPENSSL_CTX *libctx, - const char *propq); + int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, + char **ret, OPENSSL_CTX *libctx, const char *propq); int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); - int X509_LOOKUP_load_file_with_libctx(X509_LOOKUP *ctx, char *name, long type, - OPENSSL_CTX *libctx, const char *propq); + int X509_LOOKUP_load_file_ex(X509_LOOKUP *ctx, char *name, long type, + OPENSSL_CTX *libctx, const char *propq); int X509_LOOKUP_load_file(X509_LOOKUP *ctx, char *name, long type); - int X509_LOOKUP_load_file_with_libctx(X509_LOOKUP *ctx, char *name, long type, - OPENSSL_CTX *libctx, const char *propq); + int X509_LOOKUP_load_file_ex(X509_LOOKUP *ctx, char *name, long type, + OPENSSL_CTX *libctx, const char *propq); int X509_LOOKUP_add_dir(X509_LOOKUP *ctx, char *name, long type); - int X509_LOOKUP_add_store_with_libctx(X509_LOOKUP *ctx, char *uri, - OPENSSL_CTX *libctx, const char *propq); + int X509_LOOKUP_add_store_ex(X509_LOOKUP *ctx, char *uri, OPENSSL_CTX *libctx, + const char *propq); int X509_LOOKUP_add_store(X509_LOOKUP *ctx, char *uri); - int X509_LOOKUP_load_store_with_libctx(X509_LOOKUP *ctx, char *uri, - OPENSSL_CTX *libctx, const char *propq); + int X509_LOOKUP_load_store_ex(X509_LOOKUP *ctx, char *uri, OPENSSL_CTX *libctx, + const char *propq); int X509_LOOKUP_load_store(X509_LOOKUP *ctx, char *uri); X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx); - int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq); + int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, + const X509_NAME *name, X509_OBJECT *ret, + OPENSSL_CTX *libctx, const char *propq); int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret); int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, @@ -91,7 +90,7 @@ X509_LOOKUP_set_method_data() and X509_LOOKUP_get_method_data() associates and retrieves a pointer to application data to and from the given B, respectively. -X509_LOOKUP_ctrl_with_libctx() is used to set or get additional data to or from +X509_LOOKUP_ctrl_ex() is used to set or get additional data to or from a B structure or its associated L. The arguments of the control command are passed via I and I, its return value via I<*ret>. The library context I and property @@ -102,17 +101,17 @@ wrapped by a macro call, see below. The control Is known to OpenSSL are discussed in more depth in L. -X509_LOOKUP_ctrl() is similar to X509_LOOKUP_ctrl_with_libctx() but +X509_LOOKUP_ctrl() is similar to X509_LOOKUP_ctrl_ex() but uses NULL for the library context I and property query . -X509_LOOKUP_load_file_with_libctx() passes a filename to be loaded immediately +X509_LOOKUP_load_file_ex() passes a filename to be loaded immediately into the associated B. The library context I and property query are used when fetching algorithms from providers. I indicates what type of object is expected. This can only be used with a lookup using the implementation L. -X509_LOOKUP_load_file() is similar to X509_LOOKUP_load_file_with_libctx() but +X509_LOOKUP_load_file() is similar to X509_LOOKUP_load_file_ex() but uses NULL for the library context I and property query . X509_LOOKUP_add_dir() passes a directory specification from which @@ -122,31 +121,31 @@ I indicates what type of object is expected. This can only be used with a lookup using the implementation L. -X509_LOOKUP_add_store_with_libctx() passes a URI for a directory-like structure +X509_LOOKUP_add_store_ex() passes a URI for a directory-like structure from which containers with certificates and CRLs are loaded on demand into the associated B. The library context I and property query are used when fetching algorithms from providers. -X509_LOOKUP_add_store() is similar to X509_LOOKUP_add_store_with_libctx() but +X509_LOOKUP_add_store() is similar to X509_LOOKUP_add_store_ex() but uses NULL for the library context I and property query . -X509_LOOKUP_load_store_with_libctx() passes a URI for a single container from +X509_LOOKUP_load_store_ex() passes a URI for a single container from which certificates and CRLs are immediately loaded into the associated B. The library context I and property query are used when fetching algorithms from providers. These functions can only be used with a lookup using the implementation L. -X509_LOOKUP_load_store() is similar to X509_LOOKUP_load_store_with_libctx() but +X509_LOOKUP_load_store() is similar to X509_LOOKUP_load_store_ex() but uses NULL for the library context I and property query . -X509_LOOKUP_load_file_with_libctx(), X509_LOOKUP_load_file(), +X509_LOOKUP_load_file_ex(), X509_LOOKUP_load_file(), X509_LOOKUP_add_dir(), -X509_LOOKUP_add_store_with_libctx() X509_LOOKUP_add_store(), -X509_LOOKUP_load_store_with_libctx() and X509_LOOKUP_load_store() are +X509_LOOKUP_add_store_ex() X509_LOOKUP_add_store(), +X509_LOOKUP_load_store_ex() and X509_LOOKUP_load_store() are implemented as macros that use X509_LOOKUP_ctrl(). -X509_LOOKUP_by_subject_with_libctx(), X509_LOOKUP_by_subject(), +X509_LOOKUP_by_subject_ex(), X509_LOOKUP_by_subject(), X509_LOOKUP_by_issuer_serial(), X509_LOOKUP_by_fingerprint(), and X509_LOOKUP_by_alias() look up certificates and CRLs in the L associated with the B using different criteria, where the looked up @@ -164,7 +163,7 @@ X509_LOOKUP_ctrl() Is: =item B -This is the command that X509_LOOKUP_load_file_with_libctx() and +This is the command that X509_LOOKUP_load_file_ex() and X509_LOOKUP_load_file() use. The filename is passed in I, and the type in I. @@ -176,13 +175,13 @@ I. =item B -This is the command that X509_LOOKUP_add_store_with_libctx() and +This is the command that X509_LOOKUP_add_store_ex() and X509_LOOKUP_add_store() use. The URI is passed in I. =item B -This is the command that X509_LOOKUP_load_store_with_libctx() and +This is the command that X509_LOOKUP_load_store_ex() and X509_LOOKUP_load_store() use. The URI is passed in I. @@ -206,7 +205,7 @@ error. X509_LOOKUP_get_store() returns a B pointer if there is one, otherwise NULL. -X509_LOOKUP_by_subject_with_libctx(), X509_LOOKUP_by_subject(), +X509_LOOKUP_by_subject_ex(), X509_LOOKUP_by_subject(), X509_LOOKUP_by_issuer_serial(), X509_LOOKUP_by_fingerprint(), and X509_LOOKUP_by_alias() all return 0 if there is no B or that method doesn't implement the corresponding function. @@ -220,11 +219,11 @@ L, L =head1 HISTORY -The functions X509_LOOKUP_by_subject_with_libctx() and -X509_LOOKUP_ctrl_with_libctx() were added in OpenSSL 3.0. +The functions X509_LOOKUP_by_subject_ex() and +X509_LOOKUP_ctrl_ex() were added in OpenSSL 3.0. -The macros X509_LOOKUP_load_file_with_libctx(), -X509_LOOKUP_load_store_with_libctx() and 509_LOOKUP_add_store_with_libctx() were +The macros X509_LOOKUP_load_file_ex(), +X509_LOOKUP_load_store_ex() and 509_LOOKUP_add_store_ex() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/X509_LOOKUP_hash_dir.pod b/doc/man3/X509_LOOKUP_hash_dir.pod index 7077b9b59e..788045fb4b 100644 --- a/doc/man3/X509_LOOKUP_hash_dir.pod +++ b/doc/man3/X509_LOOKUP_hash_dir.pod @@ -3,9 +3,9 @@ =head1 NAME X509_LOOKUP_hash_dir, X509_LOOKUP_file, X509_LOOKUP_store, -X509_load_cert_file_with_libctx, X509_load_cert_file, +X509_load_cert_file_ex, X509_load_cert_file, X509_load_crl_file, -X509_load_cert_crl_file_with_libctx, X509_load_cert_crl_file +X509_load_cert_crl_file_ex, X509_load_cert_crl_file - Default OpenSSL certificate lookup methods =head1 SYNOPSIS @@ -16,14 +16,12 @@ X509_load_cert_crl_file_with_libctx, X509_load_cert_crl_file X509_LOOKUP_METHOD *X509_LOOKUP_file(void); X509_LOOKUP_METHOD *X509_LOOKUP_store(void); - int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, - int type, OPENSSL_CTX *libctx, - const char *propq); + int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, + OPENSSL_CTX *libctx, const char *propq); int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); - int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file, - int type, OPENSSL_CTX *libctx, - const char *propq); + int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type, + OPENSSL_CTX *libctx, const char *propq); int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); =head1 DESCRIPTION @@ -151,8 +149,8 @@ L =head1 HISTORY -The functions X509_load_cert_file_with_libctx(), -X509_load_cert_crl_file_with_libctx() and X509_LOOKUP_store() were added in +The functions X509_load_cert_file_ex(), +X509_load_cert_crl_file_ex() and X509_LOOKUP_store() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/X509_STORE_CTX_new.pod b/doc/man3/X509_STORE_CTX_new.pod index e34be08b89..96060fcc7e 100644 --- a/doc/man3/X509_STORE_CTX_new.pod +++ b/doc/man3/X509_STORE_CTX_new.pod @@ -2,7 +2,7 @@ =head1 NAME -X509_STORE_CTX_new_with_libctx, X509_STORE_CTX_new, X509_STORE_CTX_cleanup, +X509_STORE_CTX_new_ex, X509_STORE_CTX_new, X509_STORE_CTX_cleanup, X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack, X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls, X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain, @@ -18,8 +18,7 @@ X509_STORE_CTX_verify_fn #include - X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); + X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq); X509_STORE_CTX *X509_STORE_CTX_new(void); void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); void X509_STORE_CTX_free(X509_STORE_CTX *ctx); @@ -51,13 +50,13 @@ X509_STORE_CTX_verify_fn These functions initialise an B structure for subsequent use by X509_verify_cert(). -X509_STORE_CTX_new_with_libctx() returns a newly initialised B +X509_STORE_CTX_new_ex() returns a newly initialised B structure associated with the specified library context I and property query string I. Any cryptographic algorithms fetched while performing processing with the X509_STORE_CTX will use that library context and property query string. -X509_STORE_CTX_new() is the same as X509_STORE_CTX_new_with_libctx() except that +X509_STORE_CTX_new() is the same as X509_STORE_CTX_new_ex() except that the default library context and a NULL property query string are used. X509_STORE_CTX_cleanup() internally cleans up an B structure. @@ -170,7 +169,7 @@ L The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0. The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0. -The X509_STORE_CTX_new_with_libctx() function was added in OpenSSL 3.0. +The X509_STORE_CTX_new_ex() function was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/X509_STORE_add_cert.pod b/doc/man3/X509_STORE_add_cert.pod index 011cd94711..5f16ee09b9 100644 --- a/doc/man3/X509_STORE_add_cert.pod +++ b/doc/man3/X509_STORE_add_cert.pod @@ -6,10 +6,10 @@ X509_STORE, X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth, X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust, X509_STORE_add_lookup, -X509_STORE_load_file_with_libctx, X509_STORE_load_file, X509_STORE_load_path, -X509_STORE_load_store_with_libctx, X509_STORE_load_store, -X509_STORE_set_default_paths_with_libctx, X509_STORE_set_default_paths, -X509_STORE_load_locations_with_libctx, X509_STORE_load_locations +X509_STORE_load_file_ex, X509_STORE_load_file, X509_STORE_load_path, +X509_STORE_load_store_ex, X509_STORE_load_store, +X509_STORE_set_default_paths_ex, X509_STORE_set_default_paths, +X509_STORE_load_locations_ex, X509_STORE_load_locations - X509_STORE manipulation =head1 SYNOPSIS @@ -28,21 +28,19 @@ X509_STORE_load_locations_with_libctx, X509_STORE_load_locations X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *store, X509_LOOKUP_METHOD *meth); - int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx, - OPENSSL_CTX *libctx, - const char *propq); + int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx, + const char *propq); int X509_STORE_set_default_paths(X509_STORE *ctx); - int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file, - OPENSSL_CTX *libctx, const char *propq); + int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file, + OPENSSL_CTX *libctx, const char *propq); int X509_STORE_load_file(X509_STORE *ctx, const char *file); int X509_STORE_load_path(X509_STORE *ctx, const char *dir); - int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *uri, - OPENSSL_CTX *libctx, const char *propq); + int X509_STORE_load_store_ex(X509_STORE *ctx, const char *uri, + OPENSSL_CTX *libctx, const char *propq); int X509_STORE_load_store(X509_STORE *ctx, const char *uri); - int X509_STORE_load_locations_with_libctx(X509_STORE *ctx, - const char *file, const char *dir, - OPENSSL_CTX *libctx, - const char *propq); + int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file, + const char *dir, OPENSSL_CTX *libctx, + const char *propq); int X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *dir); @@ -93,11 +91,11 @@ L I and adds it to the B I. This also associates the B with the lookup, so B functions can look up objects in that store. -X509_STORE_load_file_with_libctx() loads trusted certificate(s) into an +X509_STORE_load_file_ex() loads trusted certificate(s) into an B from a given file. The library context I and property query are used when fetching algorithms from providers. -X509_STORE_load_file() is similar to X509_STORE_load_file_with_libctx() but +X509_STORE_load_file() is similar to X509_STORE_load_file_ex() but uses NULL for the library context I and property query . X509_STORE_load_path() loads trusted certificate(s) into an @@ -105,41 +103,41 @@ B from a given directory path. The certificates in the directory must be in hashed form, as documented in L. -X509_STORE_load_store_with_libctx() loads trusted certificate(s) into an +X509_STORE_load_store_ex() loads trusted certificate(s) into an B from a store at a given URI. The library context I and property query are used when fetching algorithms from providers. -X509_STORE_load_store() is similar to X509_STORE_load_store_with_libctx() but +X509_STORE_load_store() is similar to X509_STORE_load_store_ex() but uses NULL for the library context I and property query . -X509_STORE_load_locations_with_libctx() combines -X509_STORE_load_file_with_libctx() and X509_STORE_load_dir() for a given file +X509_STORE_load_locations_ex() combines +X509_STORE_load_file_ex() and X509_STORE_load_dir() for a given file and/or directory path. It is permitted to specify just a file, just a directory, or both paths. -X509_STORE_load_locations() is similar to X509_STORE_load_locations_with_libctx() +X509_STORE_load_locations() is similar to X509_STORE_load_locations_ex() but uses NULL for the library context I and property query . -X509_STORE_set_default_paths_with_libctx() is somewhat misnamed, in that it does +X509_STORE_set_default_paths_ex() is somewhat misnamed, in that it does not set what default paths should be used for loading certificates. Instead, it loads certificates into the B from the hardcoded default paths. The library context I and property query are used when fetching algorithms from providers. X509_STORE_set_default_paths() is similar to -X509_STORE_set_default_paths_with_libctx() but uses NULL for the library +X509_STORE_set_default_paths_ex() but uses NULL for the library context I and property query . =head1 RETURN VALUES X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(), X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(), -X509_STORE_load_file_with_libctx(), X509_STORE_load_file(), +X509_STORE_load_file_ex(), X509_STORE_load_file(), X509_STORE_load_path(), -X509_STORE_load_store_with_libctx(), X509_STORE_load_store(), -X509_STORE_load_locations_with_libctx(), X509_STORE_load_locations(), -X509_STORE_set_default_paths_with_libctx() and X509_STORE_set_default_paths() +X509_STORE_load_store_ex(), X509_STORE_load_store(), +X509_STORE_load_locations_ex(), X509_STORE_load_locations(), +X509_STORE_set_default_paths_ex() and X509_STORE_set_default_paths() return 1 on success or 0 on failure. X509_STORE_add_lookup() returns the found or created @@ -154,9 +152,9 @@ L =head1 HISTORY -The functions X509_STORE_set_default_paths_with_libctx(), -X509_STORE_load_file_with_libctx(), X509_STORE_load_store_with_libctx() and -X509_STORE_load_locations_with_libctx() were added in OpenSSL 3.0. +The functions X509_STORE_set_default_paths_ex(), +X509_STORE_load_file_ex(), X509_STORE_load_store_ex() and +X509_STORE_load_locations_ex() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/X509_dup.pod b/doc/man3/X509_dup.pod index 76b77c1195..d3e164a6e0 100644 --- a/doc/man3/X509_dup.pod +++ b/doc/man3/X509_dup.pod @@ -29,7 +29,7 @@ CERTIFICATEPOLICIES_free, CERTIFICATEPOLICIES_new, CMS_ContentInfo_free, CMS_ContentInfo_new, -CMS_ContentInfo_new_with_libctx, +CMS_ContentInfo_new_ex, CMS_ContentInfo_print_ctx, CMS_ReceiptRequest_free, CMS_ReceiptRequest_new, @@ -202,7 +202,7 @@ PKCS7_SIGN_ENVELOPE_free, PKCS7_SIGN_ENVELOPE_new, PKCS7_dup, PKCS7_free, -PKCS7_new_with_libctx, +PKCS7_new_ex, PKCS7_new, PKCS7_print_ctx, PKCS8_PRIV_KEY_INFO_free, @@ -337,7 +337,7 @@ to generate the function bodies. B_new>() allocates an empty object of the indicated type. The object returned must be released by calling B_free>(). -B_new_with_libctx>() is similiar to B_new>() but also passes the +B_new_ex>() is similiar to B_new>() but also passes the library context I and the property query I to use when retrieving algorithms from providers. @@ -361,7 +361,7 @@ B_print_ctx>() returns 1 on success or zero on failure. =head1 HISTORY -The functions PKCS7_new_with_libctx() and CMS_ContentInfo_new_with_libctx() were +The functions PKCS7_new_ex() and CMS_ContentInfo_new_ex() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/X509_new.pod b/doc/man3/X509_new.pod index 29baef570d..38a101a5bc 100644 --- a/doc/man3/X509_new.pod +++ b/doc/man3/X509_new.pod @@ -3,7 +3,7 @@ =head1 NAME X509_chain_up_ref, -X509_new, X509_new_with_libctx, +X509_new, X509_new_ex, X509_free, X509_up_ref - X509 certificate ASN1 allocation functions =head1 SYNOPSIS @@ -11,7 +11,7 @@ X509_free, X509_up_ref - X509 certificate ASN1 allocation functions #include X509 *X509_new(void); - X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq); + X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq); void X509_free(X509 *a); int X509_up_ref(X509 *a); STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x); @@ -21,13 +21,13 @@ X509_free, X509_up_ref - X509 certificate ASN1 allocation functions The X509 ASN1 allocation routines, allocate and free an X509 structure, which represents an X509 certificate. -X509_new_with_libctx() allocates and initializes a X509 structure with a +X509_new_ex() allocates and initializes a X509 structure with a library context of I, property query of and a reference count of B<1>. Many X509 functions such as X509_check_purpose(), and X509_verify() use this library context to select which providers supply the fetched algorithms (SHA1 is used internally). -X509_new() is similar to X509_new_with_libctx() but sets the library context +X509_new() is similar to X509_new_ex() but sets the library context and property query to NULL. This results in the default (NULL) library context being used for any X509 operations requiring algorithm fetches. @@ -82,7 +82,7 @@ L =head1 HISTORY -The function X509_new_with_libctx() was added in OpenSSL 3.0. +The function X509_new_ex() was added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/X509_sign.pod b/doc/man3/X509_sign.pod index a97cbebbef..df66e3e5b7 100644 --- a/doc/man3/X509_sign.pod +++ b/doc/man3/X509_sign.pod @@ -55,7 +55,7 @@ L, L, L, L, -L, L, +L, L, L =head1 HISTORY diff --git a/doc/man3/X509_verify.pod b/doc/man3/X509_verify.pod index 2c8fb0059e..15719090bb 100644 --- a/doc/man3/X509_verify.pod +++ b/doc/man3/X509_verify.pod @@ -3,7 +3,7 @@ =head1 NAME X509_verify, X509_self_signed, -X509_REQ_verify_with_libctx, X509_REQ_verify, +X509_REQ_verify_ex, X509_REQ_verify, X509_CRL_verify - verify certificate, certificate request, or CRL signature @@ -14,8 +14,8 @@ verify certificate, certificate request, or CRL signature int X509_verify(X509 *x, EVP_PKEY *pkey); int X509_self_signed(X509 *cert, int verify_signature); - int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *pkey, OPENSSL_CTX *libctx, + const char *propq); int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); @@ -31,13 +31,13 @@ authority key identifier (if present) must match the subject key identifier etc. The signature itself is actually verified only if B is 1, as for explicitly trusted certificates this verification is not worth the effort. -X509_REQ_verify_with_libctx(), X509_REQ_verify() and X509_CRL_verify() +X509_REQ_verify_ex(), X509_REQ_verify() and X509_CRL_verify() verify the signatures of certificate requests and CRLs, respectively. =head1 RETURN VALUES X509_verify(), -X509_REQ_verify_with_libctx(), X509_REQ_verify() and X509_CRL_verify() +X509_REQ_verify_ex(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was ill-formed or some other error occurred then -1 is returned. @@ -68,7 +68,7 @@ L The X509_verify(), X509_REQ_verify(), and X509_CRL_verify() functions are available in all versions of OpenSSL. -X509_REQ_verify_with_libctx(), and X509_self_signed() were added in OpenSSL 3.0. +X509_REQ_verify_ex(), and X509_self_signed() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/engines/e_loader_attic.c b/engines/e_loader_attic.c index 47afe3f790..97789f7293 100644 --- a/engines/e_loader_attic.c +++ b/engines/e_loader_attic.c @@ -523,7 +523,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name, *matchcount = 1; if (p8inf != NULL) - pkey = EVP_PKCS82PKEY_with_libctx(p8inf, libctx, propq); + pkey = EVP_PKCS82PKEY_ex(p8inf, libctx, propq); PKCS8_PRIV_KEY_INFO_free(p8inf); } else { int slen; @@ -777,7 +777,7 @@ static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name, *matchcount = 1; } - cert = X509_new_with_libctx(libctx, propq); + cert = X509_new_ex(libctx, propq); if (cert == NULL) return NULL; @@ -940,7 +940,7 @@ static int file_find_type(OSSL_STORE_LOADER_CTX *ctx) return 1; } -static OSSL_STORE_LOADER_CTX *file_open_with_libctx +static OSSL_STORE_LOADER_CTX *file_open_ex (const OSSL_STORE_LOADER *loader, const char *uri, OPENSSL_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data) @@ -1069,7 +1069,7 @@ static OSSL_STORE_LOADER_CTX *file_open (const OSSL_STORE_LOADER *loader, const char *uri, const UI_METHOD *ui_method, void *ui_data) { - return file_open_with_libctx(loader, uri, NULL, NULL, ui_method, ui_data); + return file_open_ex(loader, uri, NULL, NULL, ui_method, ui_data); } static OSSL_STORE_LOADER_CTX *file_attach @@ -1744,8 +1744,7 @@ static int bind_loader_attic(ENGINE *e) if (/* Create the OSSL_STORE_LOADER */ (loader_attic = OSSL_STORE_LOADER_new(e, "file")) == NULL - || !OSSL_STORE_LOADER_set_open_with_libctx(loader_attic, - file_open_with_libctx) + || !OSSL_STORE_LOADER_set_open_ex(loader_attic, file_open_ex) || !OSSL_STORE_LOADER_set_open(loader_attic, file_open) || !OSSL_STORE_LOADER_set_attach(loader_attic, file_attach) || !OSSL_STORE_LOADER_set_ctrl(loader_attic, file_ctrl) diff --git a/include/crypto/asn1.h b/include/crypto/asn1.h index 6e1d396851..5f6987e066 100644 --- a/include/crypto/asn1.h +++ b/include/crypto/asn1.h @@ -80,7 +80,7 @@ struct evp_pkey_asn1_method_st { const char *propq); OSSL_CALLBACK *import_from; - int (*priv_decode_with_libctx) (EVP_PKEY *pk, + int (*priv_decode_ex) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf, OPENSSL_CTX *libctx, const char *propq); diff --git a/include/crypto/dh.h b/include/crypto/dh.h index fa0d70dbd4..e419993cfe 100644 --- a/include/crypto/dh.h +++ b/include/crypto/dh.h @@ -11,8 +11,8 @@ #include #include "internal/ffc.h" -DH *dh_new_by_nid_with_libctx(OPENSSL_CTX *libctx, int nid); -DH *dh_new_with_libctx(OPENSSL_CTX *libctx); +DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid); +DH *dh_new_ex(OPENSSL_CTX *libctx); int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits, BN_GENCB *cb); diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 23990f651c..986e11705b 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -788,11 +788,10 @@ void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags); const EVP_CIPHER *evp_get_cipherbyname_ex(OPENSSL_CTX *libctx, const char *name); const EVP_MD *evp_get_digestbyname_ex(OPENSSL_CTX *libctx, const char *name); -int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen, - const unsigned char *salt, int saltlen, - int iter, const EVP_MD *digest, int keylen, - unsigned char *out, - OPENSSL_CTX *libctx, const char *propq); +int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen, + const unsigned char *salt, int saltlen, int iter, + const EVP_MD *digest, int keylen, unsigned char *out, + OPENSSL_CTX *libctx, const char *propq); #ifndef FIPS_MODULE /* @@ -810,9 +809,8 @@ int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen, int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params); int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params); -EVP_MD_CTX *evp_md_ctx_new_with_libctx(EVP_PKEY *pkey, - const ASN1_OCTET_STRING *id, - OPENSSL_CTX *libctx, const char *propq); +EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id, + OPENSSL_CTX *libctx, const char *propq); int evp_pkey_name2type(const char *name); int evp_pkey_ctx_set1_id_prov(EVP_PKEY_CTX *ctx, const void *id, int len); diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index 278e215062..e663681e6e 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -69,13 +69,11 @@ int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to, size_t tlen, const unsigned char *from, size_t flen, int client_version, int alt_version); -int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx, - unsigned char *to, int tlen, - const unsigned char *from, - int flen, - const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md); +int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen, const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md); int rsa_validate_public(const RSA *key); int rsa_validate_private(const RSA *key); diff --git a/include/crypto/x509.h b/include/crypto/x509.h index 8c9a288cbc..3457d69609 100644 --- a/include/crypto/x509.h +++ b/include/crypto/x509.h @@ -311,10 +311,9 @@ int x509_check_issued_int(X509 *issuer, X509 *subject, OPENSSL_CTX *libctx, int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq); int x509_crl_set0_libctx(X509_CRL *x, OPENSSL_CTX *libctx, const char *propq); int x509_init_sig_info(X509 *x); -int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *type, - void *data, unsigned char *md, - unsigned int *len, OPENSSL_CTX *libctx, - const char *propq); +int asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *type, void *data, + unsigned char *md, unsigned int *len, + OPENSSL_CTX *libctx, const char *propq); int X509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags); int X509_PUBKEY_get0_libctx(OPENSSL_CTX **plibctx, const char **ppropq, diff --git a/include/openssl/asn1.h.in b/include/openssl/asn1.h.in index dfb1c9cae5..9b141dba4c 100644 --- a/include/openssl/asn1.h.in +++ b/include/openssl/asn1.h.in @@ -700,16 +700,15 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, const void *x); CHECKED_PTR_OF(const type, x))) void *ASN1_item_dup(const ASN1_ITEM *it, const void *x); -int ASN1_item_sign_with_libctx(const ASN1_ITEM *it, X509_ALGOR *algor1, - X509_ALGOR *algor2, ASN1_BIT_STRING *signature, - const void *data, const ASN1_OCTET_STRING *id, - EVP_PKEY *pkey, const EVP_MD *md, - OPENSSL_CTX *libctx, const char *propq); -int ASN1_item_verify_with_libctx(const ASN1_ITEM *it, const X509_ALGOR *alg, - const ASN1_BIT_STRING *signature, - const void *data, - const ASN1_OCTET_STRING *id, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); +int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1, + X509_ALGOR *algor2, ASN1_BIT_STRING *signature, + const void *data, const ASN1_OCTET_STRING *id, + EVP_PKEY *pkey, const EVP_MD *md, OPENSSL_CTX *libctx, + const char *propq); +int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg, + const ASN1_BIT_STRING *signature, const void *data, + const ASN1_OCTET_STRING *id, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); /* ASN1 alloc/free macros for when a type is only used internally */ @@ -877,11 +876,10 @@ int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it); -int SMIME_write_ASN1_with_libctx(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, - int ctype_nid, int econt_nid, - STACK_OF(X509_ALGOR) *mdalgs, - const ASN1_ITEM *it, - OPENSSL_CTX *libctx, const char *propq); +int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, + int ctype_nid, int econt_nid, + STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it, + OPENSSL_CTX *libctx, const char *propq); ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); ASN1_VALUE *SMIME_read_ASN1_ex(BIO *bio, BIO **bcont, const ASN1_ITEM *it, ASN1_VALUE **x); diff --git a/include/openssl/cms.h.in b/include/openssl/cms.h.in index f89cbf96e7..1f301aa40f 100644 --- a/include/openssl/cms.h.in +++ b/include/openssl/cms.h.in @@ -53,8 +53,7 @@ DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo) DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest) DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo) -CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); +CMS_ContentInfo *CMS_ContentInfo_new_ex(OPENSSL_CTX *libctx, const char *propq); # define CMS_SIGNERINFO_ISSUER_SERIAL 0 # define CMS_SIGNERINFO_KEYIDENTIFIER 1 @@ -124,10 +123,10 @@ int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags); -CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, BIO *data, - unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); +CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, + STACK_OF(X509) *certs, BIO *data, + unsigned int flags, OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, X509 *signcert, EVP_PKEY *pkey, @@ -135,18 +134,16 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags); CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); -CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags, - OPENSSL_CTX *ctx, - const char *propq); +CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, + OPENSSL_CTX *ctx, const char *propq); int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags); CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags); -CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in, const EVP_MD *md, - unsigned int flags, - OPENSSL_CTX *ctx, - const char *propq); +CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, + unsigned int flags, OPENSSL_CTX *ctx, + const char *propq); int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, const unsigned char *key, size_t keylen, @@ -155,13 +152,11 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, unsigned int flags); -CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in, - const EVP_CIPHER *cipher, - const unsigned char *key, - size_t keylen, - unsigned int flags, - OPENSSL_CTX *ctx, - const char *propq); +CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher, + const unsigned char *key, + size_t keylen, unsigned int flags, + OPENSSL_CTX *ctx, + const char *propq); int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, const unsigned char *key, size_t keylen); @@ -177,10 +172,9 @@ STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms); CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags); -CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs, - BIO *in, const EVP_CIPHER *cipher, - unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); +CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in, + const EVP_CIPHER *cipher, unsigned int flags, + OPENSSL_CTX *ctx, const char *propq); int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont, BIO *out, unsigned int flags); @@ -199,13 +193,12 @@ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher); CMS_ContentInfo * -CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *ctx, - const char *propq); +CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *ctx, + const char *propq); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); -CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher, - OPENSSL_CTX *ctx, - const char *propq); +CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, + OPENSSL_CTX *ctx, + const char *propq); CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags); @@ -345,7 +338,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo); -CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx( +CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo, diff --git a/include/openssl/conf.h.in b/include/openssl/conf.h.in index 6e3a10ed55..f436bd834a 100644 --- a/include/openssl/conf.h.in +++ b/include/openssl/conf.h.in @@ -122,7 +122,7 @@ struct conf_st { OPENSSL_CTX *libctx; }; -CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth); +CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth); CONF *NCONF_new(CONF_METHOD *meth); CONF_METHOD *NCONF_default(void); DEPRECATEDIN_3_0(CONF_METHOD *NCONF_WIN32(void)) @@ -150,8 +150,8 @@ int NCONF_dump_bio(const CONF *conf, BIO *out); int CONF_modules_load(const CONF *cnf, const char *appname, unsigned long flags); -int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, const char *filename, - const char *appname, unsigned long flags); +int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, + const char *appname, unsigned long flags); int CONF_modules_load_file(const char *filename, const char *appname, unsigned long flags); void CONF_modules_unload(int all); diff --git a/include/openssl/ct.h.in b/include/openssl/ct.h.in index e72fe4b6b7..1b056a880a 100644 --- a/include/openssl/ct.h.in +++ b/include/openssl/ct.h.in @@ -83,11 +83,11 @@ typedef enum { * The caller is responsible for calling CT_POLICY_EVAL_CTX_free when finished * with the CT_POLICY_EVAL_CTX. */ -CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); +CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx, + const char *propq); /* - * The same as CT_POLICY_EVAL_CTX_new_with_libctx() but the default library + * The same as CT_POLICY_EVAL_CTX_new_ex() but the default library * context and property query string is used. */ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void); @@ -433,11 +433,11 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len); * Returns NULL if malloc fails or if |public_key| cannot be converted to DER. * Should be deleted by the caller using CTLOG_free when no longer needed. */ -CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name, - OPENSSL_CTX *libctx, const char *propq); +CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OPENSSL_CTX *libctx, + const char *propq); /* - * The same as CTLOG_new_with_libctx except that the default library context and + * The same as CTLOG_new_ex except that the default library context and * property query string are used. */ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); @@ -450,12 +450,12 @@ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); * Returns 1 on success, 0 on failure. * Should be deleted by the caller using CTLOG_free when no longer needed. */ -int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64, - const char *name, OPENSSL_CTX *libctx, - const char *propq); +int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64, + const char *name, OPENSSL_CTX *libctx, + const char *propq); /* - * The same as CTLOG_new_from_base64_with_libctx() except that the default + * The same as CTLOG_new_from_base64_ex() except that the default * library context and property query string are used. * Returns 1 on success, 0 on failure. */ @@ -484,10 +484,10 @@ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log); * property query string. * Should be deleted by the caller using CTLOG_STORE_free when no longer needed. */ -CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq); +CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq); /* - * Same as CTLOG_STORE_new_with_libctx except that the default libctx and + * Same as CTLOG_STORE_new_ex except that the default libctx and * property query string are used. * Should be deleted by the caller using CTLOG_STORE_free when no longer needed. */ diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 04e648681b..5876b2a31c 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -402,12 +402,12 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], * \return newly created EC_GROUP object with specified curve or NULL * if an error occurred */ -EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx, - const char *propq, int nid); +EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq, + int nid); /** * Creates a EC_GROUP object with a curve specified by a NID. Same as - * EC_GROUP_new_by_curve_name_with_libctx but the libctx and propq are always + * EC_GROUP_new_by_curve_name_ex but the libctx and propq are always * NULL. * \param nid NID of the OID of the curve name * \return newly created EC_GROUP object with specified curve or NULL @@ -882,10 +882,10 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); * which case the default library context is used. * \return EC_KEY object or NULL if an error occurred. */ -EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq); +EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq); /** - * Creates a new EC_KEY object. Same as calling EC_KEY_new_with_libctx with a + * Creates a new EC_KEY object. Same as calling EC_KEY_new_ex with a * NULL library context * \return EC_KEY object or NULL if an error occurred. */ @@ -908,8 +908,8 @@ int EC_KEY_decoded_from_explicit_params(const EC_KEY *key); * \param nid NID of the named curve. * \return EC_KEY object or NULL if an error occurred. */ -EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, const char *propq, - int nid); +EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq, + int nid); /** * Creates a new EC_KEY object using a named curve as underlying diff --git a/include/openssl/evp.h b/include/openssl/evp.h index f3936cd527..8c2d00813c 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -691,9 +691,9 @@ __owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, __owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, EVP_PKEY *pkey); -__owur int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md, - unsigned int *s, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); +__owur int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, + EVP_PKEY *pkey, OPENSSL_CTX *libctx, + const char *propq); __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen, const unsigned char *tbs, @@ -701,19 +701,17 @@ __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, __owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); -__owur int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, - const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); +__owur int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, + unsigned int siglen, EVP_PKEY *pkey, + OPENSSL_CTX *libctx, const char *propq); __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen); -int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey); +int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey); /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -721,10 +719,9 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize); __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); -int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, - OPENSSL_CTX *libctx, const char *props, - EVP_PKEY *pkey); +int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, + const char *mdname, OPENSSL_CTX *libctx, + const char *props, EVP_PKEY *pkey); __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -1606,19 +1603,16 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen); -EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *priv, - size_t len); +EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx, + const char *keytype, + const char *propq, + const unsigned char *priv, size_t len); EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, const unsigned char *priv, size_t len); -EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx, - const char *keytype, - const char *propq, - const unsigned char *pub, - size_t len); +EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx, + const char *keytype, const char *propq, + const unsigned char *pub, size_t len); EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, const unsigned char *pub, size_t len); @@ -1627,11 +1621,9 @@ int EVP_PKEY_get_raw_private_key(const EVP_PKEY *pkey, unsigned char *priv, int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, size_t *len); -EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv, - size_t len, - const char *cipher_name, - OPENSSL_CTX *libctx, - const char *propq); +EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len, + const char *cipher_name, OPENSSL_CTX *libctx, + const char *propq); EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, const EVP_CIPHER *cipher); diff --git a/include/openssl/pem.h b/include/openssl/pem.h index 6fbc28e0d3..9247922574 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -287,9 +287,9 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); STACK_OF(X509_INFO) -*PEM_X509_INFO_read_bio_with_libctx(BIO *bp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); +*PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, + pem_password_cb *cb, void *u, OPENSSL_CTX *libctx, + const char *propq); int PEM_X509_INFO_write_bio(BIO *bp, const X509_INFO *xi, EVP_CIPHER *enc, const unsigned char *kstr, int klen, @@ -309,9 +309,8 @@ int PEM_ASN1_write(i2d_of_void *i2d, const char *name, FILE *fp, STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); STACK_OF(X509_INFO) -*PEM_X509_INFO_read_with_libctx(FILE *fp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); +*PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, + void *u, OPENSSL_CTX *libctx, const char *propq); #endif int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); diff --git a/include/openssl/pkcs7.h.in b/include/openssl/pkcs7.h.in index 93e1f9dbef..e6ee6df100 100644 --- a/include/openssl/pkcs7.h.in +++ b/include/openssl/pkcs7.h.in @@ -252,7 +252,7 @@ DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST) DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT) DECLARE_ASN1_FUNCTIONS(PKCS7) -PKCS7 *PKCS7_new_with_libctx(OPENSSL_CTX *libctx, const char *propq); +PKCS7 *PKCS7_new_ex(OPENSSL_CTX *libctx, const char *propq); DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN) DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY) @@ -311,9 +311,9 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); -PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey, - STACK_OF(X509) *certs, BIO *data, int flags, - OPENSSL_CTX *libctx, const char *propq); +PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, + BIO *data, int flags, OPENSSL_CTX *libctx, + const char *propq); PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, X509 *signcert, EVP_PKEY *pkey, @@ -326,9 +326,9 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, int flags); PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); -PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in, - const EVP_CIPHER *cipher, int flags, - OPENSSL_CTX *libctx, const char *propq); +PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in, + const EVP_CIPHER *cipher, int flags, + OPENSSL_CTX *libctx, const char *propq); int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index 1d7996ed61..61042148c2 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -1538,8 +1538,8 @@ void BIO_ssl_shutdown(BIO *ssl_bio); __owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str); __owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth); -__owur SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, - const SSL_METHOD *meth); +__owur SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq, + const SSL_METHOD *meth); int SSL_CTX_up_ref(SSL_CTX *ctx); void SSL_CTX_free(SSL_CTX *); __owur long SSL_CTX_set_timeout(SSL_CTX *ctx, long t); @@ -1640,8 +1640,8 @@ __owur int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); __owur int SSL_use_certificate_chain_file(SSL *ssl, const char *file); __owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); __owur STACK_OF(X509_NAME) -*SSL_load_client_CA_file_with_libctx(const char *file, - OPENSSL_CTX *libctx, const char *propq); +*SSL_load_client_CA_file_ex(const char *file, OPENSSL_CTX *libctx, + const char *propq); __owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, const char *file); int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, diff --git a/include/openssl/store.h b/include/openssl/store.h index 8fc035c2e3..edbf4a8fbd 100644 --- a/include/openssl/store.h +++ b/include/openssl/store.h @@ -57,11 +57,10 @@ OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); OSSL_STORE_CTX * -OSSL_STORE_open_with_libctx(const char *uri, - OPENSSL_CTX *libctx, const char *propq, - const UI_METHOD *ui_method, void *ui_data, - OSSL_STORE_post_process_info_fn post_process, - void *post_process_data); +OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq, + const UI_METHOD *ui_method, void *ui_data, + OSSL_STORE_post_process_info_fn post_process, + void *post_process_data); /* * Control / fine tune the OSSL_STORE channel. |cmd| determines what is to be @@ -284,7 +283,7 @@ typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX; typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn) (const OSSL_STORE_LOADER *loader, const char *uri, const UI_METHOD *ui_method, void *ui_data); -typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn) +typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn) (const OSSL_STORE_LOADER *loader, const char *uri, OPENSSL_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data); @@ -312,9 +311,9 @@ DEPRECATEDIN_3_0(OSSL_STORE_LOADER *OSSL_STORE_LOADER_new DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_open (OSSL_STORE_LOADER *loader, OSSL_STORE_open_fn open_function)) -DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_open_with_libctx +DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_open_ex (OSSL_STORE_LOADER *loader, - OSSL_STORE_open_with_libctx_fn open_with_libctx_function)) + OSSL_STORE_open_ex_fn open_ex_function)) DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_attach (OSSL_STORE_LOADER *loader, OSSL_STORE_attach_fn attach_function)) diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in index f86d4ee7d1..a88398d5e5 100644 --- a/include/openssl/x509.h.in +++ b/include/openssl/x509.h.in @@ -365,8 +365,8 @@ const char *X509_verify_cert_error_string(long n); int X509_verify(X509 *a, EVP_PKEY *r); int X509_self_signed(X509 *cert, int verify_signature); -int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx, - const char *propq); +int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx, + const char *propq); int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); @@ -576,7 +576,7 @@ int X509_NAME_set(X509_NAME **xn, const X509_NAME *name); DECLARE_ASN1_FUNCTIONS(X509_CINF) DECLARE_ASN1_FUNCTIONS(X509) -X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq); +X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq); DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) #define X509_get_ex_new_index(l, p, newf, dupf, freef) \ @@ -1054,8 +1054,8 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); -EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8, - OPENSSL_CTX *libctx, const char *propq); +EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx, + const char *propq); PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey); int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, diff --git a/include/openssl/x509_vfy.h.in b/include/openssl/x509_vfy.h.in index 6266e6007d..b7da1b0c5c 100644 --- a/include/openssl/x509_vfy.h.in +++ b/include/openssl/x509_vfy.h.in @@ -120,17 +120,17 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); # define X509_LOOKUP_load_store(x,name) \ X509_LOOKUP_ctrl((x),X509_L_LOAD_STORE,(name),0,NULL) -# define X509_LOOKUP_load_file_with_libctx(x, name, type, libctx, propq) \ -X509_LOOKUP_ctrl_with_libctx((x), X509_L_FILE_LOAD, (name), (long)(type), NULL,\ - (libctx), (propq)) +# define X509_LOOKUP_load_file_ex(x, name, type, libctx, propq) \ +X509_LOOKUP_ctrl_ex((x), X509_L_FILE_LOAD, (name), (long)(type), NULL,\ + (libctx), (propq)) -# define X509_LOOKUP_load_store_with_libctx(x, name, libctx, propq) \ -X509_LOOKUP_ctrl_with_libctx((x), X509_L_LOAD_STORE, (name), 0, NULL, \ - (libctx), (propq)) +# define X509_LOOKUP_load_store_ex(x, name, libctx, propq) \ +X509_LOOKUP_ctrl_ex((x), X509_L_LOAD_STORE, (name), 0, NULL, \ + (libctx), (propq)) -# define X509_LOOKUP_add_store_with_libctx(x, name, libctx, propq) \ -X509_LOOKUP_ctrl_with_libctx((x), X509_L_ADD_STORE, (name), 0, NULL, \ - (libctx), (propq)) +# define X509_LOOKUP_add_store_ex(x, name, libctx, propq) \ +X509_LOOKUP_ctrl_ex((x), X509_L_ADD_STORE, (name), 0, NULL, \ + (libctx), (propq)) # define X509_V_OK 0 # define X509_V_ERR_UNSPECIFIED 1 @@ -389,8 +389,7 @@ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(const X509_STORE *ctx); int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data); void *X509_STORE_get_ex_data(const X509_STORE *ctx, int idx); -X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx, - const char *propq); +X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq); X509_STORE_CTX *X509_STORE_CTX_new(void); int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); @@ -440,7 +439,7 @@ X509_LOOKUP_METHOD *X509_LOOKUP_store(void); typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); -typedef int (*X509_LOOKUP_ctrl_with_libctx_fn)( +typedef int (*X509_LOOKUP_ctrl_ex_fn)( X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret, OPENSSL_CTX *libctx, const char *propq); @@ -448,7 +447,7 @@ typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret); -typedef int (*X509_LOOKUP_get_by_subject_with_libctx_fn)(X509_LOOKUP *ctx, +typedef int (*X509_LOOKUP_get_by_subject_ex_fn)(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, @@ -530,27 +529,25 @@ X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); -int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret, - OPENSSL_CTX *libctx, const char *propq); +int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, + char **ret, OPENSSL_CTX *libctx, const char *propq); int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq); +int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, + OPENSSL_CTX *libctx, const char *propq); int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); -int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file, - int type, OPENSSL_CTX *libctx, - const char *propq); +int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type, + OPENSSL_CTX *libctx, const char *propq); X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); void X509_LOOKUP_free(X509_LOOKUP *ctx); int X509_LOOKUP_init(X509_LOOKUP *ctx); int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret); -int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, - const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq); +int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, + const X509_NAME *name, X509_OBJECT *ret, + OPENSSL_CTX *libctx, const char *propq); int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, const ASN1_INTEGER *serial, @@ -573,16 +570,15 @@ int X509_STORE_load_locations(X509_STORE *ctx, const char *dir); int X509_STORE_set_default_paths(X509_STORE *ctx); -int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file, - OPENSSL_CTX *libctx, const char *propq); -int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *store, - OPENSSL_CTX *libctx, const char *propq); -int X509_STORE_load_locations_with_libctx(X509_STORE *ctx, - const char *file, const char *dir, - OPENSSL_CTX *libctx, const char *propq); -int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx, - OPENSSL_CTX *libctx, - const char *propq); +int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file, + OPENSSL_CTX *libctx, const char *propq); +int X509_STORE_load_store_ex(X509_STORE *ctx, const char *store, + OPENSSL_CTX *libctx, const char *propq); +int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file, + const char *dir, OPENSSL_CTX *libctx, + const char *propq); +int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx, + const char *propq); #define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \ CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef) diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index cceb131105..0ce2054e7d 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -165,12 +165,11 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, return 0; } ret = - rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(prsactx->libctx, tbuf, - rsasize, in, inlen, - prsactx->oaep_label, - prsactx->oaep_labellen, - prsactx->oaep_md, - prsactx->mgf1_md); + rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, rsasize, + in, inlen, prsactx->oaep_label, + prsactx->oaep_labellen, + prsactx->oaep_md, + prsactx->mgf1_md); if (!ret) { OPENSSL_free(tbuf); diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c index b4cebd0646..23d6f7b4ad 100644 --- a/providers/implementations/kdfs/scrypt.c +++ b/providers/implementations/kdfs/scrypt.c @@ -488,15 +488,15 @@ static int scrypt_alg(const char *pass, size_t passlen, X = (uint32_t *)(B + Blen); T = X + 32 * r; V = T + 32 * r; - if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, 1, sha256, - (int)Blen, B, libctx, propq) == 0) + if (pkcs5_pbkdf2_hmac_ex(pass, passlen, salt, saltlen, 1, sha256, (int)Blen, + B, libctx, propq) == 0) goto err; for (i = 0; i < p; i++) scryptROMix(B + 128 * r * i, r, N, X, T, V); - if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, B, (int)Blen, 1, sha256, - keylen, key, libctx, propq) == 0) + if (pkcs5_pbkdf2_hmac_ex(pass, passlen, B, (int)Blen, 1, sha256, keylen, + key, libctx, propq) == 0) goto err; rv = 1; err: diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 7086df4509..6a1db6a733 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -136,7 +136,7 @@ static void *dh_newdata(void *provctx) DH *dh = NULL; if (ossl_prov_is_running()) { - dh = dh_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx)); + dh = dh_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx)); if (dh != NULL) { DH_clear_flags(dh, DH_FLAG_TYPE_MASK); DH_set_flags(dh, DH_FLAG_TYPE_DH); @@ -149,7 +149,7 @@ static void *dhx_newdata(void *provctx) { DH *dh = NULL; - dh = dh_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx)); + dh = dh_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx)); if (dh != NULL) { DH_clear_flags(dh, DH_FLAG_TYPE_MASK); DH_set_flags(dh, DH_FLAG_TYPE_DHX); @@ -608,12 +608,12 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) gctx->group_nid = dh_get_named_group_uid_from_size(gctx->pbits); if (gctx->group_nid == NID_undef) return NULL; - dh = dh_new_by_nid_with_libctx(gctx->libctx, gctx->group_nid); + dh = dh_new_by_nid_ex(gctx->libctx, gctx->group_nid); if (dh == NULL) return NULL; ffc = dh_get0_params(dh); } else { - dh = dh_new_with_libctx(gctx->libctx); + dh = dh_new_ex(gctx->libctx); if (dh == NULL) return NULL; ffc = dh_get0_params(dh); diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 7a6e37607d..33d55288dd 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -236,7 +236,7 @@ void *ec_newdata(void *provctx) { if (!ossl_prov_is_running()) return NULL; - return EC_KEY_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx), NULL); + return EC_KEY_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx), NULL); } static @@ -1050,7 +1050,7 @@ static void *ec_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) if (!ossl_prov_is_running() || gctx == NULL - || (ec = EC_KEY_new_with_libctx(gctx->libctx, NULL)) == NULL) + || (ec = EC_KEY_new_ex(gctx->libctx, NULL)) == NULL) return NULL; if (gctx->gen_group == NULL) { @@ -1094,7 +1094,7 @@ static void *sm2_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) int ret = 1; if (gctx == NULL - || (ec = EC_KEY_new_with_libctx(gctx->libctx, NULL)) == NULL) + || (ec = EC_KEY_new_ex(gctx->libctx, NULL)) == NULL) return NULL; if (gctx->gen_group == NULL) { diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index ace164f673..e6a9f57f11 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -380,7 +380,7 @@ int ssl_verify_cert_chain(SSL *s, STACK_OF(X509) *sk) else verify_store = s->ctx->cert_store; - ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq); + ctx = X509_STORE_CTX_new_ex(s->ctx->libctx, s->ctx->propq); if (ctx == NULL) { SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE); return 0; @@ -605,9 +605,9 @@ static unsigned long xname_hash(const X509_NAME *a) return X509_NAME_hash((X509_NAME *)a); } -STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file, - OPENSSL_CTX *libctx, - const char *propq) +STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, + OPENSSL_CTX *libctx, + const char *propq) { BIO *in = BIO_new(BIO_s_file()); X509 *x = NULL; @@ -621,7 +621,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file, goto err; } - x = X509_new_with_libctx(libctx, propq); + x = X509_new_ex(libctx, propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); goto err; @@ -676,7 +676,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file, STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file) { - return SSL_load_client_CA_file_with_libctx(file, NULL, NULL); + return SSL_load_client_CA_file_ex(file, NULL, NULL); } int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, @@ -881,7 +881,7 @@ int ssl_build_cert_chain(SSL *s, SSL_CTX *ctx, int flags) untrusted = cpk->chain; } - xs_ctx = X509_STORE_CTX_new_with_libctx(real_ctx->libctx, ctx->propq); + xs_ctx = X509_STORE_CTX_new_ex(real_ctx->libctx, ctx->propq); if (xs_ctx == NULL) { SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE); goto err; diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index acf9385785..26071cc2a1 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -492,13 +492,12 @@ static int do_store(SSL_CONF_CTX *cctx, return 0; } - if (CAfile != NULL && !X509_STORE_load_file_with_libctx(*st, CAfile, - libctx, propq)) + if (CAfile != NULL && !X509_STORE_load_file_ex(*st, CAfile, libctx, propq)) return 0; if (CApath != NULL && !X509_STORE_load_path(*st, CApath)) return 0; - if (CAstore != NULL && !X509_STORE_load_store_with_libctx(*st, CAstore, - libctx, propq)) + if (CAstore != NULL && !X509_STORE_load_store_ex(*st, CAstore, libctx, + propq)) return 0; return 1; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 64ecdccb8f..6f5d2fee28 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3123,8 +3123,8 @@ static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) * via ssl.h. */ -SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, - const SSL_METHOD *meth) +SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq, + const SSL_METHOD *meth) { SSL_CTX *ret = NULL; @@ -3178,7 +3178,7 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, if (ret->cert_store == NULL) goto err; #ifndef OPENSSL_NO_CT - ret->ctlog_store = CTLOG_STORE_new_with_libctx(libctx, propq); + ret->ctlog_store = CTLOG_STORE_new_ex(libctx, propq); if (ret->ctlog_store == NULL) goto err; #endif @@ -3331,7 +3331,7 @@ SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq, SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) { - return SSL_CTX_new_with_libctx(NULL, NULL, meth); + return SSL_CTX_new_ex(NULL, NULL, meth); } int SSL_CTX_up_ref(SSL_CTX *ctx) @@ -4290,8 +4290,8 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx) { - return X509_STORE_set_default_paths_with_libctx(ctx->cert_store, - ctx->libctx, ctx->propq); + return X509_STORE_set_default_paths_ex(ctx->cert_store, ctx->libctx, + ctx->propq); } int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx) @@ -4323,8 +4323,8 @@ int SSL_CTX_set_default_verify_file(SSL_CTX *ctx) /* We ignore errors, in case the directory doesn't exist */ ERR_set_mark(); - X509_LOOKUP_load_file_with_libctx(lookup, NULL, X509_FILETYPE_DEFAULT, - ctx->libctx, ctx->propq); + X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, ctx->libctx, + ctx->propq); ERR_pop_to_mark(); @@ -4342,7 +4342,7 @@ int SSL_CTX_set_default_verify_store(SSL_CTX *ctx) /* We ignore errors, in case the directory doesn't exist */ ERR_set_mark(); - X509_LOOKUP_add_store_with_libctx(lookup, NULL, ctx->libctx, ctx->propq); + X509_LOOKUP_add_store_ex(lookup, NULL, ctx->libctx, ctx->propq); ERR_pop_to_mark(); @@ -4351,8 +4351,8 @@ int SSL_CTX_set_default_verify_store(SSL_CTX *ctx) int SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile) { - return X509_STORE_load_file_with_libctx(ctx->cert_store, CAfile, - ctx->libctx, ctx->propq); + return X509_STORE_load_file_ex(ctx->cert_store, CAfile, ctx->libctx, + ctx->propq); } int SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath) @@ -4362,8 +4362,8 @@ int SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath) int SSL_CTX_load_verify_store(SSL_CTX *ctx, const char *CAstore) { - return X509_STORE_load_store_with_libctx(ctx->cert_store, CAstore, - ctx->libctx, ctx->propq); + return X509_STORE_load_store_ex(ctx->cert_store, CAstore, ctx->libctx, + ctx->propq); } int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, @@ -5194,7 +5194,7 @@ int ssl_validate_ct(SSL *s) } } - ctx = CT_POLICY_EVAL_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq); + ctx = CT_POLICY_EVAL_CTX_new_ex(s->ctx->libctx, s->ctx->propq); if (ctx == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_VALIDATE_CT, ERR_R_MALLOC_FAILURE); diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c index 76270b677e..51604b8a87 100644 --- a/ssl/ssl_rsa.c +++ b/ssl/ssl_rsa.c @@ -64,7 +64,7 @@ int SSL_use_certificate_file(SSL *ssl, const char *file, int type) SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); goto end; } - x = X509_new_with_libctx(ssl->ctx->libctx, ssl->ctx->propq); + x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); goto end; @@ -98,7 +98,7 @@ int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len) X509 *x; int ret; - x = X509_new_with_libctx(ssl->ctx->libctx, ssl->ctx->propq); + x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); return 0; @@ -398,7 +398,7 @@ int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type) SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE); goto end; } - x = X509_new_with_libctx(ctx->libctx, ctx->propq); + x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); goto end; @@ -428,7 +428,7 @@ int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, const unsigned char *d) X509 *x; int ret; - x = X509_new_with_libctx(ctx->libctx, ctx->propq); + x = X509_new_ex(ctx->libctx, ctx->propq); if (x == NULL) { SSLerr(0, ERR_R_MALLOC_FAILURE); return 0; @@ -634,7 +634,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) goto end; } - x = X509_new_with_libctx(real_ctx->libctx, real_ctx->propq); + x = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (x == NULL) { SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE); goto end; @@ -673,7 +673,7 @@ static int use_certificate_chain_file(SSL_CTX *ctx, SSL *ssl, const char *file) } while (1) { - ca = X509_new_with_libctx(real_ctx->libctx, real_ctx->propq); + ca = X509_new_ex(real_ctx->libctx, real_ctx->propq); if (ca == NULL) { SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE); goto end; diff --git a/ssl/statem/extensions.c b/ssl/statem/extensions.c index ec38b2f6a0..65c6de1373 100644 --- a/ssl/statem/extensions.c +++ b/ssl/statem/extensions.c @@ -1596,10 +1596,9 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, goto err; } - mackey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC", - s->ctx->propq, - finishedkey, - hashsize); + mackey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, finishedkey, + hashsize); if (mackey == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PSK_DO_BINDER, ERR_R_INTERNAL_ERROR); @@ -1610,9 +1609,8 @@ int tls_psk_do_binder(SSL *s, const EVP_MD *md, const unsigned char *msgstart, binderout = tmpbinder; bindersize = hashsize; - if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - mackey) <= 0 + if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->libctx, + s->ctx->propq, mackey) <= 0 || EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0 || EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0 || bindersize != hashsize) { diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 46a8e44442..9ec48ef56a 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -767,11 +767,10 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, /* Verify the HMAC of the cookie */ hctx = EVP_MD_CTX_create(); - pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC", - s->ctx->propq, - s->session_ctx->ext.cookie_hmac_key, - sizeof(s->session_ctx->ext - .cookie_hmac_key)); + pkey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, + s->session_ctx->ext.cookie_hmac_key, + sizeof(s->session_ctx->ext.cookie_hmac_key)); if (hctx == NULL || pkey == NULL) { EVP_MD_CTX_free(hctx); EVP_PKEY_free(pkey); @@ -781,8 +780,8 @@ int tls_parse_ctos_cookie(SSL *s, PACKET *pkt, unsigned int context, X509 *x, } hmaclen = SHA256_DIGEST_LENGTH; - if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", - s->ctx->libctx, s->ctx->propq, pkey) <= 0 + if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx, + s->ctx->propq, pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, data, rawlen - SHA256_DIGEST_LENGTH) <= 0 || hmaclen != SHA256_DIGEST_LENGTH) { @@ -1860,20 +1859,18 @@ EXT_RETURN tls_construct_stoc_cookie(SSL *s, WPACKET *pkt, unsigned int context, /* HMAC the cookie */ hctx = EVP_MD_CTX_create(); - pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC", - s->ctx->propq, - s->session_ctx->ext.cookie_hmac_key, - sizeof(s->session_ctx->ext - .cookie_hmac_key)); + pkey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, + s->session_ctx->ext.cookie_hmac_key, + sizeof(s->session_ctx->ext.cookie_hmac_key)); if (hctx == NULL || pkey == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, ERR_R_MALLOC_FAILURE); goto err; } - if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256", - s->ctx->libctx, s->ctx->propq, - pkey) <= 0 + if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx, + s->ctx->propq, pkey) <= 0 || EVP_DigestSign(hctx, hmac, &hmaclen, cookie, totcookielen) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index a3e7b5ad0a..cb5130c713 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -1854,7 +1854,7 @@ MSG_PROCESS_RETURN tls_process_server_certificate(SSL *s, PACKET *pkt) } certstart = certbytes; - x = X509_new_with_libctx(s->ctx->libctx, s->ctx->propq); + x = X509_new_ex(s->ctx->libctx, s->ctx->propq); if (x == NULL) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE); @@ -2373,10 +2373,9 @@ MSG_PROCESS_RETURN tls_process_key_exchange(SSL *s, PACKET *pkt) goto err; } - if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestVerifyInit_ex(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE, ERR_R_EVP_LIB); goto err; diff --git a/ssl/statem/statem_lib.c b/ssl/statem/statem_lib.c index 618a58d659..ef4067a749 100644 --- a/ssl/statem/statem_lib.c +++ b/ssl/statem/statem_lib.c @@ -316,10 +316,8 @@ int tls_construct_cert_verify(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_with_libctx(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestSignInit_ex(mctx, &pctx, md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY, ERR_R_EVP_LIB); goto err; @@ -512,10 +510,9 @@ MSG_PROCESS_RETURN tls_process_cert_verify(SSL *s, PACKET *pkt) OSSL_TRACE1(TLS, "Using client verify alg %s\n", md == NULL ? "n/a" : EVP_MD_name(md)); - if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestVerifyInit_ex(mctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY, ERR_R_EVP_LIB); goto err; @@ -1003,8 +1000,8 @@ static int ssl_add_cert_chain(SSL *s, WPACKET *pkt, CERT_PKEY *cpk) chain_store = s->ctx->cert_store; if (chain_store != NULL) { - X509_STORE_CTX *xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, - s->ctx->propq); + X509_STORE_CTX *xs_ctx = X509_STORE_CTX_new_ex(s->ctx->libctx, + s->ctx->propq); if (xs_ctx == NULL) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN, diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index a1a28e905a..2da037a248 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2803,10 +2803,9 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) goto err; } - if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx, - md == NULL ? NULL : EVP_MD_name(md), - s->ctx->libctx, s->ctx->propq, - pkey) <= 0) { + if (EVP_DigestSignInit_ex(md_ctx, &pctx, + md == NULL ? NULL : EVP_MD_name(md), + s->ctx->libctx, s->ctx->propq, pkey) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR); @@ -3673,7 +3672,7 @@ MSG_PROCESS_RETURN tls_process_client_certificate(SSL *s, PACKET *pkt) } certstart = certbytes; - x = X509_new_with_libctx(s->ctx->libctx, s->ctx->propq); + x = X509_new_ex(s->ctx->libctx, s->ctx->propq); if (x == NULL) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE); diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index 52b4ffe132..fbef9c1a86 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -373,11 +373,9 @@ int tls1_change_cipher_state(SSL *s, int which) if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) { if (mac_type == EVP_PKEY_HMAC) { - mac_key = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, - "HMAC", - s->ctx->propq, - mac_secret, - *mac_secret_size); + mac_key = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC", + s->ctx->propq, mac_secret, + *mac_secret_size); } else { /* * If its not HMAC then the only other types of MAC we support are @@ -388,9 +386,8 @@ int tls1_change_cipher_state(SSL *s, int which) (int)*mac_secret_size); } if (mac_key == NULL - || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m), - s->ctx->libctx, s->ctx->propq, - mac_key) <= 0) { + || EVP_DigestSignInit_ex(mac_ctx, NULL, EVP_MD_name(m), + s->ctx->libctx, s->ctx->propq, mac_key) <= 0) { EVP_PKEY_free(mac_key); SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE, ERR_R_INTERNAL_ERROR); diff --git a/test/acvp_test.c b/test/acvp_test.c index 74e2eace7e..9fa259ec16 100644 --- a/test/acvp_test.c +++ b/test/acvp_test.c @@ -101,9 +101,8 @@ static int sig_gen(EVP_PKEY *pkey, OSSL_PARAM *params, const char *digest_name, if (!TEST_ptr(sig = OPENSSL_malloc(sz)) || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) - || !TEST_int_eq(EVP_DigestSignInit_with_libctx(md_ctx, NULL, - digest_name, libctx, NULL, - pkey), 1) + || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, libctx, + NULL, pkey), 1) || !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0)) goto err; *sig_out = sig; @@ -311,9 +310,8 @@ static int ecdsa_sigver_test(int id) ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0) && TEST_ptr(md_ctx = EVP_MD_CTX_new()) - && TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, NULL, - tst->digest_alg, - libctx, NULL, pkey) + && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg, + libctx, NULL, pkey) && TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len, tst->msg, tst->msg_len), tst->pass)); err: @@ -1254,9 +1252,9 @@ static int rsa_sigver_test(int id) || !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len, tst->e, tst->e_len, NULL, 0, bn_ctx)) || !TEST_ptr(md_ctx = EVP_MD_CTX_new()) - || !TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, &pkey_ctx, - tst->digest_alg, - libctx, NULL, pkey) + || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx, + tst->digest_alg, libctx, NULL, + pkey) || !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params)) || !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len, tst->msg, tst->msg_len), tst->pass))) diff --git a/test/asynctest.c b/test/asynctest.c index d59104226b..a7aab8efde 100644 --- a/test/asynctest.c +++ b/test/asynctest.c @@ -339,7 +339,7 @@ static int test_ASYNC_block_pause(void) return 1; } -static int test_ASYNC_start_job_with_libctx(void) +static int test_ASYNC_start_job_ex(void) { ASYNC_JOB *job = NULL; int funcret; @@ -350,7 +350,7 @@ static int test_ASYNC_start_job_with_libctx(void) if (libctx == NULL) { fprintf(stderr, - "test_ASYNC_start_job_with_libctx() failed to create libctx\n"); + "test_ASYNC_start_job_ex() failed to create libctx\n"); goto err; } @@ -361,7 +361,7 @@ static int test_ASYNC_start_job_with_libctx(void) NULL, 0) != ASYNC_PAUSE) { fprintf(stderr, - "test_ASYNC_start_job_with_libctx() failed to start job\n"); + "test_ASYNC_start_job_ex() failed to start job\n"); goto err; } @@ -370,14 +370,14 @@ static int test_ASYNC_start_job_with_libctx(void) oldctx = OPENSSL_CTX_set0_default(tmpctx); if (tmpctx != libctx) { fprintf(stderr, - "test_ASYNC_start_job_with_libctx() failed - unexpected libctx\n"); + "test_ASYNC_start_job_ex() failed - unexpected libctx\n"); goto err; } if (ASYNC_start_job(&job, waitctx, &funcret, change_deflt_libctx, NULL, 0) != ASYNC_PAUSE) { fprintf(stderr, - "test_ASYNC_start_job_with_libctx() - restarting job failed\n"); + "test_ASYNC_start_job_ex() - restarting job failed\n"); goto err; } @@ -385,7 +385,7 @@ static int test_ASYNC_start_job_with_libctx(void) tmpctx = OPENSSL_CTX_set0_default(oldctx); if (tmpctx != libctx) { fprintf(stderr, - "test_ASYNC_start_job_with_libctx() failed - unexpected libctx\n"); + "test_ASYNC_start_job_ex() failed - unexpected libctx\n"); goto err; } @@ -393,7 +393,7 @@ static int test_ASYNC_start_job_with_libctx(void) != ASYNC_FINISH || funcret != 1) { fprintf(stderr, - "test_ASYNC_start_job_with_libctx() - finishing job failed\n"); + "test_ASYNC_start_job_ex() - finishing job failed\n"); goto err; } @@ -402,7 +402,7 @@ static int test_ASYNC_start_job_with_libctx(void) OPENSSL_CTX_set0_default(tmpctx); if (tmpctx != globalctx) { fprintf(stderr, - "test_ASYNC_start_job_with_libctx() failed - global libctx check failed\n"); + "test_ASYNC_start_job_ex() failed - global libctx check failed\n"); goto err; } @@ -425,7 +425,7 @@ int main(int argc, char **argv) || !test_ASYNC_get_current_job() || !test_ASYNC_WAIT_CTX_get_all_fds() || !test_ASYNC_block_pause() - || !test_ASYNC_start_job_with_libctx()) { + || !test_ASYNC_start_job_ex()) { return 1; } } diff --git a/test/cmp_msg_test.c b/test/cmp_msg_test.c index 3a0db7ece3..6f3b931eaa 100644 --- a/test/cmp_msg_test.c +++ b/test/cmp_msg_test.c @@ -34,7 +34,7 @@ static OPENSSL_CTX *libctx = NULL; static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; /* TODO(3.0) Clean this up - See issue #12680 */ -static X509 *X509_dup_with_libctx(const X509 *cert) +static X509 *X509_dup_ex(const X509 *cert) { X509 *dup = X509_dup(cert); @@ -296,7 +296,7 @@ static int test_cmp_create_certconf(void) fixture->fail_info = 0; fixture->expected = 1; if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx, - X509_dup_with_libctx(cert)))) { + X509_dup_ex(cert)))) { tear_down(fixture); fixture = NULL; } @@ -310,7 +310,7 @@ static int test_cmp_create_certconf_badAlg(void) fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_badAlg; fixture->expected = 1; if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx, - X509_dup_with_libctx(cert)))) { + X509_dup_ex(cert)))) { tear_down(fixture); fixture = NULL; } @@ -324,7 +324,7 @@ static int test_cmp_create_certconf_fail_info_max(void) fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_MAX; fixture->expected = 1; if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx, - X509_dup_with_libctx(cert)))) { + X509_dup_ex(cert)))) { tear_down(fixture); fixture = NULL; } @@ -405,7 +405,7 @@ static int execute_certrep_create(CMP_MSG_TEST_FIXTURE *fixture) cresp->certifiedKeyPair->certOrEncCert->type = OSSL_CMP_CERTORENCCERT_CERTIFICATE; if ((cresp->certifiedKeyPair->certOrEncCert->value.certificate = - X509_dup_with_libctx(cert)) == NULL + X509_dup_ex(cert)) == NULL || !sk_OSSL_CMP_CERTRESPONSE_push(crepmsg->response, cresp)) goto err; cresp = NULL; diff --git a/test/cmp_testlib.c b/test/cmp_testlib.c index 7a8570afeb..ee6f91a951 100644 --- a/test/cmp_testlib.c +++ b/test/cmp_testlib.c @@ -35,7 +35,7 @@ X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx) if (!TEST_ptr(bio = BIO_new(BIO_s_file()))) return NULL; if (TEST_int_gt(BIO_read_filename(bio, file), 0) - && TEST_ptr(cert = X509_new_with_libctx(libctx, NULL))) + && TEST_ptr(cert = X509_new_ex(libctx, NULL))) (void)TEST_ptr(cert = PEM_read_bio_X509(bio, &cert, NULL, NULL)); BIO_free(bio); diff --git a/test/cmp_testlib.h b/test/cmp_testlib.h index e8ae7a1834..e6b37a6e3d 100644 --- a/test/cmp_testlib.h +++ b/test/cmp_testlib.h @@ -15,7 +15,7 @@ # include # include # include -# include "crypto/x509.h" /* for x509_set0_libctx() and x509_dup_with_libctx() */ +# include "crypto/x509.h" /* for x509_set0_libctx() and x509_dup_ex() */ # include "../crypto/cmp/cmp_local.h" diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 1cc4f94941..872b9d5313 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -1189,7 +1189,7 @@ static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx) inlen = strlen(keys[tst].pub); in = (unsigned char *)keys[tst].pub; if (uselibctx) { - pkey = EVP_PKEY_new_raw_public_key_with_libctx( + pkey = EVP_PKEY_new_raw_public_key_ex( testctx, OBJ_nid2sn(keys[tst].type), NULL, @@ -1205,7 +1205,7 @@ static int test_set_get_raw_keys_int(int tst, int pub, int uselibctx) inlen = strlen(keys[tst].priv); in = (unsigned char *)keys[tst].priv; if (uselibctx) { - pkey = EVP_PKEY_new_raw_private_key_with_libctx( + pkey = EVP_PKEY_new_raw_private_key_ex( testctx, OBJ_nid2sn(keys[tst].type), NULL, in, @@ -1605,9 +1605,8 @@ static int test_EVP_PKEY_CTX_get_set_params(EVP_PKEY *pkey) */ mdctx = EVP_MD_CTX_new(); if (!TEST_ptr(mdctx) - || !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL, - "SHA1", NULL, NULL, - pkey))) + || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, NULL, + pkey))) goto err; /* diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c index 4325cc272f..50d463680a 100644 --- a/test/evp_libctx_test.c +++ b/test/evp_libctx_test.c @@ -279,7 +279,7 @@ static int dhx_cert_load(void) }; if (!TEST_ptr(bio = BIO_new_mem_buf(dhx_cert, sizeof(dhx_cert))) - || !TEST_ptr(cert = X509_new_with_libctx(libctx, NULL)) + || !TEST_ptr(cert = X509_new_ex(libctx, NULL)) || !TEST_ptr(d2i_X509_bio(bio, &cert))) goto err; ret = 1; diff --git a/test/evp_test.c b/test/evp_test.c index a146f4726f..d7e40f214e 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -1160,15 +1160,12 @@ static int mac_test_run_pkey(EVP_TEST *t) t->err = "MAC_KEY_CREATE_ERROR"; goto err; } - key = EVP_PKEY_new_CMAC_key_with_libctx(expected->key, - expected->key_len, - EVP_CIPHER_name(cipher), - libctx, NULL); + key = EVP_PKEY_new_CMAC_key_ex(expected->key, expected->key_len, + EVP_CIPHER_name(cipher), libctx, NULL); } else { - key = EVP_PKEY_new_raw_private_key_with_libctx(libctx, - OBJ_nid2sn(expected->type), - NULL, expected->key, - expected->key_len); + key = EVP_PKEY_new_raw_private_key_ex(libctx, + OBJ_nid2sn(expected->type), NULL, + expected->key, expected->key_len); } if (key == NULL) { t->err = "MAC_KEY_CREATE_ERROR"; @@ -1188,7 +1185,7 @@ static int mac_test_run_pkey(EVP_TEST *t) t->err = "INTERNAL_ERROR"; goto err; } - if (!EVP_DigestSignInit_with_libctx(mctx, &pctx, mdname, libctx, NULL, key)) { + if (!EVP_DigestSignInit_ex(mctx, &pctx, mdname, libctx, NULL, key)) { t->err = "DIGESTSIGNINIT_ERROR"; goto err; } @@ -2895,13 +2892,13 @@ static int digestsigver_test_parse(EVP_TEST *t, return 1; } if (mdata->is_verify) { - if (!EVP_DigestVerifyInit_with_libctx(mdata->ctx, &mdata->pctx, - name, libctx, NULL, pkey)) + if (!EVP_DigestVerifyInit_ex(mdata->ctx, &mdata->pctx, name, libctx, + NULL, pkey)) t->err = "DIGESTVERIFYINIT_ERROR"; return 1; } - if (!EVP_DigestSignInit_with_libctx(mdata->ctx, &mdata->pctx, - name, libctx, NULL, pkey)) + if (!EVP_DigestSignInit_ex(mdata->ctx, &mdata->pctx, name, libctx, NULL, + pkey)) t->err = "DIGESTSIGNINIT_ERROR"; return 1; } @@ -3415,11 +3412,11 @@ start: return 0; } if (klist == &private_keys) - pkey = EVP_PKEY_new_raw_private_key_with_libctx(libctx, strnid, NULL, - keybin, keylen); + pkey = EVP_PKEY_new_raw_private_key_ex(libctx, strnid, NULL, keybin, + keylen); else - pkey = EVP_PKEY_new_raw_public_key_with_libctx(libctx, strnid, NULL, - keybin, keylen); + pkey = EVP_PKEY_new_raw_public_key_ex(libctx, strnid, NULL, keybin, + keylen); if (pkey == NULL && !key_unsupported()) { TEST_info("Can't read %s data", pp->key); OPENSSL_free(keybin); diff --git a/test/ossl_store_test.c b/test/ossl_store_test.c index 2ce7d51877..c00e5fd1fb 100644 --- a/test/ossl_store_test.c +++ b/test/ossl_store_test.c @@ -29,9 +29,8 @@ static int test_store_open(void) ret = TEST_ptr(search = OSSL_STORE_SEARCH_by_alias("nothing")) && TEST_ptr(ui_method= UI_create_method("DummyUI")) - && TEST_ptr(sctx = OSSL_STORE_open_with_libctx(infile, NULL, NULL, - ui_method, NULL, - NULL, NULL)) + && TEST_ptr(sctx = OSSL_STORE_open_ex(infile, NULL, NULL, ui_method, + NULL, NULL, NULL)) && TEST_false(OSSL_STORE_find(sctx, NULL)) && TEST_true(OSSL_STORE_find(sctx, search)); UI_destroy_method(ui_method); diff --git a/test/ssl_test.c b/test/ssl_test.c index 1fbe938309..4b7e26b4c1 100644 --- a/test/ssl_test.c +++ b/test/ssl_test.c @@ -408,26 +408,25 @@ static int test_handshake(int idx) #ifndef OPENSSL_NO_DTLS if (test_ctx->method == SSL_TEST_METHOD_DTLS) { - server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_server_method()); + server_ctx = SSL_CTX_new_ex(libctx, NULL, DTLS_server_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0))) goto err; if (test_ctx->extra.server.servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { if (!TEST_ptr(server2_ctx = - SSL_CTX_new_with_libctx(libctx, NULL, - DTLS_server_method()))) + SSL_CTX_new_ex(libctx, NULL, DTLS_server_method()))) goto err; } - client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_client_method()); + client_ctx = SSL_CTX_new_ex(libctx, NULL, DTLS_client_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0))) goto err; if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { - resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, - DTLS_server_method()); + resume_server_ctx = SSL_CTX_new_ex(libctx, NULL, + DTLS_server_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0))) goto err; - resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, - DTLS_client_method()); + resume_client_ctx = SSL_CTX_new_ex(libctx, NULL, + DTLS_client_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0))) goto err; if (!TEST_ptr(resume_server_ctx) @@ -437,30 +436,29 @@ static int test_handshake(int idx) } #endif if (test_ctx->method == SSL_TEST_METHOD_TLS) { - server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_server_method()); + server_ctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0))) goto err; /* SNI on resumption isn't supported/tested yet. */ if (test_ctx->extra.server.servername_callback != SSL_TEST_SERVERNAME_CB_NONE) { if (!TEST_ptr(server2_ctx = - SSL_CTX_new_with_libctx(libctx, NULL, - TLS_server_method()))) + SSL_CTX_new_ex(libctx, NULL, TLS_server_method()))) goto err; if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0))) goto err; } - client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_client_method()); + client_ctx = SSL_CTX_new_ex(libctx, NULL, TLS_client_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0))) goto err; if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) { - resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, - TLS_server_method()); + resume_server_ctx = SSL_CTX_new_ex(libctx, NULL, + TLS_server_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0))) goto err; - resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, - TLS_client_method()); + resume_client_ctx = SSL_CTX_new_ex(libctx, NULL, + TLS_client_method()); if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0))) goto err; if (!TEST_ptr(resume_server_ctx) diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c index f440601799..7721b17646 100644 --- a/test/ssl_test_ctx.c +++ b/test/ssl_test_ctx.c @@ -613,7 +613,7 @@ __owur static int parse_expected_ca_names(STACK_OF(X509_NAME) **pnames, if (!strcmp(value, "empty")) *pnames = sk_X509_NAME_new_null(); else - *pnames = SSL_load_client_CA_file_with_libctx(value, libctx, NULL); + *pnames = SSL_load_client_CA_file_ex(value, libctx, NULL); return *pnames != NULL; } __owur static int parse_expected_server_ca_names(SSL_TEST_CTX *test_ctx, diff --git a/test/sslapitest.c b/test/sslapitest.c index 75d3c6fbfc..4331f41549 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -797,7 +797,7 @@ static int execute_test_large_message(const SSL_METHOD *smeth, if (!TEST_ptr(certbio = BIO_new_file(cert, "r"))) goto end; - if (!TEST_ptr(chaincert = X509_new_with_libctx(libctx, NULL))) + if (!TEST_ptr(chaincert = X509_new_ex(libctx, NULL))) goto end; if (PEM_read_bio_X509(certbio, &chaincert, NULL, NULL) == NULL) @@ -1546,7 +1546,7 @@ static int test_tlsext_status_type(void) if (!TEST_ptr(certbio = BIO_new_file(cert, "r")) || !TEST_ptr(id = OCSP_RESPID_new()) || !TEST_ptr(ids = sk_OCSP_RESPID_new_null()) - || !TEST_ptr(ocspcert = X509_new_with_libctx(libctx, NULL)) + || !TEST_ptr(ocspcert = X509_new_ex(libctx, NULL)) || !TEST_ptr(PEM_read_bio_X509(certbio, &ocspcert, NULL, NULL)) || !TEST_true(OCSP_RESPID_set_by_key_ex(id, ocspcert, libctx, NULL)) || !TEST_true(sk_OCSP_RESPID_push(ids, id))) @@ -2568,7 +2568,7 @@ static int execute_test_ssl_bio(int pop_ssl, bio_change_t change_bio) SSL *ssl = NULL; int testresult = 0; - if (!TEST_ptr(ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_method())) + if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method())) || !TEST_ptr(ssl = SSL_new(ctx)) || !TEST_ptr(sslbio = BIO_new(BIO_f_ssl())) || !TEST_ptr(membio1 = BIO_new(BIO_s_mem()))) @@ -5279,7 +5279,7 @@ static int test_serverinfo(int tst) int ret, expected, testresult = 0; SSL_CTX *ctx; - ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_method()); + ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method()); if (!TEST_ptr(ctx)) goto end; @@ -5834,7 +5834,7 @@ static int test_max_fragment_len_ext(int idx_tst) int testresult = 0, MFL_mode = 0; BIO *rbio, *wbio; - ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_method()); + ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method()); if (!TEST_ptr(ctx)) goto end; @@ -6578,11 +6578,11 @@ static int int_test_ssl_get_shared_ciphers(int tst, int clnt) * having the full set of ciphersuites and once with the server side. */ if (clnt) { - cctx = SSL_CTX_new_with_libctx(tmplibctx, NULL, TLS_client_method()); + cctx = SSL_CTX_new_ex(tmplibctx, NULL, TLS_client_method()); if (!TEST_ptr(cctx)) goto end; } else { - sctx = SSL_CTX_new_with_libctx(tmplibctx, NULL, TLS_server_method()); + sctx = SSL_CTX_new_ex(tmplibctx, NULL, TLS_server_method()); if (!TEST_ptr(sctx)) goto end; } @@ -7188,7 +7188,7 @@ static int cert_cb(SSL *s, void *arg) goto out; if (!TEST_ptr(in = BIO_new(BIO_s_file())) || !TEST_int_ge(BIO_read_filename(in, rootfile), 0) - || !TEST_ptr(rootx = X509_new_with_libctx(libctx, NULL)) + || !TEST_ptr(rootx = X509_new_ex(libctx, NULL)) || !TEST_ptr(PEM_read_bio_X509(in, &rootx, NULL, NULL)) || !TEST_true(sk_X509_push(chain, rootx))) goto out; @@ -7196,7 +7196,7 @@ static int cert_cb(SSL *s, void *arg) BIO_free(in); if (!TEST_ptr(in = BIO_new(BIO_s_file())) || !TEST_int_ge(BIO_read_filename(in, ecdsacert), 0) - || !TEST_ptr(x509 = X509_new_with_libctx(libctx, NULL)) + || !TEST_ptr(x509 = X509_new_ex(libctx, NULL)) || !TEST_ptr(PEM_read_bio_X509(in, &x509, NULL, NULL))) goto out; BIO_free(in); @@ -7346,7 +7346,7 @@ static int client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey) if (!TEST_ptr(in)) return 0; - if (!TEST_ptr(xcert = X509_new_with_libctx(libctx, NULL)) + if (!TEST_ptr(xcert = X509_new_ex(libctx, NULL)) || !TEST_ptr(PEM_read_bio_X509(in, &xcert, NULL, NULL)) || !TEST_ptr(priv_in = BIO_new_file(privkey, "r")) || !TEST_ptr(privpkey = PEM_read_bio_PrivateKey_ex(priv_in, NULL, @@ -7865,8 +7865,8 @@ static int test_sigalgs_available(int idx) serverctx = tmpctx; } - cctx = SSL_CTX_new_with_libctx(clientctx, NULL, TLS_client_method()); - sctx = SSL_CTX_new_with_libctx(serverctx, NULL, TLS_server_method()); + cctx = SSL_CTX_new_ex(clientctx, NULL, TLS_client_method()); + sctx = SSL_CTX_new_ex(serverctx, NULL, TLS_server_method()); if (!TEST_ptr(cctx) || !TEST_ptr(sctx)) goto end; diff --git a/test/ssltest_old.c b/test/ssltest_old.c index d1733912bc..875e6eac13 100644 --- a/test/ssltest_old.c +++ b/test/ssltest_old.c @@ -1380,9 +1380,9 @@ int main(int argc, char *argv[]) goto end; } - c_ctx = SSL_CTX_new_with_libctx(libctx, NULL, meth); - s_ctx = SSL_CTX_new_with_libctx(libctx, NULL, meth); - s_ctx2 = SSL_CTX_new_with_libctx(libctx, NULL, meth); /* no SSL_CTX_dup! */ + c_ctx = SSL_CTX_new_ex(libctx, NULL, meth); + s_ctx = SSL_CTX_new_ex(libctx, NULL, meth); + s_ctx2 = SSL_CTX_new_ex(libctx, NULL, meth); /* no SSL_CTX_dup! */ if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) { ERR_print_errors(bio_err); goto end; diff --git a/test/ssltestlib.c b/test/ssltestlib.c index 96c1a7f2de..b2baa9fa43 100644 --- a/test/ssltestlib.c +++ b/test/ssltestlib.c @@ -695,13 +695,13 @@ const SSL_METHOD *cm, if (*sctx != NULL) serverctx = *sctx; - else if (!TEST_ptr(serverctx = SSL_CTX_new_with_libctx(libctx, NULL, sm))) + else if (!TEST_ptr(serverctx = SSL_CTX_new_ex(libctx, NULL, sm))) goto err; if (cctx != NULL) { if (*cctx != NULL) clientctx = *cctx; - else if (!TEST_ptr(clientctx = SSL_CTX_new_with_libctx(libctx, NULL, cm))) + else if (!TEST_ptr(clientctx = SSL_CTX_new_ex(libctx, NULL, cm))) goto err; } diff --git a/util/libcrypto.num b/util/libcrypto.num index 7a0965ba72..8e21348e3a 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4910,8 +4910,8 @@ PKCS8_pkey_add1_attr_by_OBJ ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_private_check ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_pairwise_check ? 3_0_0 EXIST::FUNCTION: ASN1_item_verify_ctx ? 3_0_0 EXIST::FUNCTION: -ASN1_item_sign_with_libctx ? 3_0_0 EXIST::FUNCTION: -ASN1_item_verify_with_libctx ? 3_0_0 EXIST::FUNCTION: +ASN1_item_sign_ex ? 3_0_0 EXIST::FUNCTION: +ASN1_item_verify_ex ? 3_0_0 EXIST::FUNCTION: BIO_socket_wait ? 3_0_0 EXIST::FUNCTION:SOCK BIO_wait ? 3_0_0 EXIST::FUNCTION: BIO_do_connect_retry ? 3_0_0 EXIST::FUNCTION: @@ -4987,8 +4987,8 @@ EVP_PKEY_CTX_set_rsa_keygen_bits ? 3_0_0 EXIST::FUNCTION:RSA EVP_PKEY_CTX_set_rsa_keygen_pubexp ? 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0,RSA EVP_PKEY_CTX_set1_rsa_keygen_pubexp ? 3_0_0 EXIST::FUNCTION:RSA EVP_PKEY_CTX_set_rsa_keygen_primes ? 3_0_0 EXIST::FUNCTION:RSA -NCONF_new_with_libctx ? 3_0_0 EXIST::FUNCTION: -CONF_modules_load_file_with_libctx ? 3_0_0 EXIST::FUNCTION: +NCONF_new_ex ? 3_0_0 EXIST::FUNCTION: +CONF_modules_load_file_ex ? 3_0_0 EXIST::FUNCTION: OPENSSL_CTX_load_config ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_to_param ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_free_params ? 3_0_0 EXIST::FUNCTION: @@ -5029,11 +5029,11 @@ EVP_PKEY_get_octet_string_param ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_is_a ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_can_sign ? 3_0_0 EXIST::FUNCTION: evp_pkey_get_EC_KEY_curve_nid ? 3_0_0 EXIST::FUNCTION:EC -X509_STORE_CTX_new_with_libctx ? 3_0_0 EXIST::FUNCTION: -CT_POLICY_EVAL_CTX_new_with_libctx ? 3_0_0 EXIST::FUNCTION:CT -CTLOG_new_with_libctx ? 3_0_0 EXIST::FUNCTION:CT -CTLOG_new_from_base64_with_libctx ? 3_0_0 EXIST::FUNCTION:CT -CTLOG_STORE_new_with_libctx ? 3_0_0 EXIST::FUNCTION:CT +X509_STORE_CTX_new_ex ? 3_0_0 EXIST::FUNCTION: +CT_POLICY_EVAL_CTX_new_ex ? 3_0_0 EXIST::FUNCTION:CT +CTLOG_new_ex ? 3_0_0 EXIST::FUNCTION:CT +CTLOG_new_from_base64_ex ? 3_0_0 EXIST::FUNCTION:CT +CTLOG_STORE_new_ex ? 3_0_0 EXIST::FUNCTION:CT EVP_PKEY_set_ex_data ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_get_ex_data ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set_group_name ? 3_0_0 EXIST::FUNCTION: @@ -5101,8 +5101,8 @@ EVP_RAND_strength ? 3_0_0 EXIST::FUNCTION: EVP_RAND_state ? 3_0_0 EXIST::FUNCTION: EVP_default_properties_is_fips_enabled ? 3_0_0 EXIST::FUNCTION: EVP_default_properties_enable_fips ? 3_0_0 EXIST::FUNCTION: -EVP_PKEY_new_raw_private_key_with_libctx ? 3_0_0 EXIST::FUNCTION: -EVP_PKEY_new_raw_public_key_with_libctx ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_new_raw_private_key_ex ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_new_raw_public_key_ex ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_time_t ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_construct_time_t ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_get_time_t ? 3_0_0 EXIST::FUNCTION: @@ -5120,23 +5120,23 @@ EVP_PKEY_parameters_eq ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_query_operation ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_get0_provider_ctx ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_get_capabilities ? 3_0_0 EXIST::FUNCTION: -EC_GROUP_new_by_curve_name_with_libctx ? 3_0_0 EXIST::FUNCTION:EC -EC_KEY_new_with_libctx ? 3_0_0 EXIST::FUNCTION:EC -EC_KEY_new_by_curve_name_with_libctx ? 3_0_0 EXIST::FUNCTION:EC +EC_GROUP_new_by_curve_name_ex ? 3_0_0 EXIST::FUNCTION:EC +EC_KEY_new_ex ? 3_0_0 EXIST::FUNCTION:EC +EC_KEY_new_by_curve_name_ex ? 3_0_0 EXIST::FUNCTION:EC OPENSSL_CTX_set0_default ? 3_0_0 EXIST::FUNCTION: -PEM_X509_INFO_read_bio_with_libctx ? 3_0_0 EXIST::FUNCTION: -PEM_X509_INFO_read_with_libctx ? 3_0_0 EXIST::FUNCTION:STDIO -X509_REQ_verify_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_new_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_LOOKUP_ctrl_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_load_cert_file_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_load_cert_crl_file_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_LOOKUP_by_subject_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_STORE_load_file_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_STORE_load_store_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_STORE_load_locations_with_libctx ? 3_0_0 EXIST::FUNCTION: -X509_STORE_set_default_paths_with_libctx ? 3_0_0 EXIST::FUNCTION: -OSSL_STORE_open_with_libctx ? 3_0_0 EXIST::FUNCTION: +PEM_X509_INFO_read_bio_ex ? 3_0_0 EXIST::FUNCTION: +PEM_X509_INFO_read_ex ? 3_0_0 EXIST::FUNCTION:STDIO +X509_REQ_verify_ex ? 3_0_0 EXIST::FUNCTION: +X509_new_ex ? 3_0_0 EXIST::FUNCTION: +X509_LOOKUP_ctrl_ex ? 3_0_0 EXIST::FUNCTION: +X509_load_cert_file_ex ? 3_0_0 EXIST::FUNCTION: +X509_load_cert_crl_file_ex ? 3_0_0 EXIST::FUNCTION: +X509_LOOKUP_by_subject_ex ? 3_0_0 EXIST::FUNCTION: +X509_STORE_load_file_ex ? 3_0_0 EXIST::FUNCTION: +X509_STORE_load_store_ex ? 3_0_0 EXIST::FUNCTION: +X509_STORE_load_locations_ex ? 3_0_0 EXIST::FUNCTION: +X509_STORE_set_default_paths_ex ? 3_0_0 EXIST::FUNCTION: +OSSL_STORE_open_ex ? 3_0_0 EXIST::FUNCTION: OSSL_DECODER_fetch ? 3_0_0 EXIST::FUNCTION: OSSL_DECODER_up_ref ? 3_0_0 EXIST::FUNCTION: OSSL_DECODER_free ? 3_0_0 EXIST::FUNCTION: @@ -5181,24 +5181,24 @@ PKCS12_SAFEBAG_create_secret ? 3_0_0 EXIST::FUNCTION: PKCS12_add1_attr_by_NID ? 3_0_0 EXIST::FUNCTION: PKCS12_add1_attr_by_txt ? 3_0_0 EXIST::FUNCTION: PKCS12_add_secret ? 3_0_0 EXIST::FUNCTION: -SMIME_write_ASN1_with_libctx ? 3_0_0 EXIST::FUNCTION: +SMIME_write_ASN1_ex ? 3_0_0 EXIST::FUNCTION: SMIME_read_ASN1_ex ? 3_0_0 EXIST::FUNCTION: -CMS_ContentInfo_new_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS +CMS_ContentInfo_new_ex ? 3_0_0 EXIST::FUNCTION:CMS SMIME_read_CMS_ex ? 3_0_0 EXIST::FUNCTION:CMS -CMS_sign_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS -CMS_data_create_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS -CMS_digest_create_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS -CMS_EncryptedData_encrypt_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS -CMS_encrypt_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS -CMS_EnvelopedData_create_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS -CMS_ReceiptRequest_create0_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS -EVP_SignFinal_with_libctx ? 3_0_0 EXIST::FUNCTION: -EVP_VerifyFinal_with_libctx ? 3_0_0 EXIST::FUNCTION: -EVP_DigestSignInit_with_libctx ? 3_0_0 EXIST::FUNCTION: -EVP_DigestVerifyInit_with_libctx ? 3_0_0 EXIST::FUNCTION: -PKCS7_new_with_libctx ? 3_0_0 EXIST::FUNCTION: -PKCS7_sign_with_libctx ? 3_0_0 EXIST::FUNCTION: -PKCS7_encrypt_with_libctx ? 3_0_0 EXIST::FUNCTION: +CMS_sign_ex ? 3_0_0 EXIST::FUNCTION:CMS +CMS_data_create_ex ? 3_0_0 EXIST::FUNCTION:CMS +CMS_digest_create_ex ? 3_0_0 EXIST::FUNCTION:CMS +CMS_EncryptedData_encrypt_ex ? 3_0_0 EXIST::FUNCTION:CMS +CMS_encrypt_ex ? 3_0_0 EXIST::FUNCTION:CMS +CMS_EnvelopedData_create_ex ? 3_0_0 EXIST::FUNCTION:CMS +CMS_ReceiptRequest_create0_ex ? 3_0_0 EXIST::FUNCTION:CMS +EVP_SignFinal_ex ? 3_0_0 EXIST::FUNCTION: +EVP_VerifyFinal_ex ? 3_0_0 EXIST::FUNCTION: +EVP_DigestSignInit_ex ? 3_0_0 EXIST::FUNCTION: +EVP_DigestVerifyInit_ex ? 3_0_0 EXIST::FUNCTION: +PKCS7_new_ex ? 3_0_0 EXIST::FUNCTION: +PKCS7_sign_ex ? 3_0_0 EXIST::FUNCTION: +PKCS7_encrypt_ex ? 3_0_0 EXIST::FUNCTION: SMIME_read_PKCS7_ex ? 3_0_0 EXIST::FUNCTION: OSSL_PROVIDER_self_test ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set_tls1_prf_md ? 3_0_0 EXIST::FUNCTION: @@ -5242,7 +5242,7 @@ PEM_read_bio_PUBKEY_ex ? 3_0_0 EXIST::FUNCTION: PEM_read_PUBKEY_ex ? 3_0_0 EXIST::FUNCTION:STDIO PEM_read_bio_Parameters_ex ? 3_0_0 EXIST::FUNCTION: EC_GROUP_new_from_params ? 3_0_0 EXIST::FUNCTION:EC -OSSL_STORE_LOADER_set_open_with_libctx ? 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 +OSSL_STORE_LOADER_set_open_ex ? 3_0_0 EXIST::FUNCTION:DEPRECATEDIN_3_0 OSSL_STORE_LOADER_fetch ? 3_0_0 EXIST::FUNCTION: OSSL_STORE_LOADER_up_ref ? 3_0_0 EXIST::FUNCTION: OSSL_STORE_LOADER_provider ? 3_0_0 EXIST::FUNCTION: @@ -5255,20 +5255,20 @@ OSSL_PARAM_get_utf8_string_ptr ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_get_octet_string_ptr ? 3_0_0 EXIST::FUNCTION: OSSL_DECODER_CTX_set_passphrase_cb ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_set_mac_key ? 3_0_0 EXIST::FUNCTION: -EVP_PKEY_new_CMAC_key_with_libctx ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_new_CMAC_key_ex ? 3_0_0 EXIST::FUNCTION: OSSL_STORE_INFO_new ? 3_0_0 EXIST::FUNCTION: OSSL_STORE_INFO_get0_data ? 3_0_0 EXIST::FUNCTION: ossl_do_blob_header ? 3_0_0 EXIST::FUNCTION:DSA ossl_do_PVK_header ? 3_0_0 EXIST::FUNCTION:DSA,RC4 asn1_d2i_read_bio ? 3_0_0 EXIST::FUNCTION: -EVP_PKCS82PKEY_with_libctx ? 3_0_0 EXIST::FUNCTION: +EVP_PKCS82PKEY_ex ? 3_0_0 EXIST::FUNCTION: ossl_b2i ? 3_0_0 EXIST::FUNCTION:DSA ossl_b2i_bio ? 3_0_0 EXIST::FUNCTION:DSA EVP_PKEY_CTX_set1_id ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get1_id ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get1_id_len ? 3_0_0 EXIST::FUNCTION: CMS_AuthEnvelopedData_create ? 3_0_0 EXIST::FUNCTION:CMS -CMS_AuthEnvelopedData_create_with_libctx ? 3_0_0 EXIST::FUNCTION:CMS +CMS_AuthEnvelopedData_create_ex ? 3_0_0 EXIST::FUNCTION:CMS EVP_PKEY_CTX_set_ec_param_enc ? 3_0_0 EXIST::FUNCTION:EC EVP_PKEY_get0_first_alg_name ? 3_0_0 EXIST::FUNCTION: EVP_KEYMGMT_get0_first_name ? 3_0_0 EXIST::FUNCTION: diff --git a/util/libssl.num b/util/libssl.num index 45ff6ed00a..193be1b7a1 100644 --- a/util/libssl.num +++ b/util/libssl.num @@ -512,8 +512,8 @@ SSL_CTX_load_verify_file ? 3_0_0 EXIST::FUNCTION: SSL_CTX_load_verify_dir ? 3_0_0 EXIST::FUNCTION: SSL_CTX_load_verify_store ? 3_0_0 EXIST::FUNCTION: SSL_CTX_set_tlsext_ticket_key_evp_cb ? 3_0_0 EXIST::FUNCTION: -SSL_CTX_new_with_libctx ? 3_0_0 EXIST::FUNCTION: +SSL_CTX_new_ex ? 3_0_0 EXIST::FUNCTION: SSL_new_session_ticket ? 3_0_0 EXIST::FUNCTION: SSL_get0_peer_certificate ? 3_0_0 EXIST::FUNCTION: SSL_get1_peer_certificate ? 3_0_0 EXIST::FUNCTION: -SSL_load_client_CA_file_with_libctx ? 3_0_0 EXIST::FUNCTION: +SSL_load_client_CA_file_ex ? 3_0_0 EXIST::FUNCTION: diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt index 783df1203f..481331e261 100644 --- a/util/missingcrypto.txt +++ b/util/missingcrypto.txt @@ -156,11 +156,11 @@ ASN1_item_pack(3) ASN1_item_print(3) ASN1_item_sign(3) ASN1_item_sign_ctx(3) -ASN1_item_sign_with_libctx(3) +ASN1_item_sign_ex(3) ASN1_item_unpack(3) ASN1_item_verify(3) ASN1_item_verify_ctx(3) -ASN1_item_verify_with_libctx(3) +ASN1_item_verify_ex(3) ASN1_mbstring_copy(3) ASN1_mbstring_ncopy(3) ASN1_object_size(3) @@ -673,7 +673,7 @@ EVP_PBE_find(3) EVP_PBE_get(3) EVP_PBE_scrypt(3) EVP_PKCS82PKEY(3) -EVP_PKCS82PKEY_with_libctx(3) +EVP_PKCS82PKEY_ex(3) EVP_PKEY2PKCS8(3) EVP_PKEY_CTX_get0_peerkey(3) EVP_PKEY_CTX_get0_pkey(3) diff --git a/util/other.syms b/util/other.syms index 395b475159..d4c552e298 100644 --- a/util/other.syms +++ b/util/other.syms @@ -68,7 +68,7 @@ OSSL_STORE_eof_fn datatype OSSL_STORE_error_fn datatype OSSL_STORE_load_fn datatype OSSL_STORE_open_fn datatype -OSSL_STORE_open_with_libctx_fn datatype +OSSL_STORE_open_ex_fn datatype OSSL_STORE_post_process_info_fn datatype OSSL_trace_cb datatype PROFESSION_INFO datatype @@ -580,11 +580,11 @@ X509_CRL_http_nbio define X509_http_nbio define X509_LOOKUP_add_dir define X509_LOOKUP_add_store define -X509_LOOKUP_add_store_with_libctx define +X509_LOOKUP_add_store_ex define X509_LOOKUP_load_file define -X509_LOOKUP_load_file_with_libctx define +X509_LOOKUP_load_file_ex define X509_LOOKUP_load_store define -X509_LOOKUP_load_store_with_libctx define +X509_LOOKUP_load_store_ex define X509_STORE_set_lookup_crls_cb define X509_STORE_set_verify_func define EVP_PKEY_CTX_set1_id define diff --git a/util/withlibctx.pl b/util/withlibctx.pl new file mode 100755 index 0000000000..a8fe22d689 --- /dev/null +++ b/util/withlibctx.pl @@ -0,0 +1,141 @@ +#! /usr/bin/env perl + +use strict; +use warnings; +use File::Temp qw/tempfile/; + +my $topdir = shift; + +processallfiles($topdir); +print "Success\n"; + +sub processallfiles { + my $dir = shift; + my @files = glob "$dir/*.c $dir/*.h $dir/*.h.in $dir/*.pod *dir/*.pod.in"; + + open (my $STDOUT_ORIG, '>&', STDOUT); + + foreach my $file (@files) { + my ($tmpfh, $tmpfile) = tempfile(); + + print "Processing $file\n"; + open(STDOUT, '>>', $tmpfile); + open(INFILE, $file); + processfile(\*INFILE); + close(STDOUT); + rename($tmpfile, $file); + unlink($tmpfile); + # restore STDOUT + open (STDOUT, '>&', $STDOUT_ORIG); + } + + #Recurse through subdirs + opendir my $dh, $dir or die "Cannot open directory"; + + while (defined(my $subdir = readdir $dh)) { + next unless -d "$dir/$subdir"; + next if (rindex $subdir, ".", 0) == 0; + processallfiles("$dir/$subdir"); + } + closedir $dh; +} + +sub processfile { + my $fh = shift; + my $multiline = 0; + my @params; + my $indent; + my $paramstr = ""; + + foreach my $line (<$fh>) { + chomp($line); + if (!$multiline) { + if ($line =~ /^(.+)_with_libctx\((.*[^\\])$/) { + my $preline = $1; + my $postline = $2; + #Strip trailing whitespace + $postline =~ s/\s+$//; + print $preline.'_ex('; + my @rets = extracttoclose($postline); + if (@rets) { + print "$postline\n"; + $multiline = 0; + } else { + $multiline = 1; + $paramstr = $postline; + $indent = (length $preline) + (length '_ex('); + } + } else { + #Any other reference to _with_libctx we just replace + $line =~ s/_with_libctx/_ex/g; + print $line."\n"; + } + } else { + #Strip leading whitespace + $line =~ s/^\s+//; + #Strip trailing whitespace + $line =~ s/\s+$//; + my @rets = extracttoclose($paramstr.$line); + if (@rets) { + my $pre = shift @rets; + my $post = shift @rets; + @params = split(",", $pre); + my @params = grep(s/^\s*|\s*$//g, @params); + formatparams($indent, @params); + print ')'.$post."\n"; + $multiline = 0; + } else { + $paramstr .= $line; + } + } + } + + die "End of multiline not found" if $multiline; +} + +sub formatparams { + my $indent = shift; + my @params = @_; + + if (@params) { + my $param = shift @params; + my $lensofar += $indent + (length $param) + 1; + + print "$param"; + print "," if @params; + + while (@params) { + my $param = shift @params; + + if (($lensofar + (length $param) + 2) > 80) { + print "\n".(" " x $indent); + print $param; + $lensofar = $indent + (length $param) + 1; + } else { + print ' '.$param; + $lensofar += (length $param) + 2; + } + print "," if @params; + } + } +} + +sub extracttoclose { + my $inline = shift; + my $outline = ""; + + while ($inline =~ /^([^\)]*?)\((.*)$/) { + my @rets = extracttoclose($2); + if (!@rets) { + return (); + } + my $inside = shift @rets; + my $post = shift @rets; + $outline .= $1.'('.$inside.')'; + $inline = $post; + } + if ($inline =~ /^(.*?)\)(.*)$/) { + return ($outline.$1, $2); + } + return (); +} From openssl at openssl.org Thu Oct 1 09:34:34 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 09:34:34 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1601544874.397869.15098.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 4087AAF84C7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 406716F0EA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 406716F0EA7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3588, 1399 wallclock secs (13.51 usr 1.30 sys + 1312.85 cusr 81.98 csys = 1409.64 CPU) Result: FAIL Makefile:3187: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3185: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 1 09:56:27 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 09:56:27 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1601546187.561991.2820.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.certout_kur2.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3588, 684 wallclock secs (13.61 usr 1.17 sys + 591.21 cusr 56.25 csys = 662.24 CPU) Result: FAIL Makefile:3201: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3199: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 1 11:02:48 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 01 Oct 2020 11:02:48 +0000 Subject: Still Failing: openssl/openssl#37848 (master - 746f367) In-Reply-To: Message-ID: <5f75b75bc2b9c_13fd58f0bad0c36234b@travis-pro-tasks-7488d696d9-db8p7.mail> Build Update for openssl/openssl ------------------------------------- Build: #37848 Status: Still Failing Duration: 1 hr, 33 mins, and 17 secs Commit: 746f367 (master) Author: Matt Caswell Message: Fix some things the rename script didn't quite get right The previous commit ran an automated rename throughout the codebase. There are a small number of things it didn't quite get right so we fix those in this commit. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12970) View the changeset: https://github.com/openssl/openssl/compare/012903063900...746f36748968 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187585775?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 11:51:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 11:51:51 +0000 Subject: Build failed: openssl master.37312 Message-ID: <20201001115151.1.95502A783097FEBA@appveyor.com> An HTML attachment was scrubbed... URL: From dev at ddvo.net Thu Oct 1 12:13:34 2020 From: dev at ddvo.net (dev at ddvo.net) Date: Thu, 01 Oct 2020 12:13:34 +0000 Subject: [openssl] master update Message-ID: <1601554414.363026.1413.nullmailer@dev.openssl.org> The branch master has been updated via 7d80985e178d77226392f9c35c36f3f885b884d7 (commit) from 746f3674896845460946ace7e963e52b547fbf35 (commit) - Log ----------------------------------------------------------------- commit 7d80985e178d77226392f9c35c36f3f885b884d7 Author: Dr. David von Oheimb Date: Mon Sep 28 10:31:46 2020 +0200 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 Was detected via test_req_distinguishing_id() with config having no-ec but not no-sm2 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13021) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x_req.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/crypto/x509/x_req.c b/crypto/x509/x_req.c index 21215b4778..e821ffdb78 100644 --- a/crypto/x509/x_req.c +++ b/crypto/x509/x_req.c @@ -48,7 +48,6 @@ static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, static int req_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg) { -#ifndef OPENSSL_NO_SM2 X509_REQ *ret = (X509_REQ *)*pval; switch (operation) { @@ -63,7 +62,6 @@ static int req_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, ASN1_OCTET_STRING_free(ret->distinguishing_id); break; } -#endif return 1; } From openssl at openssl.org Thu Oct 1 12:21:32 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 12:21:32 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1601554892.169546.16772.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:477 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3585, 560 wallclock secs (11.17 usr 1.09 sys + 508.36 cusr 51.60 csys = 572.22 CPU) Result: FAIL Makefile:3174: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3172: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 1 13:01:10 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 13:01:10 +0000 Subject: Build completed: openssl master.37313 Message-ID: <20201001130110.1.8F2A3B9338D855D9@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Thu Oct 1 13:43:41 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 01 Oct 2020 13:43:41 +0000 Subject: [web] master update Message-ID: <1601559821.481884.19958.nullmailer@dev.openssl.org> The branch master has been updated via b4cd56044d440553a1fe8273faac204d26be97ff (commit) via c60f518bfb9aeb8bb8ed6ebc5338022139d1bb12 (commit) from 5fdc4406e53ff3af0a5e5c4db55a9565fcd29015 (commit) - Log ----------------------------------------------------------------- commit b4cd56044d440553a1fe8273faac204d26be97ff Author: Dr. Matthias St. Pierre Date: Tue Sep 29 22:56:43 2020 +0200 otc-policies: Add 'Voting Procedure' section Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/web/pull/198) commit c60f518bfb9aeb8bb8ed6ebc5338022139d1bb12 Author: Dr. Matthias St. Pierre Date: Tue Sep 29 22:46:41 2020 +0200 otc-policies: Add an 'OpenSSL Technical Polices' page This document lists the technical policies and procedures established by the OTC based on the project bylaws and the requirements specified by the OMC. ----------------------------------------------------------------------- Summary of changes: policies/index.html | 7 +++++ policies/omc-bylaws.html | 6 ++-- policies/otc-policies.html | 68 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 78 insertions(+), 3 deletions(-) create mode 100644 policies/otc-policies.html diff --git a/policies/index.html b/policies/index.html index 71607df..3de5fc5 100644 --- a/policies/index.html +++ b/policies/index.html @@ -61,6 +61,13 @@ Signing one of our CLA's grants certain rights to OSF.

+

+ The technical aspects of the OpenSSL project are managed by the + OpenSSL Technical Committee (OTC) which establishes and maintains + the technical policies based on the + project bylaws and the requirements specified by the OMC. +

+

We are pleased to mention that we follow the diff --git a/policies/omc-bylaws.html b/policies/omc-bylaws.html index 88704a8..c351999 100644 --- a/policies/omc-bylaws.html +++ b/policies/omc-bylaws.html @@ -152,7 +152,7 @@ to vote on and participate in discussions. They retain access to OMC internal resources.

-

OMC Voting Procedures

+

OMC Voting Procedures

A vote to change these bylaws will pass if it obtains an in favour vote by more than two thirds of the active OMC members and less than @@ -262,7 +262,7 @@ to vote on and participate in discussions. They retain access to OTC internal resources.

-

OTC Voting Procedures

+

OTC Voting Procedures

A vote will pass if it has had a vote registered from a majority of active OTC members and has had more votes registered in @@ -294,7 +294,7 @@

All votes and their outcomes should be recorded and available to all OTC and OMC members.

-

OTC Transparency

+

OTC Transparency

The majority of the activity of the OTC will take place in public. Non-public discussions or votes shall only occur for issues such as: diff --git a/policies/otc-policies.html b/policies/otc-policies.html new file mode 100644 index 0000000..b773882 --- /dev/null +++ b/policies/otc-policies.html @@ -0,0 +1,68 @@ + + + + + + + +

+
+
+
+
+

OpenSSL Technical Policies

+
+ First issued 30th September 2020
+ Last modified 30th September 2020 +
+
+ +
+ +

This document lists the technical policies and procedures established + by the OTC in accordance with the project bylaws + and the requirements specified by the OMC.

+ +

Voting Procedure

+ + The following regulations complement the + OTC Voting Procedures + stated in the project bylaws: + +

The proposer of a vote is ultimately responsible for updating the + votes.txt + file in the OTC Git repository. + Outside of a face to face meeting, voters MUST reply to the vote email indicating + their preference and optionally their reasoning. Voters MAY update the votes.txt + file in addition.

+ +

The proposed vote text SHOULD be raised for discussion before calling the vote.

+ +

Public votes MUST be called on the project list, not the OTC list and the + subject MUST begin with ?VOTE:?. Private votes MUST be called on the + OTC list with ?PRIVATE VOTE:? beginning subject.

+ +

Update History

+
    +
  • 30-September-2020. + Initial revision.
    • +
+ +
+ +
+
+ +
+
+ + + + + + From builds at travis-ci.com Thu Oct 1 14:19:21 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 01 Oct 2020 14:19:21 +0000 Subject: Still Failing: openssl/openssl#37851 (master - 7d80985) In-Reply-To: Message-ID: <5f75e568d01fa_13fd57ae285bc443267@travis-pro-tasks-9446dcd88-p4kgp.mail> Build Update for openssl/openssl ------------------------------------- Build: #37851 Status: Still Failing Duration: 1 hr, 26 mins, and 15 secs Commit: 7d80985 (master) Author: Dr. David von Oheimb Message: Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 Was detected via test_req_distinguishing_id() with config having no-ec but not no-sm2 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13021) View the changeset: https://github.com/openssl/openssl/compare/746f36748968...7d80985e178d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187611298?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 1 14:48:47 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 14:48:47 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1601563727.235813.22237.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070099C997F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070099C997F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070099C997F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/Gtg4H1iEAY default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0C0A0F8147F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0C0A0F8147F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0C0A0F8147F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0C0A0F8147F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0C0A0F8147F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0C0A0F8147F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/Gtg4H1iEAY fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3587, 677 wallclock secs (13.20 usr 1.29 sys + 618.26 cusr 56.18 csys = 688.93 CPU) Result: FAIL Makefile:3176: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3174: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 1 16:50:49 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 16:50:49 +0000 Subject: Build failed: openssl master.37315 Message-ID: <20201001165049.1.87EF85123566C81B@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 1 16:55:18 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 16:55:18 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1601571318.925288.11559.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C020A5C4337F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C020A5C4337F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C020A5C4337F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/rpZJ6k_GK5 default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0900F246C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0900F246C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0900F246C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0900F246C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0900F246C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0900F246C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/rpZJ6k_GK5 fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3587, 665 wallclock secs (13.09 usr 1.05 sys + 607.52 cusr 56.79 csys = 678.45 CPU) Result: FAIL Makefile:3182: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3180: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 1 17:37:02 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 17:37:02 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1601573822.012450.18418.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0800B08737F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0800B08737F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0800B08737F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0800B08737F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/qBWkTFdhuW default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C050DEF7117F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C050DEF7117F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C050DEF7117F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C050DEF7117F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/qBWkTFdhuW fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3509, 653 wallclock secs (12.07 usr 1.16 sys + 592.97 cusr 54.34 csys = 660.54 CPU) Result: FAIL Makefile:3198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3196: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Thu Oct 1 17:56:37 2020 From: levitte at openssl.org (Richard Levitte) Date: Thu, 01 Oct 2020 17:56:37 +0000 Subject: [openssl] master update Message-ID: <1601574997.281160.16401.nullmailer@dev.openssl.org> The branch master has been updated via f21c9c64f53484d4abe25b76d29350ed683db855 (commit) from 7d80985e178d77226392f9c35c36f3f885b884d7 (commit) - Log ----------------------------------------------------------------- commit f21c9c64f53484d4abe25b76d29350ed683db855 Author: Richard Levitte Date: Wed Sep 30 17:22:27 2020 +0200 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use We've had explicit checks for when to fall back to legacy code for operations that use an EVP_PKEY. Unfortunately, the checks were radically different in different spots, so we refactor that into a macro that gets used everywhere. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13043) ----------------------------------------------------------------------- Summary of changes: crypto/evp/asymcipher.c | 2 +- crypto/evp/exchange.c | 2 +- crypto/evp/m_sigver.c | 2 +- crypto/evp/signature.c | 2 +- include/crypto/evp.h | 16 ++++++++++++++++ 5 files changed, 20 insertions(+), 4 deletions(-) diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c index a80398782c..f28bfe6aef 100644 --- a/crypto/evp/asymcipher.c +++ b/crypto/evp/asymcipher.c @@ -38,7 +38,7 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation) */ ERR_set_mark(); - if (ctx->engine != NULL || ctx->keytype == NULL) + if (evp_pkey_ctx_is_legacy(ctx)) goto legacy; /* diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c index ccd75099ad..ea1f771d6f 100644 --- a/crypto/evp/exchange.c +++ b/crypto/evp/exchange.c @@ -197,7 +197,7 @@ int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx) */ ERR_set_mark(); - if (ctx->keymgmt == NULL) + if (evp_pkey_ctx_is_legacy(ctx)) goto legacy; /* diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index faf5191234..783225b6f7 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -80,7 +80,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, */ ERR_set_mark(); - if (locpctx->engine != NULL || locpctx->keytype == NULL) + if (evp_pkey_ctx_is_legacy(locpctx)) goto legacy; /* diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c index 7a2af1b5a2..c0126501f8 100644 --- a/crypto/evp/signature.c +++ b/crypto/evp/signature.c @@ -381,7 +381,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation) */ ERR_set_mark(); - if (ctx->keymgmt == NULL) + if (evp_pkey_ctx_is_legacy(ctx)) goto legacy; /* diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 986e11705b..9ca1a6062f 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -18,6 +18,22 @@ */ #define EVP_MD_CTX_FLAG_KEEP_PKEY_CTX 0x0400 +/* + * An EVP_PKEY can have the following support states: + * + * Supports legacy implementations only: + * + * engine != NULL || keytype == NULL + * + * Supports provided implementations: + * + * engine == NULL && keytype != NULL + */ +#define evp_pkey_ctx_is_legacy(ctx) \ + ((ctx)->engine != NULL || (ctx)->keytype == NULL) +#define evp_pkey_ctx_is_provided(ctx) \ + (!evp_pkey_ctx_is_legacy(ctx)) + struct evp_pkey_ctx_st { /* Actual operation */ int operation; From openssl at openssl.org Thu Oct 1 17:57:56 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 17:57:56 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm2 Message-ID: <1601575076.199293.5598.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm2 Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider From no-reply at appveyor.com Thu Oct 1 18:15:15 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 18:15:15 +0000 Subject: Build completed: openssl master.37316 Message-ID: <20201001181515.1.E23925A43B0D56A5@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 1 18:19:39 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 18:19:39 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-sm3 Message-ID: <1601576379.349640.26343.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sm3 Commit log since last time: e1f5a92df4 Configure: handle undefined shared_target. 7d6766cb53 prov: prefix provider internal functions with ossl_ 1be63951f8 prov: prefix all OSSL_DISPATCH tables names with ossl_ 5e26c3399d 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests e6a2596cdc appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 53c4992e0b rand: declare get_hardware_random_value() before use. 7339547d45 Remove TODO comment from sskdf.c c57a59b1a0 todo: remove fork protection todo comment, it isn't relevant to the FIPS provider From builds at travis-ci.com Thu Oct 1 19:47:12 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 01 Oct 2020 19:47:12 +0000 Subject: Errored: openssl/openssl#37857 (master - f21c9c6) In-Reply-To: Message-ID: <5f76324041c1a_13fbf723b5c9c72252@travis-pro-tasks-7454f75df8-2dvf8.mail> Build Update for openssl/openssl ------------------------------------- Build: #37857 Status: Errored Duration: 1 hr, 26 mins, and 42 secs Commit: f21c9c6 (master) Author: Richard Levitte Message: EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use We've had explicit checks for when to fall back to legacy code for operations that use an EVP_PKEY. Unfortunately, the checks were radically different in different spots, so we refactor that into a macro that gets used everywhere. Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13043) View the changeset: https://github.com/openssl/openssl/compare/7d80985e178d...f21c9c64f534 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187681960?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 19:51:46 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 19:51:46 +0000 Subject: Build failed: openssl master.37319 Message-ID: <20201001195146.1.E00C91C0116C8ECE@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 21:01:56 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 21:01:56 +0000 Subject: Build completed: openssl master.37320 Message-ID: <20201001210156.1.70C6185FDD8DA10D@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 1 23:14:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 01 Oct 2020 23:14:51 +0000 Subject: Build failed: openssl master.37321 Message-ID: <20201001231451.1.B57D8509D65B298B@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 1 23:46:12 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 01 Oct 2020 23:46:12 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1601595972.013008.2832.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80970DE0277F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 807713949F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 807713949F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1287 wallclock secs (12.10 usr 1.44 sys + 1133.86 cusr 139.59 csys = 1286.99 CPU) Result: FAIL Makefile:2548: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2546: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 2 00:29:06 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 00:29:06 +0000 Subject: Build failed: openssl OpenSSL_1_1_1-stable.37324 Message-ID: <20201002002906.1.76708612095B9683@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 2 01:29:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 01:29:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1601602185.663140.9975.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 669 wallclock secs (13.24 usr 1.19 sys + 607.56 cusr 54.92 csys = 676.91 CPU) Result: FAIL Makefile:3184: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3182: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 2 01:31:56 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 01:31:56 +0000 Subject: Build completed: openssl master.37325 Message-ID: <20201002013156.1.AC177E3AAF957A66@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 2 02:33:54 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 02:33:54 +0000 Subject: Build failed: openssl master.37326 Message-ID: <20201002023354.1.D5B326400A1DFADC@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 2 03:37:53 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 03:37:53 +0000 Subject: Build completed: openssl master.37327 Message-ID: <20201002033753.1.758647CC30D43255@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 2 04:01:32 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 04:01:32 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1601611292.941986.3915.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/srptest-bin-srptest.d.tmp -MT test/srptest-bin-srptest.o -c -o test/srptest-bin-srptest.o ../openssl/test/srptest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" chmod a+x apps/tsget.pl rm -f apps/libapps.a clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21555: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3142: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Fri Oct 2 06:09:48 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 06:09:48 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1601618988.441453.22069.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_csr_ignored.pem -out_trusted root.crt -csr idontexist => 1 not ok 72 - csr ignored for ir # ------------------------------------------------------------------------------ # Failed test 'csr ignored for ir' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. Could not read private key for CMP client certificate from signer.p12 C080DC2A5C7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr.pem -out_trusted root.crt -csr csr.pem => 1 not ok 73 - p10cr csr # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C020C917917F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 1 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0E032CBCB7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Looks like you failed 29 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 640 wallclock secs (13.71 usr 1.49 sys + 584.71 cusr 55.22 csys = 655.13 CPU) Result: FAIL Makefile:3119: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3117: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 2 06:31:01 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 06:31:01 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1601620261.541162.9848.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 672 wallclock secs (14.11 usr 1.26 sys + 598.79 cusr 60.04 csys = 674.20 CPU) Result: FAIL Makefile:3193: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3191: recipe for target 'tests' failed make: *** [tests] Error 2 From tmraz at fedoraproject.org Fri Oct 2 06:51:53 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Fri, 02 Oct 2020 06:51:53 +0000 Subject: [openssl] master update Message-ID: <1601621513.233346.6686.nullmailer@dev.openssl.org> The branch master has been updated via 62f27ab9dcf29876b15cdae704c3a04b4c8a6344 (commit) from f21c9c64f53484d4abe25b76d29350ed683db855 (commit) - Log ----------------------------------------------------------------- commit 62f27ab9dcf29876b15cdae704c3a04b4c8a6344 Author: Maxim Masiutin Date: Tue Sep 29 18:40:56 2020 +0300 TLS AEAD ciphers: more bytes for key_block than needed Fixes #12007 The key_block length was not written to trace, thus it was not obvious that extra key_bytes were generated for TLS AEAD. The problem was that EVP_CIPHER_iv_length was called even for AEAD ciphers to figure out how many bytes from the key_block were needed for the IV. The correct way was to take cipher mode (GCM, CCM, etc) into consideration rather than simply callin the general function EVP_CIPHER_iv_length. The new function tls_iv_length_within_key_block takes this into consideration. Besides that, the order of addendums was counter-intuitive MAC length was second, but it have to be first to correspond the order given in the RFC. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13035) ----------------------------------------------------------------------- Summary of changes: ssl/t1_enc.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/ssl/t1_enc.c b/ssl/t1_enc.c index fbef9c1a86..91c3904723 100644 --- a/ssl/t1_enc.c +++ b/ssl/t1_enc.c @@ -175,6 +175,18 @@ int tls_provider_set_tls_params(SSL *s, EVP_CIPHER_CTX *ctx, return 1; } + +static int tls_iv_length_within_key_block(const EVP_CIPHER *c) +{ + /* If GCM/CCM mode only part of IV comes from PRF */ + if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) + return EVP_GCM_TLS_FIXED_IV_LEN; + else if (EVP_CIPHER_mode(c) == EVP_CIPH_CCM_MODE) + return EVP_CCM_TLS_FIXED_IV_LEN; + else + return EVP_CIPHER_iv_length(c); +} + int tls1_change_cipher_state(SSL *s, int which) { unsigned char *p, *mac_secret; @@ -337,14 +349,7 @@ int tls1_change_cipher_state(SSL *s, int which) /* TODO(size_t): convert me */ cl = EVP_CIPHER_key_length(c); j = cl; - /* Was j=(exp)?5:EVP_CIPHER_key_length(c); */ - /* If GCM/CCM mode only part of IV comes from PRF */ - if (EVP_CIPHER_mode(c) == EVP_CIPH_GCM_MODE) - k = EVP_GCM_TLS_FIXED_IV_LEN; - else if (EVP_CIPHER_mode(c) == EVP_CIPH_CCM_MODE) - k = EVP_CCM_TLS_FIXED_IV_LEN; - else - k = EVP_CIPHER_iv_length(c); + k = tls_iv_length_within_key_block(c); if ((which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) || (which == SSL3_CHANGE_CIPHER_SERVER_READ)) { ms = &(p[0]); @@ -565,7 +570,7 @@ int tls1_setup_key_block(SSL *s) s->s3.tmp.new_hash = hash; s->s3.tmp.new_mac_pkey_type = mac_type; s->s3.tmp.new_mac_secret_size = mac_secret_size; - num = EVP_CIPHER_key_length(c) + mac_secret_size + EVP_CIPHER_iv_length(c); + num = mac_secret_size + EVP_CIPHER_key_length(c) + tls_iv_length_within_key_block(c); num *= 2; ssl3_cleanup_key_block(s); @@ -580,6 +585,7 @@ int tls1_setup_key_block(SSL *s) s->s3.tmp.key_block = p; OSSL_TRACE_BEGIN(TLS) { + BIO_printf(trc_out, "key block length: %ld\n", num); BIO_printf(trc_out, "client random\n"); BIO_dump_indent(trc_out, s->s3.client_random, SSL3_RANDOM_SIZE, 4); BIO_printf(trc_out, "server random\n"); From openssl at openssl.org Fri Oct 2 06:52:27 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 06:52:27 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1601621547.023424.29521.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. skipped: dh is not supported by this OpenSSL build 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 25-test_x509.t (Wstat: 256 Tests: 15 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=212, Tests=3574, 677 wallclock secs (14.01 usr 1.31 sys + 600.51 cusr 59.49 csys = 675.32 CPU) Result: FAIL Makefile:3179: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dh' Makefile:3177: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 2 08:26:59 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 08:26:59 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-ec2m Message-ID: <1601627219.517495.29637.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ec2m Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert From builds at travis-ci.com Fri Oct 2 08:27:46 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 02 Oct 2020 08:27:46 +0000 Subject: Failed: openssl/openssl#37868 (master - 62f27ab) In-Reply-To: Message-ID: <5f76e4827283f_13fb7f29bd70c1005ef@travis-pro-tasks-548cf7fbb7-5nmxm.mail> Build Update for openssl/openssl ------------------------------------- Build: #37868 Status: Failed Duration: 1 hr, 21 mins, and 6 secs Commit: 62f27ab (master) Author: Maxim Masiutin Message: TLS AEAD ciphers: more bytes for key_block than needed Fixes #12007 The key_block length was not written to trace, thus it was not obvious that extra key_bytes were generated for TLS AEAD. The problem was that EVP_CIPHER_iv_length was called even for AEAD ciphers to figure out how many bytes from the key_block were needed for the IV. The correct way was to take cipher mode (GCM, CCM, etc) into consideration rather than simply callin the general function EVP_CIPHER_iv_length. The new function tls_iv_length_within_key_block takes this into consideration. Besides that, the order of addendums was counter-intuitive MAC length was second, but it have to be first to correspond the order given in the RFC. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13035) View the changeset: https://github.com/openssl/openssl/compare/f21c9c64f534...62f27ab9dcf2 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187753237?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 2 10:13:02 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 10:13:02 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1601633582.380622.30725.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 652 wallclock secs (10.68 usr 1.13 sys + 600.14 cusr 52.36 csys = 664.31 CPU) Result: FAIL Makefile:3130: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3128: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 2 10:23:25 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 10:23:25 +0000 Subject: Build failed: openssl master.37332 Message-ID: <20201002102325.1.AA33E3922E9FA38A@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 2 11:03:15 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 11:03:15 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1601636595.812887.28339.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 673 wallclock secs (13.62 usr 1.21 sys + 613.85 cusr 54.88 csys = 683.56 CPU) Result: FAIL Makefile:3199: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3197: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 2 11:28:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 11:28:27 +0000 Subject: Build completed: openssl master.37333 Message-ID: <20201002112827.1.71204B2E6994DB54@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 2 15:30:20 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 15:30:20 +0000 Subject: Build failed: openssl master.37337 Message-ID: <20201002153020.1.489F38DD90B5CAD2@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 2 16:45:18 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 16:45:18 +0000 Subject: Build failed: openssl master.37338 Message-ID: <20201002164518.1.F82B6CCDA3F21B81@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 2 17:59:42 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 02 Oct 2020 17:59:42 +0000 Subject: Build completed: openssl master.37339 Message-ID: <20201002175942.1.1F72FEFCBBC860C6@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 2 18:11:51 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 18:11:51 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1601662311.538384.28463.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.certout_kur2.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 689 wallclock secs (13.26 usr 1.10 sys + 594.65 cusr 55.35 csys = 664.36 CPU) Result: FAIL Makefile:3175: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3173: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 2 20:19:35 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 02 Oct 2020 20:19:35 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1601669975.972068.20278.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file 'test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file 'test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file 'test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 553 wallclock secs ( 8.97 usr 1.26 sys + 502.84 cusr 45.43 csys = 558.50 CPU) Result: FAIL Makefile:2401: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2399: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Sat Oct 3 00:08:39 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 03 Oct 2020 00:08:39 +0000 Subject: Build failed: openssl master.37341 Message-ID: <20201003000839.1.4E9CB4D0F673FA93@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Sat Oct 3 01:36:17 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 01:36:17 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1601688977.537030.8202.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4263: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3142: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Sat Oct 3 02:19:16 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 02:19:16 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1601691556.068154.16259.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C04006128A7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 679 wallclock secs (13.49 usr 1.32 sys + 615.85 cusr 56.22 csys = 686.88 CPU) Result: FAIL Makefile:3160: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3158: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 3 05:55:19 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 05:55:19 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1601704519.211762.14293.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-crl2pkcs7.pod.in > doc/man1/openssl-crl2pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c Makefile:4264: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3143: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Sat Oct 3 09:22:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 09:22:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1601716965.910819.23381.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 40E75F31757F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40C77FEAC77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40C77FEAC77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1454 wallclock secs (14.11 usr 1.36 sys + 1368.10 cusr 81.81 csys = 1465.38 CPU) Result: FAIL Makefile:3169: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3167: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 3 09:44:03 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 09:44:03 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1601718243.990071.11098.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.certout_kur2.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 701 wallclock secs (13.52 usr 1.28 sys + 608.45 cusr 56.41 csys = 679.66 CPU) Result: FAIL Makefile:3176: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3174: recipe for target 'tests' failed make: *** [tests] Error 2 From nic.tuv at gmail.com Sat Oct 3 11:41:31 2020 From: nic.tuv at gmail.com (nic.tuv at gmail.com) Date: Sat, 03 Oct 2020 11:41:31 +0000 Subject: [openssl] master update Message-ID: <1601725291.348703.24375.nullmailer@dev.openssl.org> The branch master has been updated via 993c437dbd14579cbbd55a2742274f10fc7c6e21 (commit) from 62f27ab9dcf29876b15cdae704c3a04b4c8a6344 (commit) - Log ----------------------------------------------------------------- commit 993c437dbd14579cbbd55a2742274f10fc7c6e21 Author: Nicola Tuveri Date: Fri Oct 2 03:58:10 2020 +0300 Fix segfault on missing provider_query_operation() A provider without `provider_query_operation()` is admittedly quite useless, yet technically the base provider functions are not mandatory according to our documentation. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13058) ----------------------------------------------------------------------- Summary of changes: crypto/provider_core.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 754f6df1a4..742d3e2b50 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -866,7 +866,8 @@ const OSSL_ALGORITHM *ossl_provider_query_operation(const OSSL_PROVIDER *prov, int operation_id, int *no_cache) { - return prov->query_operation(prov->provctx, operation_id, no_cache); + return prov->query_operation == NULL + ? NULL : prov->query_operation(prov->provctx, operation_id, no_cache); } int ossl_provider_set_operation_bit(OSSL_PROVIDER *provider, size_t bitnum) From openssl at openssl.org Sat Oct 3 12:10:21 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 12:10:21 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1601727021.158552.25295.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 629 wallclock secs (12.12 usr 1.08 sys + 573.83 cusr 54.81 csys = 641.84 CPU) Result: FAIL Makefile:3188: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3186: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Sat Oct 3 13:01:01 2020 From: builds at travis-ci.com (Travis CI) Date: Sat, 03 Oct 2020 13:01:01 +0000 Subject: Still Failing: openssl/openssl#37878 (master - 993c437) In-Reply-To: Message-ID: <5f78760d25986_13fc0e57d59c02433d@travis-pro-tasks-74f5bf75d8-mxxtt.mail> Build Update for openssl/openssl ------------------------------------- Build: #37878 Status: Still Failing Duration: 1 hr, 17 mins, and 52 secs Commit: 993c437 (master) Author: Nicola Tuveri Message: Fix segfault on missing provider_query_operation() A provider without `provider_query_operation()` is admittedly quite useless, yet technically the base provider functions are not mandatory according to our documentation. Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13058) View the changeset: https://github.com/openssl/openssl/compare/62f27ab9dcf2...993c437dbd14 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187949966?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 3 13:38:11 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 03 Oct 2020 13:38:11 +0000 Subject: Build failed: openssl master.37342 Message-ID: <20201003133811.1.F049B4EFA0DA03E8@appveyor.com> An HTML attachment was scrubbed... URL: From matthias.st.pierre at ncp-e.com Sat Oct 3 14:06:44 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Sat, 03 Oct 2020 14:06:44 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1601734004.883980.12938.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via db78f8b3859aa35a4988d4ba49d5e8de8c2b491d (commit) from 5c2c624e2e8c50368a081fdd5ff8cb33e1124187 (commit) - Log ----------------------------------------------------------------- commit db78f8b3859aa35a4988d4ba49d5e8de8c2b491d Author: drgler Date: Thu Oct 1 21:20:33 2020 +0200 Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV Since glibc 2.8, these defines like `NI_MAXHOST` are exposed only if suitable feature test macros are defined, namely: _GNU_SOURCE, _DEFAULT_SOURCE (since glibc 2.19), or _BSD_SOURCE or _SVID_SOURCE (before glibc 2.19), see GETNAMEINFO(3). CLA: trivial Fixes #13049 Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13054) (cherry picked from commit 99501e817cbc4f11cc045dbaa7a81854d4349335) ----------------------------------------------------------------------- Summary of changes: crypto/bio/b_addr.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index d11268b6dc..c3f669329b 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -7,6 +7,10 @@ * https://www.openssl.org/source/license.html */ +#ifndef _GNU_SOURCE +# define _GNU_SOURCE +#endif + #include #include From matthias.st.pierre at ncp-e.com Sat Oct 3 14:02:56 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Sat, 03 Oct 2020 14:02:56 +0000 Subject: [openssl] master update Message-ID: <1601733776.488921.11565.nullmailer@dev.openssl.org> The branch master has been updated via 99501e817cbc4f11cc045dbaa7a81854d4349335 (commit) from 993c437dbd14579cbbd55a2742274f10fc7c6e21 (commit) - Log ----------------------------------------------------------------- commit 99501e817cbc4f11cc045dbaa7a81854d4349335 Author: drgler Date: Thu Oct 1 21:20:33 2020 +0200 Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV Since glibc 2.8, these defines like `NI_MAXHOST` are exposed only if suitable feature test macros are defined, namely: _GNU_SOURCE, _DEFAULT_SOURCE (since glibc 2.19), or _BSD_SOURCE or _SVID_SOURCE (before glibc 2.19), see GETNAMEINFO(3). CLA: trivial Fixes #13049 Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13054) ----------------------------------------------------------------------- Summary of changes: crypto/bio/b_addr.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index 4652003149..b7469bc720 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -7,6 +7,10 @@ * https://www.openssl.org/source/license.html */ +#ifndef _GNU_SOURCE +# define _GNU_SOURCE +#endif + #include #include From openssl at openssl.org Sat Oct 3 14:37:27 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 14:37:27 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1601735847.268249.31068.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C04003CCA27F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C04003CCA27F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C04003CCA27F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/gpY35exM6a default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0608D9A167F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0608D9A167F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0608D9A167F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0608D9A167F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0608D9A167F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0608D9A167F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/gpY35exM6a fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 669 wallclock secs (13.14 usr 1.06 sys + 610.96 cusr 56.14 csys = 681.30 CPU) Result: FAIL Makefile:3181: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3179: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Sat Oct 3 14:41:37 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 03 Oct 2020 14:41:37 +0000 Subject: Build completed: openssl master.37343 Message-ID: <20201003144137.1.70E7082E38BB9984@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Sat Oct 3 15:22:03 2020 From: builds at travis-ci.com (Travis CI) Date: Sat, 03 Oct 2020 15:22:03 +0000 Subject: Still Failing: openssl/openssl#37880 (master - 99501e8) In-Reply-To: Message-ID: <5f78971b4b00e_13fe64a1b45d42282e8@travis-pro-tasks-74f5bf75d8-572q5.mail> Build Update for openssl/openssl ------------------------------------- Build: #37880 Status: Still Failing Duration: 1 hr, 17 mins, and 50 secs Commit: 99501e8 (master) Author: drgler Message: Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV Since glibc 2.8, these defines like `NI_MAXHOST` are exposed only if suitable feature test macros are defined, namely: _GNU_SOURCE, _DEFAULT_SOURCE (since glibc 2.19), or _BSD_SOURCE or _SVID_SOURCE (before glibc 2.19), see GETNAMEINFO(3). CLA: trivial Fixes #13049 Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13054) View the changeset: https://github.com/openssl/openssl/compare/993c437dbd14...99501e817cbc View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187954761?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 3 16:37:20 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 03 Oct 2020 16:37:20 +0000 Subject: Build failed: openssl master.37344 Message-ID: <20201003163720.1.775D72AFB20DBD47@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Sat Oct 3 16:44:31 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 16:44:31 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1601743471.093788.20374.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C03097F06A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C03097F06A7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C03097F06A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/cva7UQoYaB default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0102E906A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0102E906A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0102E906A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0102E906A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0102E906A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0102E906A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/cva7UQoYaB fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 653 wallclock secs (13.17 usr 1.21 sys + 596.86 cusr 55.79 csys = 667.03 CPU) Result: FAIL Makefile:3198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3196: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 3 17:26:46 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 03 Oct 2020 17:26:46 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1601746006.416490.27119.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: f21c9c64f5 EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use 7d80985e17 Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 746f367489 Fix some things the rename script didn't quite get right d8652be06e Run the withlibctx.pl script aedac96c11 Perl util to do with_libctx renaming 0129030639 der: _ossl prefix der_oid_ and der_aid_ functions a55b00bdbc der: _ossl prefix DER functions c4232b9edb rsa_mp_coeff_names should only have one entry in it for fips mode. 592dcfd3df prov: prefix all exposed 'cipher' symbols with ossl_ 5b60f9c3e0 prov: prefix aes-cbc-cts functions with ossl_ 13a574d8bb check-format.pl: Allow nested indentation of labels (not only at line pos 1) 8e655da022 check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' df4ec39203 check-format.pl: Document how to run positive and negative self-tests 4a24d6050b EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output 66066e1bba Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. 9032c2c11b 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E002EA1E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E002EA1E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E002EA1E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E002EA1E7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/SLqPJbQUaN default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0903FD5EE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0903FD5EE7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0903FD5EE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0903FD5EE7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/SLqPJbQUaN fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 648 wallclock secs (11.66 usr 1.24 sys + 589.89 cusr 52.88 csys = 655.67 CPU) Result: FAIL Makefile:3187: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3185: recipe for target 'tests' failed make: *** [tests] Error 2 From beldmit at gmail.com Sat Oct 3 17:35:21 2020 From: beldmit at gmail.com (beldmit at gmail.com) Date: Sat, 03 Oct 2020 17:35:21 +0000 Subject: [openssl] master update Message-ID: <1601746521.274251.16883.nullmailer@dev.openssl.org> The branch master has been updated via 4232a9e57f48276974a8891e58db9b06b5db696f (commit) from 99501e817cbc4f11cc045dbaa7a81854d4349335 (commit) - Log ----------------------------------------------------------------- commit 4232a9e57f48276974a8891e58db9b06b5db696f Author: Richard Levitte Date: Thu Sep 24 22:00:16 2020 +0200 Configuration: add initial NonStop values in OpenSSL::config This makes Configure work it's automatic config detection, at least for the simple straightforward cases. Fixes #12972 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/12973) ----------------------------------------------------------------------- Summary of changes: util/perl/OpenSSL/config.pm | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/util/perl/OpenSSL/config.pm b/util/perl/OpenSSL/config.pm index 4409c98df6..c2dbd33bd1 100755 --- a/util/perl/OpenSSL/config.pm +++ b/util/perl/OpenSSL/config.pm @@ -160,6 +160,11 @@ my $guess_patterns = [ [ 'CYGWIN.*', '${MACHINE}-pc-cygwin' ], [ 'vxworks.*', '${MACHINE}-whatever-vxworks' ], + # Note: there's also NEO and NSR, but they are old and unsupported + [ 'NONSTOP_KERNEL:.*:NSE-.*?', 'nse-tandem-nsk${RELEASE}' ], + [ 'NONSTOP_KERNEL:.*:NSV-.*?', 'nsv-tandem-nsk${RELEASE}' ], + [ 'NONSTOP_KERNEL:.*:NSX-.*?', 'nsx-tandem-nsk${RELEASE}' ], + [ sub { -d '/usr/apollo' }, 'whatever-apollo-whatever' ], ]; @@ -860,6 +865,20 @@ EOF [ '.*Alpha.*?-.*?-OpenVMS', { target => 'vms-alpha' } ], [ '.*?-.*?-OpenVMS', { target => 'vms-ia64' } ], + # TODO: There are a few more choices among OpenSSL config targets, but + # reaching them involves a bit more than just a host tripet. Select + # environment variables could do the job to cover for more granular + # build options such as data model (ILP32 or LP64), thread support + # model (PUT, SPT or nothing), target execution environment (OSS or + # GUARDIAN). And still, there must be some kind of default when + # nothing else is said. + # + # nsv is a virtual x86 environment, equivalent to nsx, so we enforce + # the latter. + [ 'nse-tandem-nsk.*', { target => 'nonstop-nse' } ], + [ 'nsv-tandem-nsk.*', { target => 'nonstop-nsx' } ], + [ 'nsx-tandem-nsk.*', { target => 'nonstop-nsx' } ], + ]; # Map GUESSOS into OpenSSL terminology. From no-reply at appveyor.com Sat Oct 3 17:44:00 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 03 Oct 2020 17:44:00 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37345 Message-ID: <20201003174400.1.D5D254A336A85A4B@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Sat Oct 3 18:55:57 2020 From: builds at travis-ci.com (Travis CI) Date: Sat, 03 Oct 2020 18:55:57 +0000 Subject: Still Failing: openssl/openssl#37882 (master - 4232a9e) In-Reply-To: Message-ID: <5f78c93d113d4_13fe7e47b913c17237a@travis-pro-tasks-67678b5bc5-p27hk.mail> Build Update for openssl/openssl ------------------------------------- Build: #37882 Status: Still Failing Duration: 1 hr, 19 mins, and 21 secs Commit: 4232a9e (master) Author: Richard Levitte Message: Configuration: add initial NonStop values in OpenSSL::config This makes Configure work it's automatic config detection, at least for the simple straightforward cases. Fixes #12972 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/12973) View the changeset: https://github.com/openssl/openssl/compare/99501e817cbc...4232a9e57f48 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/187970577?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 3 19:39:26 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 03 Oct 2020 19:39:26 +0000 Subject: Build failed: openssl master.37346 Message-ID: <20201003193926.1.8F7A9A432E49CA5F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 4 07:29:43 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 04 Oct 2020 07:29:43 +0000 Subject: Build completed: openssl master.37347 Message-ID: <20201004072943.1.175D534DA034F748@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sun Oct 4 07:52:48 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 04 Oct 2020 07:52:48 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5f797f4fb49b1_2fd85a2adf73decf60309d7@prd-scan-dashboard-0.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3D0vlq_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGAsFiOHfWwh5-2ByPHunNfll1c7GW3VQE79b4nCVumuxSPuvNOrfslpxiWQhiRnJqYSiz5SNnpZnQ9zZIkhORJLaCxFN7VJcETAQy9NVRGj-2BAl0Q0rSr2MM-2BUObI-2FTq6q1aNfZMYslGTDIZic-2BlBD3ap0d2lmGQVVYIng8eyeo1lnvE0ErcTbTU0-2BLdNlQJABUE-3D Build ID: 343587 Analysis Summary: New defects found: 0 Defects eliminated: 0 From scan-admin at coverity.com Sun Oct 4 07:53:49 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 04 Oct 2020 07:53:49 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5f797f8de74_2fd9002adf73decf60309ae@prd-scan-dashboard-0.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3DHDQ3_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeE32jcTJfaR-2FxY9m1VWi7FA-2BOMRQ3HfvO8eTG1iZuCMtX4HLJcfk0sEkwChX1cnlAE0o1RWLPa1RoywUXgXCfWTovUf-2BJXZmsipFjTp6V5ElFvLgi6VcTN2GuyHOHQciAWhy05QAomhe0VXQnY9e-2FjSgiHU7pnOTu6PE1C0SRWOFRv8T3zdxdUXdoEL373gbz0-3D Build ID: 343586 Analysis Summary: New defects found: 4 Defects eliminated: 4 If you have difficulty understanding any defects, email us at scan-admin at coverity.com, or post your question to StackOverflow at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DtagW_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeE32jcTJfaR-2FxY9m1VWi7FA-2BOMRQ3HfvO8eTG1iZuCMtdEAlK3NEueG4r4Wf1mVcQhIWZrXRB69iXzW1rKEDz4C9FsNwXoRIBOdWKnLMksbBMvNsch0lb4uLntUUcHDca7QFydwkMXiB7kIzf1dl345DXXHceHwxSamKddHZii-2BRy0HGQoWx5IJBnzy8RUVvEo-3D From levitte at openssl.org Sun Oct 4 11:00:46 2020 From: levitte at openssl.org (Richard Levitte) Date: Sun, 04 Oct 2020 11:00:46 +0000 Subject: [openssl] master update Message-ID: <1601809246.644658.16174.nullmailer@dev.openssl.org> The branch master has been updated via ecadfdadde491572b0bdf3c5a95e7a6a004585c6 (commit) from 4232a9e57f48276974a8891e58db9b06b5db696f (commit) - Log ----------------------------------------------------------------- commit ecadfdadde491572b0bdf3c5a95e7a6a004585c6 Author: Richard Levitte Date: Fri Oct 2 13:56:54 2020 +0200 DECODER: Handle abstract object data type The PEM->DER decoder passes the data type of its contents, something that decoder_process() ignored. On the other hand, the PEM->DER decoder passed nonsense. Both issues are fixed here. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13060) ----------------------------------------------------------------------- Summary of changes: crypto/encode_decode/decoder_lib.c | 13 +++++ .../implementations/encode_decode/decode_pem2der.c | 62 +++++++++++++++++++--- 2 files changed, 69 insertions(+), 6 deletions(-) diff --git a/crypto/encode_decode/decoder_lib.c b/crypto/encode_decode/decoder_lib.c index 0411da41f4..ab7c537038 100644 --- a/crypto/encode_decode/decoder_lib.c +++ b/crypto/encode_decode/decoder_lib.c @@ -430,6 +430,7 @@ static int decoder_process(const OSSL_PARAM params[], void *arg) int err, ok = 0; /* For recursions */ struct decoder_process_data_st new_data; + const char *object_type = NULL; memset(&new_data, 0, sizeof(new_data)); new_data.ctx = data->ctx; @@ -471,6 +472,11 @@ static int decoder_process(const OSSL_PARAM params[], void *arg) if (new_data.bio == NULL) goto end; bio = new_data.bio; + + /* Get the object type if there is one */ + p = OSSL_PARAM_locate_const(params, OSSL_OBJECT_PARAM_DATA_TYPE); + if (p != NULL && !OSSL_PARAM_get_utf8_string_ptr(p, &object_type)) + goto end; } /* @@ -513,6 +519,13 @@ static int decoder_process(const OSSL_PARAM params[], void *arg) if (decoder != NULL && !OSSL_DECODER_is_a(decoder, new_input_type)) continue; + /* + * If the previous decoder gave us an object type, we check to see + * if that matches the decoder we're currently considering. + */ + if (object_type != NULL && !OSSL_DECODER_is_a(new_decoder, object_type)) + continue; + /* * Checking the return value of BIO_reset() or BIO_seek() is unsafe. * Furthermore, BIO_reset() is unsafe to use if the source BIO happens diff --git a/providers/implementations/encode_decode/decode_pem2der.c b/providers/implementations/encode_decode/decode_pem2der.c index 99ca7e8210..9ddc0ae3bb 100644 --- a/providers/implementations/encode_decode/decode_pem2der.c +++ b/providers/implementations/encode_decode/decode_pem2der.c @@ -21,6 +21,7 @@ #include #include #include +#include "internal/nelem.h" #include "prov/bio.h" #include "prov/implementations.h" #include "prov/providercommonerr.h" @@ -109,8 +110,27 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, OSSL_CALLBACK *data_cb, void *data_cbarg, OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { + /* Strings to peal off the pem name */ + static const char *pealable_pem_name_endings[] = { + /* + * These entries should be in longest to shortest order to avoid + * mixups. + */ + "ENCRYPTED PRIVATE KEY", + "PRIVATE KEY", + "PUBLIC KEY", + "PARAMETERS" + + /* + * Libcrypto currently only supports decoding keys with provider side + * decoders, so we don't try to peal any other PEM name. That's an + * exercise for when libcrypto starts to treat other types of objects + * via providers. + */ + }; struct pem2der_ctx_st *ctx = vctx; char *pem_name = NULL, *pem_header = NULL; + size_t pem_name_len, i; unsigned char *der = NULL; long der_len = 0; int ok = 0; @@ -137,16 +157,46 @@ static int pem2der_decode(void *vctx, OSSL_CORE_BIO *cin, goto end; } + /* + * Peal off certain strings from the end of |pem_name|, as they serve + * no further purpose. + */ + for (i = 0, pem_name_len = strlen(pem_name); + i < OSSL_NELEM(pealable_pem_name_endings); + i++) { + size_t peal_len = strlen(pealable_pem_name_endings[i]); + size_t pem_name_offset; + + if (peal_len <= pem_name_len) { + pem_name_offset = pem_name_len - peal_len; + if (strcmp(pem_name + pem_name_offset, + pealable_pem_name_endings[i]) == 0) { + + do { + pem_name[pem_name_offset] = '\0'; + } while (pem_name_offset > 0 + && pem_name[--pem_name_offset] == ' '); + + if (pem_name[0] == '\0') { + OPENSSL_free(pem_name); + pem_name = NULL; + } + break; + } + } + } + { - OSSL_PARAM params[3]; + OSSL_PARAM params[3], *p = params; - params[0] = - OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, - pem_name, 0); - params[1] = + if (pem_name != NULL) + *p++ = + OSSL_PARAM_construct_utf8_string(OSSL_OBJECT_PARAM_DATA_TYPE, + pem_name, 0); + *p++ = OSSL_PARAM_construct_octet_string(OSSL_OBJECT_PARAM_DATA, der, der_len); - params[2] = OSSL_PARAM_construct_end(); + *p = OSSL_PARAM_construct_end(); ok = data_cb(params, data_cbarg); } From levitte at openssl.org Sun Oct 4 11:02:35 2020 From: levitte at openssl.org (Richard Levitte) Date: Sun, 04 Oct 2020 11:02:35 +0000 Subject: [openssl] master update Message-ID: <1601809355.931772.18379.nullmailer@dev.openssl.org> The branch master has been updated via 70c06aafa691a77861bd3d3aaf93afa2a55e04ce (commit) from ecadfdadde491572b0bdf3c5a95e7a6a004585c6 (commit) - Log ----------------------------------------------------------------- commit 70c06aafa691a77861bd3d3aaf93afa2a55e04ce Author: Richard Levitte Date: Fri Oct 2 14:21:51 2020 +0200 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() There is some data that is very difficult to guess. For example, DSA parameters and X9.42 DH parameters look exactly the same, a SEQUENCE of 3 INTEGER. Therefore, callers may need the possibility to select the exact keytype that they expect to get. This will also allow use to translate d2i_TYPEPrivateKey(), d2i_TYPEPublicKey() and d2i_TYPEParams() into OSSL_DECODER terms much more smoothly. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13061) ----------------------------------------------------------------------- Summary of changes: crypto/encode_decode/decoder_pkey.c | 20 ++++++++++++-------- crypto/store/store_result.c | 3 ++- doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod | 13 ++++++++++--- include/crypto/decoder.h | 2 +- include/openssl/decoder.h | 3 ++- providers/implementations/storemgmt/file_store.c | 3 ++- test/endecode_test.c | 2 +- 7 files changed, 30 insertions(+), 16 deletions(-) diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c index 2e07d0d7cc..75c491f4ac 100644 --- a/crypto/encode_decode/decoder_pkey.c +++ b/crypto/encode_decode/decoder_pkey.c @@ -188,6 +188,7 @@ static void decoder_clean_EVP_PKEY_construct_arg(void *construct_data) struct collected_data_st { struct decoder_EVP_PKEY_data_st *process_data; + const char *keytype; STACK_OF(OPENSSL_CSTRING) *names; OSSL_DECODER_CTX *ctx; @@ -198,6 +199,8 @@ static void collect_keymgmt(EVP_KEYMGMT *keymgmt, void *arg) { struct collected_data_st *data = arg; + if (data->keytype != NULL && !EVP_KEYMGMT_is_a(keymgmt, data->keytype)) + return; if (data->error_occured) return; @@ -253,7 +256,7 @@ static void collect_decoder(OSSL_DECODER *decoder, void *arg) } int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, - EVP_PKEY **pkey, + EVP_PKEY **pkey, const char *keytype, OPENSSL_CTX *libctx, const char *propquery) { @@ -264,14 +267,14 @@ int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, if ((data = OPENSSL_zalloc(sizeof(*data))) == NULL || (data->process_data = OPENSSL_zalloc(sizeof(*data->process_data))) == NULL - || (data->process_data->keymgmts - = sk_EVP_KEYMGMT_new_null()) == NULL + || (data->process_data->keymgmts = sk_EVP_KEYMGMT_new_null()) == NULL || (data->names = sk_OPENSSL_CSTRING_new_null()) == NULL) { ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_MALLOC_FAILURE); goto err; } data->process_data->object = (void **)pkey; data->ctx = ctx; + data->keytype = keytype; /* First, find all keymgmts to form goals */ EVP_KEYMGMT_do_all_provided(libctx, collect_keymgmt, data); @@ -320,10 +323,10 @@ int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, return ok; } -OSSL_DECODER_CTX *OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, - const char *input_type, - OPENSSL_CTX *libctx, - const char *propquery) +OSSL_DECODER_CTX * +OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, + const char *input_type, const char *keytype, + OPENSSL_CTX *libctx, const char *propquery) { OSSL_DECODER_CTX *ctx = NULL; @@ -332,7 +335,8 @@ OSSL_DECODER_CTX *OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, return NULL; } if (OSSL_DECODER_CTX_set_input_type(ctx, input_type) - && ossl_decoder_ctx_setup_for_EVP_PKEY(ctx, pkey, libctx, propquery) + && ossl_decoder_ctx_setup_for_EVP_PKEY(ctx, pkey, keytype, + libctx, propquery) && OSSL_DECODER_CTX_add_extra(ctx, libctx, propquery)) return ctx; diff --git a/crypto/store/store_result.c b/crypto/store/store_result.c index a591ef23ec..8ba4f8880c 100644 --- a/crypto/store/store_result.c +++ b/crypto/store/store_result.c @@ -257,7 +257,8 @@ static EVP_PKEY *try_key_value(struct extracted_param_data_st *data, if (membio == NULL) return 0; - decoderctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pk, "DER", libctx, propq); + decoderctx = + OSSL_DECODER_CTX_new_by_EVP_PKEY(&pk, "DER", NULL, libctx, propq); (void)OSSL_DECODER_CTX_set_passphrase_cb(decoderctx, cb, cbarg); /* No error if this couldn't be decoded */ diff --git a/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod index 4190c4232b..c57438072b 100644 --- a/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod +++ b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod @@ -14,7 +14,8 @@ OSSL_DECODER_CTX_set_passphrase_cb #include OSSL_DECODER_CTX * - OSSL_DECODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey, const char *input_type, + OSSL_DECODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey, + const char *input_type, const char *keytype, OPENSSL_CTX *libctx, const char *propquery); int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx, @@ -44,8 +45,14 @@ data suitable for Bs. All these implementations are implicitly fetched using I and I. The search of decoder implementations can be limited with I, -which specifies a starting input type. This is further explained in -L. +which specifies a starting input type. NULL is valid input and signifies +that the decoder implementations will find out the input type on their own. +This is further explained in L. + +The search of decoder implementations can also be limited with I, +which specifies the expected resulting keytype. NULL is valid input and +signifies that the decoder implementations will find out the keytype on +their own from the input they get. If no suitable decoder implementation is found, OSSL_DECODER_CTX_new_by_EVP_PKEY() still creates a B, but diff --git a/include/crypto/decoder.h b/include/crypto/decoder.h index b465752971..f025b3ec37 100644 --- a/include/crypto/decoder.h +++ b/include/crypto/decoder.h @@ -32,7 +32,7 @@ int ossl_decoder_ctx_add_decoder_inst(OSSL_DECODER_CTX *ctx, OSSL_DECODER_INSTANCE *di); int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, - EVP_PKEY **pkey, + EVP_PKEY **pkey, const char *keytype, OPENSSL_CTX *libctx, const char *propquery); diff --git a/include/openssl/decoder.h b/include/openssl/decoder.h index 3da4577437..66790f43c8 100644 --- a/include/openssl/decoder.h +++ b/include/openssl/decoder.h @@ -112,7 +112,8 @@ int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *in); * an implicit OSSL_DECODER_fetch(), suitable for the object of that type. */ OSSL_DECODER_CTX * -OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, const char *input_type, +OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, + const char *input_type, const char *keytype, OPENSSL_CTX *libctx, const char *propquery); # ifdef __cplusplus diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index c194578937..c4b1de40d1 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -582,7 +582,8 @@ static int file_setup_decoders(struct file_ctx_st *ctx) * Since we're setting up our own constructor, we don't need to care * more than that... */ - if (!ossl_decoder_ctx_setup_for_EVP_PKEY(ctx->_.file.decoderctx, &dummy, + if (!ossl_decoder_ctx_setup_for_EVP_PKEY(ctx->_.file.decoderctx, + &dummy, NULL, libctx, ctx->_.file.propq) || !OSSL_DECODER_CTX_add_extra(ctx->_.file.decoderctx, libctx, ctx->_.file.propq)) { diff --git a/test/endecode_test.c b/test/endecode_test.c index 7f37a99a6d..70258afcc0 100644 --- a/test/endecode_test.c +++ b/test/endecode_test.c @@ -201,7 +201,7 @@ static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len, const unsigned char *upass = (const unsigned char *)pass; int ok = 0; - if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, NULL, + if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, NULL, NULL, NULL, NULL)) || (pass != NULL && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass))) From levitte at openssl.org Sun Oct 4 11:24:26 2020 From: levitte at openssl.org (Richard Levitte) Date: Sun, 04 Oct 2020 11:24:26 +0000 Subject: [openssl] master update Message-ID: <1601810666.348211.6493.nullmailer@dev.openssl.org> The branch master has been updated via 6514dee7264d30be1ab9ab07f9798071184e7b7a (commit) from 70c06aafa691a77861bd3d3aaf93afa2a55e04ce (commit) - Log ----------------------------------------------------------------- commit 6514dee7264d30be1ab9ab07f9798071184e7b7a Author: Richard Levitte Date: Wed Sep 30 18:01:06 2020 +0200 APPS: Reduce deprecation warning suppression - ENGINE Some of our apps turn off deprecation warnings solely for the sake of ENGINE, and thereby shadowing other deprecations that we should take better care of. To solve this, all apps ENGINE functionality is move to one file, where deprecation warning suppression is activate, and the same suppression can then easily be removed in at least some of the apps. Any remaining suppression that we still need to deal with should happen as separate efforts. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13044) ----------------------------------------------------------------------- Summary of changes: apps/include/apps.h | 6 +++ apps/lib/apps.c | 90 +------------------------------- apps/lib/build.info | 3 +- apps/lib/engine.c | 145 ++++++++++++++++++++++++++++++++++++++++++++++++++++ apps/req.c | 11 ++-- apps/s_client.c | 9 ++-- 6 files changed, 162 insertions(+), 102 deletions(-) create mode 100644 apps/lib/engine.c diff --git a/apps/include/apps.h b/apps/include/apps.h index 8a6f2b046c..ac008e9572 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -151,6 +151,12 @@ __owur int ctx_set_ctlog_list_file(SSL_CTX *ctx, const char *path); ENGINE *setup_engine_methods(const char *id, unsigned int methods, int debug); # define setup_engine(e, debug) setup_engine_methods(e, (unsigned int)-1, debug) void release_engine(ENGINE *e); +int init_engine(ENGINE *e); +int finish_engine(ENGINE *e); +EVP_PKEY *load_engine_private_key(ENGINE *e, const char *keyid, + const char *pass, const char *desc); +EVP_PKEY *load_engine_public_key(ENGINE *e, const char *keyid, + const char *pass, const char *desc); # ifndef OPENSSL_NO_OCSP OCSP_RESPONSE *process_responder(OCSP_REQUEST *req, diff --git a/apps/lib/apps.c b/apps/lib/apps.c index decd5df7f7..14b8cc8b3c 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -7,9 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some engine deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #if !defined(_POSIX_C_SOURCE) && defined(OPENSSL_SYS_VMS) /* * On VMS, you need to define this to get the declaration of fileno(). The @@ -36,9 +33,6 @@ #include #include #include -#ifndef OPENSSL_NO_ENGINE -# include -#endif #ifndef OPENSSL_NO_RSA # include #endif @@ -557,24 +551,11 @@ EVP_PKEY *load_key(const char *uri, int format, int may_stdin, if (e == NULL) { BIO_printf(bio_err, "No engine specified for loading %s\n", desc); } else { -#ifndef OPENSSL_NO_ENGINE - PW_CB_DATA cb_data; - - cb_data.password = pass; - cb_data.prompt_info = uri; - if (ENGINE_init(e)) { - pkey = ENGINE_load_private_key(e, uri, - (UI_METHOD *)get_ui_method(), - &cb_data); - ENGINE_finish(e); - } + pkey = load_engine_private_key(e, uri, pass, desc); if (pkey == NULL) { BIO_printf(bio_err, "Cannot load %s from engine\n", desc); ERR_print_errors(bio_err); } -#else - BIO_printf(bio_err, "Engines not supported for loading %s\n", desc); -#endif } } else { (void)load_key_certs_crls(uri, may_stdin, pass, desc, @@ -600,20 +581,11 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin, if (e == NULL) { BIO_printf(bio_err, "No engine specified for loading %s\n", desc); } else { -#ifndef OPENSSL_NO_ENGINE - PW_CB_DATA cb_data; - - cb_data.password = pass; - cb_data.prompt_info = uri; - pkey = ENGINE_load_public_key(e, uri, (UI_METHOD *)get_ui_method(), - &cb_data); + pkey = load_engine_public_key(e, uri, pass, desc); if (pkey == NULL) { BIO_printf(bio_err, "Cannot load %s from engine\n", desc); ERR_print_errors(bio_err); } -#else - BIO_printf(bio_err, "Engines not supported for loading %s\n", desc); -#endif } } else { (void)load_key_certs_crls(uri, maybe_stdin, pass, desc, @@ -1160,64 +1132,6 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, return NULL; } -#ifndef OPENSSL_NO_ENGINE -/* Try to load an engine in a shareable library */ -static ENGINE *try_load_engine(const char *engine) -{ - ENGINE *e = ENGINE_by_id("dynamic"); - if (e) { - if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) - || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) { - ENGINE_free(e); - e = NULL; - } - } - return e; -} -#endif - -ENGINE *setup_engine_methods(const char *id, unsigned int methods, int debug) -{ - ENGINE *e = NULL; - -#ifndef OPENSSL_NO_ENGINE - if (id != NULL) { - if (strcmp(id, "auto") == 0) { - BIO_printf(bio_err, "Enabling auto ENGINE support\n"); - ENGINE_register_all_complete(); - return NULL; - } - if ((e = ENGINE_by_id(id)) == NULL - && (e = try_load_engine(id)) == NULL) { - BIO_printf(bio_err, "Invalid engine \"%s\"\n", id); - ERR_print_errors(bio_err); - return NULL; - } - if (debug) - (void)ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, bio_err, 0); - if (!ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, - (void *)get_ui_method(), 0, 1) - || !ENGINE_set_default(e, methods)) { - BIO_printf(bio_err, "Cannot use engine \"%s\"\n", ENGINE_get_id(e)); - ERR_print_errors(bio_err); - ENGINE_free(e); - return NULL; - } - - BIO_printf(bio_err, "Engine \"%s\" set.\n", ENGINE_get_id(e)); - } -#endif - return e; -} - -void release_engine(ENGINE *e) -{ -#ifndef OPENSSL_NO_ENGINE - /* Free our "structural" reference. */ - ENGINE_free(e); -#endif -} - static unsigned long index_serial_hash(const OPENSSL_CSTRING *a) { const char *n; diff --git a/apps/lib/build.info b/apps/lib/build.info index 22db095c51..9930ad6212 100644 --- a/apps/lib/build.info +++ b/apps/lib/build.info @@ -9,7 +9,8 @@ ENDIF # Source for libapps $LIBAPPSSRC=apps.c apps_ui.c opt.c fmt.c s_cb.c s_socket.c app_rand.c \ - columns.c app_params.c names.c app_provider.c app_x509.c http_server.c + columns.c app_params.c names.c app_provider.c app_x509.c http_server.c \ + engine.c IF[{- !$disabled{apps} -}] LIBS{noinst}=../libapps.a diff --git a/apps/lib/engine.c b/apps/lib/engine.c new file mode 100644 index 0000000000..e6682f5e8f --- /dev/null +++ b/apps/lib/engine.c @@ -0,0 +1,145 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* + * Here is a set of wrappers for the ENGINE API, which are no-ops when the + * ENGINE API is disabled / removed. + * We need to suppress deprecation warnings to make this work. + */ +#define OPENSSL_SUPPRESS_DEPRECATED + +#include /* Ensure we have the ENGINE type, regardless */ +#ifndef OPENSSL_NO_ENGINE +# include +#endif +#include "apps.h" + +#ifndef OPENSSL_NO_ENGINE +/* Try to load an engine in a shareable library */ +static ENGINE *try_load_engine(const char *engine) +{ + ENGINE *e = NULL; + + if ((e = ENGINE_by_id("dynamic")) != NULL) { + if (!ENGINE_ctrl_cmd_string(e, "SO_PATH", engine, 0) + || !ENGINE_ctrl_cmd_string(e, "LOAD", NULL, 0)) { + ENGINE_free(e); + e = NULL; + } + } + return e; +} +#endif + +ENGINE *setup_engine_methods(const char *id, unsigned int methods, int debug) +{ + ENGINE *e = NULL; + +#ifndef OPENSSL_NO_ENGINE + if (id != NULL) { + if (strcmp(id, "auto") == 0) { + BIO_printf(bio_err, "Enabling auto ENGINE support\n"); + ENGINE_register_all_complete(); + return NULL; + } + if ((e = ENGINE_by_id(id)) == NULL + && (e = try_load_engine(id)) == NULL) { + BIO_printf(bio_err, "Invalid engine \"%s\"\n", id); + ERR_print_errors(bio_err); + return NULL; + } + if (debug) + (void)ENGINE_ctrl(e, ENGINE_CTRL_SET_LOGSTREAM, 0, bio_err, 0); + if (!ENGINE_ctrl_cmd(e, "SET_USER_INTERFACE", 0, + (void *)get_ui_method(), 0, 1) + || !ENGINE_set_default(e, methods)) { + BIO_printf(bio_err, "Cannot use engine \"%s\"\n", ENGINE_get_id(e)); + ERR_print_errors(bio_err); + ENGINE_free(e); + return NULL; + } + + BIO_printf(bio_err, "Engine \"%s\" set.\n", ENGINE_get_id(e)); + } +#endif + return e; +} + +void release_engine(ENGINE *e) +{ +#ifndef OPENSSL_NO_ENGINE + /* Free our "structural" reference. */ + ENGINE_free(e); +#endif +} + +int init_engine(ENGINE *e) +{ + int rv = 1; + +#ifndef OPENSSL_NO_ENGINE + rv = ENGINE_init(e); +#endif + return rv; +} + +int finish_engine(ENGINE *e) +{ + int rv = 1; + +#ifndef OPENSSL_NO_ENGINE + rv = ENGINE_finish(e); +#endif + return rv; +} + +EVP_PKEY *load_engine_private_key(ENGINE *e, const char *keyid, + const char *pass, const char *desc) +{ + EVP_PKEY *rv = NULL; + +#ifndef OPENSSL_NO_ENGINE + if (init_engine(e)) { + PW_CB_DATA cb_data; + + cb_data.password = pass; + cb_data.prompt_info = keyid; + + rv = ENGINE_load_private_key(e, keyid, + (UI_METHOD *)get_ui_method(), &cb_data); + finish_engine(e); + } +#else + BIO_printf(bio_err, "Engines not supported for loading %s\n", desc); +#endif + return rv; +} + +EVP_PKEY *load_engine_public_key(ENGINE *e, const char *keyid, + const char *pass, const char *desc) +{ + EVP_PKEY *rv = NULL; + +#ifndef OPENSSL_NO_ENGINE + if (init_engine(e)) { + PW_CB_DATA cb_data; + + cb_data.password = pass; + cb_data.prompt_info = keyid; + + rv = ENGINE_load_public_key(e, keyid, + (UI_METHOD *)get_ui_method(), &cb_data); + finish_engine(e); + } +#else + BIO_printf(bio_err, "Engines not supported for loading %s\n", desc); +#endif + return rv; +} + diff --git a/apps/req.c b/apps/req.c index a3abc0b7b7..9fa3429baf 100644 --- a/apps/req.c +++ b/apps/req.c @@ -7,9 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some engine deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include #include #include @@ -288,7 +285,7 @@ int req_main(int argc, char **argv) break; case OPT_KEYGEN_ENGINE: #ifndef OPENSSL_NO_ENGINE - gen_eng = ENGINE_by_id(opt_arg()); + gen_eng = setup_engine(opt_arg(), 0); if (gen_eng == NULL) { BIO_printf(bio_err, "Can't find keygen engine %s\n", *argv); goto opthelp; @@ -991,7 +988,7 @@ int req_main(int argc, char **argv) lh_OPENSSL_STRING_doall(addexts, exts_cleanup); lh_OPENSSL_STRING_free(addexts); #ifndef OPENSSL_NO_ENGINE - ENGINE_free(gen_eng); + release_engine(gen_eng); #endif OPENSSL_free(keyalgstr); X509_REQ_free(req); @@ -1510,7 +1507,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, EVP_PKEY_asn1_get0_info(NULL, pkey_type, NULL, NULL, NULL, ameth); #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(tmpeng); + finish_engine(tmpeng); #endif if (*pkey_type == EVP_PKEY_RSA) { if (p != NULL) { @@ -1571,7 +1568,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(const char *gstr, EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &anam, ameth); *palgnam = OPENSSL_strdup(anam); #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(tmpeng); + finish_engine(tmpeng); #endif } diff --git a/apps/s_client.c b/apps/s_client.c index 513beeaa9a..512ac0547b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -8,9 +8,6 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some engine deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include "e_os.h" #include #include @@ -1204,7 +1201,7 @@ int s_client_main(int argc, char **argv) break; case OPT_SSL_CLIENT_ENGINE: #ifndef OPENSSL_NO_ENGINE - ssl_client_engine = ENGINE_by_id(opt_arg()); + ssl_client_engine = setup_engine(opt_arg(), 0); if (ssl_client_engine == NULL) { BIO_printf(bio_err, "Error getting client auth engine\n"); goto opthelp; @@ -1881,10 +1878,10 @@ int s_client_main(int argc, char **argv) if (!SSL_CTX_set_client_cert_engine(ctx, ssl_client_engine)) { BIO_puts(bio_err, "Error setting client auth engine\n"); ERR_print_errors(bio_err); - ENGINE_free(ssl_client_engine); + release_engine(ssl_client_engine); goto end; } - ENGINE_free(ssl_client_engine); + release_engine(ssl_client_engine); } #endif From builds at travis-ci.com Sun Oct 4 12:20:56 2020 From: builds at travis-ci.com (Travis CI) Date: Sun, 04 Oct 2020 12:20:56 +0000 Subject: Still Failing: openssl/openssl#37885 (master - ecadfda) In-Reply-To: Message-ID: <5f79be28926d3_13fb205caa8f432269f@travis-pro-tasks-689b546597-pn8m8.mail> Build Update for openssl/openssl ------------------------------------- Build: #37885 Status: Still Failing Duration: 1 hr, 18 mins, and 44 secs Commit: ecadfda (master) Author: Richard Levitte Message: DECODER: Handle abstract object data type The PEM->DER decoder passes the data type of its contents, something that decoder_process() ignored. On the other hand, the PEM->DER decoder passed nonsense. Both issues are fixed here. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13060) View the changeset: https://github.com/openssl/openssl/compare/4232a9e57f48...ecadfdadde49 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188031313?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 4 13:20:58 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 04 Oct 2020 13:20:58 +0000 Subject: Build failed: openssl master.37351 Message-ID: <20201004132058.1.12E26D020AC17D29@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Sun Oct 4 13:25:14 2020 From: builds at travis-ci.com (Travis CI) Date: Sun, 04 Oct 2020 13:25:14 +0000 Subject: Still Failing: openssl/openssl#37886 (master - 70c06aa) In-Reply-To: Message-ID: <5f79cd3a291a0_13f9aea7ac0dc1522a0@travis-pro-tasks-759484f648-vp5jq.mail> Build Update for openssl/openssl ------------------------------------- Build: #37886 Status: Still Failing Duration: 1 hr, 29 mins, and 51 secs Commit: 70c06aa (master) Author: Richard Levitte Message: DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() There is some data that is very difficult to guess. For example, DSA parameters and X9.42 DH parameters look exactly the same, a SEQUENCE of 3 INTEGER. Therefore, callers may need the possibility to select the exact keytype that they expect to get. This will also allow use to translate d2i_TYPEPrivateKey(), d2i_TYPEPublicKey() and d2i_TYPEParams() into OSSL_DECODER terms much more smoothly. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13061) View the changeset: https://github.com/openssl/openssl/compare/ecadfdadde49...70c06aafa691 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188031379?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Sun Oct 4 14:28:44 2020 From: builds at travis-ci.com (Travis CI) Date: Sun, 04 Oct 2020 14:28:44 +0000 Subject: Still Failing: openssl/openssl#37887 (master - 6514dee) In-Reply-To: Message-ID: <5f79dc1c4a5ab_13f9236adbc4c120997@travis-pro-tasks-759484f648-phtf8.mail> Build Update for openssl/openssl ------------------------------------- Build: #37887 Status: Still Failing Duration: 1 hr, 28 mins, and 31 secs Commit: 6514dee (master) Author: Richard Levitte Message: APPS: Reduce deprecation warning suppression - ENGINE Some of our apps turn off deprecation warnings solely for the sake of ENGINE, and thereby shadowing other deprecations that we should take better care of. To solve this, all apps ENGINE functionality is move to one file, where deprecation warning suppression is activate, and the same suppression can then easily be removed in at least some of the apps. Any remaining suppression that we still need to deal with should happen as separate efforts. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13044) View the changeset: https://github.com/openssl/openssl/compare/70c06aafa691...6514dee7264d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188032296?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 4 20:09:08 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 04 Oct 2020 20:09:08 +0000 Subject: Build completed: openssl master.37352 Message-ID: <20201004200908.1.37348E5F8867BA89@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Sun Oct 4 23:44:15 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sun, 04 Oct 2020 23:44:15 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1601855055.198242.5086.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 8087C2384A7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 800717A5777F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 800717A5777F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1155 wallclock secs (10.70 usr 1.37 sys + 1012.68 cusr 128.58 csys = 1153.33 CPU) Result: FAIL Makefile:2533: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2531: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 5 01:28:14 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 01:28:14 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1601861294.811038.12343.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 654 wallclock secs (13.59 usr 1.26 sys + 591.80 cusr 55.60 csys = 662.25 CPU) Result: FAIL Makefile:3181: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3179: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 5 03:51:58 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 03:51:58 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1601869918.459445.6064.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/srptest-bin-srptest.d.tmp -MT test/srptest-bin-srptest.o -c -o test/srptest-bin-srptest.o ../openssl/test/srptest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" chmod a+x apps/tsget.pl rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21549: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3127: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Mon Oct 5 06:00:34 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 06:00:34 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1601877634.388148.22928.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_csr_ignored.pem -out_trusted root.crt -csr idontexist => 1 not ok 72 - csr ignored for ir # ------------------------------------------------------------------------------ # Failed test 'csr ignored for ir' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. Could not read private key for CMP client certificate from signer.p12 C0E02A79E57F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr.pem -out_trusted root.crt -csr csr.pem => 1 not ok 73 - p10cr csr # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C090A1FA6F7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 1 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0A0FA40407F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Looks like you failed 29 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 657 wallclock secs (13.50 usr 1.25 sys + 599.08 cusr 55.89 csys = 669.72 CPU) Result: FAIL Makefile:3126: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3124: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 5 06:22:42 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 06:22:42 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1601878962.914082.11349.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 662 wallclock secs (14.58 usr 1.32 sys + 588.49 cusr 60.74 csys = 665.13 CPU) Result: FAIL Makefile:3187: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3185: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 5 06:44:05 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 06:44:05 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1601880245.664346.31266.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. skipped: dh is not supported by this OpenSSL build 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 25-test_x509.t (Wstat: 256 Tests: 15 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=212, Tests=3574, 639 wallclock secs (13.82 usr 1.27 sys + 564.56 cusr 59.03 csys = 638.68 CPU) Result: FAIL Makefile:3152: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dh' Makefile:3150: recipe for target 'tests' failed make: *** [tests] Error 2 From beldmit at gmail.com Mon Oct 5 09:15:26 2020 From: beldmit at gmail.com (beldmit at gmail.com) Date: Mon, 05 Oct 2020 09:15:26 +0000 Subject: [openssl] master update Message-ID: <1601889326.076802.1064.nullmailer@dev.openssl.org> The branch master has been updated via 856198aac784fc78b4588d2b409cec9f4ecf812d (commit) from 6514dee7264d30be1ab9ab07f9798071184e7b7a (commit) - Log ----------------------------------------------------------------- commit 856198aac784fc78b4588d2b409cec9f4ecf812d Author: Dmitry Belyavskiy Date: Fri Feb 22 18:36:00 2019 +0300 Some OIDs used in Russian X.509 certificates. OBJ_OGRNIP denotes a specific legal status of the certificate owner. OBJ_classSignTool* denotes a level of certification of the software created the certificate. http://www.garant.ru/products/ipo/prime/doc/70033464/ is the relevant link (in Russian). Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8309) ----------------------------------------------------------------------- Summary of changes: crypto/objects/obj_dat.h | 50 +++++++++++++++++++++++++++--- crypto/objects/obj_mac.num | 8 +++++ crypto/objects/objects.txt | 8 +++++ fuzz/oids.txt | 8 +++++ include/openssl/obj_mac.h | 40 ++++++++++++++++++++++++ test/recipes/25-test_rusext_data/grfc.msb | 4 +-- test/recipes/25-test_rusext_data/grfc.utf8 | 4 +-- 7 files changed, 113 insertions(+), 9 deletions(-) diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h index 0abd2a8d72..440fd1d6af 100644 --- a/crypto/objects/obj_dat.h +++ b/crypto/objects/obj_dat.h @@ -10,7 +10,7 @@ */ /* Serialized OID's */ -static const unsigned char so[7901] = { +static const unsigned char so[7947] = { 0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */ 0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */ @@ -1093,9 +1093,17 @@ static const unsigned char so[7901] = { 0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x11, /* [ 7876] OBJ_id_it_caCerts */ 0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x12, /* [ 7884] OBJ_id_it_rootCaKeyUpdate */ 0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x13, /* [ 7892] OBJ_id_it_certReqTemplate */ + 0x2A,0x85,0x03,0x64,0x05, /* [ 7900] OBJ_OGRNIP */ + 0x2A,0x85,0x03,0x64,0x71, /* [ 7905] OBJ_classSignTool */ + 0x2A,0x85,0x03,0x64,0x71,0x01, /* [ 7910] OBJ_classSignToolKC1 */ + 0x2A,0x85,0x03,0x64,0x71,0x02, /* [ 7916] OBJ_classSignToolKC2 */ + 0x2A,0x85,0x03,0x64,0x71,0x03, /* [ 7922] OBJ_classSignToolKC3 */ + 0x2A,0x85,0x03,0x64,0x71,0x04, /* [ 7928] OBJ_classSignToolKB1 */ + 0x2A,0x85,0x03,0x64,0x71,0x05, /* [ 7934] OBJ_classSignToolKB2 */ + 0x2A,0x85,0x03,0x64,0x71,0x06, /* [ 7940] OBJ_classSignToolKA1 */ }; -#define NUM_NID 1226 +#define NUM_NID 1234 static const ASN1_OBJECT nid_objs[NUM_NID] = { {"UNDEF", "undefined", NID_undef}, {"rsadsi", "RSA Data Security, Inc.", NID_rsadsi, 6, &so[0]}, @@ -2323,9 +2331,17 @@ static const ASN1_OBJECT nid_objs[NUM_NID] = { {"id-it-caCerts", "id-it-caCerts", NID_id_it_caCerts, 8, &so[7876]}, {"id-it-rootCaKeyUpdate", "id-it-rootCaKeyUpdate", NID_id_it_rootCaKeyUpdate, 8, &so[7884]}, {"id-it-certReqTemplate", "id-it-certReqTemplate", NID_id_it_certReqTemplate, 8, &so[7892]}, + {"OGRNIP", "OGRNIP", NID_OGRNIP, 5, &so[7900]}, + {"classSignTool", "Class of Signing Tool", NID_classSignTool, 5, &so[7905]}, + {"classSignToolKC1", "Class of Signing Tool KC1", NID_classSignToolKC1, 6, &so[7910]}, + {"classSignToolKC2", "Class of Signing Tool KC2", NID_classSignToolKC2, 6, &so[7916]}, + {"classSignToolKC3", "Class of Signing Tool KC3", NID_classSignToolKC3, 6, &so[7922]}, + {"classSignToolKB1", "Class of Signing Tool KB1", NID_classSignToolKB1, 6, &so[7928]}, + {"classSignToolKB2", "Class of Signing Tool KB2", NID_classSignToolKB2, 6, &so[7934]}, + {"classSignToolKA1", "Class of Signing Tool KA1", NID_classSignToolKA1, 6, &so[7940]}, }; -#define NUM_SN 1217 +#define NUM_SN 1225 static const unsigned int sn_objs[NUM_SN] = { 364, /* "AD_DVCS" */ 419, /* "AES-128-CBC" */ @@ -2526,6 +2542,7 @@ static const unsigned int sn_objs[NUM_SN] = { 178, /* "OCSP" */ 180, /* "OCSPSigning" */ 1005, /* "OGRN" */ + 1226, /* "OGRNIP" */ 379, /* "ORG" */ 18, /* "OU" */ 749, /* "Oakley-EC2N-3" */ @@ -2704,6 +2721,13 @@ static const unsigned int sn_objs[NUM_SN] = { 883, /* "certificateRevocationList" */ 54, /* "challengePassword" */ 407, /* "characteristic-two-field" */ + 1227, /* "classSignTool" */ + 1233, /* "classSignToolKA1" */ + 1231, /* "classSignToolKB1" */ + 1232, /* "classSignToolKB2" */ + 1228, /* "classSignToolKC1" */ + 1229, /* "classSignToolKC2" */ + 1230, /* "classSignToolKC3" */ 395, /* "clearance" */ 130, /* "clientAuth" */ 1222, /* "cmKGA" */ @@ -3546,7 +3570,7 @@ static const unsigned int sn_objs[NUM_SN] = { 1093, /* "x509ExtAdmission" */ }; -#define NUM_LN 1217 +#define NUM_LN 1225 static const unsigned int ln_objs[NUM_LN] = { 363, /* "AD Time Stamping" */ 405, /* "ANSI X9.62" */ @@ -3568,6 +3592,13 @@ static const unsigned int ln_objs[NUM_LN] = { 951, /* "CT Precertificate SCTs" */ 953, /* "CT Precertificate Signer" */ 1222, /* "Certificate Management Key Generation Authority" */ + 1227, /* "Class of Signing Tool" */ + 1233, /* "Class of Signing Tool KA1" */ + 1231, /* "Class of Signing Tool KB1" */ + 1232, /* "Class of Signing Tool KB2" */ + 1228, /* "Class of Signing Tool KC1" */ + 1229, /* "Class of Signing Tool KC2" */ + 1230, /* "Class of Signing Tool KC3" */ 131, /* "Code Signing" */ 1024, /* "Ctrl/Provision WAP Termination" */ 1023, /* "Ctrl/provision WAP Access" */ @@ -3688,6 +3719,7 @@ static const unsigned int ln_objs[NUM_LN] = { 371, /* "OCSP Service Locator" */ 180, /* "OCSP Signing" */ 1005, /* "OGRN" */ + 1226, /* "OGRNIP" */ 161, /* "PBES2" */ 69, /* "PBKDF2" */ 162, /* "PBMAC1" */ @@ -4767,7 +4799,7 @@ static const unsigned int ln_objs[NUM_LN] = { 125, /* "zlib compression" */ }; -#define NUM_OBJ 1088 +#define NUM_OBJ 1096 static const unsigned int obj_objs[NUM_OBJ] = { 0, /* OBJ_undef 0 */ 181, /* OBJ_iso 1 */ @@ -5021,8 +5053,10 @@ static const unsigned int obj_objs[NUM_OBJ] = { 974, /* OBJ_id_tc26 1 2 643 7 1 */ 1005, /* OBJ_OGRN 1 2 643 100 1 */ 1006, /* OBJ_SNILS 1 2 643 100 3 */ + 1226, /* OBJ_OGRNIP 1 2 643 100 5 */ 1007, /* OBJ_subjectSignTool 1 2 643 100 111 */ 1008, /* OBJ_issuerSignTool 1 2 643 100 112 */ + 1227, /* OBJ_classSignTool 1 2 643 100 113 */ 184, /* OBJ_X9_57 1 2 840 10040 */ 405, /* OBJ_ansi_X9_62 1 2 840 10045 */ 389, /* OBJ_Enterprises 1 3 6 1 4 1 */ @@ -5111,6 +5145,12 @@ static const unsigned int obj_objs[NUM_OBJ] = { 818, /* OBJ_id_GostR3410_94DH 1 2 643 2 2 99 */ 977, /* OBJ_id_tc26_algorithms 1 2 643 7 1 1 */ 994, /* OBJ_id_tc26_constants 1 2 643 7 1 2 */ + 1228, /* OBJ_classSignToolKC1 1 2 643 100 113 1 */ + 1229, /* OBJ_classSignToolKC2 1 2 643 100 113 2 */ + 1230, /* OBJ_classSignToolKC3 1 2 643 100 113 3 */ + 1231, /* OBJ_classSignToolKB1 1 2 643 100 113 4 */ + 1232, /* OBJ_classSignToolKB2 1 2 643 100 113 5 */ + 1233, /* OBJ_classSignToolKA1 1 2 643 100 113 6 */ 1, /* OBJ_rsadsi 1 2 840 113549 */ 185, /* OBJ_X9cm 1 2 840 10040 4 */ 1031, /* OBJ_id_pkinit 1 3 6 1 5 2 3 */ diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num index fb40663977..7d1d70ea28 100644 --- a/crypto/objects/obj_mac.num +++ b/crypto/objects/obj_mac.num @@ -1223,3 +1223,11 @@ cmKGA 1222 id_it_caCerts 1223 id_it_rootCaKeyUpdate 1224 id_it_certReqTemplate 1225 +OGRNIP 1226 +classSignTool 1227 +classSignToolKC1 1228 +classSignToolKC2 1229 +classSignToolKC3 1230 +classSignToolKB1 1231 +classSignToolKB2 1232 +classSignToolKA1 1233 diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt index 4aa6fc5854..8aef90d952 100644 --- a/crypto/objects/objects.txt +++ b/crypto/objects/objects.txt @@ -1406,8 +1406,16 @@ id-tc26-gost-28147-constants 1 : id-tc26-gost-28147-param-Z : GOST 28147-89 TC26 member-body 643 3 131 1 1 : INN : INN member-body 643 100 1 : OGRN : OGRN member-body 643 100 3 : SNILS : SNILS +member-body 643 100 5 : OGRNIP : OGRNIP member-body 643 100 111 : subjectSignTool : Signing Tool of Subject member-body 643 100 112 : issuerSignTool : Signing Tool of Issuer +member-body 643 100 113 : classSignTool : Class of Signing Tool +member-body 643 100 113 1 : classSignToolKC1 : Class of Signing Tool KC1 +member-body 643 100 113 2 : classSignToolKC2 : Class of Signing Tool KC2 +member-body 643 100 113 3 : classSignToolKC3 : Class of Signing Tool KC3 +member-body 643 100 113 4 : classSignToolKB1 : Class of Signing Tool KB1 +member-body 643 100 113 5 : classSignToolKB2 : Class of Signing Tool KB2 +member-body 643 100 113 6 : classSignToolKA1 : Class of Signing Tool KA1 #GOST R34.13-2015 Grasshopper "Kuznechik" : kuznyechik-ecb diff --git a/fuzz/oids.txt b/fuzz/oids.txt index 2b4cb110ce..efbcaa416c 100644 --- a/fuzz/oids.txt +++ b/fuzz/oids.txt @@ -1080,3 +1080,11 @@ OBJ_cmKGA="\x2B\x06\x01\x05\x05\x07\x03\x20" OBJ_id_it_caCerts="\x2B\x06\x01\x05\x05\x07\x04\x11" OBJ_id_it_rootCaKeyUpdate="\x2B\x06\x01\x05\x05\x07\x04\x12" OBJ_id_it_certReqTemplate="\x2B\x06\x01\x05\x05\x07\x04\x13" +OBJ_OGRNIP="\x2A\x85\x03\x64\x05" +OBJ_classSignTool="\x2A\x85\x03\x64\x71" +OBJ_classSignToolKC1="\x2A\x85\x03\x64\x71\x01" +OBJ_classSignToolKC2="\x2A\x85\x03\x64\x71\x02" +OBJ_classSignToolKC3="\x2A\x85\x03\x64\x71\x03" +OBJ_classSignToolKB1="\x2A\x85\x03\x64\x71\x04" +OBJ_classSignToolKB2="\x2A\x85\x03\x64\x71\x05" +OBJ_classSignToolKA1="\x2A\x85\x03\x64\x71\x06" diff --git a/include/openssl/obj_mac.h b/include/openssl/obj_mac.h index 18fd0ec451..5af0024989 100644 --- a/include/openssl/obj_mac.h +++ b/include/openssl/obj_mac.h @@ -4452,6 +4452,11 @@ #define NID_SNILS 1006 #define OBJ_SNILS OBJ_member_body,643L,100L,3L +#define SN_OGRNIP "OGRNIP" +#define LN_OGRNIP "OGRNIP" +#define NID_OGRNIP 1226 +#define OBJ_OGRNIP OBJ_member_body,643L,100L,5L + #define SN_subjectSignTool "subjectSignTool" #define LN_subjectSignTool "Signing Tool of Subject" #define NID_subjectSignTool 1007 @@ -4462,6 +4467,41 @@ #define NID_issuerSignTool 1008 #define OBJ_issuerSignTool OBJ_member_body,643L,100L,112L +#define SN_classSignTool "classSignTool" +#define LN_classSignTool "Class of Signing Tool" +#define NID_classSignTool 1227 +#define OBJ_classSignTool OBJ_member_body,643L,100L,113L + +#define SN_classSignToolKC1 "classSignToolKC1" +#define LN_classSignToolKC1 "Class of Signing Tool KC1" +#define NID_classSignToolKC1 1228 +#define OBJ_classSignToolKC1 OBJ_member_body,643L,100L,113L,1L + +#define SN_classSignToolKC2 "classSignToolKC2" +#define LN_classSignToolKC2 "Class of Signing Tool KC2" +#define NID_classSignToolKC2 1229 +#define OBJ_classSignToolKC2 OBJ_member_body,643L,100L,113L,2L + +#define SN_classSignToolKC3 "classSignToolKC3" +#define LN_classSignToolKC3 "Class of Signing Tool KC3" +#define NID_classSignToolKC3 1230 +#define OBJ_classSignToolKC3 OBJ_member_body,643L,100L,113L,3L + +#define SN_classSignToolKB1 "classSignToolKB1" +#define LN_classSignToolKB1 "Class of Signing Tool KB1" +#define NID_classSignToolKB1 1231 +#define OBJ_classSignToolKB1 OBJ_member_body,643L,100L,113L,4L + +#define SN_classSignToolKB2 "classSignToolKB2" +#define LN_classSignToolKB2 "Class of Signing Tool KB2" +#define NID_classSignToolKB2 1232 +#define OBJ_classSignToolKB2 OBJ_member_body,643L,100L,113L,5L + +#define SN_classSignToolKA1 "classSignToolKA1" +#define LN_classSignToolKA1 "Class of Signing Tool KA1" +#define NID_classSignToolKA1 1233 +#define OBJ_classSignToolKA1 OBJ_member_body,643L,100L,113L,6L + #define SN_kuznyechik_ecb "kuznyechik-ecb" #define NID_kuznyechik_ecb 1012 diff --git a/test/recipes/25-test_rusext_data/grfc.msb b/test/recipes/25-test_rusext_data/grfc.msb index 68ebff6274..5184e4ff7a 100644 --- a/test/recipes/25-test_rusext_data/grfc.msb +++ b/test/recipes/25-test_rusext_data/grfc.msb @@ -26,8 +26,8 @@ Certificate: 1.3.6.1.4.1.311.21.1: ... X509v3 Certificate Policies: - Policy: 1.2.643.100.113.1 - Policy: 1.2.643.100.113.2 + Policy: Class of Signing Tool KC1 + Policy: Class of Signing Tool KC2 Policy: X509v3 Any Policy Signature Algorithm: GOST R 34.11-94 with GOST R 34.10-2001 Signature Value: diff --git a/test/recipes/25-test_rusext_data/grfc.utf8 b/test/recipes/25-test_rusext_data/grfc.utf8 index ebca5d6b59..a709dcf67c 100644 --- a/test/recipes/25-test_rusext_data/grfc.utf8 +++ b/test/recipes/25-test_rusext_data/grfc.utf8 @@ -26,8 +26,8 @@ Certificate: 1.3.6.1.4.1.311.21.1: ... X509v3 Certificate Policies: - Policy: 1.2.643.100.113.1 - Policy: 1.2.643.100.113.2 + Policy: Class of Signing Tool KC1 + Policy: Class of Signing Tool KC2 Policy: X509v3 Any Policy Signature Algorithm: GOST R 34.11-94 with GOST R 34.10-2001 Signature Value: From openssl at openssl.org Mon Oct 5 10:03:52 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 10:03:52 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1601892232.647553.32733.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 642 wallclock secs (10.64 usr 1.14 sys + 588.82 cusr 52.57 csys = 653.17 CPU) Result: FAIL Makefile:3118: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3116: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Mon Oct 5 10:44:23 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 05 Oct 2020 10:44:23 +0000 Subject: Still Failing: openssl/openssl#37892 (master - 856198a) In-Reply-To: Message-ID: <5f7af9077b7e3_13fb4320457b03116a0@travis-pro-tasks-7fb67c6c7d-cl77k.mail> Build Update for openssl/openssl ------------------------------------- Build: #37892 Status: Still Failing Duration: 1 hr, 24 mins, and 0 secs Commit: 856198a (master) Author: Dmitry Belyavskiy Message: Some OIDs used in Russian X.509 certificates. OBJ_OGRNIP denotes a specific legal status of the certificate owner. OBJ_classSignTool* denotes a level of certification of the software created the certificate. http://www.garant.ru/products/ipo/prime/doc/70033464/ is the relevant link (in Russian). Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8309) View the changeset: https://github.com/openssl/openssl/compare/6514dee7264d...856198aac784 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188126472?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 5 10:52:38 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 10:52:38 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1601895158.709682.29156.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 642 wallclock secs (12.94 usr 1.03 sys + 583.44 cusr 55.66 csys = 653.07 CPU) Result: FAIL Makefile:3175: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3173: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 5 11:53:08 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 05 Oct 2020 11:53:08 +0000 Subject: Build failed: openssl master.37356 Message-ID: <20201005115308.1.4467BA7881C37B51@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 5 14:22:21 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 05 Oct 2020 14:22:21 +0000 Subject: Build completed: openssl master.37357 Message-ID: <20201005142221.1.214FFA7277155906@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 5 17:57:57 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 17:57:57 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1601920677.294548.29948.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.certout_kur2.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 710 wallclock secs (13.15 usr 1.19 sys + 617.68 cusr 56.22 csys = 688.24 CPU) Result: FAIL Makefile:3164: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3162: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 5 20:05:27 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 05 Oct 2020 20:05:27 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1601928327.504127.24511.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file 'test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file 'test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file 'test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 549 wallclock secs (10.06 usr 1.17 sys + 495.90 cusr 44.72 csys = 551.85 CPU) Result: FAIL Makefile:2406: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2404: recipe for target 'tests' failed make: *** [tests] Error 2 From pauli at openssl.org Mon Oct 5 23:02:06 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Mon, 05 Oct 2020 23:02:06 +0000 Subject: [openssl] master update Message-ID: <1601938926.788225.10484.nullmailer@dev.openssl.org> The branch master has been updated via 69340cafb4a894c469a392ce517b2e092758f1c4 (commit) from 856198aac784fc78b4588d2b409cec9f4ecf812d (commit) - Log ----------------------------------------------------------------- commit 69340cafb4a894c469a392ce517b2e092758f1c4 Author: Pauli Date: Wed Sep 30 20:01:02 2020 +1000 doc: remove duplicated code in example Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13048) ----------------------------------------------------------------------- Summary of changes: doc/man7/EVP_PKEY-EC.pod | 4 ---- 1 file changed, 4 deletions(-) diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod index e423a52971..9b195810d0 100644 --- a/doc/man7/EVP_PKEY-EC.pod +++ b/doc/man7/EVP_PKEY-EC.pod @@ -166,10 +166,6 @@ An B EC CDH (Cofactor Diffie-Hellman) key can be generated with a EVP_PKEY_CTX *gctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); - EVP_PKEY *key = NULL; - OSSL_PARAM params[3]; - EVP_PKEY_CTX *gctx = EVP_PKEY_CTX_new_from_name(NULL, "EC", NULL); - EVP_PKEY_keygen_init(gctx); params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, From pauli at openssl.org Mon Oct 5 23:09:54 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Mon, 05 Oct 2020 23:09:54 +0000 Subject: [openssl] master update Message-ID: <1601939394.718237.31231.nullmailer@dev.openssl.org> The branch master has been updated via 5357c10624bedaeed984ef4ff370096911ee2ddf (commit) from 69340cafb4a894c469a392ce517b2e092758f1c4 (commit) - Log ----------------------------------------------------------------- commit 5357c10624bedaeed984ef4ff370096911ee2ddf Author: Pauli Date: Wed Sep 30 15:07:24 2020 +1000 ffc: add _ossl to exported but internal functions The functions updated are: ffc_generate_private_key, ffc_named_group_from_uid, ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify, ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate, ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate, ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp, ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name, ffc_params_flags_to_name, ffc_params_fromdata, ffc_params_get0_pqg, ffc_params_get_validate_params, ffc_params_init, ffc_params_print, ffc_params_set0_j, ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex, ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed, ffc_params_set_validate_params, ffc_params_simple_validate, ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest, ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key and ffc_validate_public_key_partial. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13041) ----------------------------------------------------------------------- Summary of changes: crypto/dh/dh_ameth.c | 8 +- crypto/dh/dh_asn1.c | 13 +- crypto/dh/dh_check.c | 10 +- crypto/dh/dh_ctrl.c | 4 +- crypto/dh/dh_gen.c | 14 +- crypto/dh/dh_group_params.c | 16 +- crypto/dh/dh_key.c | 18 +- crypto/dh/dh_lib.c | 8 +- crypto/dh/dh_pmeth.c | 16 +- crypto/dsa/dsa_ameth.c | 6 +- crypto/dsa/dsa_check.c | 10 +- crypto/dsa/dsa_gen.c | 15 +- crypto/dsa/dsa_key.c | 9 +- crypto/dsa/dsa_lib.c | 10 +- crypto/dsa/dsa_ossl.c | 2 +- crypto/dsa/dsa_pmeth.c | 7 +- crypto/evp/pmeth_lib.c | 2 +- crypto/ffc/ffc_backend.c | 14 +- crypto/ffc/ffc_key_generate.c | 4 +- crypto/ffc/ffc_key_validate.c | 13 +- crypto/ffc/ffc_params.c | 63 +++--- crypto/ffc/ffc_params_generate.c | 52 ++--- crypto/ffc/ffc_params_validate.c | 38 ++-- include/internal/ffc.h | 146 +++++++------ .../encode_decode/encode_key2text.c | 2 +- providers/implementations/keymgmt/dh_kmgmt.c | 24 +-- providers/implementations/keymgmt/dsa_kmgmt.c | 22 +- test/ffc_internal_test.c | 239 +++++++++++---------- 28 files changed, 406 insertions(+), 379 deletions(-) diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index cd318654cf..e32de78638 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -320,7 +320,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype) if (!ASN1_bn_print(bp, "public-key:", pub_key, NULL, indent)) goto err; - if (!ffc_params_print(bp, &x->params, indent)) + if (!ossl_ffc_params_print(bp, &x->params, indent)) goto err; if (x->length != 0) { @@ -354,15 +354,15 @@ static int dh_security_bits(const EVP_PKEY *pkey) static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { - return ffc_params_cmp(&a->pkey.dh->params, &a->pkey.dh->params, - a->ameth != &dhx_asn1_meth); + return ossl_ffc_params_cmp(&a->pkey.dh->params, &a->pkey.dh->params, + a->ameth != &dhx_asn1_meth); } static int int_dh_param_copy(DH *to, const DH *from, int is_x942) { if (is_x942 == -1) is_x942 = (from->params.q != NULL); - if (!ffc_params_copy(&to->params, &from->params)) + if (!ossl_ffc_params_copy(&to->params, &from->params)) return 0; if (!is_x942) to->length = from->length; diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 5475d98bfa..cf5c735a6a 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -108,13 +108,14 @@ DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length) params = &dh->params; DH_set0_pqg(dh, dhx->p, dhx->q, dhx->g); - ffc_params_set0_j(params, dhx->j); + ossl_ffc_params_set0_j(params, dhx->j); if (dhx->vparams != NULL) { /* The counter has a maximum value of 4 * numbits(p) - 1 */ size_t counter = (size_t)BN_get_word(dhx->vparams->counter); - ffc_params_set_validate_params(params, dhx->vparams->seed->data, - dhx->vparams->seed->length, counter); + ossl_ffc_params_set_validate_params(params, dhx->vparams->seed->data, + dhx->vparams->seed->length, + counter); ASN1_BIT_STRING_free(dhx->vparams->seed); BN_free(dhx->vparams->counter); OPENSSL_free(dhx->vparams); @@ -135,10 +136,10 @@ int i2d_DHxparams(const DH *dh, unsigned char **pp) const FFC_PARAMS *params = &dh->params; int counter; - ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p, - (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g); + ossl_ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p, + (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g); dhx.j = params->j; - ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter); + ossl_ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter); seed.length = (int)seedlen; if (counter != -1 && seed.data != NULL && seed.length > 0) { diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index a223121cd0..ce8c6f7185 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -62,8 +62,8 @@ int DH_check_params(const DH *dh, int *ret) * (2b) FFC domain params conform to FIPS-186-4 explicit domain param * validity tests. */ - return ffc_params_FIPS186_4_validate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, ret, NULL); + return ossl_ffc_params_FIPS186_4_validate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, ret, NULL); } #else int DH_check_params(const DH *dh, int *ret) @@ -235,7 +235,7 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key) */ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key(&dh->params, pub_key, ret); + return ossl_ffc_validate_public_key(&dh->params, pub_key, ret); } /* @@ -245,7 +245,7 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) */ int dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key_partial(&dh->params, pub_key, ret); + return ossl_ffc_validate_public_key_partial(&dh->params, pub_key, ret); } int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret) @@ -268,7 +268,7 @@ int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret) if (BN_cmp(two_powN, dh->params.q) < 0) upper = two_powN; } - if (!ffc_validate_private_key(upper, priv_key, ret)) + if (!ossl_ffc_validate_private_key(upper, priv_key, ret)) goto err; ok = 1; diff --git a/crypto/dh/dh_ctrl.c b/crypto/dh/dh_ctrl.c index 0db5eba505..2aa69fd154 100644 --- a/crypto/dh/dh_ctrl.c +++ b/crypto/dh/dh_ctrl.c @@ -179,7 +179,7 @@ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen) if (ctx->op.keymgmt.genctx == NULL) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DH_RFC5114, gen, NULL); - name = ffc_named_group_from_uid(gen); + name = ossl_ffc_named_group_from_uid(gen); if (name == NULL) return 0; @@ -208,7 +208,7 @@ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_DH_NID, nid, NULL); - name = ffc_named_group_from_uid(nid); + name = ossl_ffc_named_group_from_uid(nid); if (name == NULL) return 0; diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 096cf12886..1e84db9527 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -42,14 +42,14 @@ int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits, #ifndef FIPS_MODULE if (type == DH_PARAMGEN_TYPE_FIPS_186_2) - ret = ffc_params_FIPS186_2_generate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_2_generate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, + pbits, qbits, &res, cb); else #endif - ret = ffc_params_FIPS186_4_generate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_4_generate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, + pbits, qbits, &res, cb); if (ret > 0) dh->dirty_cnt++; return ret; @@ -102,7 +102,7 @@ static int dh_gen_named_group(OPENSSL_CTX *libctx, DH *ret, int prime_len) dh = dh_new_by_nid_ex(libctx, nid); if (dh != NULL - && ffc_params_copy(&ret->params, &dh->params)) { + && ossl_ffc_params_copy(&ret->params, &dh->params)) { ok = 1; ret->dirty_cnt++; } diff --git a/crypto/dh/dh_group_params.c b/crypto/dh/dh_group_params.c index 7a19f71b4d..b91a76bd97 100644 --- a/crypto/dh/dh_group_params.c +++ b/crypto/dh/dh_group_params.c @@ -78,7 +78,7 @@ static const DH_NAMED_GROUP dh_named_groups[] = { #endif }; -int ffc_named_group_to_uid(const char *name) +int ossl_ffc_named_group_to_uid(const char *name) { size_t i; @@ -89,7 +89,7 @@ int ffc_named_group_to_uid(const char *name) return NID_undef; } -const char *ffc_named_group_from_uid(int uid) +const char *ossl_ffc_named_group_from_uid(int uid) { size_t i; @@ -138,7 +138,7 @@ static DH *dh_new_by_group_name(OPENSSL_CTX *libctx, const char *name) DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid) { - const char *name = ffc_named_group_from_uid(nid); + const char *name = ossl_ffc_named_group_from_uid(nid); return dh_new_by_group_name(libctx, name); } @@ -148,7 +148,7 @@ DH *DH_new_by_nid(int nid) return dh_new_by_nid_ex(NULL, nid); } -int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) +int ossl_ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) { int i; BIGNUM *q = NULL; @@ -158,10 +158,10 @@ int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) for (i = 0; i < (int)OSSL_NELEM(dh_named_groups); ++i) { if (strcasecmp(dh_named_groups[i].name, group_name) == 0) { - ffc_params_set0_pqg(ffc, - (BIGNUM *)dh_named_groups[i].p, - (BIGNUM *)dh_named_groups[i].q, - (BIGNUM *)dh_named_groups[i].g); + ossl_ffc_params_set0_pqg(ffc, + (BIGNUM *)dh_named_groups[i].p, + (BIGNUM *)dh_named_groups[i].q, + (BIGNUM *)dh_named_groups[i].g); /* flush the cached nid, The DH layer is responsible for caching */ ffc->nid = NID_undef; return 1; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 3b4da19cd2..8d9c72d65c 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -155,7 +155,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, static int dh_init(DH *dh) { dh->flags |= DH_FLAG_CACHE_MONT_P; - ffc_params_init(&dh->params); + ossl_ffc_params_init(&dh->params); dh->dirty_cnt++; return 1; } @@ -260,8 +260,8 @@ static int generate_key(DH *dh) || dh->length > BN_num_bits(dh->params.q)) goto err; /* dh->length = maximum bit length of generated private key */ - if (!ffc_generate_private_key(ctx, &dh->params, dh->length, - max_strength, priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dh->params, dh->length, + max_strength, priv_key)) goto err; } else { #ifdef FIPS_MODULE @@ -288,18 +288,18 @@ static int generate_key(DH *dh) #endif { /* Do a partial check for invalid p, q, g */ - if (!ffc_params_simple_validate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH)) + if (!ossl_ffc_params_simple_validate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH)) goto err; /* * For FFC FIPS 186-4 keygen * security strength s = 112, * Max Private key size N = len(q) */ - if (!ffc_generate_private_key(ctx, &dh->params, - BN_num_bits(dh->params.q), - MIN_STRENGTH, - priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dh->params, + BN_num_bits(dh->params.q), + MIN_STRENGTH, + priv_key)) goto err; } } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 6c6eda27a2..793a5af2a0 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -149,7 +149,7 @@ void DH_free(DH *r) CRYPTO_THREAD_lock_free(r->lock); - ffc_params_cleanup(&r->params); + ossl_ffc_params_cleanup(&r->params); BN_clear_free(r->pub_key); BN_clear_free(r->priv_key); OPENSSL_free(r); @@ -204,7 +204,7 @@ int DH_security_bits(const DH *dh) void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) { - ffc_params_get0_pqg(&dh->params, p, q, g); + ossl_ffc_params_get0_pqg(&dh->params, p, q, g); } int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) @@ -217,7 +217,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) || (dh->params.g == NULL && g == NULL)) return 0; - ffc_params_set0_pqg(&dh->params, p, q, g); + ossl_ffc_params_set0_pqg(&dh->params, p, q, g); dh_cache_named_group(dh); if (q != NULL) dh->length = BN_num_bits(q); @@ -337,7 +337,7 @@ int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]) if (ffc == NULL) return 0; - ret = ffc_params_fromdata(ffc, params); + ret = ossl_ffc_params_fromdata(ffc, params); if (ret) { dh_cache_named_group(dh); dh->dirty_cnt++; diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 2c74b39db1..9d72fa0959 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -297,20 +297,22 @@ static DH *ffc_params_generate(OPENSSL_CTX *libctx, DH_PKEY_CTX *dctx, } if (dctx->md != NULL) - ffc_set_digest(&ret->params, EVP_MD_name(dctx->md), NULL); + ossl_ffc_set_digest(&ret->params, EVP_MD_name(dctx->md), NULL); # ifndef FIPS_MODULE if (dctx->paramgen_type == DH_PARAMGEN_TYPE_FIPS_186_2) - rv = ffc_params_FIPS186_2_generate(libctx, &ret->params, - FFC_PARAM_TYPE_DH, - prime_len, subprime_len, &res, pcb); + rv = ossl_ffc_params_FIPS186_2_generate(libctx, &ret->params, + FFC_PARAM_TYPE_DH, + prime_len, subprime_len, &res, + pcb); else # endif /* For FIPS we always use the DH_PARAMGEN_TYPE_FIPS_186_4 generator */ if (dctx->paramgen_type >= DH_PARAMGEN_TYPE_FIPS_186_2) - rv = ffc_params_FIPS186_4_generate(libctx, &ret->params, - FFC_PARAM_TYPE_DH, - prime_len, subprime_len, &res, pcb); + rv = ossl_ffc_params_FIPS186_4_generate(libctx, &ret->params, + FFC_PARAM_TYPE_DH, + prime_len, subprime_len, &res, + pcb); if (rv <= 0) { DH_free(ret); return NULL; diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 651b463235..7619c05b5e 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -300,7 +300,7 @@ static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) if (to->pkey.dsa == NULL) return 0; } - if (!ffc_params_copy(&to->pkey.dsa->params, &from->pkey.dsa->params)) + if (!ossl_ffc_params_copy(&to->pkey.dsa->params, &from->pkey.dsa->params)) return 0; to->pkey.dsa->dirty_cnt++; @@ -309,7 +309,7 @@ static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { - return ffc_params_cmp(&a->pkey.dsa->params, &b->pkey.dsa->params, 1); + return ossl_ffc_params_cmp(&a->pkey.dsa->params, &b->pkey.dsa->params, 1); } static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) @@ -363,7 +363,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) goto err; if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off)) goto err; - if (!ffc_params_print(bp, &x->params, off)) + if (!ossl_ffc_params_print(bp, &x->params, off)) goto err; ret = 1; err: diff --git a/crypto/dsa/dsa_check.c b/crypto/dsa/dsa_check.c index 01cf0f6341..0d38340840 100644 --- a/crypto/dsa/dsa_check.c +++ b/crypto/dsa/dsa_check.c @@ -19,8 +19,8 @@ int dsa_check_params(const DSA *dsa, int *ret) * (2b) FFC domain params conform to FIPS-186-4 explicit domain param * validity tests. */ - return ffc_params_FIPS186_4_validate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA, ret, NULL); + return ossl_ffc_params_FIPS186_4_validate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA, ret, NULL); } /* @@ -28,7 +28,7 @@ int dsa_check_params(const DSA *dsa, int *ret) */ int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key(&dsa->params, pub_key, ret); + return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret); } /* @@ -38,7 +38,7 @@ int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret) */ int dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key_partial(&dsa->params, pub_key, ret); + return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret); } int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret) @@ -46,7 +46,7 @@ int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret) *ret = 0; return (dsa->params.q != NULL - && ffc_validate_private_key(dsa->params.q, priv_key, ret)); + && ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret)); } /* diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 94b3da8754..9d6d9a8d4a 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -30,14 +30,14 @@ int dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits, #ifndef FIPS_MODULE if (type == DSA_PARAMGEN_TYPE_FIPS_186_2) - ret = ffc_params_FIPS186_2_generate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_2_generate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA, + pbits, qbits, &res, cb); else #endif - ret = ffc_params_FIPS186_4_generate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_4_generate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA, + pbits, qbits, &res, cb); if (ret > 0) dsa->dirty_cnt++; return ret; @@ -53,7 +53,8 @@ int DSA_generate_parameters_ex(DSA *dsa, int bits, return dsa->meth->dsa_paramgen(dsa, bits, seed_in, seed_len, counter_ret, h_ret, cb); if (seed_in != NULL - && !ffc_params_set_validate_params(&dsa->params, seed_in, seed_len, -1)) + && !ossl_ffc_params_set_validate_params(&dsa->params, seed_in, seed_len, + -1)) return 0; /* The old code used FIPS 186-2 DSA Parameter generation */ diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index bf9d8a269c..899663353f 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -76,8 +76,8 @@ static int dsa_keygen(DSA *dsa, int pairwise_test) } /* Do a partial check for invalid p, q, g */ - if (!ffc_params_simple_validate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA)) + if (!ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA)) goto err; /* @@ -85,8 +85,9 @@ static int dsa_keygen(DSA *dsa, int pairwise_test) * security strength s = 112, * Max Private key size N = len(q) */ - if (!ffc_generate_private_key(ctx, &dsa->params, BN_num_bits(dsa->params.q), - MIN_STRENGTH, priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dsa->params, + BN_num_bits(dsa->params.q), + MIN_STRENGTH, priv_key)) goto err; if (dsa->pub_key == NULL) { diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index e71a8c8f8e..b16fbb7023 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -56,7 +56,7 @@ DH *DSA_dup_DH(const DSA *r) if (ret == NULL) goto err; - if (!ffc_params_copy(dh_get0_params(ret), &r->params)) + if (!ossl_ffc_params_copy(dh_get0_params(ret), &r->params)) goto err; if (r->pub_key != NULL) { @@ -231,7 +231,7 @@ void DSA_free(DSA *r) CRYPTO_THREAD_lock_free(r->lock); - ffc_params_cleanup(&r->params); + ossl_ffc_params_cleanup(&r->params); BN_clear_free(r->pub_key); BN_clear_free(r->priv_key); OPENSSL_free(r); @@ -252,7 +252,7 @@ int DSA_up_ref(DSA *r) void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) { - ffc_params_get0_pqg(&d->params, p, q, g); + ossl_ffc_params_get0_pqg(&d->params, p, q, g); } int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) @@ -265,7 +265,7 @@ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) || (d->params.g == NULL && g == NULL)) return 0; - ffc_params_set0_pqg(&d->params, p, q, g); + ossl_ffc_params_set0_pqg(&d->params, p, q, g); d->dirty_cnt++; return 1; @@ -356,7 +356,7 @@ int dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]) if (ffc == NULL) return 0; - ret = ffc_params_fromdata(ffc, params); + ret = ossl_ffc_params_fromdata(ffc, params); if (ret) dsa->dirty_cnt++; return ret; diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index b52fa1c00b..547b0283fa 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -426,7 +426,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, static int dsa_init(DSA *dsa) { dsa->flags |= DSA_FLAG_CACHE_MONT_P; - ffc_params_init(&dsa->params); + ossl_ffc_params_init(&dsa->params); dsa->dirty_cnt++; return 1; } diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c index 7b364059e7..0f5a6157ae 100644 --- a/crypto/dsa/dsa_pmeth.c +++ b/crypto/dsa/dsa_pmeth.c @@ -218,10 +218,11 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) return 0; } if (dctx->md != NULL) - ffc_set_digest(&dsa->params, EVP_MD_name(dctx->md), NULL); + ossl_ffc_set_digest(&dsa->params, EVP_MD_name(dctx->md), NULL); - ret = ffc_params_FIPS186_4_generate(NULL, &dsa->params, FFC_PARAM_TYPE_DSA, - dctx->nbits, dctx->qbits, &res, pcb); + ret = ossl_ffc_params_FIPS186_4_generate(NULL, &dsa->params, + FFC_PARAM_TYPE_DSA, dctx->nbits, + dctx->qbits, &res, pcb); BN_GENCB_free(pcb); if (ret > 0) EVP_PKEY_assign_DSA(pkey, dsa); diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index a3a65857b8..8f84230dcf 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -1569,7 +1569,7 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name, name = OSSL_PKEY_PARAM_GROUP_NAME; else if (strcmp(name, "dh_rfc5114") == 0) { name = OSSL_PKEY_PARAM_GROUP_NAME; - value = ffc_named_group_from_uid(atoi(value)); + value = ossl_ffc_named_group_from_uid(atoi(value)); } else if (strcmp(name, "dh_pad") == 0) name = OSSL_EXCHANGE_PARAM_PAD; # endif diff --git a/crypto/ffc/ffc_backend.c b/crypto/ffc/ffc_backend.c index 6e269ebf56..fddd41557e 100644 --- a/crypto/ffc/ffc_backend.c +++ b/crypto/ffc/ffc_backend.c @@ -17,7 +17,7 @@ * implementations alike. */ -int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) +int ossl_ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) { const OSSL_PARAM *prm; const OSSL_PARAM *param_p, *param_q, *param_g; @@ -36,7 +36,7 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) * In a no-dh build we just go straight to err because we have no * support for this. */ - if (!ffc_set_group_pqg(ffc, prm->data)) + if (!ossl_ffc_set_group_pqg(ffc, prm->data)) #endif goto err; } @@ -75,14 +75,14 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) if (prm != NULL) { if (prm->data_type != OSSL_PARAM_OCTET_STRING) goto err; - if (!ffc_params_set_seed(ffc, prm->data, prm->data_size)) + if (!ossl_ffc_params_set_seed(ffc, prm->data, prm->data_size)) goto err; } prm = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE); if (prm != NULL) { if (prm->data_type != OSSL_PARAM_UTF8_STRING) goto err; - ffc_params_set_flags(ffc, ffc_params_flags_from_name(prm->data)); + ossl_ffc_params_set_flags(ffc, ossl_ffc_params_flags_from_name(prm->data)); } prm = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_DIGEST); if (prm != NULL) { @@ -96,12 +96,12 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) if (p1->data_type != OSSL_PARAM_UTF8_STRING) goto err; } - if (!ffc_set_digest(ffc, prm->data, props)) + if (!ossl_ffc_set_digest(ffc, prm->data, props)) goto err; } - ffc_params_set0_pqg(ffc, p, q, g); - ffc_params_set0_j(ffc, j); + ossl_ffc_params_set0_pqg(ffc, p, q, g); + ossl_ffc_params_set0_j(ffc, j); return 1; err: diff --git a/crypto/ffc/ffc_key_generate.c b/crypto/ffc/ffc_key_generate.c index aeabae010f..d8d2116ddc 100644 --- a/crypto/ffc/ffc_key_generate.c +++ b/crypto/ffc/ffc_key_generate.c @@ -19,8 +19,8 @@ * s is the security strength. * priv_key is the returned private key, */ -int ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params, - int N, int s, BIGNUM *priv) +int ossl_ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params, + int N, int s, BIGNUM *priv) { int ret = 0, qbits = BN_num_bits(params->q); BIGNUM *m, *two_powN = NULL; diff --git a/crypto/ffc/ffc_key_validate.c b/crypto/ffc/ffc_key_validate.c index a35f52e1b9..9f6525a2c8 100644 --- a/crypto/ffc/ffc_key_validate.c +++ b/crypto/ffc/ffc_key_validate.c @@ -16,8 +16,8 @@ * * ret contains 0 on success, or error flags (see FFC_ERROR_PUBKEY_TOO_SMALL) */ -int ffc_validate_public_key_partial(const FFC_PARAMS *params, - const BIGNUM *pub_key, int *ret) +int ossl_ffc_validate_public_key_partial(const FFC_PARAMS *params, + const BIGNUM *pub_key, int *ret) { int ok = 0; BIGNUM *tmp = NULL; @@ -58,14 +58,14 @@ int ffc_validate_public_key_partial(const FFC_PARAMS *params, /* * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation. */ -int ffc_validate_public_key(const FFC_PARAMS *params, const BIGNUM *pub_key, - int *ret) +int ossl_ffc_validate_public_key(const FFC_PARAMS *params, + const BIGNUM *pub_key, int *ret) { int ok = 0; BIGNUM *tmp = NULL; BN_CTX *ctx = NULL; - if (!ffc_validate_public_key_partial(params, pub_key, ret)) + if (!ossl_ffc_validate_public_key_partial(params, pub_key, ret)) return 0; if (params->q != NULL) { @@ -100,7 +100,8 @@ int ffc_validate_public_key(const FFC_PARAMS *params, const BIGNUM *pub_key, * is normally params->q but can be 2^N for approved safe prime groups. * Note: This assumes that the domain parameters are valid. */ -int ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv, int *ret) +int ossl_ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv, + int *ret) { int ok = 0; diff --git a/crypto/ffc/ffc_params.c b/crypto/ffc/ffc_params.c index c980ea0018..edcb44b152 100644 --- a/crypto/ffc/ffc_params.c +++ b/crypto/ffc/ffc_params.c @@ -15,10 +15,10 @@ #include "e_os.h" /* strcasecmp */ #ifndef FIPS_MODULE -# include /* ffc_params_print */ +# include /* ossl_ffc_params_print */ #endif -void ffc_params_init(FFC_PARAMS *params) +void ossl_ffc_params_init(FFC_PARAMS *params) { memset(params, 0, sizeof(*params)); params->pcounter = -1; @@ -26,17 +26,17 @@ void ffc_params_init(FFC_PARAMS *params) params->flags = FFC_PARAM_FLAG_VALIDATE_ALL; } -void ffc_params_cleanup(FFC_PARAMS *params) +void ossl_ffc_params_cleanup(FFC_PARAMS *params) { BN_free(params->p); BN_free(params->q); BN_free(params->g); BN_free(params->j); OPENSSL_free(params->seed); - ffc_params_init(params); + ossl_ffc_params_init(params); } -void ffc_params_set0_pqg(FFC_PARAMS *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) +void ossl_ffc_params_set0_pqg(FFC_PARAMS *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) { if (p != NULL && p != d->p) { BN_free(d->p); @@ -52,8 +52,8 @@ void ffc_params_set0_pqg(FFC_PARAMS *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) } } -void ffc_params_get0_pqg(const FFC_PARAMS *d, const BIGNUM **p, - const BIGNUM **q, const BIGNUM **g) +void ossl_ffc_params_get0_pqg(const FFC_PARAMS *d, const BIGNUM **p, + const BIGNUM **q, const BIGNUM **g) { if (p != NULL) *p = d->p; @@ -65,7 +65,7 @@ void ffc_params_get0_pqg(const FFC_PARAMS *d, const BIGNUM **p, /* j is the 'cofactor' that is optionally output for ASN1. */ -void ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j) +void ossl_ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j) { BN_free(d->j); d->j = NULL; @@ -73,8 +73,8 @@ void ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j) d->j = j; } -int ffc_params_set_seed(FFC_PARAMS *params, - const unsigned char *seed, size_t seedlen) +int ossl_ffc_params_set_seed(FFC_PARAMS *params, + const unsigned char *seed, size_t seedlen) { if (params == NULL) return 0; @@ -97,27 +97,28 @@ int ffc_params_set_seed(FFC_PARAMS *params, return 1; } -void ffc_params_set_gindex(FFC_PARAMS *params, int index) +void ossl_ffc_params_set_gindex(FFC_PARAMS *params, int index) { params->gindex = index; } -void ffc_params_set_pcounter(FFC_PARAMS *params, int index) +void ossl_ffc_params_set_pcounter(FFC_PARAMS *params, int index) { params->pcounter = index; } -void ffc_params_set_h(FFC_PARAMS *params, int index) +void ossl_ffc_params_set_h(FFC_PARAMS *params, int index) { params->h = index; } -void ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags) +void ossl_ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags) { params->flags = flags; } -void ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, int enable) +void ossl_ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, + int enable) { if (enable) params->flags |= flags; @@ -125,26 +126,26 @@ void ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, int enable) params->flags &= ~flags; } -int ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props) +int ossl_ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props) { params->mdname = alg; params->mdprops = props; return 1; } -int ffc_params_set_validate_params(FFC_PARAMS *params, - const unsigned char *seed, size_t seedlen, - int counter) +int ossl_ffc_params_set_validate_params(FFC_PARAMS *params, + const unsigned char *seed, + size_t seedlen, int counter) { - if (!ffc_params_set_seed(params, seed, seedlen)) + if (!ossl_ffc_params_set_seed(params, seed, seedlen)) return 0; params->pcounter = counter; return 1; } -void ffc_params_get_validate_params(const FFC_PARAMS *params, - unsigned char **seed, size_t *seedlen, - int *pcounter) +void ossl_ffc_params_get_validate_params(const FFC_PARAMS *params, + unsigned char **seed, size_t *seedlen, + int *pcounter) { if (seed != NULL) *seed = params->seed; @@ -174,7 +175,7 @@ static int ffc_bn_cpy(BIGNUM **dst, const BIGNUM *src) return 1; } -int ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src) +int ossl_ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src) { if (!ffc_bn_cpy(&dst->p, src->p) || !ffc_bn_cpy(&dst->g, src->g) @@ -198,7 +199,7 @@ int ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src) return 1; } -int ffc_params_cmp(const FFC_PARAMS *a, const FFC_PARAMS *b, int ignore_q) +int ossl_ffc_params_cmp(const FFC_PARAMS *a, const FFC_PARAMS *b, int ignore_q) { return BN_cmp(a->p, b->p) == 0 && BN_cmp(a->g, b->g) == 0 @@ -212,7 +213,7 @@ static const OSSL_ITEM flag_map[] = { { 0, "" } }; -int ffc_params_flags_from_name(const char *name) +int ossl_ffc_params_flags_from_name(const char *name) { size_t i; @@ -223,7 +224,7 @@ int ffc_params_flags_from_name(const char *name) return NID_undef; } -const char *ffc_params_flags_to_name(int flags) +const char *ossl_ffc_params_flags_to_name(int flags) { size_t i; @@ -235,7 +236,7 @@ const char *ffc_params_flags_to_name(int flags) return ""; } -int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, +int ossl_ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { if (ffc == NULL) @@ -269,7 +270,7 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, return 0; if (ffc->nid != NID_undef) { #ifndef OPENSSL_NO_DH - const char *name = ffc_named_group_from_uid(ffc->nid); + const char *name = ossl_ffc_named_group_from_uid(ffc->nid); if (name == NULL || !ossl_param_build_set_utf8_string(bld, params, @@ -283,7 +284,7 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, } if (!ossl_param_build_set_utf8_string(bld, params, OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE, - ffc_params_flags_to_name(ffc->flags))) + ossl_ffc_params_flags_to_name(ffc->flags))) return 0; if (ffc->mdname != NULL && !ossl_param_build_set_utf8_string(bld, params, @@ -299,7 +300,7 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, } #ifndef FIPS_MODULE -int ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent) +int ossl_ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent) { if (!ASN1_bn_print(bp, "prime P:", ffc->p, NULL, indent)) goto err; diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c index a289270347..0f955f5644 100644 --- a/crypto/ffc/ffc_params_generate.c +++ b/crypto/ffc/ffc_params_generate.c @@ -510,9 +510,10 @@ static const char *default_mdname(size_t N) * - FFC_PARAM_RET_STATUS_UNVERIFIABLE_G if the validation of G succeeded, * but G is unverifiable. */ -int ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int mode, int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, + FFC_PARAMS *params, int mode, int type, + size_t L, size_t N, int *res, + BN_GENCB *cb) { int ok = FFC_PARAM_RET_STATUS_FAILED; unsigned char *seed = NULL, *seed_tmp = NULL; @@ -728,8 +729,8 @@ g_only: goto err; if (((flags & FFC_PARAM_FLAG_VALIDATE_G) != 0) - && !ffc_params_validate_unverifiable_g(ctx, mont, p, q, params->g, - tmp, res)) + && !ossl_ffc_params_validate_unverifiable_g(ctx, mont, p, q, params->g, + tmp, res)) goto err; /* @@ -777,7 +778,8 @@ g_only: } if (params->p == NULL || params->q == NULL || params->g == NULL) goto err; - if (!ffc_params_set_validate_params(params, seed, seedlen, pcounter)) + if (!ossl_ffc_params_set_validate_params(params, seed, seedlen, + pcounter)) goto err; params->h = hret; } @@ -801,9 +803,10 @@ err: } /* Note this function is only used for verification in fips mode */ -int ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int mode, int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, + FFC_PARAMS *params, int mode, int type, + size_t L, size_t N, int *res, + BN_GENCB *cb) { int ok = FFC_PARAM_RET_STATUS_FAILED; unsigned char seed[SHA256_DIGEST_LENGTH]; @@ -988,8 +991,9 @@ g_only: if (!generate_unverifiable_g(ctx, mont, g, tmp, p, r0, test, &hret)) goto err; } else if (((flags & FFC_PARAM_FLAG_VALIDATE_G) != 0) - && !ffc_params_validate_unverifiable_g(ctx, mont, p, q, - params->g, tmp, res)) { + && !ossl_ffc_params_validate_unverifiable_g(ctx, mont, p, q, + params->g, tmp, + res)) { goto err; } @@ -1011,7 +1015,7 @@ g_only: } if (params->p == NULL || params->q == NULL || params->g == NULL) goto err; - if (!ffc_params_set_validate_params(params, seed, qsize, pcounter)) + if (!ossl_ffc_params_set_validate_params(params, seed, qsize, pcounter)) goto err; params->h = hret; } @@ -1029,21 +1033,21 @@ err: return ok; } -int ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type, size_t L, size_t N, + int *res, BN_GENCB *cb) { - return ffc_params_FIPS186_4_gen_verify(libctx, params, - FFC_PARAM_MODE_GENERATE, - type, L, N, res, cb); + return ossl_ffc_params_FIPS186_4_gen_verify(libctx, params, + FFC_PARAM_MODE_GENERATE, + type, L, N, res, cb); } /* This should no longer be used in FIPS mode */ -int ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type, size_t L, size_t N, + int *res, BN_GENCB *cb) { - return ffc_params_FIPS186_2_gen_verify(libctx, params, - FFC_PARAM_MODE_GENERATE, - type, L, N, res, cb); + return ossl_ffc_params_FIPS186_2_gen_verify(libctx, params, + FFC_PARAM_MODE_GENERATE, + type, L, N, res, cb); } diff --git a/crypto/ffc/ffc_params_validate.c b/crypto/ffc/ffc_params_validate.c index 9221b13d17..bdc59968b2 100644 --- a/crypto/ffc/ffc_params_validate.c +++ b/crypto/ffc/ffc_params_validate.c @@ -16,9 +16,10 @@ #include "internal/ffc.h" /* FIPS186-4 A.2.2 Unverifiable partial validation of Generator g */ -int ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, - const BIGNUM *p, const BIGNUM *q, - const BIGNUM *g, BIGNUM *tmp, int *ret) +int ossl_ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, + const BIGNUM *p, const BIGNUM *q, + const BIGNUM *g, BIGNUM *tmp, + int *ret) { /* * A.2.2 Step (1) AND @@ -44,8 +45,9 @@ int ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, return 1; } -int ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, - int type, int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, + const FFC_PARAMS *params, int type, + int *res, BN_GENCB *cb) { size_t L, N; @@ -55,14 +57,15 @@ int ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, /* A.1.1.3 Step (1..2) : L = len(p), N = len(q) */ L = BN_num_bits(params->p); N = BN_num_bits(params->q); - return ffc_params_FIPS186_4_gen_verify(libctx, (FFC_PARAMS *)params, - FFC_PARAM_MODE_VERIFY, type, - L, N, res, cb); + return ossl_ffc_params_FIPS186_4_gen_verify(libctx, (FFC_PARAMS *)params, + FFC_PARAM_MODE_VERIFY, type, + L, N, res, cb); } /* This may be used in FIPS mode to validate deprecated FIPS-186-2 Params */ -int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, - int type, int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, + const FFC_PARAMS *params, int type, + int *res, BN_GENCB *cb) { size_t L, N; @@ -74,9 +77,9 @@ int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, /* A.1.1.3 Step (1..2) : L = len(p), N = len(q) */ L = BN_num_bits(params->p); N = BN_num_bits(params->q); - return ffc_params_FIPS186_2_gen_verify(libctx, (FFC_PARAMS *)params, - FFC_PARAM_MODE_VERIFY, type, - L, N, res, cb); + return ossl_ffc_params_FIPS186_2_gen_verify(libctx, (FFC_PARAMS *)params, + FFC_PARAM_MODE_VERIFY, type, + L, N, res, cb); } /* @@ -85,7 +88,8 @@ int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, * extra parameters such as the digest and seed, which may not be available for * this test. */ -int ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, int type) +int ossl_ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type) { int ret, res = 0; int save_gindex; @@ -101,10 +105,12 @@ int ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, int type #ifndef FIPS_MODULE if (save_flags & FFC_PARAM_FLAG_VALIDATE_LEGACY) - ret = ffc_params_FIPS186_2_validate(libctx, params, type, &res, NULL); + ret = ossl_ffc_params_FIPS186_2_validate(libctx, params, type, &res, + NULL); else #endif - ret = ffc_params_FIPS186_4_validate(libctx, params, type, &res, NULL); + ret = ossl_ffc_params_FIPS186_4_validate(libctx, params, type, &res, + NULL); params->flags = save_flags; params->gindex = save_gindex; return ret != FFC_PARAM_RET_STATUS_FAILED; diff --git a/include/internal/ffc.h b/include/internal/ffc.h index 3a4dcc9dcb..37ebbb5c8e 100644 --- a/include/internal/ffc.h +++ b/include/internal/ffc.h @@ -27,7 +27,7 @@ /* * The mode used by functions that share code for both generation and - * verification. See ffc_params_FIPS186_4_gen_verify(). + * verification. See ossl_ffc_params_FIPS186_4_gen_verify(). */ #define FFC_PARAM_MODE_VERIFY 0 #define FFC_PARAM_MODE_GENERATE 1 @@ -113,78 +113,86 @@ typedef struct ffc_params_st { const char *mdprops; } FFC_PARAMS; -void ffc_params_init(FFC_PARAMS *params); -void ffc_params_cleanup(FFC_PARAMS *params); -void ffc_params_set0_pqg(FFC_PARAMS *params, BIGNUM *p, BIGNUM *q, BIGNUM *g); -void ffc_params_get0_pqg(const FFC_PARAMS *params, const BIGNUM **p, - const BIGNUM **q, const BIGNUM **g); -void ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j); -int ffc_params_set_seed(FFC_PARAMS *params, - const unsigned char *seed, size_t seedlen); -void ffc_params_set_gindex(FFC_PARAMS *params, int index); -void ffc_params_set_pcounter(FFC_PARAMS *params, int index); -void ffc_params_set_h(FFC_PARAMS *params, int index); -void ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags); -void ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, int enable); -int ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props); - -int ffc_params_set_validate_params(FFC_PARAMS *params, - const unsigned char *seed, size_t seedlen, - int counter); -void ffc_params_get_validate_params(const FFC_PARAMS *params, - unsigned char **seed, size_t *seedlen, - int *pcounter); - -int ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src); -int ffc_params_cmp(const FFC_PARAMS *a, const FFC_PARAMS *b, int ignore_q); +void ossl_ffc_params_init(FFC_PARAMS *params); +void ossl_ffc_params_cleanup(FFC_PARAMS *params); +void ossl_ffc_params_set0_pqg(FFC_PARAMS *params, BIGNUM *p, BIGNUM *q, + BIGNUM *g); +void ossl_ffc_params_get0_pqg(const FFC_PARAMS *params, const BIGNUM **p, + const BIGNUM **q, const BIGNUM **g); +void ossl_ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j); +int ossl_ffc_params_set_seed(FFC_PARAMS *params, + const unsigned char *seed, size_t seedlen); +void ossl_ffc_params_set_gindex(FFC_PARAMS *params, int index); +void ossl_ffc_params_set_pcounter(FFC_PARAMS *params, int index); +void ossl_ffc_params_set_h(FFC_PARAMS *params, int index); +void ossl_ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags); +void ossl_ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, + int enable); +int ossl_ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props); + +int ossl_ffc_params_set_validate_params(FFC_PARAMS *params, + const unsigned char *seed, + size_t seedlen, int counter); +void ossl_ffc_params_get_validate_params(const FFC_PARAMS *params, + unsigned char **seed, size_t *seedlen, + int *pcounter); + +int ossl_ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src); +int ossl_ffc_params_cmp(const FFC_PARAMS *a, const FFC_PARAMS *b, int ignore_q); #ifndef FIPS_MODULE -int ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent); +int ossl_ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent); #endif /* FIPS_MODULE */ -int ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int type, size_t L, size_t N, - int *res, BN_GENCB *cb); -int ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int type, size_t L, size_t N, - int *res, BN_GENCB *cb); - -int ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int mode, int type, size_t L, size_t N, - int *res, BN_GENCB *cb); -int ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int mode, int type, size_t L, size_t N, - int *res, BN_GENCB *cb); - -int ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, int type); -int ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, - int type, int *res, BN_GENCB *cb); -int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, - int type, int *res, BN_GENCB *cb); - -int ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params, - int N, int s, BIGNUM *priv); - -int ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, - const BIGNUM *p, const BIGNUM *q, - const BIGNUM *g, BIGNUM *tmp, int *ret); - -int ffc_validate_public_key(const FFC_PARAMS *params, const BIGNUM *pub_key, - int *ret); -int ffc_validate_public_key_partial(const FFC_PARAMS *params, - const BIGNUM *pub_key, int *ret); -int ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv_key, - int *ret); - -int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[]); -int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]); -int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name); -int ffc_named_group_to_uid(const char *name); -const char *ffc_named_group_from_uid(int nid); -int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name); -const char *ffc_params_flags_to_name(int flags); -int ffc_params_flags_from_name(const char *name); +int ossl_ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type, size_t L, size_t N, + int *res, BN_GENCB *cb); +int ossl_ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type, size_t L, size_t N, + int *res, BN_GENCB *cb); + +int ossl_ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, + FFC_PARAMS *params, int mode, int type, + size_t L, size_t N, int *res, + BN_GENCB *cb); +int ossl_ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, + FFC_PARAMS *params, int mode, int type, + size_t L, size_t N, int *res, + BN_GENCB *cb); + +int ossl_ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type); +int ossl_ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, + const FFC_PARAMS *params, + int type, int *res, BN_GENCB *cb); +int ossl_ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, + const FFC_PARAMS *params, + int type, int *res, BN_GENCB *cb); + +int ossl_ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params, + int N, int s, BIGNUM *priv); + +int ossl_ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, + const BIGNUM *p, const BIGNUM *q, + const BIGNUM *g, BIGNUM *tmp, + int *ret); + +int ossl_ffc_validate_public_key(const FFC_PARAMS *params, + const BIGNUM *pub_key, int *ret); +int ossl_ffc_validate_public_key_partial(const FFC_PARAMS *params, + const BIGNUM *pub_key, int *ret); +int ossl_ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv_key, + int *ret); + +int ossl_ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *tmpl, + OSSL_PARAM params[]); +int ossl_ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]); +int ossl_ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name); +int ossl_ffc_named_group_to_uid(const char *name); +const char *ossl_ffc_named_group_from_uid(int nid); +int ossl_ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name); +const char *ossl_ffc_params_flags_to_name(int flags); +int ossl_ffc_params_flags_from_name(const char *name); #endif /* OSSL_INTERNAL_FFC_H */ diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index ef9b4a91e1..638e16ec27 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -157,7 +157,7 @@ static int ffc_params_to_text(BIO *out, const FFC_PARAMS *ffc) { if (ffc->nid != NID_undef) { #ifndef OPENSSL_NO_DH - const char *name = ffc_named_group_from_uid(ffc->nid); + const char *name = ossl_ffc_named_group_from_uid(ffc->nid); if (name == NULL) goto err; diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 6a1db6a733..b0d89f792a 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -198,7 +198,7 @@ static int dh_match(const void *keydata1, const void *keydata2, int selection) FFC_PARAMS *dhparams1 = dh_get0_params((DH *)dh1); FFC_PARAMS *dhparams2 = dh_get0_params((DH *)dh2); - ok = ok && ffc_params_cmp(dhparams1, dhparams2, 1); + ok = ok && ossl_ffc_params_cmp(dhparams1, dhparams2, 1); } return ok; } @@ -239,7 +239,7 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, return 0; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) - ok = ok && ffc_params_todata(dh_get0_params(dh), tmpl, NULL); + ok = ok && ossl_ffc_params_todata(dh_get0_params(dh), tmpl, NULL); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) ok = ok && dh_key_todata(dh, tmpl, NULL); @@ -337,7 +337,7 @@ static ossl_inline int dh_get_params(void *key, OSSL_PARAM params[]) return 0; } - return ffc_params_todata(dh_get0_params(dh), NULL, params) + return ossl_ffc_params_todata(dh_get0_params(dh), NULL, params) && dh_key_todata(dh, NULL, params); } @@ -511,7 +511,7 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME); if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING - || ((gctx->group_nid = ffc_named_group_to_uid(p->data)) == NID_undef)) { + || ((gctx->group_nid = ossl_ffc_named_group_to_uid(p->data)) == NID_undef)) { ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT); return 0; } @@ -620,20 +620,20 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) /* Copy the template value if one was passed */ if (gctx->ffc_params != NULL - && !ffc_params_copy(ffc, gctx->ffc_params)) + && !ossl_ffc_params_copy(ffc, gctx->ffc_params)) goto end; - if (!ffc_params_set_seed(ffc, gctx->seed, gctx->seedlen)) + if (!ossl_ffc_params_set_seed(ffc, gctx->seed, gctx->seedlen)) goto end; if (gctx->gindex != -1) { - ffc_params_set_gindex(ffc, gctx->gindex); + ossl_ffc_params_set_gindex(ffc, gctx->gindex); if (gctx->pcounter != -1) - ffc_params_set_pcounter(ffc, gctx->pcounter); + ossl_ffc_params_set_pcounter(ffc, gctx->pcounter); } else if (gctx->hindex != 0) { - ffc_params_set_h(ffc, gctx->hindex); + ossl_ffc_params_set_h(ffc, gctx->hindex); } if (gctx->mdname != NULL) { - if (!ffc_set_digest(ffc, gctx->mdname, gctx->mdprops)) + if (!ossl_ffc_set_digest(ffc, gctx->mdname, gctx->mdprops)) goto end; } gctx->cb = osslcb; @@ -664,8 +664,8 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) goto end; if (gctx->priv_len > 0) DH_set_length(dh, (long)gctx->priv_len); - ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY, - gctx->gen_type == DH_PARAMGEN_TYPE_FIPS_186_2); + ossl_ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY, + gctx->gen_type == DH_PARAMGEN_TYPE_FIPS_186_2); if (DH_generate_key(dh) <= 0) goto end; } diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 74c40e4536..5cf5c78514 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -159,7 +159,7 @@ static int dsa_match(const void *keydata1, const void *keydata2, int selection) FFC_PARAMS *dsaparams1 = dsa_get0_params((DSA *)dsa1); FFC_PARAMS *dsaparams2 = dsa_get0_params((DSA *)dsa2); - ok = ok && ffc_params_cmp(dsaparams1, dsaparams2, 1); + ok = ok && ossl_ffc_params_cmp(dsaparams1, dsaparams2, 1); } return ok; } @@ -195,7 +195,7 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, goto err; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) - ok = ok && ffc_params_todata(dsa_get0_params(dsa), tmpl, NULL); + ok = ok && ossl_ffc_params_todata(dsa_get0_params(dsa), tmpl, NULL); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) ok = ok && dsa_key_todata(dsa, tmpl, NULL); @@ -285,7 +285,7 @@ static ossl_inline int dsa_get_params(void *key, OSSL_PARAM params[]) if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL && !OSSL_PARAM_set_utf8_string(p, DSA_DEFAULT_MD)) return 0; - return ffc_params_todata(dsa_get0_params(dsa), NULL, params) + return ossl_ffc_params_todata(dsa_get0_params(dsa), NULL, params) && dsa_key_todata(dsa, NULL, params); } @@ -513,21 +513,21 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) ffc = dsa_get0_params(dsa); /* Copy the template value if one was passed */ if (gctx->ffc_params != NULL - && !ffc_params_copy(ffc, gctx->ffc_params)) + && !ossl_ffc_params_copy(ffc, gctx->ffc_params)) goto end; if (gctx->seed != NULL - && !ffc_params_set_seed(ffc, gctx->seed, gctx->seedlen)) + && !ossl_ffc_params_set_seed(ffc, gctx->seed, gctx->seedlen)) goto end; if (gctx->gindex != -1) { - ffc_params_set_gindex(ffc, gctx->gindex); + ossl_ffc_params_set_gindex(ffc, gctx->gindex); if (gctx->pcounter != -1) - ffc_params_set_pcounter(ffc, gctx->pcounter); + ossl_ffc_params_set_pcounter(ffc, gctx->pcounter); } else if (gctx->hindex != 0) { - ffc_params_set_h(ffc, gctx->hindex); + ossl_ffc_params_set_h(ffc, gctx->hindex); } if (gctx->mdname != NULL) { - if (!ffc_set_digest(ffc, gctx->mdname, gctx->mdprops)) + if (!ossl_ffc_set_digest(ffc, gctx->mdname, gctx->mdprops)) goto end; } if ((gctx->selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) { @@ -537,8 +537,8 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) gencb) <= 0) goto end; } - ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY, - gctx->gen_type == DSA_PARAMGEN_TYPE_FIPS_186_2); + ossl_ffc_params_enable_flags(ffc, FFC_PARAM_FLAG_VALIDATE_LEGACY, + gctx->gen_type == DSA_PARAMGEN_TYPE_FIPS_186_2); if ((gctx->selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) { if (ffc->p == NULL || ffc->q == NULL diff --git a/test/ffc_internal_test.c b/test/ffc_internal_test.c index 1acc342f6e..25b3c58b12 100644 --- a/test/ffc_internal_test.c +++ b/test/ffc_internal_test.c @@ -171,7 +171,7 @@ static int ffc_params_validate_g_unverified_test(void) BIGNUM *p = NULL, *q = NULL, *g = NULL; BIGNUM *p1 = NULL, *g1 = NULL; - ffc_params_init(¶ms); + ossl_ffc_params_init(¶ms); if (!TEST_ptr(p = BN_bin2bn(dsa_2048_224_sha256_p, sizeof(dsa_2048_224_sha256_p), NULL))) @@ -186,48 +186,48 @@ static int ffc_params_validate_g_unverified_test(void) g1 = g; /* Fail if g is NULL */ - ffc_params_set0_pqg(¶ms, p, q, NULL); + ossl_ffc_params_set0_pqg(¶ms, p, q, NULL); p = NULL; q = NULL; - ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_G); - ffc_set_digest(¶ms, "SHA256", NULL); + ossl_ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_G); + ossl_ffc_set_digest(¶ms, "SHA256", NULL); - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; - ffc_params_set0_pqg(¶ms, p, q, g); + ossl_ffc_params_set0_pqg(¶ms, p, q, g); g = NULL; - if (!TEST_true(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* incorrect g */ BN_add_word(g1, 1); - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* fail if g < 2 */ BN_set_word(g1, 1); - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; BN_copy(g1, p1); /* Fail if g >= p */ - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; ret = 1; err: - ffc_params_cleanup(¶ms); + ossl_ffc_params_cleanup(¶ms); BN_free(p); BN_free(q); BN_free(g); @@ -240,7 +240,7 @@ static int ffc_params_validate_pq_test(void) FFC_PARAMS params; BIGNUM *p = NULL, *q = NULL; - ffc_params_init(¶ms); + ossl_ffc_params_init(¶ms); if (!TEST_ptr(p = BN_bin2bn(dsa_2048_224_sha224_p, sizeof(dsa_2048_224_sha224_p), NULL))) @@ -251,52 +251,52 @@ static int ffc_params_validate_pq_test(void) goto err; /* No p */ - ffc_params_set0_pqg(¶ms, NULL, q, NULL); + ossl_ffc_params_set0_pqg(¶ms, NULL, q, NULL); q = NULL; - ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_PQ); - ffc_set_digest(¶ms, "SHA224", NULL); + ossl_ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_PQ); + ossl_ffc_set_digest(¶ms, "SHA224", NULL); - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* Test valid case */ - ffc_params_set0_pqg(¶ms, p, NULL, NULL); + ossl_ffc_params_set0_pqg(¶ms, p, NULL, NULL); p = NULL; - ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed, - sizeof(dsa_2048_224_sha224_seed), - dsa_2048_224_sha224_counter); - if (!TEST_true(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed, + sizeof(dsa_2048_224_sha224_seed), + dsa_2048_224_sha224_counter); + if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* Bad counter - so p is not prime */ - ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed, - sizeof(dsa_2048_224_sha224_seed), - 1); - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed, + sizeof(dsa_2048_224_sha224_seed), + 1); + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* seedlen smaller than N */ - ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed, - sizeof(dsa_2048_224_sha224_seed)-1, - dsa_2048_224_sha224_counter); - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_seed, + sizeof(dsa_2048_224_sha224_seed)-1, + dsa_2048_224_sha224_counter); + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* Provided seed doesnt produce a valid prime q */ - ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_bad_seed, - sizeof(dsa_2048_224_sha224_bad_seed), - dsa_2048_224_sha224_counter); - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + ossl_ffc_params_set_validate_params(¶ms, dsa_2048_224_sha224_bad_seed, + sizeof(dsa_2048_224_sha224_bad_seed), + dsa_2048_224_sha224_counter); + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; if (!TEST_ptr(p = BN_bin2bn(dsa_3072_256_sha512_p, @@ -308,27 +308,27 @@ static int ffc_params_validate_pq_test(void) goto err; - ffc_params_set0_pqg(¶ms, p, q, NULL); + ossl_ffc_params_set0_pqg(¶ms, p, q, NULL); p = q = NULL; - ffc_set_digest(¶ms, "SHA512", NULL); - ffc_params_set_validate_params(¶ms, dsa_3072_256_sha512_seed, - sizeof(dsa_3072_256_sha512_seed), - dsa_3072_256_sha512_counter); + ossl_ffc_set_digest(¶ms, "SHA512", NULL); + ossl_ffc_params_set_validate_params(¶ms, dsa_3072_256_sha512_seed, + sizeof(dsa_3072_256_sha512_seed), + dsa_3072_256_sha512_counter); /* Q doesn't div P-1 */ - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* Bad L/N for FIPS DH */ - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DH, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DH, + &res, NULL))) goto err; ret = 1; err: - ffc_params_cleanup(¶ms); + ossl_ffc_params_cleanup(¶ms); BN_free(p); BN_free(q); return ret; @@ -341,19 +341,19 @@ static int ffc_params_gen_test(void) int ret = 0, res = -1; FFC_PARAMS params; - ffc_params_init(¶ms); - if (!TEST_true(ffc_params_FIPS186_4_generate(NULL, ¶ms, - FFC_PARAM_TYPE_DH, - 2048, 256, &res, NULL))) + ossl_ffc_params_init(¶ms); + if (!TEST_true(ossl_ffc_params_FIPS186_4_generate(NULL, ¶ms, + FFC_PARAM_TYPE_DH, + 2048, 256, &res, NULL))) goto err; - if (!TEST_true(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DH, - &res, NULL))) + if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DH, + &res, NULL))) goto err; ret = 1; err: - ffc_params_cleanup(¶ms); + ossl_ffc_params_cleanup(¶ms); return ret; } @@ -362,23 +362,23 @@ static int ffc_params_gen_canonicalg_test(void) int ret = 0, res = -1; FFC_PARAMS params; - ffc_params_init(¶ms); + ossl_ffc_params_init(¶ms); params.gindex = 1; - if (!TEST_true(ffc_params_FIPS186_4_generate(NULL, ¶ms, - FFC_PARAM_TYPE_DH, - 2048, 256, &res, NULL))) + if (!TEST_true(ossl_ffc_params_FIPS186_4_generate(NULL, ¶ms, + FFC_PARAM_TYPE_DH, + 2048, 256, &res, NULL))) goto err; - if (!TEST_true(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DH, - &res, NULL))) + if (!TEST_true(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DH, + &res, NULL))) goto err; - if (!TEST_true(ffc_params_print(bio_out, ¶ms, 4))) + if (!TEST_true(ossl_ffc_params_print(bio_out, ¶ms, 4))) goto err; ret = 1; err: - ffc_params_cleanup(¶ms); + ossl_ffc_params_cleanup(¶ms); return ret; } @@ -388,44 +388,44 @@ static int ffc_params_fips186_2_gen_validate_test(void) FFC_PARAMS params; BIGNUM *bn = NULL; - ffc_params_init(¶ms); + ossl_ffc_params_init(¶ms); if (!TEST_ptr(bn = BN_new())) goto err; - if (!TEST_true(ffc_params_FIPS186_2_generate(NULL, ¶ms, - FFC_PARAM_TYPE_DH, - 1024, 160, &res, NULL))) + if (!TEST_true(ossl_ffc_params_FIPS186_2_generate(NULL, ¶ms, + FFC_PARAM_TYPE_DH, + 1024, 160, &res, NULL))) goto err; - if (!TEST_true(ffc_params_FIPS186_2_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DH, - &res, NULL))) + if (!TEST_true(ossl_ffc_params_FIPS186_2_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DH, + &res, NULL))) goto err; /* * The fips186-2 generation should produce a different q compared to * fips 186-4 given the same seed value. So validation of q will fail. */ - if (!TEST_false(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL))) + if (!TEST_false(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL))) goto err; /* As the params are randomly generated the error is one of the following */ if (!TEST_true(res == FFC_CHECK_Q_MISMATCH || res == FFC_CHECK_Q_NOT_PRIME)) goto err; - ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_G); + ossl_ffc_params_set_flags(¶ms, FFC_PARAM_FLAG_VALIDATE_G); /* Partially valid g test will still pass */ - if (!TEST_int_eq(ffc_params_FIPS186_4_validate(NULL, ¶ms, - FFC_PARAM_TYPE_DSA, - &res, NULL), 2)) + if (!TEST_int_eq(ossl_ffc_params_FIPS186_4_validate(NULL, ¶ms, + FFC_PARAM_TYPE_DSA, + &res, NULL), 2)) goto err; - if (!TEST_true(ffc_params_print(bio_out, ¶ms, 4))) + if (!TEST_true(ossl_ffc_params_print(bio_out, ¶ms, 4))) goto err; ret = 1; err: BN_free(bn); - ffc_params_cleanup(¶ms); + ossl_ffc_params_cleanup(¶ms); return ret; } @@ -449,7 +449,7 @@ static int ffc_public_validate_test(void) goto err; BN_set_negative(pub, 1); /* Fail if public key is negative */ - if (!TEST_false(ffc_validate_public_key(params, pub, &res))) + if (!TEST_false(ossl_ffc_validate_public_key(params, pub, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_SMALL, res)) goto err; @@ -458,25 +458,25 @@ static int ffc_public_validate_test(void) if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_SMALL, res)) goto err; /* Fail if public key is zero */ - if (!TEST_false(ffc_validate_public_key(params, pub, &res))) + if (!TEST_false(ossl_ffc_validate_public_key(params, pub, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_SMALL, res)) goto err; /* Fail if public key is 1 */ - if (!TEST_false(ffc_validate_public_key(params, BN_value_one(), &res))) + if (!TEST_false(ossl_ffc_validate_public_key(params, BN_value_one(), &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_SMALL, res)) goto err; if (!TEST_true(BN_add_word(pub, 2))) goto err; /* Pass if public key >= 2 */ - if (!TEST_true(ffc_validate_public_key(params, pub, &res))) + if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res))) goto err; if (!TEST_ptr(BN_copy(pub, params->p))) goto err; /* Fail if public key = p */ - if (!TEST_false(ffc_validate_public_key(params, pub, &res))) + if (!TEST_false(ossl_ffc_validate_public_key(params, pub, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_LARGE, res)) goto err; @@ -484,7 +484,7 @@ static int ffc_public_validate_test(void) if (!TEST_true(BN_sub_word(pub, 1))) goto err; /* Fail if public key = p - 1 */ - if (!TEST_false(ffc_validate_public_key(params, pub, &res))) + if (!TEST_false(ossl_ffc_validate_public_key(params, pub, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PUBKEY_TOO_LARGE, res)) goto err; @@ -492,7 +492,7 @@ static int ffc_public_validate_test(void) if (!TEST_true(BN_sub_word(pub, 1))) goto err; /* Fail if public key is not related to p & q */ - if (!TEST_false(ffc_validate_public_key(params, pub, &res))) + if (!TEST_false(ossl_ffc_validate_public_key(params, pub, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PUBKEY_INVALID, res)) goto err; @@ -500,7 +500,7 @@ static int ffc_public_validate_test(void) if (!TEST_true(BN_sub_word(pub, 5))) goto err; /* Pass if public key is valid */ - if (!TEST_true(ffc_validate_public_key(params, pub, &res))) + if (!TEST_true(ossl_ffc_validate_public_key(params, pub, &res))) goto err; ret = 1; @@ -528,7 +528,7 @@ static int ffc_private_validate_test(void) goto err; BN_set_negative(priv, 1); /* Fail if priv key is negative */ - if (!TEST_false(ffc_validate_private_key(params->q, priv, &res))) + if (!TEST_false(ossl_ffc_validate_private_key(params->q, priv, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PRIVKEY_TOO_SMALL, res)) goto err; @@ -536,19 +536,20 @@ static int ffc_private_validate_test(void) if (!TEST_true(BN_set_word(priv, 0))) goto err; /* Fail if priv key is zero */ - if (!TEST_false(ffc_validate_private_key(params->q, priv, &res))) + if (!TEST_false(ossl_ffc_validate_private_key(params->q, priv, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PRIVKEY_TOO_SMALL, res)) goto err; /* Pass if priv key >= 1 */ - if (!TEST_true(ffc_validate_private_key(params->q, BN_value_one(), &res))) + if (!TEST_true(ossl_ffc_validate_private_key(params->q, BN_value_one(), + &res))) goto err; if (!TEST_ptr(BN_copy(priv, params->q))) goto err; /* Fail if priv key = upper */ - if (!TEST_false(ffc_validate_private_key(params->q, priv, &res))) + if (!TEST_false(ossl_ffc_validate_private_key(params->q, priv, &res))) goto err; if (!TEST_int_eq(FFC_ERROR_PRIVKEY_TOO_LARGE, res)) goto err; @@ -556,7 +557,7 @@ static int ffc_private_validate_test(void) if (!TEST_true(BN_sub_word(priv, 1))) goto err; /* Pass if priv key <= upper - 1 */ - if (!TEST_true(ffc_validate_private_key(params->q, priv, &res))) + if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res))) goto err; ret = 1; @@ -586,27 +587,27 @@ static int ffc_private_gen_test(int index) N = BN_num_bits(params->q); /* Fail since N < 2*s - where s = 112*/ - if (!TEST_false(ffc_generate_private_key(ctx, params, 220, 112, priv))) + if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, 220, 112, priv))) goto err; /* fail since N > len(q) */ - if (!TEST_false(ffc_generate_private_key(ctx, params, N + 1, 112, priv))) + if (!TEST_false(ossl_ffc_generate_private_key(ctx, params, N + 1, 112, priv))) goto err; /* pass since 2s <= N <= len(q) */ - if (!TEST_true(ffc_generate_private_key(ctx, params, N, 112, priv))) + if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, N, 112, priv))) goto err; /* pass since N = len(q) */ - if (!TEST_true(ffc_validate_private_key(params->q, priv, &res))) + if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res))) goto err; /* pass since 2s <= N < len(q) */ - if (!TEST_true(ffc_generate_private_key(ctx, params, N / 2, 112, priv))) + if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, N / 2, 112, priv))) goto err; - if (!TEST_true(ffc_validate_private_key(params->q, priv, &res))) + if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res))) goto err; /* N and s are ignored in this case */ - if (!TEST_true(ffc_generate_private_key(ctx, params, 0, 0, priv))) + if (!TEST_true(ossl_ffc_generate_private_key(ctx, params, 0, 0, priv))) goto err; - if (!TEST_true(ffc_validate_private_key(params->q, priv, &res))) + if (!TEST_true(ossl_ffc_validate_private_key(params->q, priv, &res))) goto err; ret = 1; From builds at travis-ci.com Tue Oct 6 00:26:17 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 06 Oct 2020 00:26:17 +0000 Subject: Still Failing: openssl/openssl#37897 (master - 69340ca) In-Reply-To: Message-ID: <5f7bb9a93f3c0_13f8108db44bc58655@travis-pro-tasks-f595b4d48-vmvhz.mail> Build Update for openssl/openssl ------------------------------------- Build: #37897 Status: Still Failing Duration: 1 hr, 22 mins, and 53 secs Commit: 69340ca (master) Author: Pauli Message: doc: remove duplicated code in example Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13048) View the changeset: https://github.com/openssl/openssl/compare/856198aac784...69340cafb4a8 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188294296?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 6 01:11:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 06 Oct 2020 01:11:51 +0000 Subject: Build failed: openssl master.37363 Message-ID: <20201006011151.1.4605BBC50988954E@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 6 01:25:33 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 01:25:33 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1601947533.461406.13381.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4269: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3139: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From builds at travis-ci.com Tue Oct 6 01:38:48 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 06 Oct 2020 01:38:48 +0000 Subject: Still Failing: openssl/openssl#37899 (master - 5357c10) In-Reply-To: Message-ID: <5f7bcaa7a14b2_13f8108db4b601041e0@travis-pro-tasks-f595b4d48-vmvhz.mail> Build Update for openssl/openssl ------------------------------------- Build: #37899 Status: Still Failing Duration: 1 hr, 27 mins, and 3 secs Commit: 5357c10 (master) Author: Pauli Message: ffc: add _ossl to exported but internal functions The functions updated are: ffc_generate_private_key, ffc_named_group_from_uid, ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify, ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate, ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate, ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp, ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name, ffc_params_flags_to_name, ffc_params_fromdata, ffc_params_get0_pqg, ffc_params_get_validate_params, ffc_params_init, ffc_params_print, ffc_params_set0_j, ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex, ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed, ffc_params_set_validate_params, ffc_params_simple_validate, ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest, ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key and ffc_validate_public_key_partial. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13041) View the changeset: https://github.com/openssl/openssl/compare/69340cafb4a8...5357c10624be View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188294994?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 6 02:07:37 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 02:07:37 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1601950057.345563.21819.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C08008636B7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 670 wallclock secs (13.38 usr 1.31 sys + 606.40 cusr 57.40 csys = 678.49 CPU) Result: FAIL Makefile:3165: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3163: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 6 02:18:57 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 06 Oct 2020 02:18:57 +0000 Subject: Build completed: openssl master.37364 Message-ID: <20201006021857.1.E7DBF5EE7BC50EAA@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 6 05:56:39 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 05:56:39 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1601963799.882230.19741.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c ../openssl/apps/lib/engine.c:46:13: error: implicitly declaring library function 'strcmp' with type 'int (const char *, const char *)' [-Werror,-Wimplicit-function-declaration] if (strcmp(id, "auto") == 0) { ^ ../openssl/apps/lib/engine.c:46:13: note: include the header or explicitly provide a declaration for 'strcmp' 1 error generated. Makefile:4263: recipe for target 'apps/lib/libapps-lib-engine.o' failed make[1]: *** [apps/lib/libapps-lib-engine.o] Error 1 make[1]: *** Waiting for unfinished jobs.... ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4279: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3149: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Tue Oct 6 09:23:19 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 09:23:19 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1601976199.403658.28959.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 403712E6C87F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4057F23B237F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4057F23B237F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1450 wallclock secs (13.86 usr 1.24 sys + 1362.61 cusr 82.34 csys = 1460.05 CPU) Result: FAIL Makefile:3185: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3183: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 6 09:42:29 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 09:42:29 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1601977349.660909.16612.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout test.certout_kur2.pem -out_trusted root.crt -oldcert test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 184. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1304. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 621 wallclock secs (11.81 usr 1.10 sys + 529.04 cusr 53.81 csys = 595.76 CPU) Result: FAIL Makefile:3179: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3177: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 6 12:10:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 12:10:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1601986245.987752.30733.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 608 wallclock secs (12.02 usr 1.15 sys + 549.39 cusr 55.29 csys = 617.85 CPU) Result: FAIL Makefile:3164: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3162: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 6 14:32:58 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 14:32:58 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1601994778.356770.3786.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0104E7C567F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0104E7C567F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0104E7C567F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/bVWn6zNuvD default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0901901E77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0901901E77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0901901E77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0901901E77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0901901E77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0901901E77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/bVWn6zNuvD fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 682 wallclock secs (13.72 usr 1.27 sys + 621.70 cusr 57.24 csys = 693.93 CPU) Result: FAIL Makefile:3176: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3174: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 6 16:39:12 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 16:39:12 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1602002352.355220.25602.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0C01103097F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0C01103097F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0C01103097F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/nsWzvgG1U6 default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090C738F07F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090C738F07F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090C738F07F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090C738F07F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090C738F07F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090C738F07F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/nsWzvgG1U6 fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 676 wallclock secs (13.62 usr 1.25 sys + 614.66 cusr 57.53 csys = 687.06 CPU) Result: FAIL Makefile:3181: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3179: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 6 17:20:27 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 17:20:27 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1602004827.835558.32303.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: 6514dee726 APPS: Reduce deprecation warning suppression - ENGINE 70c06aafa6 DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() ecadfdadde DECODER: Handle abstract object data type 4232a9e57f Configuration: add initial NonStop values in OpenSSL::config 99501e817c Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV 993c437dbd Fix segfault on missing provider_query_operation() 62f27ab9dc TLS AEAD ciphers: more bytes for key_block than needed Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05057A04C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05057A04C7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05057A04C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05057A04C7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/G52vfasyfw default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C000353DD27F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C000353DD27F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C000353DD27F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C000353DD27F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/G52vfasyfw fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 581 wallclock secs (10.09 usr 1.14 sys + 526.79 cusr 50.68 csys = 588.70 CPU) Result: FAIL Makefile:3174: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3172: recipe for target 'tests' failed make: *** [tests] Error 2 From matthias.st.pierre at ncp-e.com Tue Oct 6 17:37:02 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Tue, 06 Oct 2020 17:37:02 +0000 Subject: [openssl] master update Message-ID: <1602005822.566218.3257.nullmailer@dev.openssl.org> The branch master has been updated via d8dc853825078a7b63683d873cb9070ebc52bfda (commit) via 6ffc312776f039cf150d4b2bcbc1a804ad334179 (commit) from 5357c10624bedaeed984ef4ff370096911ee2ddf (commit) - Log ----------------------------------------------------------------- commit d8dc853825078a7b63683d873cb9070ebc52bfda Author: Dr. Matthias St. Pierre Date: Thu Sep 24 08:11:00 2020 +0200 Change CVE link style in CHANGES and NEWS Replace [collapsed reference links][] for the CVEs by [shortcut reference links], in order to to improve the readability of the raw markdown text. Consistently add parentheses around the CVE links at the end of the CVE descriptions. (The NEWS file already had the parentheses, in the CHANGES file they where missing.) [collapsed reference links]: https://github.github.com/gfm/#collapsed-reference-link [shortcut reference links]: https://github.github.com/gfm/#shortcut-reference-link Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/12967) commit 6ffc312776f039cf150d4b2bcbc1a804ad334179 Author: Dr. Matthias St. Pierre Date: Thu Sep 24 07:58:52 2020 +0200 Update CHANGES and NEWS for 1.1.1h release Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/12967) ----------------------------------------------------------------------- Summary of changes: CHANGES.md | 596 ++++++++++++++++++++++++++++++++++--------------------------- NEWS.md | 507 +++++++++++++++++++++++++++------------------------- 2 files changed, 598 insertions(+), 505 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 595a7425ca..03c5e7d4ae 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -618,7 +618,7 @@ OpenSSL 3.0 have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. - [CVE-2019-1551][] + ([CVE-2019-1551]) *Andy Polyakov* @@ -803,7 +803,7 @@ OpenSSL 3.0 this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. It also does some minimal sanity checks on the passed order. - [CVE-2019-1547][] + ([CVE-2019-1547]) *Billy Bob Brumley* @@ -1205,7 +1205,82 @@ OpenSSL 3.0 OpenSSL 1.1.1 ------------- -### Changes between 1.1.1e and 1.1.1f [xx XXX xxxx] +### Changes between 1.1.1h and 1.1.1i [xx XXX xxxx] + + * + +### Changes between 1.1.1g and 1.1.1h [22 Sep 2020] + + * Certificates with explicit curve parameters are now disallowed in + verification chains if the X509_V_FLAG_X509_STRICT flag is used. + + *Tomas Mraz* + + * The 'MinProtocol' and 'MaxProtocol' configuration commands now silently + ignore TLS protocol version bounds when configuring DTLS-based contexts, and + conversely, silently ignore DTLS protocol version bounds when configuring + TLS-based contexts. The commands can be repeated to set bounds of both + types. The same applies with the corresponding "min_protocol" and + "max_protocol" command-line switches, in case some application uses both TLS + and DTLS. + + SSL_CTX instances that are created for a fixed protocol version (e.g. + TLSv1_server_method()) also silently ignore version bounds. Previously + attempts to apply bounds to these protocol versions would result in an + error. Now only the "version-flexible" SSL_CTX instances are subject to + limits in configuration files in command-line options. + + *Viktor Dukhovni* + + * Handshake now fails if Extended Master Secret extension is dropped + on renegotiation. + + *Tomas Mraz* + + * The Oracle Developer Studio compiler will start reporting deprecated APIs + +### Changes between 1.1.1f and 1.1.1g [21 Apr 2020] + + * Fixed segmentation fault in SSL_check_chain() + Server or client applications that call the SSL_check_chain() function + during or after a TLS 1.3 handshake may crash due to a NULL pointer + dereference as a result of incorrect handling of the + "signature_algorithms_cert" TLS extension. The crash occurs if an invalid + or unrecognised signature algorithm is received from the peer. This could + be exploited by a malicious peer in a Denial of Service attack. + ([CVE-2020-1967]) + + *Benjamin Kaduk* + + * Added AES consttime code for no-asm configurations + an optional constant time support for AES was added + when building openssl for no-asm. + Enable with: ./config no-asm -DOPENSSL_AES_CONST_TIME + Disable with: ./config no-asm -DOPENSSL_NO_AES_CONST_TIME + At this time this feature is by default disabled. + It will be enabled by default in 3.0. + + *Bernd Edlinger* + +### Changes between 1.1.1e and 1.1.1f [31 Mar 2020] + + * Revert the change of EOF detection while reading in libssl to avoid + regressions in applications depending on the current way of reporting + the EOF. As the existing method is not fully accurate the change to + reporting the EOF via SSL_ERROR_SSL is kept on the current development + branch and will be present in the 3.0 release. + + *Tomas Mraz* + + * Revised BN_generate_prime_ex to not avoid factors 3..17863 in p-1 + when primes for RSA keys are computed. + Since we previously always generated primes == 2 (mod 3) for RSA keys, + the 2-prime and 3-prime RSA modules were easy to distinguish, since + N = p*q = 1 (mod 3), but N = p*q*r = 2 (mod 3). Therefore fingerprinting + 2-prime vs. 3-prime RSA keys was possible by computing N mod 3. + This avoids possible fingerprinting of newly generated RSA modules. + + *Bernd Edlinger* ### Changes between 1.1.1d and 1.1.1e [17 Mar 2020] @@ -1275,7 +1350,7 @@ OpenSSL 1.1.1 If an application already calls OPENSSL_init_crypto() explicitly using OPENSSL_INIT_ATFORK then this problem does not occur at all. - [CVE-2019-1549][] + ([CVE-2019-1549]) *Matthias St. Pierre* @@ -1295,7 +1370,7 @@ OpenSSL 1.1.1 this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. It also does some minimal sanity checks on the passed order. - [CVE-2019-1547][] + ([CVE-2019-1547]) *Billy Bob Brumley* @@ -1311,7 +1386,7 @@ OpenSSL 1.1.1 certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. - [CVE-2019-1563][] + ([CVE-2019-1563]) *Bernd Edlinger* @@ -1337,7 +1412,7 @@ OpenSSL 1.1.1 Mingw isn't a POSIX environment per se, which means that Windows paths should be used for installation. - [CVE-2019-1552][] + ([CVE-2019-1552]) *Richard Levitte* @@ -1439,7 +1514,7 @@ OpenSSL 1.1.1 This issue was reported to OpenSSL on 16th of March 2019 by Joran Dirk Greef of Ronomon. - [CVE-2019-1543][] + ([CVE-2019-1543]) *Matt Caswell* @@ -1480,7 +1555,7 @@ OpenSSL 1.1.1 algorithm to recover the private key. This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser. - [CVE-2018-0734][] + ([CVE-2018-0734]) *Paul Dale* @@ -1491,7 +1566,7 @@ OpenSSL 1.1.1 algorithm to recover the private key. This issue was reported to OpenSSL on 25th October 2018 by Samuel Weiser. - [CVE-2018-0735][] + ([CVE-2018-0735]) *Paul Dale* @@ -2065,7 +2140,7 @@ OpenSSL 1.1.0 this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. It also does some minimal sanity checks on the passed order. - [CVE-2019-1547][] + ([CVE-2019-1547]) *Billy Bob Brumley* @@ -2081,7 +2156,7 @@ OpenSSL 1.1.0 certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. - [CVE-2019-1563][] + ([CVE-2019-1563]) *Bernd Edlinger* @@ -2089,7 +2164,7 @@ OpenSSL 1.1.0 Mingw isn't a POSIX environment per se, which means that Windows paths should be used for installation. - [CVE-2019-1552][] + ([CVE-2019-1552]) *Richard Levitte* @@ -2130,7 +2205,7 @@ OpenSSL 1.1.0 This issue was reported to OpenSSL on 16th of March 2019 by Joran Dirk Greef of Ronomon. - [CVE-2019-1543][] + ([CVE-2019-1543]) *Matt Caswell* @@ -2165,7 +2240,7 @@ OpenSSL 1.1.0 algorithm to recover the private key. This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser. - [CVE-2018-0734][] + ([CVE-2018-0734]) *Paul Dale* @@ -2176,7 +2251,7 @@ OpenSSL 1.1.0 algorithm to recover the private key. This issue was reported to OpenSSL on 25th October 2018 by Samuel Weiser. - [CVE-2018-0735][] + ([CVE-2018-0735]) *Paul Dale* @@ -2197,7 +2272,7 @@ OpenSSL 1.1.0 could be exploited in a Denial Of Service attack. This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken - [CVE-2018-0732][] + ([CVE-2018-0732]) *Guido Vranken* @@ -2210,7 +2285,7 @@ OpenSSL 1.1.0 This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia. - [CVE-2018-0737][] + ([CVE-2018-0737]) *Billy Brumley* @@ -2283,7 +2358,7 @@ OpenSSL 1.1.0 This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz project. - [CVE-2018-0739][] + ([CVE-2018-0739]) *Matt Caswell* @@ -2298,7 +2373,7 @@ OpenSSL 1.1.0 This issue was reported to OpenSSL on 2nd March 2018 by Peter Waltenberg (IBM). - [CVE-2018-0733][] + ([CVE-2018-0733]) *Andy Polyakov* @@ -2346,7 +2421,7 @@ OpenSSL 1.1.0 This issue was reported to OpenSSL by David Benjamin (Google). The issue was originally found via the OSS-Fuzz project. - [CVE-2017-3738][] + ([CVE-2017-3738]) *Andy Polyakov* @@ -2370,7 +2445,7 @@ OpenSSL 1.1.0 like Intel Broadwell (5th generation) and later or AMD Ryzen. This issue was reported to OpenSSL by the OSS-Fuzz project. - [CVE-2017-3736][] + ([CVE-2017-3736]) *Andy Polyakov* @@ -2381,7 +2456,7 @@ OpenSSL 1.1.0 would be an erroneous display of the certificate in text format. This issue was reported to OpenSSL by the OSS-Fuzz project. - [CVE-2017-3735][] + ([CVE-2017-3735]) *Rich Salz* @@ -2408,7 +2483,7 @@ OpenSSL 1.1.0 and servers are affected. This issue was reported to OpenSSL by Joe Orton (Red Hat). - [CVE-2017-3733][] + ([CVE-2017-3733]) *Matt Caswell* @@ -2421,7 +2496,7 @@ OpenSSL 1.1.0 perform an out-of-bounds read, usually resulting in a crash. This issue was reported to OpenSSL by Robert ?wi?cki of Google. - [CVE-2017-3731][] + ([CVE-2017-3731]) *Andy Polyakov* @@ -2433,7 +2508,7 @@ OpenSSL 1.1.0 of Service attack. This issue was reported to OpenSSL by Guido Vranken. - [CVE-2017-3730][] + ([CVE-2017-3730]) *Matt Caswell* @@ -2454,7 +2529,7 @@ OpenSSL 1.1.0 similar to CVE-2015-3193 but must be treated as a separate problem. This issue was reported to OpenSSL by the OSS-Fuzz project. - [CVE-2017-3732][] + ([CVE-2017-3732]) *Andy Polyakov* @@ -2467,7 +2542,7 @@ OpenSSL 1.1.0 crash. This issue is not considered to be exploitable beyond a DoS. This issue was reported to OpenSSL by Robert ?wi?cki (Google Security Team) - [CVE-2016-7054][] + ([CVE-2016-7054]) *Richard Levitte* @@ -2481,7 +2556,7 @@ OpenSSL 1.1.0 affected. This issue was reported to OpenSSL by Tyler Nighswander of ForAllSecure. - [CVE-2016-7053][] + ([CVE-2016-7053]) *Stephen Henson* @@ -2505,7 +2580,7 @@ OpenSSL 1.1.0 This issue was publicly reported as transient failures and was not initially recognized as a security issue. Thanks to Richard Morgan for providing reproducible case. - [CVE-2016-7055][] + ([CVE-2016-7055]) *Andy Polyakov* @@ -2528,7 +2603,7 @@ OpenSSL 1.1.0 This issue only affects OpenSSL 1.1.0a. This issue was reported to OpenSSL by Robert ?wi?cki. - [CVE-2016-6309][] + ([CVE-2016-6309]) *Matt Caswell* @@ -2545,7 +2620,7 @@ OpenSSL 1.1.0 the "no-ocsp" build time option are not affected. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6304][] + ([CVE-2016-6304]) *Matt Caswell* @@ -2556,7 +2631,7 @@ OpenSSL 1.1.0 Denial Of Service attack. This issue was reported to OpenSSL by Alex Gaynor. - [CVE-2016-6305][] + ([CVE-2016-6305]) *Matt Caswell* @@ -2622,7 +2697,7 @@ OpenSSL 1.1.0 *Andy Polyakov* - * To mitigate the SWEET32 attack [CVE-2016-2183][], 3DES cipher suites + * To mitigate the SWEET32 attack ([CVE-2016-2183]), 3DES cipher suites have been disabled by default and removed from DEFAULT, just like RC4. See the RC4 item below to re-enable both. @@ -2873,7 +2948,7 @@ OpenSSL 1.1.0 * Deprecate SRP_VBASE_get_by_user. SRP_VBASE_get_by_user had inconsistent memory management behaviour. - In order to fix an unavoidable memory leak [CVE-2016-0798][], + In order to fix an unavoidable memory leak ([CVE-2016-0798]), SRP_VBASE_get_by_user was changed to ignore the "fake user" SRP seed, even if the seed is configured. @@ -3515,7 +3590,7 @@ OpenSSL 1.1.0 Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley and Bodo Moeller for - preparing the fix [CVE-2014-0160][] + preparing the fix ([CVE-2014-0160]) *Adam Langley, Bodo Moeller* @@ -3525,7 +3600,7 @@ OpenSSL 1.1.0 Thanks to Yuval Yarom and Naomi Benger for discovering this - flaw and to Yuval Yarom for supplying a fix [CVE-2014-0076][] + flaw and to Yuval Yarom for supplying a fix ([CVE-2014-0076]) *Yuval Yarom and Naomi Benger* @@ -3862,7 +3937,7 @@ OpenSSL 1.0.2 this change, EC_GROUP_set_generator would accept order and/or cofactor as NULL. After this change, only the cofactor parameter can be NULL. It also does some minimal sanity checks on the passed order. - [CVE-2019-1547][] + ([CVE-2019-1547]) *Billy Bob Brumley* @@ -3878,7 +3953,7 @@ OpenSSL 1.0.2 certifiate is not given and all recipientInfo are tried out. The old behaviour can be re-enabled in the CMS code by setting the CMS_DEBUG_DECRYPT flag. - [CVE-2019-1563][] + ([CVE-2019-1563]) *Bernd Edlinger* @@ -3886,7 +3961,7 @@ OpenSSL 1.0.2 '/usr/local/ssl' is an unsafe prefix for location to install OpenSSL binaries and run-time config file. - [CVE-2019-1552][] + ([CVE-2019-1552]) *Richard Levitte* @@ -3930,7 +4005,7 @@ OpenSSL 1.0.2 This issue was discovered by Juraj Somorovsky, Robert Merget and Nimrod Aviram, with additional investigation by Steven Collison and Andrew Hourselt. It was reported to OpenSSL on 10th December 2018. - [CVE-2019-1559][] + ([CVE-2019-1559]) *Matt Caswell* @@ -3950,7 +4025,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL on 26th October 2018 by Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri. - [CVE-2018-5407][] + ([CVE-2018-5407]) *Billy Brumley* @@ -3961,7 +4036,7 @@ OpenSSL 1.0.2 algorithm to recover the private key. This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser. - [CVE-2018-0734][] + ([CVE-2018-0734]) *Paul Dale* @@ -3982,7 +4057,7 @@ OpenSSL 1.0.2 could be exploited in a Denial Of Service attack. This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken - [CVE-2018-0732][] + ([CVE-2018-0732]) *Guido Vranken* @@ -3995,7 +4070,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia. - [CVE-2018-0737][] + ([CVE-2018-0737]) *Billy Brumley* @@ -4050,7 +4125,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL on 4th January 2018 by the OSS-fuzz project. - [CVE-2018-0739][] + ([CVE-2018-0739]) *Matt Caswell* @@ -4075,7 +4150,7 @@ OpenSSL 1.0.2 already received a fatal error. This issue was reported to OpenSSL by David Benjamin (Google). - [CVE-2017-3737][] + ([CVE-2017-3737]) *Matt Caswell* @@ -4097,7 +4172,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL by David Benjamin (Google). The issue was originally found via the OSS-Fuzz project. - [CVE-2017-3738][] + ([CVE-2017-3738]) *Andy Polyakov* @@ -4121,7 +4196,7 @@ OpenSSL 1.0.2 like Intel Broadwell (5th generation) and later or AMD Ryzen. This issue was reported to OpenSSL by the OSS-Fuzz project. - [CVE-2017-3736][] + ([CVE-2017-3736]) *Andy Polyakov* @@ -4132,7 +4207,7 @@ OpenSSL 1.0.2 would be an erroneous display of the certificate in text format. This issue was reported to OpenSSL by the OSS-Fuzz project. - [CVE-2017-3735][] + ([CVE-2017-3735]) *Rich Salz* @@ -4152,7 +4227,7 @@ OpenSSL 1.0.2 perform an out-of-bounds read, usually resulting in a crash. This issue was reported to OpenSSL by Robert ?wi?cki of Google. - [CVE-2017-3731][] + ([CVE-2017-3731]) *Andy Polyakov* @@ -4173,7 +4248,7 @@ OpenSSL 1.0.2 similar to CVE-2015-3193 but must be treated as a separate problem. This issue was reported to OpenSSL by the OSS-Fuzz project. - [CVE-2017-3732][] + ([CVE-2017-3732]) *Andy Polyakov* @@ -4197,7 +4272,7 @@ OpenSSL 1.0.2 This issue was publicly reported as transient failures and was not initially recognized as a security issue. Thanks to Richard Morgan for providing reproducible case. - [CVE-2016-7055][] + ([CVE-2016-7055]) *Andy Polyakov* @@ -4217,7 +4292,7 @@ OpenSSL 1.0.2 CRLs in OpenSSL 1.0.2i will crash with a null pointer exception. This issue only affects the OpenSSL 1.0.2i - [CVE-2016-7052][] + ([CVE-2016-7052]) *Matt Caswell* @@ -4234,7 +4309,7 @@ OpenSSL 1.0.2 the "no-ocsp" build time option are not affected. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6304][] + ([CVE-2016-6304]) *Matt Caswell* @@ -4243,7 +4318,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL Karthikeyan Bhargavan and Gaetan Leurent (INRIA) - [CVE-2016-2183][] + ([CVE-2016-2183]) *Rich Salz* @@ -4259,7 +4334,7 @@ OpenSSL 1.0.2 on most platforms. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6303][] + ([CVE-2016-6303]) *Stephen Henson* @@ -4273,7 +4348,7 @@ OpenSSL 1.0.2 a custom server callback and ticket lookup mechanism. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6302][] + ([CVE-2016-6302]) *Stephen Henson* @@ -4286,7 +4361,7 @@ OpenSSL 1.0.2 record limits will reject an oversized certificate before it is parsed. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-2182][] + ([CVE-2016-2182]) *Stephen Henson* @@ -4298,7 +4373,7 @@ OpenSSL 1.0.2 presented. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-2180][] + ([CVE-2016-2180]) *Stephen Henson* @@ -4324,7 +4399,7 @@ OpenSSL 1.0.2 values of len that are too big and therefore p + len < limit. This issue was reported to OpenSSL by Guido Vranken - [CVE-2016-2177][] + ([CVE-2016-2177]) *Matt Caswell* @@ -4339,7 +4414,7 @@ OpenSSL 1.0.2 This issue was reported by C?sar Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). - [CVE-2016-2178][] + ([CVE-2016-2178]) *C?sar Pereida* @@ -4357,7 +4432,7 @@ OpenSSL 1.0.2 attacker could cause a DoS attack through memory exhaustion. This issue was reported to OpenSSL by Quan Luo. - [CVE-2016-2179][] + ([CVE-2016-2179]) *Matt Caswell* @@ -4372,7 +4447,7 @@ OpenSSL 1.0.2 service for a specific DTLS connection. This issue was reported to OpenSSL by the OCAP audit team. - [CVE-2016-2181][] + ([CVE-2016-2181]) *Matt Caswell* @@ -4388,7 +4463,7 @@ OpenSSL 1.0.2 against a client or a server which enables client authentication. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6306][] + ([CVE-2016-6306]) *Stephen Henson* @@ -4401,14 +4476,14 @@ OpenSSL 1.0.2 AES-NI. This issue was introduced as part of the fix for Lucky 13 padding - attack [CVE-2013-0169][]. The padding check was rewritten to be in + attack ([CVE-2013-0169]). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. This issue was reported by Juraj Somorovsky using TLS-Attacker. - [CVE-2016-2107][] + ([CVE-2016-2107]) *Kurt Roeckx* @@ -4427,7 +4502,7 @@ OpenSSL 1.0.2 with large amounts of untrusted data may also be vulnerable. This issue was reported by Guido Vranken. - [CVE-2016-2105][] + ([CVE-2016-2105]) *Matt Caswell* @@ -4451,7 +4526,7 @@ OpenSSL 1.0.2 instances in internal usage where an overflow could occur. This issue was reported by Guido Vranken. - [CVE-2016-2106][] + ([CVE-2016-2106]) *Matt Caswell* @@ -4467,7 +4542,7 @@ OpenSSL 1.0.2 applications are not affected. This issue was reported by Brian Carpenter. - [CVE-2016-2109][] + ([CVE-2016-2109]) *Stephen Henson* @@ -4478,7 +4553,7 @@ OpenSSL 1.0.2 in arbitrary stack data being returned in the buffer. This issue was reported by Guido Vranken. - [CVE-2016-2176][] + ([CVE-2016-2176]) *Matt Caswell* @@ -4520,7 +4595,7 @@ OpenSSL 1.0.2 server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no longer available. - [CVE-2016-0800][] + ([CVE-2016-0800]) *Viktor Dukhovni* @@ -4533,7 +4608,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL by Adam Langley(Google/BoringSSL) using libFuzzer. - [CVE-2016-0705][] + ([CVE-2016-0705]) *Stephen Henson* @@ -4553,7 +4628,7 @@ OpenSSL 1.0.2 credentials, this behaviour is not constant time and no strong guarantees are made that the handshake is indistinguishable from that of a valid user. - [CVE-2016-0798][] + ([CVE-2016-0798]) *Emilia K?sper* @@ -4578,7 +4653,7 @@ OpenSSL 1.0.2 consequences. This is also anticipated to be rare. This issue was reported to OpenSSL by Guido Vranken. - [CVE-2016-0797][] + ([CVE-2016-0797]) *Matt Caswell* @@ -4610,7 +4685,7 @@ OpenSSL 1.0.2 trigger these issues because of message size limits enforced within libssl. This issue was reported to OpenSSL Guido Vranken. - [CVE-2016-0799][] + ([CVE-2016-0799]) *Matt Caswell* @@ -4626,7 +4701,7 @@ OpenSSL 1.0.2 Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and Nadia Heninger, University of Pennsylvania with more information at . - [CVE-2016-0702][] + ([CVE-2016-0702]) *Andy Polyakov* @@ -4667,7 +4742,7 @@ OpenSSL 1.0.2 default and cannot be disabled. This could have some performance impact. This issue was reported to OpenSSL by Antonio Sanso (Adobe). - [CVE-2016-0701][] + ([CVE-2016-0701]) *Matt Caswell* @@ -4680,7 +4755,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram and Sebastian Schinzel. - [CVE-2015-3197][] + ([CVE-2015-3197]) *Viktor Dukhovni* @@ -4702,7 +4777,7 @@ OpenSSL 1.0.2 default in OpenSSL DHE based SSL/TLS ciphersuites. This issue was reported to OpenSSL by Hanno B?ck. - [CVE-2015-3193][] + ([CVE-2015-3193]) *Andy Polyakov* @@ -4718,7 +4793,7 @@ OpenSSL 1.0.2 authentication. This issue was reported to OpenSSL by Lo?c Jonas Etienne (Qnective AG). - [CVE-2015-3194][] + ([CVE-2015-3194]) *Stephen Henson* @@ -4731,7 +4806,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using libFuzzer. - [CVE-2015-3195][] + ([CVE-2015-3195]) *Stephen Henson* @@ -4785,7 +4860,7 @@ OpenSSL 1.0.2 client authentication enabled. This issue was reported to OpenSSL by Joseph Barr-Pixton. - [CVE-2015-1788][] + ([CVE-2015-1788]) *Andy Polyakov* @@ -4805,7 +4880,7 @@ OpenSSL 1.0.2 This issue was reported to OpenSSL by Robert Swiecki (Google), and independently by Hanno B?ck. - [CVE-2015-1789][] + ([CVE-2015-1789]) *Emilia K?sper* @@ -4820,7 +4895,7 @@ OpenSSL 1.0.2 servers are not affected. This issue was reported to OpenSSL by Michal Zalewski (Google). - [CVE-2015-1790][] + ([CVE-2015-1790]) *Emilia K?sper* @@ -4831,7 +4906,7 @@ OpenSSL 1.0.2 denial of service against any system which verifies signedData messages using the CMS code. This issue was reported to OpenSSL by Johannes Bauer. - [CVE-2015-1792][] + ([CVE-2015-1792]) *Stephen Henson* @@ -4840,7 +4915,7 @@ OpenSSL 1.0.2 If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. - [CVE-2015-1791][] + ([CVE-2015-1791]) *Matt Caswell* @@ -4860,7 +4935,7 @@ OpenSSL 1.0.2 This issue was was reported to OpenSSL by David Ramos of Stanford University. - [CVE-2015-0291][] + ([CVE-2015-0291]) *Stephen Henson and Matt Caswell* @@ -4876,7 +4951,7 @@ OpenSSL 1.0.2 fault will be triggered, thus enabling a potential DoS attack. This issue was reported to OpenSSL by Daniel Danner and Rainer Mueller. - [CVE-2015-0290][] + ([CVE-2015-0290]) *Matt Caswell* @@ -4893,7 +4968,7 @@ OpenSSL 1.0.2 server. This issue was reported to OpenSSL by Per Allansson. - [CVE-2015-0207][] + ([CVE-2015-0207]) *Matt Caswell* @@ -4905,7 +4980,7 @@ OpenSSL 1.0.2 certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. - [CVE-2015-0286][] + ([CVE-2015-0286]) *Stephen Henson* @@ -4920,7 +4995,7 @@ OpenSSL 1.0.2 OpenSSL clients and servers which enable client authentication. This issue was was reported to OpenSSL by Brian Carpenter. - [CVE-2015-0208][] + ([CVE-2015-0208]) *Stephen Henson* @@ -4934,7 +5009,7 @@ OpenSSL 1.0.2 components may be affected. Certificate parsing (d2i_X509 and related functions) are however not affected. OpenSSL clients and servers are not affected. - [CVE-2015-0287][] + ([CVE-2015-0287]) *Stephen Henson* @@ -4949,7 +5024,7 @@ OpenSSL 1.0.2 affected. OpenSSL clients and servers are not affected. This issue was reported to OpenSSL by Michal Zalewski (Google). - [CVE-2015-0289][] + ([CVE-2015-0289]) *Emilia K?sper* @@ -4961,7 +5036,7 @@ OpenSSL 1.0.2 This issue was discovered by Sean Burford (Google) and Emilia K?sper (OpenSSL development team). - [CVE-2015-0293][] + ([CVE-2015-0293]) *Emilia K?sper* @@ -4970,7 +5045,7 @@ OpenSSL 1.0.2 If client auth is used then a server can seg fault in the event of a DHE ciphersuite being selected and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. - [CVE-2015-1787][] + ([CVE-2015-1787]) *Matt Caswell* @@ -4993,7 +5068,7 @@ OpenSSL 1.0.2 succeed on an unpatched platform: openssl s_client -psk 1a2b3c4d -tls1_2 -cipher PSK-RC4-SHA - [CVE-2015-0285][] + ([CVE-2015-0285]) *Matt Caswell* @@ -5008,7 +5083,7 @@ OpenSSL 1.0.2 This issue was discovered by the BoringSSL project and fixed in their commit 517073cd4b. - [CVE-2015-0209][] + ([CVE-2015-0209]) *Matt Caswell* @@ -5018,7 +5093,7 @@ OpenSSL 1.0.2 the certificate key is invalid. This function is rarely used in practice. This issue was discovered by Brian Carpenter. - [CVE-2015-0288][] + ([CVE-2015-0288]) *Stephen Henson* @@ -5436,7 +5511,7 @@ OpenSSL 1.0.1 the "no-ocsp" build time option are not affected. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6304][] + ([CVE-2016-6304]) *Matt Caswell* @@ -5445,7 +5520,7 @@ OpenSSL 1.0.1 This issue was reported to OpenSSL Karthikeyan Bhargavan and Gaetan Leurent (INRIA) - [CVE-2016-2183][] + ([CVE-2016-2183]) *Rich Salz* @@ -5461,7 +5536,7 @@ OpenSSL 1.0.1 on most platforms. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6303][] + ([CVE-2016-6303]) *Stephen Henson* @@ -5475,7 +5550,7 @@ OpenSSL 1.0.1 a custom server callback and ticket lookup mechanism. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6302][] + ([CVE-2016-6302]) *Stephen Henson* @@ -5488,7 +5563,7 @@ OpenSSL 1.0.1 record limits will reject an oversized certificate before it is parsed. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-2182][] + ([CVE-2016-2182]) *Stephen Henson* @@ -5500,7 +5575,7 @@ OpenSSL 1.0.1 presented. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-2180][] + ([CVE-2016-2180]) *Stephen Henson* @@ -5526,7 +5601,7 @@ OpenSSL 1.0.1 values of len that are too big and therefore p + len < limit. This issue was reported to OpenSSL by Guido Vranken - [CVE-2016-2177][] + ([CVE-2016-2177]) *Matt Caswell* @@ -5541,7 +5616,7 @@ OpenSSL 1.0.1 This issue was reported by C?sar Pereida (Aalto University), Billy Brumley (Tampere University of Technology), and Yuval Yarom (The University of Adelaide and NICTA). - [CVE-2016-2178][] + ([CVE-2016-2178]) *C?sar Pereida* @@ -5559,7 +5634,7 @@ OpenSSL 1.0.1 attacker could cause a DoS attack through memory exhaustion. This issue was reported to OpenSSL by Quan Luo. - [CVE-2016-2179][] + ([CVE-2016-2179]) *Matt Caswell* @@ -5574,7 +5649,7 @@ OpenSSL 1.0.1 service for a specific DTLS connection. This issue was reported to OpenSSL by the OCAP audit team. - [CVE-2016-2181][] + ([CVE-2016-2181]) *Matt Caswell* @@ -5590,7 +5665,7 @@ OpenSSL 1.0.1 against a client or a server which enables client authentication. This issue was reported to OpenSSL by Shi Lei (Gear Team, Qihoo 360 Inc.) - [CVE-2016-6306][] + ([CVE-2016-6306]) *Stephen Henson* @@ -5603,14 +5678,14 @@ OpenSSL 1.0.1 AES-NI. This issue was introduced as part of the fix for Lucky 13 padding - attack [CVE-2013-0169][]. The padding check was rewritten to be in + attack ([CVE-2013-0169]). The padding check was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. This issue was reported by Juraj Somorovsky using TLS-Attacker. - [CVE-2016-2107][] + ([CVE-2016-2107]) *Kurt Roeckx* @@ -5629,7 +5704,7 @@ OpenSSL 1.0.1 with large amounts of untrusted data may also be vulnerable. This issue was reported by Guido Vranken. - [CVE-2016-2105][] + ([CVE-2016-2105]) *Matt Caswell* @@ -5653,7 +5728,7 @@ OpenSSL 1.0.1 instances in internal usage where an overflow could occur. This issue was reported by Guido Vranken. - [CVE-2016-2106][] + ([CVE-2016-2106]) *Matt Caswell* @@ -5669,7 +5744,7 @@ OpenSSL 1.0.1 applications are not affected. This issue was reported by Brian Carpenter. - [CVE-2016-2109][] + ([CVE-2016-2109]) *Stephen Henson* @@ -5680,7 +5755,7 @@ OpenSSL 1.0.1 in arbitrary stack data being returned in the buffer. This issue was reported by Guido Vranken. - [CVE-2016-2176][] + ([CVE-2016-2176]) *Matt Caswell* @@ -5722,7 +5797,7 @@ OpenSSL 1.0.1 server variants, SSLv2 ciphers vulnerable to exhaustive search key recovery have been removed. Specifically, the SSLv2 40-bit EXPORT ciphers, and SSLv2 56-bit DES are no longer available. - [CVE-2016-0800][] + ([CVE-2016-0800]) *Viktor Dukhovni* @@ -5735,7 +5810,7 @@ OpenSSL 1.0.1 This issue was reported to OpenSSL by Adam Langley(Google/BoringSSL) using libFuzzer. - [CVE-2016-0705][] + ([CVE-2016-0705]) *Stephen Henson* @@ -5755,7 +5830,7 @@ OpenSSL 1.0.1 credentials, this behaviour is not constant time and no strong guarantees are made that the handshake is indistinguishable from that of a valid user. - [CVE-2016-0798][] + ([CVE-2016-0798]) *Emilia K?sper* @@ -5780,7 +5855,7 @@ OpenSSL 1.0.1 consequences. This is also anticipated to be rare. This issue was reported to OpenSSL by Guido Vranken. - [CVE-2016-0797][] + ([CVE-2016-0797]) *Matt Caswell* @@ -5812,7 +5887,7 @@ OpenSSL 1.0.1 trigger these issues because of message size limits enforced within libssl. This issue was reported to OpenSSL Guido Vranken. - [CVE-2016-0799][] + ([CVE-2016-0799]) *Matt Caswell* @@ -5828,7 +5903,7 @@ OpenSSL 1.0.1 Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and Nadia Heninger, University of Pennsylvania with more information at . - [CVE-2016-0702][] + ([CVE-2016-0702]) *Andy Polyakov* @@ -5858,7 +5933,7 @@ OpenSSL 1.0.1 This issue was reported to OpenSSL on 26th December 2015 by Nimrod Aviram and Sebastian Schinzel. - [CVE-2015-3197][] + ([CVE-2015-3197]) *Viktor Dukhovni* @@ -5880,7 +5955,7 @@ OpenSSL 1.0.1 authentication. This issue was reported to OpenSSL by Lo?c Jonas Etienne (Qnective AG). - [CVE-2015-3194][] + ([CVE-2015-3194]) *Stephen Henson* @@ -5893,7 +5968,7 @@ OpenSSL 1.0.1 This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using libFuzzer. - [CVE-2015-3195][] + ([CVE-2015-3195]) *Stephen Henson* @@ -5922,7 +5997,7 @@ OpenSSL 1.0.1 This issue was reported to OpenSSL by Adam Langley/David Benjamin (Google/BoringSSL). - [CVE-2015-1793][] + ([CVE-2015-1793]) *Matt Caswell* @@ -5932,7 +6007,7 @@ OpenSSL 1.0.1 the values are wrongly updated in the parent SSL_CTX structure. This can result in a race condition potentially leading to a double free of the identify hint data. - [CVE-2015-3196][] + ([CVE-2015-3196]) *Stephen Henson* @@ -5956,7 +6031,7 @@ OpenSSL 1.0.1 client authentication enabled. This issue was reported to OpenSSL by Joseph Barr-Pixton. - [CVE-2015-1788][] + ([CVE-2015-1788]) *Andy Polyakov* @@ -5976,7 +6051,7 @@ OpenSSL 1.0.1 This issue was reported to OpenSSL by Robert Swiecki (Google), and independently by Hanno B?ck. - [CVE-2015-1789][] + ([CVE-2015-1789]) *Emilia K?sper* @@ -5991,7 +6066,7 @@ OpenSSL 1.0.1 servers are not affected. This issue was reported to OpenSSL by Michal Zalewski (Google). - [CVE-2015-1790][] + ([CVE-2015-1790]) *Emilia K?sper* @@ -6002,7 +6077,7 @@ OpenSSL 1.0.1 denial of service against any system which verifies signedData messages using the CMS code. This issue was reported to OpenSSL by Johannes Bauer. - [CVE-2015-1792][] + ([CVE-2015-1792]) *Stephen Henson* @@ -6011,7 +6086,7 @@ OpenSSL 1.0.1 If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. - [CVE-2015-1791][] + ([CVE-2015-1791]) *Matt Caswell* @@ -6033,7 +6108,7 @@ OpenSSL 1.0.1 certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. - [CVE-2015-0286][] + ([CVE-2015-0286]) *Stephen Henson* @@ -6047,7 +6122,7 @@ OpenSSL 1.0.1 components may be affected. Certificate parsing (d2i_X509 and related functions) are however not affected. OpenSSL clients and servers are not affected. - [CVE-2015-0287][] + ([CVE-2015-0287]) *Stephen Henson* @@ -6062,7 +6137,7 @@ OpenSSL 1.0.1 affected. OpenSSL clients and servers are not affected. This issue was reported to OpenSSL by Michal Zalewski (Google). - [CVE-2015-0289][] + ([CVE-2015-0289]) *Emilia K?sper* @@ -6074,7 +6149,7 @@ OpenSSL 1.0.1 This issue was discovered by Sean Burford (Google) and Emilia K?sper (OpenSSL development team). - [CVE-2015-0293][] + ([CVE-2015-0293]) *Emilia K?sper* @@ -6089,7 +6164,7 @@ OpenSSL 1.0.1 This issue was discovered by the BoringSSL project and fixed in their commit 517073cd4b. - [CVE-2015-0209][] + ([CVE-2015-0209]) *Matt Caswell* @@ -6099,7 +6174,7 @@ OpenSSL 1.0.1 the certificate key is invalid. This function is rarely used in practice. This issue was discovered by Brian Carpenter. - [CVE-2015-0288][] + ([CVE-2015-0288]) *Stephen Henson* @@ -6119,7 +6194,7 @@ OpenSSL 1.0.1 message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. Thanks to Markus Stenberg of Cisco Systems, Inc. for reporting this issue. - [CVE-2014-3571][] + ([CVE-2014-3571]) *Steve Henson* @@ -6129,7 +6204,7 @@ OpenSSL 1.0.1 sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. Thanks to Chris Mueller for reporting this issue. - [CVE-2015-0206][] + ([CVE-2015-0206]) *Matt Caswell* @@ -6137,7 +6212,7 @@ OpenSSL 1.0.1 built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference. Thanks to Frank Schmirler for reporting this issue. - [CVE-2014-3569][] + ([CVE-2014-3569]) *Kurt Roeckx* @@ -6146,7 +6221,7 @@ OpenSSL 1.0.1 Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for reporting this issue. - [CVE-2014-3572][] + ([CVE-2014-3572]) *Steve Henson* @@ -6156,7 +6231,7 @@ OpenSSL 1.0.1 downgrade the RSA key length used to a value smaller than the server certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting this issue. - [CVE-2015-0204][] + ([CVE-2015-0204]) *Steve Henson* @@ -6168,7 +6243,7 @@ OpenSSL 1.0.1 containing DH keys: these are extremely rare and hardly ever encountered. Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting this issue. - [CVE-2015-0205][] + ([CVE-2015-0205]) *Steve Henson* @@ -6214,7 +6289,7 @@ OpenSSL 1.0.1 Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team. - [CVE-2014-8275][] + ([CVE-2014-8275]) *Steve Henson* @@ -6226,7 +6301,7 @@ OpenSSL 1.0.1 fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team. - [CVE-2014-3570][] + ([CVE-2014-3570]) *Andy Polyakov* @@ -6268,7 +6343,7 @@ OpenSSL 1.0.1 have been compiled with OPENSSL_NO_SRTP defined are not affected. The fix was developed by the OpenSSL team. - [CVE-2014-3513][] + ([CVE-2014-3513]) *OpenSSL team* @@ -6280,7 +6355,7 @@ OpenSSL 1.0.1 causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. - [CVE-2014-3567][] + ([CVE-2014-3567]) *Steve Henson* @@ -6289,14 +6364,14 @@ OpenSSL 1.0.1 When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them. - [CVE-2014-3568][] + ([CVE-2014-3568]) *Akamai and the OpenSSL team* * Add support for TLS_FALLBACK_SCSV. Client applications doing fallback retries should call SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). - [CVE-2014-3566][] + ([CVE-2014-3566]) *Adam Langley, Bodo Moeller* @@ -6318,7 +6393,7 @@ OpenSSL 1.0.1 Thanks to Sean Devlin and Watson Ladd of Cryptography Services, NCC Group for discovering this issue. - [CVE-2014-3512][] + ([CVE-2014-3512]) *Steve Henson* @@ -6330,7 +6405,7 @@ OpenSSL 1.0.1 Thanks to David Benjamin and Adam Langley (Google) for discovering and researching this issue. - [CVE-2014-3511][] + ([CVE-2014-3511]) *David Benjamin* @@ -6341,14 +6416,14 @@ OpenSSL 1.0.1 Thanks to Felix Gr?bert (Google) for discovering and researching this issue. - [CVE-2014-3510][] + ([CVE-2014-3510]) *Emilia K?sper* * By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack. Thanks to Adam Langley for discovering and researching this issue. - [CVE-2014-3507][] + ([CVE-2014-3507]) *Adam Langley* @@ -6356,7 +6431,7 @@ OpenSSL 1.0.1 processing DTLS handshake messages. This can be exploited through a Denial of Service attack. Thanks to Adam Langley for discovering and researching this issue. - [CVE-2014-3506][] + ([CVE-2014-3506]) *Adam Langley* @@ -6365,7 +6440,7 @@ OpenSSL 1.0.1 can be exploited through a Denial of Service attack. Thanks to Adam Langley and Wan-Teh Chang for discovering and researching this issue. - [CVE-2014-3505][] + ([CVE-2014-3505]) *Adam Langley* @@ -6375,7 +6450,7 @@ OpenSSL 1.0.1 Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this issue. - [CVE-2014-3509][] + ([CVE-2014-3509]) *Gabor Tyukasz* @@ -6386,7 +6461,7 @@ OpenSSL 1.0.1 Thanks to Joonas Kuorilehto and Riku Hietam?ki (Codenomicon) for discovering and researching this issue. - [CVE-2014-5139][] + ([CVE-2014-5139]) *Steve Henson* @@ -6396,7 +6471,7 @@ OpenSSL 1.0.1 output to the attacker. Thanks to Ivan Fratric (Google) for discovering this issue. - [CVE-2014-3508][] + ([CVE-2014-3508]) *Emilia K?sper, and Steve Henson* @@ -6413,7 +6488,7 @@ OpenSSL 1.0.1 SSL/TLS clients and servers. Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and - researching this issue. [CVE-2014-0224][] + researching this issue. ([CVE-2014-0224]) *KIKUCHI Masashi, Steve Henson* @@ -6422,7 +6497,7 @@ OpenSSL 1.0.1 in a DoS attack. Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. - [CVE-2014-0221][] + ([CVE-2014-0221]) *Imre Rad, Steve Henson* @@ -6431,7 +6506,7 @@ OpenSSL 1.0.1 client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. - Thanks to J?ri Aedla for reporting this issue. [CVE-2014-0195][] + Thanks to J?ri Aedla for reporting this issue. ([CVE-2014-0195]) *J?ri Aedla, Steve Henson* @@ -6439,7 +6514,7 @@ OpenSSL 1.0.1 are subject to a denial of service attack. Thanks to Felix Gr?bert and Ivan Fratric at Google for discovering - this issue. [CVE-2014-3470][] + this issue. ([CVE-2014-3470]) *Felix Gr?bert, Ivan Fratric, Steve Henson* @@ -6465,7 +6540,7 @@ OpenSSL 1.0.1 Thanks for Neel Mehta of Google Security for discovering this bug and to Adam Langley and Bodo Moeller for - preparing the fix [CVE-2014-0160][] + preparing the fix ([CVE-2014-0160]) *Adam Langley, Bodo Moeller* @@ -6475,7 +6550,7 @@ OpenSSL 1.0.1 Thanks to Yuval Yarom and Naomi Benger for discovering this - flaw and to Yuval Yarom for supplying a fix [CVE-2014-0076][] + flaw and to Yuval Yarom for supplying a fix ([CVE-2014-0076]) *Yuval Yarom and Naomi Benger* @@ -6493,11 +6568,11 @@ OpenSSL 1.0.1 * Fix for TLS record tampering bug. A carefully crafted invalid handshake could crash OpenSSL with a NULL pointer exception. Thanks to Anton Johansson for reporting this issues. - [CVE-2013-4353][] + ([CVE-2013-4353]) * Keep original DTLS digest and encryption contexts in retransmission structures so we can use the previous session parameters if they need - to be resent. [CVE-2013-6450][] + to be resent. ([CVE-2013-6450]) *Steve Henson* @@ -6529,7 +6604,7 @@ OpenSSL 1.0.1 Security Group at Royal Holloway, University of London (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and Emilia K?sper for the initial patch. - [CVE-2013-0169][] + ([CVE-2013-0169]) *Emilia K?sper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson* @@ -6538,12 +6613,12 @@ OpenSSL 1.0.1 Thanks go to and to Adam Langley for discovering and detecting this bug and to Wolfgang Ettlinger for independently discovering this issue. - [CVE-2012-2686][] + ([CVE-2012-2686]) *Adam Langley* * Return an error when checking OCSP signatures when key is NULL. - This fixes a DoS attack. [CVE-2013-0166][] + This fixes a DoS attack. ([CVE-2013-0166]) *Steve Henson* @@ -6574,7 +6649,7 @@ OpenSSL 1.0.1 Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. - [CVE-2012-2333][] + ([CVE-2012-2333]) *Steve Henson* @@ -6621,7 +6696,7 @@ OpenSSL 1.0.1 Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley for fixing it. - [CVE-2012-2110][] + ([CVE-2012-2110]) *Adam Langley (Google), Tavis Ormandy, Google Security Team* @@ -7001,7 +7076,7 @@ OpenSSL 1.0.0 This issue was reported to OpenSSL by Adam Langley (Google/BoringSSL) using libFuzzer. - [CVE-2015-3195][] + ([CVE-2015-3195]) *Stephen Henson* @@ -7011,7 +7086,7 @@ OpenSSL 1.0.0 the values are wrongly updated in the parent SSL_CTX structure. This can result in a race condition potentially leading to a double free of the identify hint data. - [CVE-2015-3196][] + ([CVE-2015-3196]) *Stephen Henson* @@ -7029,7 +7104,7 @@ OpenSSL 1.0.0 client authentication enabled. This issue was reported to OpenSSL by Joseph Barr-Pixton. - [CVE-2015-1788][] + ([CVE-2015-1788]) *Andy Polyakov* @@ -7049,7 +7124,7 @@ OpenSSL 1.0.0 This issue was reported to OpenSSL by Robert Swiecki (Google), and independently by Hanno B?ck. - [CVE-2015-1789][] + ([CVE-2015-1789]) *Emilia K?sper* @@ -7064,7 +7139,7 @@ OpenSSL 1.0.0 servers are not affected. This issue was reported to OpenSSL by Michal Zalewski (Google). - [CVE-2015-1790][] + ([CVE-2015-1790]) *Emilia K?sper* @@ -7075,7 +7150,7 @@ OpenSSL 1.0.0 denial of service against any system which verifies signedData messages using the CMS code. This issue was reported to OpenSSL by Johannes Bauer. - [CVE-2015-1792][] + ([CVE-2015-1792]) *Stephen Henson* @@ -7084,7 +7159,7 @@ OpenSSL 1.0.0 If a NewSessionTicket is received by a multi-threaded client when attempting to reuse a previous ticket then a race condition can occur potentially leading to a double free of the ticket data. - [CVE-2015-1791][] + ([CVE-2015-1791]) *Matt Caswell* @@ -7098,7 +7173,7 @@ OpenSSL 1.0.0 certificate verification operation and exploited in a DoS attack. Any application which performs certificate verification is vulnerable including OpenSSL clients and servers which enable client authentication. - [CVE-2015-0286][] + ([CVE-2015-0286]) *Stephen Henson* @@ -7112,7 +7187,7 @@ OpenSSL 1.0.0 components may be affected. Certificate parsing (d2i_X509 and related functions) are however not affected. OpenSSL clients and servers are not affected. - [CVE-2015-0287][] + ([CVE-2015-0287]) *Stephen Henson* @@ -7127,7 +7202,7 @@ OpenSSL 1.0.0 affected. OpenSSL clients and servers are not affected. This issue was reported to OpenSSL by Michal Zalewski (Google). - [CVE-2015-0289][] + ([CVE-2015-0289]) *Emilia K?sper* @@ -7139,7 +7214,7 @@ OpenSSL 1.0.0 This issue was discovered by Sean Burford (Google) and Emilia K?sper (OpenSSL development team). - [CVE-2015-0293][] + ([CVE-2015-0293]) *Emilia K?sper* @@ -7154,7 +7229,7 @@ OpenSSL 1.0.0 This issue was discovered by the BoringSSL project and fixed in their commit 517073cd4b. - [CVE-2015-0209][] + ([CVE-2015-0209]) *Matt Caswell* @@ -7164,7 +7239,7 @@ OpenSSL 1.0.0 the certificate key is invalid. This function is rarely used in practice. This issue was discovered by Brian Carpenter. - [CVE-2015-0288][] + ([CVE-2015-0288]) *Stephen Henson* @@ -7184,7 +7259,7 @@ OpenSSL 1.0.0 message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. Thanks to Markus Stenberg of Cisco Systems, Inc. for reporting this issue. - [CVE-2014-3571][] + ([CVE-2014-3571]) *Steve Henson* @@ -7194,7 +7269,7 @@ OpenSSL 1.0.0 sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. Thanks to Chris Mueller for reporting this issue. - [CVE-2015-0206][] + ([CVE-2015-0206]) *Matt Caswell* @@ -7202,7 +7277,7 @@ OpenSSL 1.0.0 built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference. Thanks to Frank Schmirler for reporting this issue. - [CVE-2014-3569][] + ([CVE-2014-3569]) *Kurt Roeckx* @@ -7211,7 +7286,7 @@ OpenSSL 1.0.0 Thanks to Karthikeyan Bhargavan of the PROSECCO team at INRIA for reporting this issue. - [CVE-2014-3572][] + ([CVE-2014-3572]) *Steve Henson* @@ -7221,7 +7296,7 @@ OpenSSL 1.0.0 downgrade the RSA key length used to a value smaller than the server certificate. Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting this issue. - [CVE-2015-0204][] + ([CVE-2015-0204]) *Steve Henson* @@ -7233,7 +7308,7 @@ OpenSSL 1.0.0 containing DH keys: these are extremely rare and hardly ever encountered. Thanks for Karthikeyan Bhargavan of the PROSECCO team at INRIA or reporting this issue. - [CVE-2015-0205][] + ([CVE-2015-0205]) *Steve Henson* @@ -7245,7 +7320,7 @@ OpenSSL 1.0.0 fix. Further analysis was conducted by the OpenSSL development team and Adam Langley of Google. The final fix was developed by Andy Polyakov of the OpenSSL core team. - [CVE-2014-3570][] + ([CVE-2014-3570]) *Andy Polyakov* @@ -7283,7 +7358,7 @@ OpenSSL 1.0.0 Further analysis was conducted and fixes were developed by Stephen Henson of the OpenSSL core team. - [CVE-2014-8275][] + ([CVE-2014-8275]) *Steve Henson* @@ -7297,7 +7372,7 @@ OpenSSL 1.0.0 causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. - [CVE-2014-3567][] + ([CVE-2014-3567]) *Steve Henson* @@ -7306,14 +7381,14 @@ OpenSSL 1.0.0 When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them. - [CVE-2014-3568][] + ([CVE-2014-3568]) *Akamai and the OpenSSL team* * Add support for TLS_FALLBACK_SCSV. Client applications doing fallback retries should call SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). - [CVE-2014-3566][] + ([CVE-2014-3566]) *Adam Langley, Bodo Moeller* @@ -7336,14 +7411,14 @@ OpenSSL 1.0.0 Thanks to Felix Gr?bert (Google) for discovering and researching this issue. - [CVE-2014-3510][] + ([CVE-2014-3510]) *Emilia K?sper* * By sending carefully crafted DTLS packets an attacker could cause openssl to leak memory. This can be exploited through a Denial of Service attack. Thanks to Adam Langley for discovering and researching this issue. - [CVE-2014-3507][] + ([CVE-2014-3507]) *Adam Langley* @@ -7351,7 +7426,7 @@ OpenSSL 1.0.0 processing DTLS handshake messages. This can be exploited through a Denial of Service attack. Thanks to Adam Langley for discovering and researching this issue. - [CVE-2014-3506][] + ([CVE-2014-3506]) *Adam Langley* @@ -7360,7 +7435,7 @@ OpenSSL 1.0.0 can be exploited through a Denial of Service attack. Thanks to Adam Langley and Wan-Teh Chang for discovering and researching this issue. - [CVE-2014-3505][] + ([CVE-2014-3505]) *Adam Langley* @@ -7370,7 +7445,7 @@ OpenSSL 1.0.0 Thanks to Gabor Tyukasz (LogMeIn Inc) for discovering and researching this issue. - [CVE-2014-3509][] + ([CVE-2014-3509]) *Gabor Tyukasz* @@ -7380,7 +7455,7 @@ OpenSSL 1.0.0 output to the attacker. Thanks to Ivan Fratric (Google) for discovering this issue. - [CVE-2014-3508][] + ([CVE-2014-3508]) *Emilia K?sper, and Steve Henson* @@ -7397,7 +7472,7 @@ OpenSSL 1.0.0 SSL/TLS clients and servers. Thanks to KIKUCHI Masashi (Lepidum Co. Ltd.) for discovering and - researching this issue. [CVE-2014-0224][] + researching this issue. ([CVE-2014-0224]) *KIKUCHI Masashi, Steve Henson* @@ -7406,7 +7481,7 @@ OpenSSL 1.0.0 in a DoS attack. Thanks to Imre Rad (Search-Lab Ltd.) for discovering this issue. - [CVE-2014-0221][] + ([CVE-2014-0221]) *Imre Rad, Steve Henson* @@ -7415,7 +7490,7 @@ OpenSSL 1.0.0 client or server. This is potentially exploitable to run arbitrary code on a vulnerable client or server. - Thanks to J?ri Aedla for reporting this issue. [CVE-2014-0195][] + Thanks to J?ri Aedla for reporting this issue. ([CVE-2014-0195]) *J?ri Aedla, Steve Henson* @@ -7423,7 +7498,7 @@ OpenSSL 1.0.0 are subject to a denial of service attack. Thanks to Felix Gr?bert and Ivan Fratric at Google for discovering - this issue. [CVE-2014-3470][] + this issue. ([CVE-2014-3470]) *Felix Gr?bert, Ivan Fratric, Steve Henson* @@ -7447,7 +7522,7 @@ OpenSSL 1.0.0 Thanks to Yuval Yarom and Naomi Benger for discovering this - flaw and to Yuval Yarom for supplying a fix [CVE-2014-0076][] + flaw and to Yuval Yarom for supplying a fix ([CVE-2014-0076]) *Yuval Yarom and Naomi Benger* @@ -7455,7 +7530,7 @@ OpenSSL 1.0.0 * Keep original DTLS digest and encryption contexts in retransmission structures so we can use the previous session parameters if they need - to be resent. [CVE-2013-6450][] + to be resent. ([CVE-2013-6450]) *Steve Henson* @@ -7480,12 +7555,12 @@ OpenSSL 1.0.0 Security Group at Royal Holloway, University of London (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and Emilia K?sper for the initial patch. - [CVE-2013-0169][] + ([CVE-2013-0169]) *Emilia K?sper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson* * Return an error when checking OCSP signatures when key is NULL. - This fixes a DoS attack. [CVE-2013-0166][] + This fixes a DoS attack. ([CVE-2013-0166]) *Steve Henson* @@ -7511,7 +7586,7 @@ OpenSSL 1.0.1.] Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. - [CVE-2012-2333][] + ([CVE-2012-2333]) *Steve Henson* @@ -7528,7 +7603,7 @@ OpenSSL 1.0.1.] Thanks to Tavis Ormandy, Google Security Team, for discovering this issue and to Adam Langley for fixing it. - [CVE-2012-2110][] + ([CVE-2012-2110]) *Adam Langley (Google), Tavis Ormandy, Google Security Team* @@ -7542,7 +7617,7 @@ OpenSSL 1.0.1.] CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where an MMA defence is not necessary. Thanks to Ivan Nestlerode for discovering - this issue. [CVE-2012-0884][] + this issue. ([CVE-2012-0884]) *Steve Henson* @@ -7557,7 +7632,7 @@ OpenSSL 1.0.1.] * Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and - preparing a fix. [CVE-2012-0050][] + preparing a fix. ([CVE-2012-0050]) *Antonio Martin* @@ -7574,28 +7649,28 @@ OpenSSL 1.0.1.] Security Group at Royal Holloway, University of London (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann and Michael Tuexen - for preparing the fix. [CVE-2011-4108][] + for preparing the fix. ([CVE-2011-4108]) *Robin Seggelmann, Michael Tuexen* * Clear bytes used for block padding of SSL 3.0 records. - [CVE-2011-4576][] + ([CVE-2011-4576]) *Adam Langley (Google)* * Only allow one SGC handshake restart for SSL/TLS. Thanks to George Kadianakis for discovering this issue and - Adam Langley for preparing the fix. [CVE-2011-4619][] + Adam Langley for preparing the fix. ([CVE-2011-4619]) *Adam Langley (Google)* - * Check parameters are not NULL in GOST ENGINE. [CVE-2012-0027][] + * Check parameters are not NULL in GOST ENGINE. ([CVE-2012-0027]) *Andrey Kulikov * * Prevent malformed RFC3779 data triggering an assertion failure. Thanks to Andrew Chi, BBN Technologies, for discovering the flaw - and Rob Austein for fixing it. [CVE-2011-4577][] + and Rob Austein for fixing it. ([CVE-2011-4577]) *Rob Austein * @@ -7634,12 +7709,12 @@ OpenSSL 1.0.1.] ### Changes between 1.0.0d and 1.0.0e [6 Sep 2011] * Fix bug where CRLs with nextUpdate in the past are sometimes accepted - by initialising X509_STORE_CTX properly. [CVE-2011-3207][] + by initialising X509_STORE_CTX properly. ([CVE-2011-3207]) *Kaspar Brand * * Fix SSL memory handling for (EC)DH ciphersuites, in particular - for multi-threaded use of ECDH. [CVE-2011-3210][] + for multi-threaded use of ECDH. ([CVE-2011-3210]) *Adam Langley (Google)* @@ -7701,7 +7776,7 @@ OpenSSL 1.0.1.] ### Changes between 1.0.0 and 1.0.0a [01 Jun 2010] * Check return value of int_rsa_verify in pkey_rsa_verifyrecover - [CVE-2010-1633][] + ([CVE-2010-1633]) *Steve Henson, Peter-Michael Hager * @@ -8675,7 +8750,7 @@ OpenSSL 0.9.x - OpenSSL 0.9.8f if 'short' is longer than 16 bits, the previous behavior could result in a read attempt at NULL when receiving specific incorrect SSL/TLS records once record payload - protection is active. [CVE-2010-0740][] + protection is active. ([CVE-2010-0740]) *Bodo Moeller, Adam Langley * @@ -8686,7 +8761,7 @@ OpenSSL 0.9.x ### Changes between 0.9.8l and 0.9.8m [25 Feb 2010] - * Always check bn_wexpand() return values for failure. [CVE-2009-3245][] + * Always check bn_wexpand() return values for failure. ([CVE-2009-3245]) *Martin Olsson, Neel Mehta* @@ -8845,7 +8920,7 @@ OpenSSL 0.9.x left. Additionally every future message was buffered, even if the sequence number made no sense and would be part of another handshake. So only messages with sequence numbers less than 10 in advance will be - buffered. [CVE-2009-1378][] + buffered. ([CVE-2009-1378]) *Robin Seggelmann, discovered by Daniel Mentz* @@ -8855,12 +8930,12 @@ OpenSSL 0.9.x a DOS attack with sending records with future epochs until there is no memory left. This patch adds the pqueue_size() function to determine the size of a buffer and limits the record buffer to 100 entries. - [CVE-2009-1377][] + ([CVE-2009-1377]) *Robin Seggelmann, discovered by Daniel Mentz* * Keep a copy of frag->msg_header.frag_len so it can be used after the - parent structure is freed. [CVE-2009-1379][] + parent structure is freed. ([CVE-2009-1379]) *Daniel Mentz* @@ -8875,7 +8950,7 @@ OpenSSL 0.9.x ### Changes between 0.9.8k and 0.9.8l [5 Nov 2009] * Disable renegotiation completely - this fixes a severe security - problem [CVE-2009-3555][] at the cost of breaking all + problem ([CVE-2009-3555]) at the cost of breaking all renegotiation. Renegotiation can be re-enabled by setting SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION in s3->flags at run-time. This is really not recommended unless you know what @@ -8887,19 +8962,19 @@ OpenSSL 0.9.x * Don't set val to NULL when freeing up structures, it is freed up by underlying code. If `sizeof(void *) > sizeof(long)` this can result in - zeroing past the valid field. [CVE-2009-0789][] + zeroing past the valid field. ([CVE-2009-0789]) *Paolo Ganci * * Fix bug where return value of CMS_SignerInfo_verify_content() was not checked correctly. This would allow some invalid signed attributes to - appear to verify correctly. [CVE-2009-0591][] + appear to verify correctly. ([CVE-2009-0591]) *Ivan Nestlerode * * Reject UniversalString and BMPString types with invalid lengths. This prevents a crash in ASN1_STRING_print_ex() which assumes the strings have - a legal length. [CVE-2009-0590][] + a legal length. ([CVE-2009-0590]) *Steve Henson* @@ -8940,7 +9015,7 @@ OpenSSL 0.9.x ### Changes between 0.9.8i and 0.9.8j [07 Jan 2009] * Properly check EVP_VerifyFinal() and similar return values - [CVE-2008-5077][]. + ([CVE-2008-5077]). *Ben Laurie, Bodo Moeller, Google Security Team* @@ -8987,7 +9062,7 @@ OpenSSL 0.9.x ### Changes between 0.9.8h and 0.9.8i [15 Sep 2008] * Fix NULL pointer dereference if a DTLS server received - ChangeCipherSpec as first record [CVE-2009-1386][]. + ChangeCipherSpec as first record ([CVE-2009-1386]). *PR #1679* @@ -9060,12 +9135,12 @@ OpenSSL 0.9.x * Fix flaw if 'Server Key exchange message' is omitted from a TLS handshake which could lead to a client crash as found using the - Codenomicon TLS test suite [CVE-2008-1672][] + Codenomicon TLS test suite ([CVE-2008-1672]) *Steve Henson, Mark Cox* * Fix double free in TLS server name extensions which could lead to - a remote crash found by Codenomicon TLS test suite [CVE-2008-0891][] + a remote crash found by Codenomicon TLS test suite ([CVE-2008-0891]) *Joe Orton* @@ -9385,7 +9460,7 @@ OpenSSL 0.9.x * Update the SSL_get_shared_ciphers() fix CVE-2006-3738 which was not complete and could lead to a possible single byte overflow - [CVE-2007-5135][] [Ben Laurie] + ([CVE-2007-5135]) [Ben Laurie] ### Changes between 0.9.8d and 0.9.8e [23 Feb 2007] @@ -9432,18 +9507,18 @@ OpenSSL 0.9.x ### Changes between 0.9.8c and 0.9.8d [28 Sep 2006] * Introduce limits to prevent malicious keys being able to - cause a denial of service. [CVE-2006-2940][] + cause a denial of service. ([CVE-2006-2940]) *Steve Henson, Bodo Moeller* * Fix ASN.1 parsing of certain invalid structures that can result - in a denial of service. [CVE-2006-2937][] [Steve Henson] + in a denial of service. ([CVE-2006-2937]) [Steve Henson] * Fix buffer overflow in SSL_get_shared_ciphers() function. - [CVE-2006-3738][] [Tavis Ormandy and Will Drewry, Google Security Team] + ([CVE-2006-3738]) [Tavis Ormandy and Will Drewry, Google Security Team] * Fix SSL client code which could crash if connecting to a - malicious SSLv2 server. [CVE-2006-4343][] + malicious SSLv2 server. ([CVE-2006-4343]) *Tavis Ormandy and Will Drewry, Google Security Team* @@ -9477,7 +9552,7 @@ OpenSSL 0.9.x ### Changes between 0.9.8b and 0.9.8c [05 Sep 2006] * Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher - [CVE-2006-4339][] [Ben Laurie and Google Security Team] + ([CVE-2006-4339]) [Ben Laurie and Google Security Team] * Add AES IGE and biIGE modes. @@ -9597,7 +9672,7 @@ OpenSSL 0.9.x (part of SSL_OP_ALL). This option used to disable the countermeasure against man-in-the-middle protocol-version rollback in the SSL 2.0 server implementation, which is a bad - idea. [CVE-2005-2969][] + idea. ([CVE-2005-2969]) *Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center for Information Security, National Institute of Advanced Industrial @@ -10605,18 +10680,18 @@ OpenSSL 0.9.8.] ### Changes between 0.9.7k and 0.9.7l [28 Sep 2006] * Introduce limits to prevent malicious keys being able to - cause a denial of service. [CVE-2006-2940][] + cause a denial of service. ([CVE-2006-2940]) *Steve Henson, Bodo Moeller* * Fix ASN.1 parsing of certain invalid structures that can result - in a denial of service. [CVE-2006-2937][] [Steve Henson] + in a denial of service. ([CVE-2006-2937]) [Steve Henson] * Fix buffer overflow in SSL_get_shared_ciphers() function. - [CVE-2006-3738][] [Tavis Ormandy and Will Drewry, Google Security Team] + ([CVE-2006-3738]) [Tavis Ormandy and Will Drewry, Google Security Team] * Fix SSL client code which could crash if connecting to a - malicious SSLv2 server. [CVE-2006-4343][] + malicious SSLv2 server. ([CVE-2006-4343]) *Tavis Ormandy and Will Drewry, Google Security Team* @@ -10633,7 +10708,7 @@ OpenSSL 0.9.8.] ### Changes between 0.9.7j and 0.9.7k [05 Sep 2006] * Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher - [CVE-2006-4339][] [Ben Laurie and Google Security Team] + ([CVE-2006-4339]) [Ben Laurie and Google Security Team] * Change the Unix randomness entropy gathering to use poll() when possible instead of select(), since the latter has some @@ -10696,7 +10771,7 @@ OpenSSL 0.9.8.] (part of SSL_OP_ALL). This option used to disable the countermeasure against man-in-the-middle protocol-version rollback in the SSL 2.0 server implementation, which is a bad - idea. [CVE-2005-2969][] + idea. ([CVE-2005-2969]) *Bodo Moeller; problem pointed out by Yutaka Oiwa (Research Center for Information Security, National Institute of Advanced Industrial @@ -10882,12 +10957,12 @@ OpenSSL 0.9.8.] ### Changes between 0.9.7c and 0.9.7d [17 Mar 2004] * Fix null-pointer assignment in do_change_cipher_spec() revealed - by using the Codenomicon TLS Test Tool [CVE-2004-0079][] + by using the Codenomicon TLS Test Tool ([CVE-2004-0079]) *Joe Orton, Steve Henson* * Fix flaw in SSL/TLS handshaking when using Kerberos ciphersuites - [CVE-2004-0112][] + ([CVE-2004-0112]) *Joe Orton, Steve Henson* @@ -10939,7 +11014,7 @@ OpenSSL 0.9.8.] Stop out of bounds reads in the ASN1 code when presented with invalid tags (CVE-2003-0543 and CVE-2003-0544). - Free up ASN1_TYPE correctly if ANY type is invalid [CVE-2003-0545][]. + Free up ASN1_TYPE correctly if ANY type is invalid ([CVE-2003-0545]). If verify callback ignores invalid public key errors don't try to check certificate signature with the NULL public key. @@ -11036,7 +11111,7 @@ OpenSSL 0.9.8.] via timing by performing a MAC computation even if incorrect block cipher padding has been found. This is a countermeasure against active attacks where the attacker has to distinguish - between bad padding and a MAC verification error. [CVE-2003-0078][] + between bad padding and a MAC verification error. ([CVE-2003-0078]) *Bodo Moeller; problem pointed out by Brice Canvel (EPFL), Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and @@ -11294,7 +11369,7 @@ OpenSSL 0.9.7.] Remote buffer overflow in SSL3 protocol - an attacker could supply an oversized master key in Kerberos-enabled versions. - [CVE-2002-0657][] + ([CVE-2002-0657]) *Ben Laurie (CHATS)* @@ -13205,7 +13280,7 @@ s-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k ### Changes between 0.9.6l and 0.9.6m [17 Mar 2004] * Fix null-pointer assignment in do_change_cipher_spec() revealed - by using the Codenomicon TLS Test Tool [CVE-2004-0079][] + by using the Codenomicon TLS Test Tool ([CVE-2004-0079]) *Joe Orton, Steve Henson* @@ -13214,7 +13289,7 @@ s-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k * Fix additional bug revealed by the NISCC test suite: Stop bug triggering large recursion when presented with - certain ASN.1 tags [CVE-2003-0851][] + certain ASN.1 tags ([CVE-2003-0851]) *Steve Henson* @@ -13281,7 +13356,7 @@ s-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k via timing by performing a MAC computation even if incorrect block cipher padding has been found. This is a countermeasure against active attacks where the attacker has to distinguish - between bad padding and a MAC verification error. [CVE-2003-0078][] + between bad padding and a MAC verification error. ([CVE-2003-0078]) *Bodo Moeller; problem pointed out by Brice Canvel (EPFL), Alain Hiltgen (UBS), Serge Vaudenay (EPFL), and @@ -13430,7 +13505,7 @@ s-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k * Add various sanity checks to asn1_get_length() to reject the ASN1 length bytes if they exceed sizeof(long), will appear negative or the content length exceeds the length of the - supplied buffer. [CVE-2002-0659][] + supplied buffer. ([CVE-2002-0659]) *Steve Henson, Adi Stav , James Yonan * @@ -13440,16 +13515,16 @@ s-cbc 3624.96k 5258.21k 5530.91k 5624.30k 5628.26k *Ben Laurie (CHATS)* * Various temporary buffers to hold ASCII versions of integers were - too small for 64 bit platforms. [CVE-2002-0655][] + too small for 64 bit platforms. ([CVE-2002-0655]) *Matthew Byng-Maddick and Ben Laurie (CHATS)>* * Remote buffer overflow in SSL3 protocol - an attacker could - supply an oversized session ID to a client. [CVE-2002-0656][] + supply an oversized session ID to a client. ([CVE-2002-0656]) *Ben Laurie (CHATS)* * Remote buffer overflow in SSL2 protocol - an attacker could - supply an oversized client master key. [CVE-2002-0656][] + supply an oversized client master key. ([CVE-2002-0656]) *Ben Laurie (CHATS)* @@ -18455,6 +18530,7 @@ ndif +[CVE-2020-1967]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1967 [CVE-2019-1563]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1563 [CVE-2019-1559]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1559 [CVE-2019-1552]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1552 diff --git a/NEWS.md b/NEWS.md index 4b0171fb50..eca309f58c 100644 --- a/NEWS.md +++ b/NEWS.md @@ -72,35 +72,51 @@ OpenSSL 3.0 OpenSSL 1.1.1 ------------- -### Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [under development] +### Major changes between OpenSSL 1.1.1h and OpenSSL 1.1.1i [under development] * +### Major changes between OpenSSL 1.1.1g and OpenSSL 1.1.1h [22 Sep 2020] + + * Disallow explicit curve parameters in verifications chains when + X509_V_FLAG_X509_STRICT is used + * Enable 'MinProtocol' and 'MaxProtocol' to configure both TLS and DTLS + contexts + * Oracle Developer Studio will start reporting deprecation warnings + +### Major changes between OpenSSL 1.1.1f and OpenSSL 1.1.1g [21 Apr 2020] + + * Fixed segmentation fault in SSL_check_chain() ([CVE-2020-1967]) + +### Major changes between OpenSSL 1.1.1e and OpenSSL 1.1.1f [31 Mar 2020] + + * Revert the unexpected EOF reporting via SSL_ERROR_SSL + ### Major changes between OpenSSL 1.1.1d and OpenSSL 1.1.1e [17 Mar 2020] * Fixed an overflow bug in the x64_64 Montgomery squaring procedure - used in exponentiation with 512-bit moduli ([CVE-2019-1551][]) + used in exponentiation with 512-bit moduli ([CVE-2019-1551]) ### Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019] - * Fixed a fork protection issue ([CVE-2019-1549][]) + * Fixed a fork protection issue ([CVE-2019-1549]) * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey - ([CVE-2019-1563][]) + ([CVE-2019-1563]) * For built-in EC curves, ensure an EC_GROUP built from the curve name is used even when parsing explicit parameters * Compute ECC cofactors if not provided during EC_GROUP construction - ([CVE-2019-1547][]) + ([CVE-2019-1547]) * Early start up entropy quality from the DEVRANDOM seed source has been improved for older Linux systems * Correct the extended master secret constant on EBCDIC systems - * Use Windows installation paths in the mingw builds ([CVE-2019-1552][]) + * Use Windows installation paths in the mingw builds ([CVE-2019-1552]) * Changed DH_check to accept parameters with order q and 2q subgroups * Significantly reduce secure memory usage by the randomness pools * Revert the DEVRANDOM_WAIT feature for Linux systems ### Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019] - * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543][]) + * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543]) ### Major changes between OpenSSL 1.1.1a and OpenSSL 1.1.1b [26 Feb 2019] @@ -111,8 +127,8 @@ OpenSSL 1.1.1 ### Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018] - * Timing vulnerability in DSA signature generation ([CVE-2018-0734][]) - * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735][]) + * Timing vulnerability in DSA signature generation ([CVE-2018-0734]) + * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735]) ### Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018] @@ -170,38 +186,38 @@ OpenSSL 1.1.0 ### Major changes between OpenSSL 1.1.0k and OpenSSL 1.1.0l [10 Sep 2019] * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey - ([CVE-2019-1563][]) + ([CVE-2019-1563]) * For built-in EC curves, ensure an EC_GROUP built from the curve name is used even when parsing explicit parameters * Compute ECC cofactors if not provided during EC_GROUP construction - ([CVE-2019-1547][]) - * Use Windows installation paths in the mingw builds ([CVE-2019-1552][]) + ([CVE-2019-1547]) + * Use Windows installation paths in the mingw builds ([CVE-2019-1552]) ### Major changes between OpenSSL 1.1.0j and OpenSSL 1.1.0k [28 May 2019] - * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543][]) + * Prevent over long nonces in ChaCha20-Poly1305 ([CVE-2019-1543]) ### Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.0j [20 Nov 2018] - * Timing vulnerability in DSA signature generation ([CVE-2018-0734][]) - * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735][]) + * Timing vulnerability in DSA signature generation ([CVE-2018-0734]) + * Timing vulnerability in ECDSA signature generation ([CVE-2018-0735]) ### Major changes between OpenSSL 1.1.0h and OpenSSL 1.1.0i [14 Aug 2018] - * Client DoS due to large DH parameter ([CVE-2018-0732][]) - * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737][]) + * Client DoS due to large DH parameter ([CVE-2018-0732]) + * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737]) ### Major changes between OpenSSL 1.1.0g and OpenSSL 1.1.0h [27 Mar 2018] * Constructed ASN.1 types with a recursive definition could exceed the - stack ([CVE-2018-0739][]) - * Incorrect CRYPTO_memcmp on HP-UX PA-RISC ([CVE-2018-0733][]) - * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738][]) + stack ([CVE-2018-0739]) + * Incorrect CRYPTO_memcmp on HP-UX PA-RISC ([CVE-2018-0733]) + * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738]) ### Major changes between OpenSSL 1.1.0f and OpenSSL 1.1.0g [2 Nov 2017] - * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736][]) - * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735][]) + * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736]) + * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735]) ### Major changes between OpenSSL 1.1.0e and OpenSSL 1.1.0f [25 May 2017] @@ -209,32 +225,32 @@ OpenSSL 1.1.0 ### Major changes between OpenSSL 1.1.0d and OpenSSL 1.1.0e [16 Feb 2017] - * Encrypt-Then-Mac renegotiation crash ([CVE-2017-3733][]) + * Encrypt-Then-Mac renegotiation crash ([CVE-2017-3733]) ### Major changes between OpenSSL 1.1.0c and OpenSSL 1.1.0d [26 Jan 2017] - * Truncated packet could crash via OOB read ([CVE-2017-3731][]) - * Bad (EC)DHE parameters cause a client crash ([CVE-2017-3730][]) - * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732][]) + * Truncated packet could crash via OOB read ([CVE-2017-3731]) + * Bad (EC)DHE parameters cause a client crash ([CVE-2017-3730]) + * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732]) ### Major changes between OpenSSL 1.1.0b and OpenSSL 1.1.0c [10 Nov 2016] - * ChaCha20/Poly1305 heap-buffer-overflow ([CVE-2016-7054][]) - * CMS Null dereference ([CVE-2016-7053][]) - * Montgomery multiplication may produce incorrect results ([CVE-2016-7055][]) + * ChaCha20/Poly1305 heap-buffer-overflow ([CVE-2016-7054]) + * CMS Null dereference ([CVE-2016-7053]) + * Montgomery multiplication may produce incorrect results ([CVE-2016-7055]) ### Major changes between OpenSSL 1.1.0a and OpenSSL 1.1.0b [26 Sep 2016] - * Fix Use After Free for large message sizes ([CVE-2016-6309][]) + * Fix Use After Free for large message sizes ([CVE-2016-6309]) ### Major changes between OpenSSL 1.1.0 and OpenSSL 1.1.0a [22 Sep 2016] - * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][]) - * SSL_peek() hang on empty record ([CVE-2016-6305][]) + * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304]) + * SSL_peek() hang on empty record ([CVE-2016-6305]) * Excessive allocation of memory in tls_get_message_header() - ([CVE-2016-6307][]) + ([CVE-2016-6307]) * Excessive allocation of memory in dtls1_preprocess_fragment() - ([CVE-2016-6308][]) + ([CVE-2016-6308]) ### Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016] @@ -290,13 +306,13 @@ OpenSSL 1.0.2 ### Major changes between OpenSSL 1.0.2s and OpenSSL 1.0.2t [10 Sep 2019] * Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey - ([CVE-2019-1563][]) + ([CVE-2019-1563]) * For built-in EC curves, ensure an EC_GROUP built from the curve name is used even when parsing explicit parameters * Compute ECC cofactors if not provided during EC_GROUP construction - ([CVE-2019-1547][]) + ([CVE-2019-1547]) * Document issue with installation paths in diverse Windows builds - ([CVE-2019-1552][]) + ([CVE-2019-1552]) ### Major changes between OpenSSL 1.0.2r and OpenSSL 1.0.2s [28 May 2019] @@ -304,32 +320,32 @@ OpenSSL 1.0.2 ### Major changes between OpenSSL 1.0.2q and OpenSSL 1.0.2r [26 Feb 2019] - * 0-byte record padding oracle ([CVE-2019-1559][]) + * 0-byte record padding oracle ([CVE-2019-1559]) ### Major changes between OpenSSL 1.0.2p and OpenSSL 1.0.2q [20 Nov 2018] - * Microarchitecture timing vulnerability in ECC scalar multiplication ([CVE-2018-5407][]) - * Timing vulnerability in DSA signature generation ([CVE-2018-0734][]) + * Microarchitecture timing vulnerability in ECC scalar multiplication ([CVE-2018-5407]) + * Timing vulnerability in DSA signature generation ([CVE-2018-0734]) ### Major changes between OpenSSL 1.0.2o and OpenSSL 1.0.2p [14 Aug 2018] - * Client DoS due to large DH parameter ([CVE-2018-0732][]) - * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737][]) + * Client DoS due to large DH parameter ([CVE-2018-0732]) + * Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737]) ### Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018] * Constructed ASN.1 types with a recursive definition could exceed the - stack ([CVE-2018-0739][]) + stack ([CVE-2018-0739]) ### Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017] - * Read/write after SSL object in error state ([CVE-2017-3737][]) - * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738][]) + * Read/write after SSL object in error state ([CVE-2017-3737]) + * rsaz_1024_mul_avx2 overflow bug on x86_64 ([CVE-2017-3738]) ### Major changes between OpenSSL 1.0.2l and OpenSSL 1.0.2m [2 Nov 2017] - * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736][]) - * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735][]) + * bn_sqrx8x_internal carry bug on x86_64 ([CVE-2017-3736]) + * Malformed X.509 IPAddressFamily could cause OOB read ([CVE-2017-3735]) ### Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017] @@ -337,35 +353,35 @@ OpenSSL 1.0.2 ### Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017] - * Truncated packet could crash via OOB read ([CVE-2017-3731][]) - * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732][]) - * Montgomery multiplication may produce incorrect results ([CVE-2016-7055][]) + * Truncated packet could crash via OOB read ([CVE-2017-3731]) + * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2017-3732]) + * Montgomery multiplication may produce incorrect results ([CVE-2016-7055]) ### Major changes between OpenSSL 1.0.2i and OpenSSL 1.0.2j [26 Sep 2016] - * Missing CRL sanity check ([CVE-2016-7052][]) + * Missing CRL sanity check ([CVE-2016-7052]) ### Major changes between OpenSSL 1.0.2h and OpenSSL 1.0.2i [22 Sep 2016] - * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][]) - * SWEET32 Mitigation ([CVE-2016-2183][]) - * OOB write in MDC2_Update() ([CVE-2016-6303][]) - * Malformed SHA512 ticket DoS ([CVE-2016-6302][]) - * OOB write in BN_bn2dec() ([CVE-2016-2182][]) - * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180][]) - * Pointer arithmetic undefined behaviour ([CVE-2016-2177][]) - * Constant time flag not preserved in DSA signing ([CVE-2016-2178][]) - * DTLS buffered message DoS ([CVE-2016-2179][]) - * DTLS replay protection DoS ([CVE-2016-2181][]) - * Certificate message OOB reads ([CVE-2016-6306][]) + * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304]) + * SWEET32 Mitigation ([CVE-2016-2183]) + * OOB write in MDC2_Update() ([CVE-2016-6303]) + * Malformed SHA512 ticket DoS ([CVE-2016-6302]) + * OOB write in BN_bn2dec() ([CVE-2016-2182]) + * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180]) + * Pointer arithmetic undefined behaviour ([CVE-2016-2177]) + * Constant time flag not preserved in DSA signing ([CVE-2016-2178]) + * DTLS buffered message DoS ([CVE-2016-2179]) + * DTLS replay protection DoS ([CVE-2016-2181]) + * Certificate message OOB reads ([CVE-2016-6306]) ### Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016] - * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107][]) - * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105][]) - * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106][]) - * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109][]) - * EBCDIC overread ([CVE-2016-2176][]) + * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107]) + * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105]) + * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106]) + * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109]) + * EBCDIC overread ([CVE-2016-2176]) * Modify behavior of ALPN to invoke callback after SNI/servername callback, such that updates to the SSL_CTX affect ALPN. * Remove LOW from the DEFAULT cipher list. This removes singles DES from @@ -376,33 +392,33 @@ OpenSSL 1.0.2 * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. * Disable SSLv2 default build, default negotiation and weak ciphers - ([CVE-2016-0800][]) - * Fix a double-free in DSA code ([CVE-2016-0705][]) + ([CVE-2016-0800]) + * Fix a double-free in DSA code ([CVE-2016-0705]) * Disable SRP fake user seed to address a server memory leak - ([CVE-2016-0798][]) + ([CVE-2016-0798]) * Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption - ([CVE-2016-0797][]) - * Fix memory issues in BIO_*printf functions ([CVE-2016-0799][]) - * Fix side channel attack on modular exponentiation ([CVE-2016-0702][]) + ([CVE-2016-0797]) + * Fix memory issues in BIO_*printf functions ([CVE-2016-0799]) + * Fix side channel attack on modular exponentiation ([CVE-2016-0702]) ### Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016] - * DH small subgroups ([CVE-2016-0701][]) - * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197][]) + * DH small subgroups ([CVE-2016-0701]) + * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197]) ### Major changes between OpenSSL 1.0.2d and OpenSSL 1.0.2e [3 Dec 2015] - * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2015-3193][]) - * Certificate verify crash with missing PSS parameter ([CVE-2015-3194][]) - * X509_ATTRIBUTE memory leak ([CVE-2015-3195][]) + * BN_mod_exp may produce incorrect results on x86_64 ([CVE-2015-3193]) + * Certificate verify crash with missing PSS parameter ([CVE-2015-3194]) + * X509_ATTRIBUTE memory leak ([CVE-2015-3195]) * Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs * In DSA_generate_parameters_ex, if the provided seed is too short, return an error ### Major changes between OpenSSL 1.0.2c and OpenSSL 1.0.2d [9 Jul 2015] - * Alternate chains certificate forgery ([CVE-2015-1793][]) - * Race condition handling PSK identify hint ([CVE-2015-3196][]) + * Alternate chains certificate forgery ([CVE-2015-1793]) + * Race condition handling PSK identify hint ([CVE-2015-3196]) ### Major changes between OpenSSL 1.0.2b and OpenSSL 1.0.2c [12 Jun 2015] @@ -410,26 +426,26 @@ OpenSSL 1.0.2 ### Major changes between OpenSSL 1.0.2a and OpenSSL 1.0.2b [11 Jun 2015] - * Malformed ECParameters causes infinite loop ([CVE-2015-1788][]) - * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][]) - * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][]) - * CMS verify infinite loop with unknown hash function ([CVE-2015-1792][]) - * Race condition handling NewSessionTicket ([CVE-2015-1791][]) + * Malformed ECParameters causes infinite loop ([CVE-2015-1788]) + * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789]) + * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790]) + * CMS verify infinite loop with unknown hash function ([CVE-2015-1792]) + * Race condition handling NewSessionTicket ([CVE-2015-1791]) ### Major changes between OpenSSL 1.0.2 and OpenSSL 1.0.2a [19 Mar 2015] - * OpenSSL 1.0.2 ClientHello sigalgs DoS fix ([CVE-2015-0291][]) - * Multiblock corrupted pointer fix ([CVE-2015-0290][]) - * Segmentation fault in DTLSv1_listen fix ([CVE-2015-0207][]) - * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][]) - * Segmentation fault for invalid PSS parameters fix ([CVE-2015-0208][]) - * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][]) - * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][]) - * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][]) - * Empty CKE with client auth and DHE fix ([CVE-2015-1787][]) - * Handshake with unseeded PRNG fix ([CVE-2015-0285][]) - * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][]) - * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][]) + * OpenSSL 1.0.2 ClientHello sigalgs DoS fix ([CVE-2015-0291]) + * Multiblock corrupted pointer fix ([CVE-2015-0290]) + * Segmentation fault in DTLSv1_listen fix ([CVE-2015-0207]) + * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286]) + * Segmentation fault for invalid PSS parameters fix ([CVE-2015-0208]) + * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287]) + * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289]) + * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293]) + * Empty CKE with client auth and DHE fix ([CVE-2015-1787]) + * Handshake with unseeded PRNG fix ([CVE-2015-0285]) + * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209]) + * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288]) * Removed the export ciphers from the DEFAULT ciphers ### Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.2 [22 Jan 2015] @@ -448,25 +464,25 @@ OpenSSL 1.0.1 ### Major changes between OpenSSL 1.0.1t and OpenSSL 1.0.1u [22 Sep 2016] - * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304][]) - * SWEET32 Mitigation ([CVE-2016-2183][]) - * OOB write in MDC2_Update() ([CVE-2016-6303][]) - * Malformed SHA512 ticket DoS ([CVE-2016-6302][]) - * OOB write in BN_bn2dec() ([CVE-2016-2182][]) - * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180][]) - * Pointer arithmetic undefined behaviour ([CVE-2016-2177][]) - * Constant time flag not preserved in DSA signing ([CVE-2016-2178][]) - * DTLS buffered message DoS ([CVE-2016-2179][]) - * DTLS replay protection DoS ([CVE-2016-2181][]) - * Certificate message OOB reads ([CVE-2016-6306][]) + * OCSP Status Request extension unbounded memory growth ([CVE-2016-6304]) + * SWEET32 Mitigation ([CVE-2016-2183]) + * OOB write in MDC2_Update() ([CVE-2016-6303]) + * Malformed SHA512 ticket DoS ([CVE-2016-6302]) + * OOB write in BN_bn2dec() ([CVE-2016-2182]) + * OOB read in TS_OBJ_print_bio() ([CVE-2016-2180]) + * Pointer arithmetic undefined behaviour ([CVE-2016-2177]) + * Constant time flag not preserved in DSA signing ([CVE-2016-2178]) + * DTLS buffered message DoS ([CVE-2016-2179]) + * DTLS replay protection DoS ([CVE-2016-2181]) + * Certificate message OOB reads ([CVE-2016-6306]) ### Major changes between OpenSSL 1.0.1s and OpenSSL 1.0.1t [3 May 2016] - * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107][]) - * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105][]) - * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106][]) - * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109][]) - * EBCDIC overread ([CVE-2016-2176][]) + * Prevent padding oracle in AES-NI CBC MAC check ([CVE-2016-2107]) + * Fix EVP_EncodeUpdate overflow ([CVE-2016-2105]) + * Fix EVP_EncryptUpdate overflow ([CVE-2016-2106]) + * Prevent ASN.1 BIO excessive memory allocation ([CVE-2016-2109]) + * EBCDIC overread ([CVE-2016-2176]) * Modify behavior of ALPN to invoke callback after SNI/servername callback, such that updates to the SSL_CTX affect ALPN. * Remove LOW from the DEFAULT cipher list. This removes singles DES from @@ -477,32 +493,32 @@ OpenSSL 1.0.1 * Disable weak ciphers in SSLv3 and up in default builds of OpenSSL. * Disable SSLv2 default build, default negotiation and weak ciphers - ([CVE-2016-0800][]) - * Fix a double-free in DSA code ([CVE-2016-0705][]) + ([CVE-2016-0800]) + * Fix a double-free in DSA code ([CVE-2016-0705]) * Disable SRP fake user seed to address a server memory leak - ([CVE-2016-0798][]) + ([CVE-2016-0798]) * Fix BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption - ([CVE-2016-0797][]) - * Fix memory issues in BIO_*printf functions ([CVE-2016-0799][]) - * Fix side channel attack on modular exponentiation ([CVE-2016-0702][]) + ([CVE-2016-0797]) + * Fix memory issues in BIO_*printf functions ([CVE-2016-0799]) + * Fix side channel attack on modular exponentiation ([CVE-2016-0702]) ### Major changes between OpenSSL 1.0.1q and OpenSSL 1.0.1r [28 Jan 2016] * Protection for DH small subgroup attacks - * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197][]) + * SSLv2 doesn't block disabled ciphers ([CVE-2015-3197]) ### Major changes between OpenSSL 1.0.1p and OpenSSL 1.0.1q [3 Dec 2015] - * Certificate verify crash with missing PSS parameter ([CVE-2015-3194][]) - * X509_ATTRIBUTE memory leak ([CVE-2015-3195][]) + * Certificate verify crash with missing PSS parameter ([CVE-2015-3194]) + * X509_ATTRIBUTE memory leak ([CVE-2015-3195]) * Rewrite EVP_DecodeUpdate (base64 decoding) to fix several bugs * In DSA_generate_parameters_ex, if the provided seed is too short, return an error ### Major changes between OpenSSL 1.0.1o and OpenSSL 1.0.1p [9 Jul 2015] - * Alternate chains certificate forgery ([CVE-2015-1793][]) - * Race condition handling PSK identify hint ([CVE-2015-3196][]) + * Alternate chains certificate forgery ([CVE-2015-1793]) + * Race condition handling PSK identify hint ([CVE-2015-3196]) ### Major changes between OpenSSL 1.0.1n and OpenSSL 1.0.1o [12 Jun 2015] @@ -510,20 +526,20 @@ OpenSSL 1.0.1 ### Major changes between OpenSSL 1.0.1m and OpenSSL 1.0.1n [11 Jun 2015] - * Malformed ECParameters causes infinite loop ([CVE-2015-1788][]) - * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][]) - * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][]) - * CMS verify infinite loop with unknown hash function ([CVE-2015-1792][]) - * Race condition handling NewSessionTicket ([CVE-2015-1791][]) + * Malformed ECParameters causes infinite loop ([CVE-2015-1788]) + * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789]) + * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790]) + * CMS verify infinite loop with unknown hash function ([CVE-2015-1792]) + * Race condition handling NewSessionTicket ([CVE-2015-1791]) ### Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015] - * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][]) - * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][]) - * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][]) - * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][]) - * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][]) - * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][]) + * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286]) + * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287]) + * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289]) + * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293]) + * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209]) + * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288]) * Removed the export ciphers from the DEFAULT ciphers ### Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] @@ -532,71 +548,71 @@ OpenSSL 1.0.1 ### Major changes between OpenSSL 1.0.1j and OpenSSL 1.0.1k [8 Jan 2015] - * Fix for [CVE-2014-3571][] - * Fix for [CVE-2015-0206][] - * Fix for [CVE-2014-3569][] - * Fix for [CVE-2014-3572][] - * Fix for [CVE-2015-0204][] - * Fix for [CVE-2015-0205][] - * Fix for [CVE-2014-8275][] - * Fix for [CVE-2014-3570][] + * Fix for [CVE-2014-3571] + * Fix for [CVE-2015-0206] + * Fix for [CVE-2014-3569] + * Fix for [CVE-2014-3572] + * Fix for [CVE-2015-0204] + * Fix for [CVE-2015-0205] + * Fix for [CVE-2014-8275] + * Fix for [CVE-2014-3570] ### Major changes between OpenSSL 1.0.1i and OpenSSL 1.0.1j [15 Oct 2014] - * Fix for [CVE-2014-3513][] - * Fix for [CVE-2014-3567][] - * Mitigation for [CVE-2014-3566][] (SSL protocol vulnerability) - * Fix for [CVE-2014-3568][] + * Fix for [CVE-2014-3513] + * Fix for [CVE-2014-3567] + * Mitigation for [CVE-2014-3566] (SSL protocol vulnerability) + * Fix for [CVE-2014-3568] ### Major changes between OpenSSL 1.0.1h and OpenSSL 1.0.1i [6 Aug 2014] - * Fix for [CVE-2014-3512][] - * Fix for [CVE-2014-3511][] - * Fix for [CVE-2014-3510][] - * Fix for [CVE-2014-3507][] - * Fix for [CVE-2014-3506][] - * Fix for [CVE-2014-3505][] - * Fix for [CVE-2014-3509][] - * Fix for [CVE-2014-5139][] - * Fix for [CVE-2014-3508][] + * Fix for [CVE-2014-3512] + * Fix for [CVE-2014-3511] + * Fix for [CVE-2014-3510] + * Fix for [CVE-2014-3507] + * Fix for [CVE-2014-3506] + * Fix for [CVE-2014-3505] + * Fix for [CVE-2014-3509] + * Fix for [CVE-2014-5139] + * Fix for [CVE-2014-3508] ### Major changes between OpenSSL 1.0.1g and OpenSSL 1.0.1h [5 Jun 2014] - * Fix for [CVE-2014-0224][] - * Fix for [CVE-2014-0221][] - * Fix for [CVE-2014-0198][] - * Fix for [CVE-2014-0195][] - * Fix for [CVE-2014-3470][] - * Fix for [CVE-2010-5298][] + * Fix for [CVE-2014-0224] + * Fix for [CVE-2014-0221] + * Fix for [CVE-2014-0198] + * Fix for [CVE-2014-0195] + * Fix for [CVE-2014-3470] + * Fix for [CVE-2010-5298] ### Major changes between OpenSSL 1.0.1f and OpenSSL 1.0.1g [7 Apr 2014] - * Fix for [CVE-2014-0160][] + * Fix for [CVE-2014-0160] * Add TLS padding extension workaround for broken servers. - * Fix for [CVE-2014-0076][] + * Fix for [CVE-2014-0076] ### Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014] * Don't include gmt_unix_time in TLS server and client random values - * Fix for TLS record tampering bug [CVE-2013-4353][] - * Fix for TLS version checking bug [CVE-2013-6449][] - * Fix for DTLS retransmission bug [CVE-2013-6450][] + * Fix for TLS record tampering bug ([CVE-2013-4353]) + * Fix for TLS version checking bug ([CVE-2013-6449]) + * Fix for DTLS retransmission bug ([CVE-2013-6450]) ### Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013] - * Corrected fix for [CVE-2013-0169][] + * Corrected fix for ([CVE-2013-0169]) ### Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013] * Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version. * Include the fips configuration module. - * Fix OCSP bad key DoS attack [CVE-2013-0166][] - * Fix for SSL/TLS/DTLS CBC plaintext recovery attack [CVE-2013-0169][] - * Fix for TLS AESNI record handling flaw [CVE-2012-2686][] + * Fix OCSP bad key DoS attack ([CVE-2013-0166]) + * Fix for SSL/TLS/DTLS CBC plaintext recovery attack ([CVE-2013-0169]) + * Fix for TLS AESNI record handling flaw ([CVE-2012-2686]) ### Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012] - * Fix TLS/DTLS record length checking bug [CVE-2012-2333][] + * Fix TLS/DTLS record length checking bug ([CVE-2012-2333]) * Don't attempt to use non-FIPS composite ciphers in FIPS mode. ### Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012] @@ -607,7 +623,7 @@ OpenSSL 1.0.1 ### Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012] - * Fix for ASN1 overflow bug [CVE-2012-2110][] + * Fix for ASN1 overflow bug ([CVE-2012-2110]) * Workarounds for some servers that hang on long client hellos. * Fix SEGV in AES code. @@ -629,25 +645,25 @@ OpenSSL 1.0.0 ### Major changes between OpenSSL 1.0.0s and OpenSSL 1.0.0t [3 Dec 2015] - * X509_ATTRIBUTE memory leak ([CVE-2015-3195][]) - * Race condition handling PSK identify hint ([CVE-2015-3196][]) + * X509_ATTRIBUTE memory leak (([CVE-2015-3195])) + * Race condition handling PSK identify hint ([CVE-2015-3196]) ### Major changes between OpenSSL 1.0.0r and OpenSSL 1.0.0s [11 Jun 2015] - * Malformed ECParameters causes infinite loop ([CVE-2015-1788][]) - * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789][]) - * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790][]) - * CMS verify infinite loop with unknown hash function ([CVE-2015-1792][]) - * Race condition handling NewSessionTicket ([CVE-2015-1791][]) + * Malformed ECParameters causes infinite loop ([CVE-2015-1788]) + * Exploitable out-of-bounds read in X509_cmp_time ([CVE-2015-1789]) + * PKCS7 crash with missing EnvelopedContent ([CVE-2015-1790]) + * CMS verify infinite loop with unknown hash function ([CVE-2015-1792]) + * Race condition handling NewSessionTicket ([CVE-2015-1791]) ### Major changes between OpenSSL 1.0.0q and OpenSSL 1.0.0r [19 Mar 2015] - * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286][]) - * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287][]) - * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289][]) - * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293][]) - * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209][]) - * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288][]) + * Segmentation fault in ASN1_TYPE_cmp fix ([CVE-2015-0286]) + * ASN.1 structure reuse memory corruption fix ([CVE-2015-0287]) + * PKCS7 NULL pointer dereferences fix ([CVE-2015-0289]) + * DoS via reachable assert in SSLv2 servers fix ([CVE-2015-0293]) + * Use After Free following d2i_ECPrivatekey error fix ([CVE-2015-0209]) + * X509_to_X509_REQ NULL pointer deref fix ([CVE-2015-0288]) * Removed the export ciphers from the DEFAULT ciphers ### Major changes between OpenSSL 1.0.0p and OpenSSL 1.0.0q [15 Jan 2015] @@ -656,30 +672,30 @@ OpenSSL 1.0.0 ### Major changes between OpenSSL 1.0.0o and OpenSSL 1.0.0p [8 Jan 2015] - * Fix for [CVE-2014-3571][] - * Fix for [CVE-2015-0206][] - * Fix for [CVE-2014-3569][] - * Fix for [CVE-2014-3572][] - * Fix for [CVE-2015-0204][] - * Fix for [CVE-2015-0205][] - * Fix for [CVE-2014-8275][] - * Fix for [CVE-2014-3570][] + * Fix for [CVE-2014-3571] + * Fix for [CVE-2015-0206] + * Fix for [CVE-2014-3569] + * Fix for [CVE-2014-3572] + * Fix for [CVE-2015-0204] + * Fix for [CVE-2015-0205] + * Fix for [CVE-2014-8275] + * Fix for [CVE-2014-3570] ### Major changes between OpenSSL 1.0.0n and OpenSSL 1.0.0o [15 Oct 2014] - * Fix for [CVE-2014-3513][] - * Fix for [CVE-2014-3567][] - * Mitigation for [CVE-2014-3566][] (SSL protocol vulnerability) - * Fix for [CVE-2014-3568][] + * Fix for [CVE-2014-3513] + * Fix for [CVE-2014-3567] + * Mitigation for [CVE-2014-3566] (SSL protocol vulnerability) + * Fix for [CVE-2014-3568] ### Major changes between OpenSSL 1.0.0m and OpenSSL 1.0.0n [6 Aug 2014] - * Fix for [CVE-2014-3510][] - * Fix for [CVE-2014-3507][] - * Fix for [CVE-2014-3506][] - * Fix for [CVE-2014-3505][] - * Fix for [CVE-2014-3509][] - * Fix for [CVE-2014-3508][] + * Fix for [CVE-2014-3510] + * Fix for [CVE-2014-3507] + * Fix for [CVE-2014-3506] + * Fix for [CVE-2014-3505] + * Fix for [CVE-2014-3509] + * Fix for [CVE-2014-3508] Known issues in OpenSSL 1.0.0m: @@ -690,78 +706,78 @@ OpenSSL 1.0.0 ### Major changes between OpenSSL 1.0.0l and OpenSSL 1.0.0m [5 Jun 2014] - * Fix for [CVE-2014-0224][] - * Fix for [CVE-2014-0221][] - * Fix for [CVE-2014-0198][] - * Fix for [CVE-2014-0195][] - * Fix for [CVE-2014-3470][] - * Fix for [CVE-2014-0076][] - * Fix for [CVE-2010-5298][] + * Fix for [CVE-2014-0224] + * Fix for [CVE-2014-0221] + * Fix for [CVE-2014-0198] + * Fix for [CVE-2014-0195] + * Fix for [CVE-2014-3470] + * Fix for [CVE-2014-0076] + * Fix for [CVE-2010-5298] ### Major changes between OpenSSL 1.0.0k and OpenSSL 1.0.0l [6 Jan 2014] - * Fix for DTLS retransmission bug [CVE-2013-6450][] + * Fix for DTLS retransmission bug ([CVE-2013-6450]) ### Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013] - * Fix for SSL/TLS/DTLS CBC plaintext recovery attack [CVE-2013-0169][] - * Fix OCSP bad key DoS attack [CVE-2013-0166][] + * Fix for SSL/TLS/DTLS CBC plaintext recovery attack ([CVE-2013-0169]) + * Fix OCSP bad key DoS attack ([CVE-2013-0166]) ### Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012] - * Fix DTLS record length checking bug [CVE-2012-2333][] + * Fix DTLS record length checking bug ([CVE-2012-2333]) ### Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012] - * Fix for ASN1 overflow bug [CVE-2012-2110][] + * Fix for ASN1 overflow bug ([CVE-2012-2110]) ### Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012] - * Fix for CMS/PKCS#7 MMA [CVE-2012-0884][] - * Corrected fix for [CVE-2011-4619][] + * Fix for CMS/PKCS#7 MMA ([CVE-2012-0884]) + * Corrected fix for ([CVE-2011-4619]) * Various DTLS fixes. ### Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012] - * Fix for DTLS DoS issue [CVE-2012-0050][] + * Fix for DTLS DoS issue ([CVE-2012-0050]) ### Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012] - * Fix for DTLS plaintext recovery attack [CVE-2011-4108][] - * Clear block padding bytes of SSL 3.0 records [CVE-2011-4576][] - * Only allow one SGC handshake restart for SSL/TLS [CVE-2011-4619][] - * Check parameters are not NULL in GOST ENGINE [CVE-2012-0027][] - * Check for malformed RFC3779 data [CVE-2011-4577][] + * Fix for DTLS plaintext recovery attack ([CVE-2011-4108]) + * Clear block padding bytes of SSL 3.0 records ([CVE-2011-4576]) + * Only allow one SGC handshake restart for SSL/TLS ([CVE-2011-4619]) + * Check parameters are not NULL in GOST ENGINE ([CVE-2012-0027]) + * Check for malformed RFC3779 data ([CVE-2011-4577]) ### Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011] - * Fix for CRL vulnerability issue [CVE-2011-3207][] - * Fix for ECDH crashes [CVE-2011-3210][] + * Fix for CRL vulnerability issue ([CVE-2011-3207]) + * Fix for ECDH crashes ([CVE-2011-3210]) * Protection against EC timing attacks. * Support ECDH ciphersuites for certificates using SHA2 algorithms. * Various DTLS fixes. ### Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011] - * Fix for security issue [CVE-2011-0014][] + * Fix for security issue ([CVE-2011-0014]) ### Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010] - * Fix for security issue [CVE-2010-4180][] - * Fix for [CVE-2010-4252][] + * Fix for security issue ([CVE-2010-4180]) + * Fix for ([CVE-2010-4252]) * Fix mishandling of absent EC point format extension. * Fix various platform compilation issues. - * Corrected fix for security issue [CVE-2010-3864][]. + * Corrected fix for security issue ([CVE-2010-3864]). ### Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010] - * Fix for security issue [CVE-2010-3864][]. - * Fix for [CVE-2010-2939][] + * Fix for security issue ([CVE-2010-3864]). + * Fix for ([CVE-2010-2939]) * Fix WIN32 build system for GOST ENGINE. ### Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010] - * Fix for security issue [CVE-2010-1633][]. + * Fix for security issue ([CVE-2010-1633]). * GOST MAC and CFB fixes. ### Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010] @@ -793,7 +809,7 @@ OpenSSL 0.9.x ### Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010] * CFB cipher definition fixes. - * Fix security issues [CVE-2010-0740][] and [CVE-2010-0433][]. + * Fix security issues [CVE-2010-0740] and [CVE-2010-0433]. ### Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010] @@ -809,16 +825,16 @@ OpenSSL 0.9.x ### Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009] - * Temporary work around for [CVE-2009-3555][]: disable renegotiation. + * Temporary work around for [CVE-2009-3555]: disable renegotiation. ### Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009] * Fix various build issues. - * Fix security issues ([CVE-2009-0590][], [CVE-2009-0591][], [CVE-2009-0789][]) + * Fix security issues [CVE-2009-0590], [CVE-2009-0591], [CVE-2009-0789] ### Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009] - * Fix security issue ([CVE-2008-5077][]) + * Fix security issue ([CVE-2008-5077]) * Merge FIPS 140-2 branch code. ### Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008] @@ -851,13 +867,13 @@ OpenSSL 0.9.x ### Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006] - * Introduce limits to prevent malicious key DoS ([CVE-2006-2940][]) - * Fix security issues ([CVE-2006-2937][], [CVE-2006-3737][], [CVE-2006-4343][]) + * Introduce limits to prevent malicious key DoS ([CVE-2006-2940]) + * Fix security issues [CVE-2006-2937], [CVE-2006-3737], [CVE-2006-4343] * Changes to ciphersuite selection algorithm ### Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006] - * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339][] + * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339] * New cipher Camellia ### Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006] @@ -872,7 +888,7 @@ OpenSSL 0.9.x ### Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005] - * Fix potential SSL 2.0 rollback, [CVE-2005-2969][] + * Fix potential SSL 2.0 rollback ([CVE-2005-2969]) * Extended Windows CE support ### Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005] @@ -956,12 +972,12 @@ OpenSSL 0.9.x ### Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006] - * Introduce limits to prevent malicious key DoS ([CVE-2006-2940][]) - * Fix security issues ([CVE-2006-2937][], [CVE-2006-3737][], [CVE-2006-4343][]) + * Introduce limits to prevent malicious key DoS ([CVE-2006-2940]) + * Fix security issues [CVE-2006-2937], [CVE-2006-3737], [CVE-2006-4343] ### Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006] - * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339][] + * Fix Daniel Bleichenbacher forged signature attack, [CVE-2006-4339] ### Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006] @@ -974,7 +990,7 @@ OpenSSL 0.9.x ### Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005] - * Fix SSL 2.0 Rollback, [CVE-2005-2969][] + * Fix SSL 2.0 Rollback ([CVE-2005-2969]) * Allow use of fixed-length exponent on DSA signing * Default fixed-window RSA, DSA, DH private-key operations @@ -1309,6 +1325,7 @@ OpenSSL 0.9.x +[CVE-2020-1967]: https://www.openssl.org/news/vulnerabilities.html#CVE-2020-1967 [CVE-2019-1563]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1563 [CVE-2019-1559]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1559 [CVE-2019-1552]: https://www.openssl.org/news/vulnerabilities.html#CVE-2019-1552 From builds at travis-ci.com Tue Oct 6 19:00:10 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 06 Oct 2020 19:00:10 +0000 Subject: Still Failing: openssl/openssl#37908 (master - d8dc853) In-Reply-To: Message-ID: <5f7cbeb9dce85_13fdca12d132063796c@travis-pro-tasks-7bd6f94f69-sn2dt.mail> Build Update for openssl/openssl ------------------------------------- Build: #37908 Status: Still Failing Duration: 1 hr, 21 mins, and 23 secs Commit: d8dc853 (master) Author: Dr. Matthias St. Pierre Message: Change CVE link style in CHANGES and NEWS Replace [collapsed reference links][] for the CVEs by [shortcut reference links], in order to to improve the readability of the raw markdown text. Consistently add parentheses around the CVE links at the end of the CVE descriptions. (The NEWS file already had the parentheses, in the CHANGES file they where missing.) [collapsed reference links]: https://github.github.com/gfm/#collapsed-reference-link [shortcut reference links]: https://github.github.com/gfm/#shortcut-reference-link Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/12967) View the changeset: https://github.com/openssl/openssl/compare/5357c10624be...d8dc85382507 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188435636?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From dev at ddvo.net Tue Oct 6 19:46:09 2020 From: dev at ddvo.net (dev at ddvo.net) Date: Tue, 06 Oct 2020 19:46:09 +0000 Subject: [openssl] master update Message-ID: <1602013569.924493.23721.nullmailer@dev.openssl.org> The branch master has been updated via c5fc6754b7ab60a53b5c19e08a719d5001fa4d49 (commit) via bd60ac48a684bf1dae052a209e6624491abe8d27 (commit) from d8dc853825078a7b63683d873cb9070ebc52bfda (commit) - Log ----------------------------------------------------------------- commit c5fc6754b7ab60a53b5c19e08a719d5001fa4d49 Author: Dr. David von Oheimb Date: Mon Sep 21 14:14:33 2020 +0200 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12934) commit bd60ac48a684bf1dae052a209e6624491abe8d27 Author: Dr. David von Oheimb Date: Wed Sep 23 18:58:17 2020 +0200 Test.pm: Add result_dir and export both result_dir and result_file Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12934) ----------------------------------------------------------------------- Summary of changes: test/recipes/81-test_cmp_cli.t | 25 ++- test/recipes/81-test_cmp_cli_data/Mock/test.cnf | 2 +- .../recipes/81-test_cmp_cli_data/test_commands.csv | 30 +-- .../81-test_cmp_cli_data/test_enrollment.csv | 210 ++++++++++----------- .../81-test_cmp_cli_data/test_verification.csv | 2 +- util/perl/OpenSSL/Test.pm | 49 ++++- 6 files changed, 180 insertions(+), 138 deletions(-) diff --git a/test/recipes/81-test_cmp_cli.t b/test/recipes/81-test_cmp_cli.t index 2aea3b8f0c..2a89093446 100644 --- a/test/recipes/81-test_cmp_cli.t +++ b/test/recipes/81-test_cmp_cli.t @@ -14,7 +14,7 @@ use warnings; use POSIX; use File::Spec::Functions qw/catfile/; use File::Compare qw/compare_text/; -use OpenSSL::Test qw/:DEFAULT with data_file data_dir srctop_dir bldtop_dir/; +use OpenSSL::Test qw/:DEFAULT with data_file data_dir srctop_dir bldtop_dir result_dir result_file/; use OpenSSL::Test::Utils; use Data::Dumper; # for debugging purposes only @@ -64,13 +64,12 @@ my @cmp_basic_tests = ( [ "bad int: out of range", [ "-config", '""', "-days", "2147483648" ], 1 ], ); -my $rsp_cert = "signer_only.crt"; -my $outfile = "test.certout.pem"; -my $secret = "pass:test"; - # this uses the mock server directly in the cmp app, without TCP sub use_mock_srv_internally { + my $secret = "pass:test"; + my $rsp_cert = "signer_only.crt"; + my $outfile = result_file("test.certout.pem"); ok(run(cmd([bldtop_dir($app), "-config", '""', "-use_mock_srv", "-srv_ref", "mock server", @@ -84,7 +83,7 @@ sub use_mock_srv_internally "-recipient", "/O=openssl_cmp", # if given must be consistent with sender "-secret", $secret, "-ref", "client under test", - "-certout" , $outfile])) + "-certout", $outfile])) && compare_text($outfile, $rsp_cert) == 0, "CMP app with -use_mock_srv and -poll_count 1"); # not unlinking $outfile @@ -200,9 +199,18 @@ sub test_cmp_cli_aspect { } } }; - # not unlinking test.certout_*.pem, test.cacerts.pem, and test.extracerts.pem + # not unlinking test.certout*.pem, test.cacerts.pem, and test.extracerts.pem } +# The input files for the tests done here dynamically depend on the test server +# selected (where the Mock server used by default is just one possibility). +# On the other hand the main test configuration file test.cnf, which references +# several server-dependent input files by relative file names, is static. +# Moreover the tests use much greater variety of input files than output files. +# Therefore we chose the current directory as a subdirectory of $SRCTOP and it +# was simpler to prepend the output file names by BLDTOP than doing the tests +# from $BLDTOP/test-runs/test_cmp_cli and prepending the input files by SRCTOP. + indir data_dir() => sub { plan tests => 1 + @server_configurations * @all_aspects + (grep(/^Mock$/, @server_configurations) @@ -248,6 +256,7 @@ sub load_tests { my $aspect = shift; my $test_config = $ENV{OPENSSL_CMP_CONFIG} // "$server_name/test.cnf"; my $file = data_file("test_$aspect.csv"); + my $result_dir = result_dir(); my @result; open(my $data, '<', $file) || die "Cannot open $file for reading: $!"; @@ -266,6 +275,7 @@ sub load_tests { $line =~ s{_PBM_PORT}{$pbm_port}g; $line =~ s{_PBM_REF}{$pbm_ref}g; $line =~ s{_PBM_SECRET}{$pbm_secret}g; + $line =~ s{_RESULT_DIR}{$result_dir}g; next LOOP if $server_tls == 0 && $line =~ m/,\s*-tls_used\s*,/; my $noproxy = $no_proxy; @@ -280,6 +290,7 @@ sub load_tests { } else { $line =~ s{-section,,}{-section,,-proxy,$proxy,}; } + $line =~ s{-section,,}{-section,,-certout,$result_dir/test.cert.pem,}; $line =~ s{-section,,}{-config,../$test_config,-section,$server_name $aspect,}; my @fields = grep /\S/, split ",", $line; diff --git a/test/recipes/81-test_cmp_cli_data/Mock/test.cnf b/test/recipes/81-test_cmp_cli_data/Mock/test.cnf index fed079fef5..22ca0f2362 100644 --- a/test/recipes/81-test_cmp_cli_data/Mock/test.cnf +++ b/test/recipes/81-test_cmp_cli_data/Mock/test.cnf @@ -6,7 +6,7 @@ newkey = new.key newkeypass = cmd = ir out_trusted = root.crt -certout = test.cert.pem +#certout = test.cert.pem policies = certificatePolicies #policy_oids = 1.2.3.4 #policy_oids_critical = 1 diff --git a/test/recipes/81-test_cmp_cli_data/test_commands.csv b/test/recipes/81-test_cmp_cli_data/test_commands.csv index 70389be5f2..4d7a4be3eb 100644 --- a/test/recipes/81-test_cmp_cli_data/test_commands.csv +++ b/test/recipes/81-test_cmp_cli_data/test_commands.csv @@ -9,38 +9,38 @@ expected,description, -section,val, -cmd,val,val2, -cacertsout,val,val2, -infoty 1,cmd incomplete, -section,, -cmd,i,,BLANK,,,BLANK,,,BLANK,,BLANK, ,,,,,,,,,,,,,,,,, 0,no cacertsout, -section,, -cmd,ir,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,cacertsout given, -section,, -cmd,ir,, -cacertsout,test.cacerts.pem,,BLANK,,,BLANK,,BLANK, +0,cacertsout given, -section,, -cmd,ir,, -cacertsout,_RESULT_DIR/test.cacerts.pem,,BLANK,,,BLANK,,BLANK, 1,cacertsout missing arg, -section,, -cmd,ir,, -cacertsout,,,BLANK,,,BLANK,,BLANK, ,,,,,,,,,,,,,,,,, 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason unspecified, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,0 +0,revreason unspecified, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,0 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason keyCompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,1 +0,revreason keyCompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,1 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason CACompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,2 +0,revreason CACompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,2 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason affiliationChanged, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,3 +0,revreason affiliationChanged, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,3 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason superseded, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,4 +0,revreason superseded, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,4 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason cessationOfOperation, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,5 +0,revreason cessationOfOperation, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,5 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason certificateHold, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,6 -0,revreason removeFromCRL, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,8 -1,revreason 7 (invalid), -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,7 +0,revreason certificateHold, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,6 +0,revreason removeFromCRL, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,8 +1,revreason 7 (invalid), -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,7 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason priviligeWithdrawn, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,9 +0,revreason priviligeWithdrawn, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,9 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, -0,revreason AACompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,10 +0,revreason AACompromise, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,10 0, --- get certificate for revocation ----, -section,, -cmd,cr,,BLANK,,,BLANK,,,BLANK,,BLANK, 1,without oldcert, -section,, -cmd,rr,,BLANK,,,BLANK,,,BLANK,,BLANK, 1,oldcert is directory, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,dir/,BLANK, 1,oldcert file nonexistent, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,idontexist,BLANK, 1,empty oldcert file, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,empty.txt,BLANK, 1,oldcert and key do not match, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,trusted.crt, -revreason,0 -1,revreason 11 (invalid), -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,11 -1,revreason string, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,abc -1,revreason out of integer range, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,test.cert.pem, -revreason,010000000000000000000 +1,revreason 11 (invalid), -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,11 +1,revreason string, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,abc +1,revreason out of integer range, -section,, -cmd,rr,,BLANK,,,BLANK,,, -oldcert,_RESULT_DIR/test.cert.pem, -revreason,010000000000000000000 ,,,,,,,,,,,,,,,,, 0,ir + infotype, -section,, -cmd,ir,,BLANK,,, -infotype,signKeyPairTypes,,BLANK,,BLANK, 1,genm with missing infotype value, -section,, -cmd,genm,,BLANK,,, -infotype,,,BLANK,,BLANK, diff --git a/test/recipes/81-test_cmp_cli_data/test_enrollment.csv b/test/recipes/81-test_cmp_cli_data/test_enrollment.csv index 4f6af0ac08..dc65973c55 100644 --- a/test/recipes/81-test_cmp_cli_data/test_enrollment.csv +++ b/test/recipes/81-test_cmp_cli_data/test_enrollment.csv @@ -1,112 +1,112 @@ expected,description, -section,val, -cmd,val, -newkey,val,val, -newkeypass,val, -subject,val, -issuer,val, -days,int, -reqexts,val, -sans,spec, -san_nodefault,noarg, -popo,int, -implicit_confirm,noarg, -disable_confirm,noarg, -certout,val,val2, -out_trusted,val,val2, -oldcert,val, -csr,val, -revreason,val ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,Misc,request options:,,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,newkey, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkey.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkey missing arg, -section,, -cmd,ir, -newkey,,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkey1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkey is directory, -section,, -cmd,ir, -newkey,dir/,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkey2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkey too many parameters, -section,, -cmd,ir, -newkey,abc,def, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkey3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkey is an RSA key, -section,, -cmd,ir, -newkey,test.RSA2048.pem,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkey4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,newkeypass, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass:12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,read newkeypass from file, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,file:12345.txt,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass_file.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,newkeypass no prefix, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass_no_prefix.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,no newkeypass, -section,, -cmd,ir, -newkey,new_pass_12345.key,,BLANK,,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,missing newkeypass parameter, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,colon missing and no passwd, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkeypass double colon, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass::12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkeypass double passwd, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass:12345:12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass5.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkeypass wrongfile, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,file:random.bin,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass6.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,wrong password for encrypted pem, -section,, -cmd,ir, -newkey,cmp --help ,, -newkeypass,pass:wrong,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass7.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,newkeypass ignored, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,abcdefghijklmnop,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass_ignored.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,newkeypass invalid, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,fp:4,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_newkeypass8.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -1,subject argument missing, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:, -subject,BLANK,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_subject1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,issuer, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,, -issuer,_CA_DN,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_issuer.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,issuer missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,, -issuer,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_issuer1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,days 1, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,1,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_days.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,days 0, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,0,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_days_zero.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,days 365*100 beyond 2038, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,36500,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_days_far_future.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,days missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_days1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,days negative, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,-10,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_days2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,days no not integer, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,1.5,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_days3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,days out of range, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,0x10000000000000000,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_days4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,reqexts, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,, -reqexts,reqexts,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_reqexts.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,reqexts missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,, -reqexts,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_reqexts1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,reqexts non-exisitng section, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,, -reqexts,invalid,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_reqexts2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,reqexts malformed section, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,, -reqexts,reqexts_invalidkey,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_reqexts3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,reqexts and sans, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,, -reqexts,reqexts, -sans,localhost,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_reqexts4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,sans 1 dns, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_dns.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,sans 1 dns critical, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost critical,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_dns_critical.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,sans critical, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,critical,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_critical.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,sans 2 dns, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost test,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_two_dns.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,sans 1 dns 1 ip, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost 127.0.0.1,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_dns_ip.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,sans 2 ip, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,127.0.0.1 1.2.3.4,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_two_ip.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,sans 1 uri, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,https://www.sample.com,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_uri.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,san_nodefault, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,127.0.0.1 1.2.3.4, -san_nodefault,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_nodefault.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -0,san default, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,127.0.0.1 1.2.3.4,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_sans_default.pem,, -out_trusted,root.crt,, -oldcert,test.certout_newkey.pem,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,popo SIGNATURE, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,1,BLANK,,BLANK,, -certout,test.certout_popo.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,popo RAVERIFIED, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,0,BLANK,,BLANK,, -certout,test.certout_popo1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,popo missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,,BLANK,,BLANK,, -certout,test.certout_popo2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,popo too large, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,3,BLANK,,BLANK,, -certout,test.certout_popo3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,popo too small, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,-3,BLANK,,BLANK,, -certout,test.certout_popo4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,popo NONE, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,-1,BLANK,,BLANK,, -certout,test.certout_popo5.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,popo KEYENC not supported, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,2,BLANK,,BLANK,, -certout,test.certout_popo6.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,implicit_confirm, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -implicit_confirm,,BLANK,, -certout,test.certout_implicit.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,implicit_confirm with parameter, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -implicit_confirm,abc,BLANK,, -certout,test.certout_implicit1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,disable_confirm, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -disable_confirm,, -certout,test.certout_disable.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,disable_confirm with parameter, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -disable_confirm,abc, -certout,test.certout_disable1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -1,no certout, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,newkey, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkey.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkey missing arg, -section,, -cmd,ir, -newkey,,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkey1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkey is directory, -section,, -cmd,ir, -newkey,dir/,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkey2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkey too many parameters, -section,, -cmd,ir, -newkey,abc,def, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkey3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkey is an RSA key, -section,, -cmd,ir, -newkey,test.RSA2048.pem,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkey4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,newkeypass, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass:12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,read newkeypass from file, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,file:12345.txt,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass_file.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,newkeypass no prefix, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass_no_prefix.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,no newkeypass, -section,, -cmd,ir, -newkey,new_pass_12345.key,,BLANK,,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,missing newkeypass parameter, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,colon missing and no passwd, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkeypass double colon, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass::12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkeypass double passwd, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,pass:12345:12345,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass5.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkeypass wrongfile, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,file:random.bin,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass6.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,wrong password for encrypted pem, -section,, -cmd,ir, -newkey,cmp --help ,, -newkeypass,pass:wrong,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass7.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,newkeypass ignored, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,abcdefghijklmnop,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass_ignored.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,newkeypass invalid, -section,, -cmd,ir, -newkey,new_pass_12345.key,, -newkeypass,fp:4,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_newkeypass8.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +1,subject argument missing, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:, -subject,BLANK,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_subject1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,issuer, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,, -issuer,_CA_DN,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_issuer.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,issuer missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,, -issuer,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_issuer1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,days 1, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,1,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_days.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,days 0, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,0,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_days_zero.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,days 365*100 beyond 2038, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,36500,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_days_far_future.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,days missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_days1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,days negative, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,-10,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_days2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,days no not integer, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,1.5,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_days3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,days out of range, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,, -days,0x10000000000000000,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_days4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,reqexts, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,, -reqexts,reqexts,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_reqexts.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,reqexts missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,, -reqexts,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_reqexts1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,reqexts non-exisitng section, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,, -reqexts,invalid,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_reqexts2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,reqexts malformed section, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,, -reqexts,reqexts_invalidkey,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_reqexts3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,reqexts and sans, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,, -reqexts,reqexts, -sans,localhost,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_reqexts4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,sans 1 dns, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_dns.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,sans 1 dns critical, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost critical,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_dns_critical.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,sans critical, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,critical,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_critical.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,sans 2 dns, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost test,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_two_dns.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,sans 1 dns 1 ip, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,localhost 127.0.0.1,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_dns_ip.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,sans 2 ip, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,127.0.0.1 1.2.3.4,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_two_ip.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,sans 1 uri, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,https://www.sample.com,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_uri.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,san_nodefault, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,127.0.0.1 1.2.3.4, -san_nodefault,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_nodefault.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +0,san default, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,,,BLANK,, -sans,127.0.0.1 1.2.3.4,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_sans_default.pem,, -out_trusted,root.crt,, -oldcert,_RESULT_DIR/test.certout_newkey.pem,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,popo SIGNATURE, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,1,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_popo.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,popo RAVERIFIED, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,0,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_popo1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,popo missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_popo2.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,popo too large, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,3,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_popo3.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,popo too small, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,-3,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_popo4.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,popo NONE, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,-1,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_popo5.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,popo KEYENC not supported, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -popo,2,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_popo6.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,implicit_confirm, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -implicit_confirm,,BLANK,, -certout,_RESULT_DIR/test.certout_implicit.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,implicit_confirm with parameter, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -implicit_confirm,abc,BLANK,, -certout,_RESULT_DIR/test.certout_implicit1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,disable_confirm, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -disable_confirm,, -certout,_RESULT_DIR/test.certout_disable.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,disable_confirm with parameter, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -disable_confirm,abc, -certout,_RESULT_DIR/test.certout_disable1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +1,no certout, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,"""",, -out_trusted,root.crt,,BLANK,,BLANK,,, 1,certout missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,,, -out_trusted,root.crt,,BLANK,,BLANK,,, 1,certout is directory, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,dir/,, -out_trusted,root.crt,,BLANK,,BLANK,,, 1,certout too many parameters, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,abc,def, -out_trusted,root.crt,,BLANK,,BLANK,,, ,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,no out_trusted, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted.pem,,BLANK,,,BLANK,,BLANK,,, -0,out_trusted bigcert, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted_big.pem,, -out_trusted,big_root.crt,,BLANK,,BLANK,,, -1,out_trusted missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted1.pem,, -out_trusted,,,BLANK,,BLANK,,, -1,out_trusted is directory, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted2.pem,, -out_trusted,dir/,,BLANK,,BLANK,,, -1,out_trusted too many parameters, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted3.pem,, -out_trusted,abc,def,BLANK,,BLANK,,, -1,out_trusted empty certificate file, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted4.pem,, -out_trusted,empty.txt,,BLANK,,BLANK,,, -1,out_trusted expired ca certificate, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted5.pem,, -out_trusted,root_expired.crt,,BLANK,,BLANK,,, -1,out_trusted wrong ca, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted6.pem,, -out_trusted,signer.crt,,BLANK,,BLANK,,, -1,out_trusted random input, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_out_trusted7.pem,, -out_trusted,random.bin,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,oldcert ignored, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_oldcert.pem,, -out_trusted,root.crt,, -oldcert,test.certout_newkey.pem,BLANK,,, -1,oldcert missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_oldcert1.pem,, -out_trusted,root.crt,, -oldcert,,BLANK,,, -1,oldcert directory, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_oldcert2.pem,, -out_trusted,root.crt,, -oldcert,dir/,BLANK,,, -1,oldcert non existing file, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_oldcert3.pem,, -out_trusted,root.crt,, -oldcert,idontexist,BLANK,,, -1,oldcert empty file, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_oldcert4.pem,, -out_trusted,root.crt,, -oldcert,empty.txt,BLANK,,, -1,oldcert random contents, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_oldcert5.pem,, -out_trusted,root.crt,, -oldcert,random.bin,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,csr ignored for ir, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_csr_ignored.pem,, -out_trusted,root.crt,,BLANK,, -csr,idontexist,, -0,p10cr csr, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_p10cr.pem,, -out_trusted,root.crt,,BLANK,, -csr,csr.pem,, -1,p10cr csr missing, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_p10cr1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -1,p10cr csr missing arg, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_p10cr1.pem,, -out_trusted,root.crt,,BLANK,, -csr,,, -1,p10cr csr directory, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_p10cr2.pem,, -out_trusted,root.crt,,BLANK,, -csr,dir/,, -1,p10cr csr non-existing file, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_p10cr3.pem,, -out_trusted,root.crt,,BLANK,, -csr,idontexist,, -1,p10cr csr empty file, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_p10cr4.pem,, -out_trusted,root.crt,,BLANK,, -csr,empty.txt,, -TODO,p10cr wrong csr, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_p10cr5.pem,, -out_trusted,root.crt,,BLANK,, -csr,wrong_csr.pem,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,ir + ignored revocation, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_revreason.pem,, -out_trusted,root.crt,,BLANK,,,, -revreason,5 -1,ir + invalid revreason, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_revreason1.pem,, -out_trusted,root.crt,,BLANK,,,, -revreason,11 -1,ir + revreason not an integer, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_revreason2.pem,, -out_trusted,root.crt,,BLANK,,,, -revreason,abc -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,cr, -section,, -cmd,cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_cr.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, -,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, -0,kur explicit options, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur.pem,, -out_trusted,root.crt,, -oldcert,test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT, -cert,test.certout_newkey.pem, -key,new.key, -extracerts,issuing.crt -0,kur minimal options, -section,, -cmd,kur,BLANK,,BLANK,, -subject,"""",BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur_minimal.pem,,BLANK,,, -oldcert,"""",BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT, -cert,test.certout_newkey.pem, -key,new.key, -extracerts,issuing.crt, -secret,"""" -1,kur newkey value missing, -section,, -cmd,kur, -newkey,,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur1.pem,, -out_trusted,root.crt,, -oldcert,test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT -1,kur newkey is directory, -section,, -cmd,kur, -newkey,dir/,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur2.pem,, -out_trusted,root.crt,, -oldcert,test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT -1,kur newkey parameter count no match, -section,, -cmd,kur, -newkey,abc,def, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur3.pem,, -out_trusted,root.crt,, -oldcert,test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT -1,kur newkey missing argument, -section,, -cmd,kur, -newkey,BLANK,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur4.pem,, -out_trusted,root.crt,, -oldcert,test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT -1,kur oldcert is directory, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur5.pem,, -out_trusted,root.crt,, -oldcert,dir/,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT -1,kur oldcert not existing, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur6.pem,, -out_trusted,root.crt,, -oldcert,idontexist,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT -1,kur empty oldcert file, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur7.pem,, -out_trusted,root.crt,, -oldcert,empty.txt,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT -1,kur without cert and oldcert, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,test.certout_kur8.pem,, -out_trusted,root.crt,, -cert,"""",BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +0,no out_trusted, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted.pem,,BLANK,,,BLANK,,BLANK,,, +0,out_trusted bigcert, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted_big.pem,, -out_trusted,big_root.crt,,BLANK,,BLANK,,, +1,out_trusted missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted1.pem,, -out_trusted,,,BLANK,,BLANK,,, +1,out_trusted is directory, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted2.pem,, -out_trusted,dir/,,BLANK,,BLANK,,, +1,out_trusted too many parameters, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted3.pem,, -out_trusted,abc,def,BLANK,,BLANK,,, +1,out_trusted empty certificate file, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted4.pem,, -out_trusted,empty.txt,,BLANK,,BLANK,,, +1,out_trusted expired ca certificate, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted5.pem,, -out_trusted,root_expired.crt,,BLANK,,BLANK,,, +1,out_trusted wrong ca, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted6.pem,, -out_trusted,signer.crt,,BLANK,,BLANK,,, +1,out_trusted random input, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_out_trusted7.pem,, -out_trusted,random.bin,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,oldcert ignored, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_oldcert.pem,, -out_trusted,root.crt,, -oldcert,_RESULT_DIR/test.certout_newkey.pem,BLANK,,, +1,oldcert missing arg, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_oldcert1.pem,, -out_trusted,root.crt,, -oldcert,,BLANK,,, +1,oldcert directory, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_oldcert2.pem,, -out_trusted,root.crt,, -oldcert,dir/,BLANK,,, +1,oldcert non existing file, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_oldcert3.pem,, -out_trusted,root.crt,, -oldcert,idontexist,BLANK,,, +1,oldcert empty file, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_oldcert4.pem,, -out_trusted,root.crt,, -oldcert,empty.txt,BLANK,,, +1,oldcert random contents, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_oldcert5.pem,, -out_trusted,root.crt,, -oldcert,random.bin,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,csr ignored for ir, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_csr_ignored.pem,, -out_trusted,root.crt,,BLANK,, -csr,idontexist,, +0,p10cr csr, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_p10cr.pem,, -out_trusted,root.crt,,BLANK,, -csr,csr.pem,, +1,p10cr csr missing, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_p10cr1.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +1,p10cr csr missing arg, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_p10cr1.pem,, -out_trusted,root.crt,,BLANK,, -csr,,, +1,p10cr csr directory, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_p10cr2.pem,, -out_trusted,root.crt,,BLANK,, -csr,dir/,, +1,p10cr csr non-existing file, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_p10cr3.pem,, -out_trusted,root.crt,,BLANK,, -csr,idontexist,, +1,p10cr csr empty file, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_p10cr4.pem,, -out_trusted,root.crt,,BLANK,, -csr,empty.txt,, +TODO,p10cr wrong csr, -section,, -cmd,p10cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_p10cr5.pem,, -out_trusted,root.crt,,BLANK,, -csr,wrong_csr.pem,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,ir + ignored revocation, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_revreason.pem,, -out_trusted,root.crt,,BLANK,,,, -revreason,5 +1,ir + invalid revreason, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_revreason1.pem,, -out_trusted,root.crt,,BLANK,,,, -revreason,11 +1,ir + revreason not an integer, -section,, -cmd,ir, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_revreason2.pem,, -out_trusted,root.crt,,BLANK,,,, -revreason,abc +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,cr, -section,, -cmd,cr, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_cr.pem,, -out_trusted,root.crt,,BLANK,,BLANK,,, +,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, +0,kur explicit options, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur.pem,, -out_trusted,root.crt,, -oldcert,_RESULT_DIR/test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT, -cert,_RESULT_DIR/test.certout_newkey.pem, -key,new.key, -extracerts,issuing.crt +0,kur minimal options, -section,, -cmd,kur,BLANK,,BLANK,, -subject,"""",BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur_minimal.pem,,BLANK,,, -oldcert,"""",BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT, -cert,_RESULT_DIR/test.certout_newkey.pem, -key,new.key, -extracerts,issuing.crt, -secret,"""" +1,kur newkey value missing, -section,, -cmd,kur, -newkey,,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur1.pem,, -out_trusted,root.crt,, -oldcert,_RESULT_DIR/test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +1,kur newkey is directory, -section,, -cmd,kur, -newkey,dir/,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur2.pem,, -out_trusted,root.crt,, -oldcert,_RESULT_DIR/test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +1,kur newkey parameter count no match, -section,, -cmd,kur, -newkey,abc,def, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur3.pem,, -out_trusted,root.crt,, -oldcert,_RESULT_DIR/test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +1,kur newkey missing argument, -section,, -cmd,kur, -newkey,BLANK,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur4.pem,, -out_trusted,root.crt,, -oldcert,_RESULT_DIR/test.certout_newkey.pem,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +1,kur oldcert is directory, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur5.pem,, -out_trusted,root.crt,, -oldcert,dir/,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +1,kur oldcert not existing, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur6.pem,, -out_trusted,root.crt,, -oldcert,idontexist,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +1,kur empty oldcert file, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur7.pem,, -out_trusted,root.crt,, -oldcert,empty.txt,BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT +1,kur without cert and oldcert, -section,, -cmd,kur, -newkey,new.key,, -newkeypass,pass:,,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,,BLANK,, -certout,_RESULT_DIR/test.certout_kur8.pem,, -out_trusted,root.crt,, -cert,"""",BLANK,,,,,-server,_SERVER_HOST:_KUR_PORT diff --git a/test/recipes/81-test_cmp_cli_data/test_verification.csv b/test/recipes/81-test_cmp_cli_data/test_verification.csv index b53e518c8d..8ba0489bc2 100644 --- a/test/recipes/81-test_cmp_cli_data/test_verification.csv +++ b/test/recipes/81-test_cmp_cli_data/test_verification.csv @@ -45,7 +45,7 @@ expected,description, -section,val, -recipient,val, -expect_sender,val, -srvcert 0,no unprotected errors - no errors, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK,BLANK,BLANK,,,,,,,, 1,unprotected_errors with parameter, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK,BLANK,BLANK,,, -unprotected_errors,123,,,, ,,,,,,,,,,,,,,,,,,,,,,,,, -0,extracertsout, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -unprotected_errors, -extracertsout,test.extracerts.pem,,,,,,, +0,extracertsout, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -unprotected_errors, -extracertsout,_RESULT_DIR/test.extracerts.pem,,,,,,, 1,extracertsout no parameter, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -unprotected_errors, -extracertsout,,,,,,,, 1,extracertsout directory, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -unprotected_errors, -extracertsout,directory/,,,,,,, 1,extracertsout multiple arguments, -section,, -recipient,_CA_DN,BLANK,,BLANK,, -trusted,trusted.crt,BLANK,,BLANK, -unprotected_errors, -extracertsout,abc,def,,,,,, diff --git a/util/perl/OpenSSL/Test.pm b/util/perl/OpenSSL/Test.pm index c44eca301c..4dc1bad188 100644 --- a/util/perl/OpenSSL/Test.pm +++ b/util/perl/OpenSSL/Test.pm @@ -21,6 +21,7 @@ $VERSION = "1.0"; @EXPORT_OK = (@Test::More::EXPORT_OK, qw(bldtop_dir bldtop_file srctop_dir srctop_file data_file data_dir + result_file result_dir pipe with cmdstr quotify openssl_versions ok_nofips is_nofips isnt_nofips)); @@ -124,8 +125,8 @@ most likely refuse to run. C checks for environment variables (see L below), checks that C<$TOP/Configure> or C<$SRCTOP/Configure> exists, C into the results directory (defined by the C<$RESULT_D> environment -variable if defined, otherwise C<$BLDTOP/test> or C<$TOP/test>, whichever -is defined). +variable if defined, otherwise C<$BLDTOP/test-runs> or C<$TOP/test-runs>, +whichever is defined). =back @@ -651,6 +652,43 @@ sub data_file { =over 4 +=item B + +C returns the directory where test output files should be placed +as a string, adapted to the local operating system. + +=back + +=cut + +sub result_dir { + BAIL_OUT("Must run setup() first") if (! $test_name); + + return catfile($directories{RESULTS}); +} + +=over 4 + +=item B + +FILENAME is the name of a test output file. +C returns the path of the given file as a string, +prepending to the file name the path to the directory where test output files +should be placed, adapted to the local operating system. + +=back + +=cut + +sub result_file { + BAIL_OUT("Must run setup() first") if (! $test_name); + + my $f = pop; + return catfile(result_dir(), at _,$f); +} + +=over 4 + =item B LIST is a list of CODEREFs returned by C or C, from which C @@ -1067,13 +1105,6 @@ sub __data_dir { return catdir($directories{SRCDATA}, at _); } -sub __results_file { - BAIL_OUT("Must run setup() first") if (! $test_name); - - my $f = pop; - return catfile($directories{RESULTS}, at _,$f); -} - # __cwd DIR # __cwd DIR, OPTS # From builds at travis-ci.com Tue Oct 6 21:05:48 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 06 Oct 2020 21:05:48 +0000 Subject: Still Failing: openssl/openssl#37909 (master - c5fc675) In-Reply-To: Message-ID: <5f7cdc2c581c9_13ff2900fdb84115619@travis-pro-tasks-dc6f6d5bf-fc2x8.mail> Build Update for openssl/openssl ------------------------------------- Build: #37909 Status: Still Failing Duration: 1 hr, 18 mins, and 17 secs Commit: c5fc675 (master) Author: Dr. David von Oheimb Message: Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12934) View the changeset: https://github.com/openssl/openssl/compare/d8dc85382507...c5fc6754b7ab View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188453042?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 6 22:00:36 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 06 Oct 2020 22:00:36 +0000 Subject: Build failed: openssl master.37373 Message-ID: <20201006220036.1.D54882093192DCAB@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Tue Oct 6 22:57:14 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Tue, 06 Oct 2020 22:57:14 +0000 Subject: [openssl] master update Message-ID: <1602025034.815544.24153.nullmailer@dev.openssl.org> The branch master has been updated via a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd (commit) via 8ad369171fc2b435c0ca427111481da4d4c3c1ce (commit) from c5fc6754b7ab60a53b5c19e08a719d5001fa4d49 (commit) - Log ----------------------------------------------------------------- commit a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd Author: Benny Baumann Date: Fri Oct 2 01:06:12 2020 +0200 Avoid memory leak of parent on allocation failure for child structure Reviewed-by: Ben Kaduk Reviewed-by: Dmitry Belyavskiy Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13055) commit 8ad369171fc2b435c0ca427111481da4d4c3c1ce Author: Benny Baumann Date: Fri Oct 2 01:04:06 2020 +0200 Use size of target buffer for allocation Reviewed-by: Ben Kaduk Reviewed-by: Dmitry Belyavskiy Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13055) ----------------------------------------------------------------------- Summary of changes: apps/cms.c | 6 ++++-- ssl/ssl_sess.c | 2 +- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/apps/cms.c b/apps/cms.c index 9312c37fc2..91d951980d 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -647,9 +647,11 @@ int cms_main(int argc, char **argv) if (key_param == NULL || key_param->idx != keyidx) { cms_key_param *nparam; nparam = app_malloc(sizeof(*nparam), "key param buffer"); - nparam->idx = keyidx; - if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) + if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) { + OPENSSL_free(nparam); goto end; + } + nparam->idx = keyidx; nparam->next = NULL; if (key_first == NULL) key_first = nparam; diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 83fc149cfd..4c4fc80023 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -110,7 +110,7 @@ SSL_SESSION *ssl_session_dup(const SSL_SESSION *src, int ticket) { SSL_SESSION *dest; - dest = OPENSSL_malloc(sizeof(*src)); + dest = OPENSSL_malloc(sizeof(*dest)); if (dest == NULL) { goto err; } From pauli at openssl.org Tue Oct 6 22:58:07 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Tue, 06 Oct 2020 22:58:07 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1602025087.564201.25358.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via ae9bcce2ab57d19119a85788eb48f8e8ba8ed3ee (commit) from db78f8b3859aa35a4988d4ba49d5e8de8c2b491d (commit) - Log ----------------------------------------------------------------- commit ae9bcce2ab57d19119a85788eb48f8e8ba8ed3ee Author: Benny Baumann Date: Fri Oct 2 01:04:06 2020 +0200 Use size of target buffer for allocation Reviewed-by: Ben Kaduk Reviewed-by: Dmitry Belyavskiy Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13055) (cherry picked from commit 8ad369171fc2b435c0ca427111481da4d4c3c1ce) ----------------------------------------------------------------------- Summary of changes: ssl/ssl_sess.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 40c157bb42..423bb4d38a 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -107,7 +107,7 @@ SSL_SESSION *ssl_session_dup(SSL_SESSION *src, int ticket) { SSL_SESSION *dest; - dest = OPENSSL_malloc(sizeof(*src)); + dest = OPENSSL_malloc(sizeof(*dest)); if (dest == NULL) { goto err; } From pauli at openssl.org Tue Oct 6 22:58:39 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Tue, 06 Oct 2020 22:58:39 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1602025119.220723.26427.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 7455f247e6f9d621fa79ae3af1588df23078fb11 (commit) from ae9bcce2ab57d19119a85788eb48f8e8ba8ed3ee (commit) - Log ----------------------------------------------------------------- commit 7455f247e6f9d621fa79ae3af1588df23078fb11 Author: Benny Baumann Date: Fri Oct 2 01:06:12 2020 +0200 Avoid memory leak of parent on allocation failure for child structure Reviewed-by: Ben Kaduk Reviewed-by: Dmitry Belyavskiy Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13055) (cherry picked from commit a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd) ----------------------------------------------------------------------- Summary of changes: apps/cms.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/apps/cms.c b/apps/cms.c index 15edd67dbe..60691f1468 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -545,9 +545,11 @@ int cms_main(int argc, char **argv) if (key_param == NULL || key_param->idx != keyidx) { cms_key_param *nparam; nparam = app_malloc(sizeof(*nparam), "key param buffer"); - nparam->idx = keyidx; - if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) + if ((nparam->param = sk_OPENSSL_STRING_new_null()) == NULL) { + OPENSSL_free(nparam); goto end; + } + nparam->idx = keyidx; nparam->next = NULL; if (key_first == NULL) key_first = nparam; From pauli at openssl.org Tue Oct 6 23:05:40 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Tue, 06 Oct 2020 23:05:40 +0000 Subject: [openssl] master update Message-ID: <1602025540.042692.29637.nullmailer@dev.openssl.org> The branch master has been updated via 23b2fc0b501d6635dd821014aec8ff16689cbb6a (commit) from a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd (commit) - Log ----------------------------------------------------------------- commit 23b2fc0b501d6635dd821014aec8ff16689cbb6a Author: Pauli Date: Wed Sep 30 14:20:14 2020 +1000 rsa: add ossl_ prefix to internal rsa_ calls. The functions being: rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff, rsa_check_prime_factor, rsa_check_prime_factor_range, rsa_check_private_exponent, rsa_check_public_exponent, rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata, rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30, rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names, rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid, rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx, rsa_padding_add_PKCS1_type_2_with_libctx, rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS, rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata, rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted, rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg, rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults, rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg, rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen, rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata, rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params, rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private, rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq, rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test, rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise, rsa_validate_private and rsa_validate_public. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13040) ----------------------------------------------------------------------- Summary of changes: crypto/err/openssl.txt | 5 - crypto/evp/pmeth_lib.c | 4 +- crypto/rsa/rsa_ameth.c | 47 ++++---- crypto/rsa/rsa_backend.c | 70 +++++------ crypto/rsa/rsa_chk.c | 18 +-- crypto/rsa/rsa_gen.c | 4 +- crypto/rsa/rsa_lib.c | 18 +-- crypto/rsa/rsa_local.h | 65 +++++----- crypto/rsa/rsa_mp_names.c | 6 +- crypto/rsa/rsa_oaep.c | 19 +-- crypto/rsa/rsa_ossl.c | 10 +- crypto/rsa/rsa_pk1.c | 19 +-- crypto/rsa/rsa_pmeth.c | 4 +- crypto/rsa/rsa_pss.c | 38 +++--- crypto/rsa/rsa_schemes.c | 6 +- crypto/rsa/rsa_sign.c | 4 +- crypto/rsa/rsa_sp800_56b_check.c | 73 ++++++------ crypto/rsa/rsa_sp800_56b_gen.c | 45 ++++--- crypto/rsa/rsa_ssl.c | 7 +- ...all_params.pod => ossl_rsa_get0_all_params.pod} | 22 ++-- include/crypto/evp.h | 4 +- include/crypto/rsa.h | 121 +++++++++---------- include/openssl/rsaerr.h | 5 - providers/common/der/der_rsa_key.c | 23 ++-- providers/common/include/prov/securitycheck.h | 2 +- providers/common/securitycheck.c | 2 +- providers/implementations/asymciphers/rsa_enc.c | 21 ++-- .../implementations/encode_decode/encode_key2any.c | 4 +- .../encode_decode/encode_key2text.c | 26 ++-- providers/implementations/kem/rsa_kem.c | 4 +- providers/implementations/keymgmt/rsa_kmgmt.c | 48 ++++---- providers/implementations/signature/rsa.c | 16 +-- test/rsa_mp_test.c | 2 +- test/rsa_sp800_56b_test.c | 131 ++++++++++----------- 34 files changed, 449 insertions(+), 444 deletions(-) rename doc/internal/man3/{rsa_get0_all_params.pod => ossl_rsa_get0_all_params.pod} (69%) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 45f315c383..1724982709 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1168,7 +1168,6 @@ RSA_F_RSA_CHECK_KEY:123:RSA_check_key RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify -RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES:168:rsa_fips186_4_gen_prob_primes RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify RSA_F_RSA_METH_DUP:161:RSA_meth_dup RSA_F_RSA_METH_NEW:162:RSA_meth_new @@ -1212,10 +1211,6 @@ RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding RSA_F_RSA_SIGN:117:RSA_sign RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING -RSA_F_RSA_SP800_56B_CHECK_KEYPAIR:169:rsa_sp800_56b_check_keypair -RSA_F_RSA_SP800_56B_CHECK_PUBLIC:170:rsa_sp800_56b_check_public -RSA_F_RSA_SP800_56B_PAIRWISE_TEST:171:rsa_sp800_56b_pairwise_test -RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH:172:rsa_sp800_56b_validate_strength RSA_F_RSA_VERIFY:119:RSA_verify RSA_F_RSA_VERIFY_ASN1_OCTET_STRING:120:RSA_verify_ASN1_OCTET_STRING RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1:126:RSA_verify_PKCS1_PSS_mgf1 diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 8f84230dcf..fc06a101c8 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -50,7 +50,7 @@ static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; /* This array needs to be in order of NIDs */ static pmeth_fn standard_methods[] = { # ifndef OPENSSL_NO_RSA - rsa_pkey_method, + ossl_rsa_pkey_method, # endif # ifndef OPENSSL_NO_DH dh_pkey_method, @@ -62,7 +62,7 @@ static pmeth_fn standard_methods[] = { ec_pkey_method, # endif # ifndef OPENSSL_NO_RSA - rsa_pss_pkey_method, + ossl_rsa_pss_pkey_method, # endif # ifndef OPENSSL_NO_DH dhx_pkey_method, diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index aab237aecd..6105b7849a 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -777,7 +777,7 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, RSA_PSS_PARAMS_30 pss_params; /* Get the defaults from the ONE place */ - (void)rsa_pss_params_30_set_defaults(&pss_params); + (void)ossl_rsa_pss_params_30_set_defaults(&pss_params); if (pss == NULL) return 0; @@ -790,11 +790,11 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, if (pss->saltLength) *psaltlen = ASN1_INTEGER_get(pss->saltLength); else - *psaltlen = rsa_pss_params_30_saltlen(&pss_params); + *psaltlen = ossl_rsa_pss_params_30_saltlen(&pss_params); if (pss->trailerField) *ptrailerField = ASN1_INTEGER_get(pss->trailerField); else - *ptrailerField = rsa_pss_params_30_trailerfield(&pss_params);; + *ptrailerField = ossl_rsa_pss_params_30_trailerfield(&pss_params);; return 1; } @@ -838,11 +838,13 @@ static int rsa_sync_to_pss_params_30(RSA *rsa) return 0; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_set_trailerfield(&pss_params, trailerField)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_set_trailerfield(&pss_params, + trailerField)) return 0; rsa->pss_params = pss_params; } @@ -1214,7 +1216,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, if (RSA_get0_n(rsa) == NULL || RSA_get0_e(rsa) == NULL) goto err; - if (!rsa_todata(rsa, tmpl, NULL)) + if (!ossl_rsa_todata(rsa, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; @@ -1231,11 +1233,12 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, goto err; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS; } @@ -1257,7 +1260,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, { EVP_PKEY_CTX *pctx = vpctx; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - RSA *rsa = rsa_new_with_ctx(pctx->libctx); + RSA *rsa = ossl_rsa_new_with_ctx(pctx->libctx); RSA_PSS_PARAMS_30 rsa_pss_params = { 0, }; int ok = 0; @@ -1269,7 +1272,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, rsa_type); - if (!rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) + if (!ossl_rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) goto err; switch (rsa_type) { @@ -1278,7 +1281,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? * In that case, something's wrong */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) goto err; break; case RSA_FLAG_TYPE_RSASSAPSS: @@ -1286,11 +1289,11 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? In that case, create the old * RSA_PSS_PARAMS structure. Otherwise, this is an unrestricted key. */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { /* Create the older RSA_PSS_PARAMS from RSA_PSS_PARAMS_30 data */ - int mdnid = rsa_pss_params_30_hashalg(&rsa_pss_params); - int mgf1mdnid = rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); - int saltlen = rsa_pss_params_30_saltlen(&rsa_pss_params); + int mdnid = ossl_rsa_pss_params_30_hashalg(&rsa_pss_params); + int mgf1mdnid = ossl_rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); + int saltlen = ossl_rsa_pss_params_30_saltlen(&rsa_pss_params); const EVP_MD *md = EVP_get_digestbynid(mdnid); const EVP_MD *mgf1md = EVP_get_digestbynid(mgf1mdnid); @@ -1303,7 +1306,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, goto err; } - if (!rsa_fromdata(rsa, params)) + if (!ossl_rsa_fromdata(rsa, params)) goto err; switch (rsa_type) { diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index fae09d7067..9279e71857 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -48,7 +48,7 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers, return 1; } -int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) +int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) { const OSSL_PARAM *param_n, *param_e, *param_d; BIGNUM *n = NULL, *e = NULL, *d = NULL; @@ -75,16 +75,16 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) if (is_private) { if (!collect_numbers(factors = sk_BIGNUM_new_null(), params, - rsa_mp_factor_names) + ossl_rsa_mp_factor_names) || !collect_numbers(exps = sk_BIGNUM_new_null(), params, - rsa_mp_exp_names) + ossl_rsa_mp_exp_names) || !collect_numbers(coeffs = sk_BIGNUM_new_null(), params, - rsa_mp_coeff_names)) + ossl_rsa_mp_coeff_names)) goto err; /* It's ok if this private key just has n, e and d */ if (sk_BIGNUM_num(factors) != 0 - && !rsa_set0_all_params(rsa, factors, exps, coeffs)) + && !ossl_rsa_set0_all_params(rsa, factors, exps, coeffs)) goto err; } @@ -106,7 +106,7 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { int ret = 0; const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL; @@ -118,7 +118,7 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) goto err; RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); - rsa_get0_all_params(rsa, factors, exps, coeffs); + ossl_rsa_get0_all_params(rsa, factors, exps, coeffs); if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_N, rsa_n) || !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_E, rsa_e)) @@ -142,11 +142,13 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_D, rsa_d) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_factor_names, factors) + ossl_rsa_mp_factor_names, + factors) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_exp_names, exps) + ossl_rsa_mp_exp_names, exps) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_coeff_names, coeffs)) + ossl_rsa_mp_coeff_names, + coeffs)) goto err; } @@ -163,26 +165,27 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) return ret; } -int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, - OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, + OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { - if (!rsa_pss_params_30_is_unrestricted(pss)) { - int hashalg_nid = rsa_pss_params_30_hashalg(pss); - int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss); - int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss); - int saltlen = rsa_pss_params_30_saltlen(pss); - int default_hashalg_nid = rsa_pss_params_30_hashalg(NULL); - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); - int default_maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(NULL); + if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) { + int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss); + int maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(pss); + int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); + int saltlen = ossl_rsa_pss_params_30_saltlen(pss); + int default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenhashalg_nid = + ossl_rsa_pss_params_30_maskgenhashalg(NULL); const char *mdname = (hashalg_nid == default_hashalg_nid - ? NULL : rsa_oaeppss_nid2name(hashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(hashalg_nid)); const char *mgfname = (maskgenalg_nid == default_maskgenalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenalg_nid)); const char *mgf1mdname = (maskgenhashalg_nid == default_maskgenhashalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenhashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid)); const char *key_md = OSSL_PKEY_PARAM_RSA_DIGEST; const char *key_mgf = OSSL_PKEY_PARAM_RSA_MASKGENFUNC; const char *key_mgf1_md = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST; @@ -207,8 +210,9 @@ int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, return 1; } -int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, - const OSSL_PARAM params[], OPENSSL_CTX *libctx) +int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, + const OSSL_PARAM params[], + OPENSSL_CTX *libctx) { const OSSL_PARAM *param_md, *param_mgf, *param_mgf1md, *param_saltlen; const OSSL_PARAM *param_propq; @@ -241,11 +245,11 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, */ if (param_md != NULL || param_mgf != NULL || param_mgf1md != NULL || param_saltlen != NULL) - if (!rsa_pss_params_30_set_defaults(pss_params)) + if (!ossl_rsa_pss_params_30_set_defaults(pss_params)) return 0; if (param_mgf != NULL) { - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); const char *mgfname = NULL; if (param_mgf->data_type == OSSL_PARAM_UTF8_STRING) @@ -255,7 +259,7 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, /* TODO Revisit this if / when a new MGF algorithm appears */ if (strcasecmp(param_mgf->data, - rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) + ossl_rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) return 0; } @@ -273,8 +277,8 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((md = EVP_MD_fetch(libctx, mdname, propq)) == NULL - || !rsa_pss_params_30_set_hashalg(pss_params, - rsa_oaeppss_md2nid(md))) + || !ossl_rsa_pss_params_30_set_hashalg(pss_params, + ossl_rsa_oaeppss_md2nid(md))) goto err; } @@ -287,14 +291,14 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((mgf1md = EVP_MD_fetch(libctx, mgf1mdname, propq)) == NULL - || !rsa_pss_params_30_set_maskgenhashalg(pss_params, - rsa_oaeppss_md2nid(mgf1md))) + || !ossl_rsa_pss_params_30_set_maskgenhashalg( + pss_params, ossl_rsa_oaeppss_md2nid(mgf1md))) goto err; } if (param_saltlen != NULL) { if (!OSSL_PARAM_get_int(param_saltlen, &saltlen) - || !rsa_pss_params_30_set_saltlen(pss_params, saltlen)) + || !ossl_rsa_pss_params_30_set_saltlen(pss_params, saltlen)) goto err; } diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 0bbb6dac03..5a0ef7679b 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -230,20 +230,20 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) } #endif /* FIPS_MODULE */ -int rsa_validate_public(const RSA *key) +int ossl_rsa_validate_public(const RSA *key) { - return rsa_sp800_56b_check_public(key); + return ossl_rsa_sp800_56b_check_public(key); } -int rsa_validate_private(const RSA *key) +int ossl_rsa_validate_private(const RSA *key) { - return rsa_sp800_56b_check_private(key); + return ossl_rsa_sp800_56b_check_private(key); } -int rsa_validate_pairwise(const RSA *key) +int ossl_rsa_validate_pairwise(const RSA *key) { #ifdef FIPS_MODULE - return rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); + return ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); #else return rsa_validate_keypair_multiprime(key, NULL); #endif @@ -257,9 +257,9 @@ int RSA_check_key(const RSA *key) int RSA_check_key_ex(const RSA *key, BN_GENCB *cb) { #ifdef FIPS_MODULE - return rsa_validate_public(key) - && rsa_validate_private(key) - && rsa_validate_pairwise(key); + return ossl_rsa_validate_public(key) + && ossl_rsa_validate_private(key) + && ossl_rsa_validate_pairwise(key); #else return rsa_validate_keypair_multiprime(key, cb); #endif /* FIPS_MODULE */ diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index dc4ec0a8d3..58c7806ffd 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -92,7 +92,7 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes, } /* A bad value for e can cause infinite loops */ - if (e_value != NULL && !rsa_check_public_exponent(e_value)) { + if (e_value != NULL && !ossl_rsa_check_public_exponent(e_value)) { RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -429,7 +429,7 @@ static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes, * the older rsa_multiprime_keygen(). */ if (primes == 2 && bits >= 2048) - ok = rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); + ok = ossl_rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); #ifndef FIPS_MODULE else ok = rsa_multiprime_keygen(rsa, bits, primes, e_value, cb); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 475fca0f89..a73df12dc6 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -66,7 +66,7 @@ RSA *RSA_new_method(ENGINE *engine) } #endif -RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx) +RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx) { return rsa_new_intern(NULL, libctx); } @@ -189,7 +189,7 @@ int RSA_up_ref(RSA *r) return i > 1 ? 1 : 0; } -OPENSSL_CTX *rsa_get0_libctx(RSA *r) +OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r) { return r->libctx; } @@ -654,7 +654,7 @@ const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r) } /* Internal */ -RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r) +RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r) { return &r->pss_params; } @@ -699,9 +699,9 @@ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2) DEFINE_STACK_OF(BIGNUM) -int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs) +int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs) { #ifndef FIPS_MODULE STACK_OF(RSA_PRIME_INFO) *prime_infos, *old_infos = NULL; @@ -797,9 +797,9 @@ int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs) +int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs) { #ifndef FIPS_MODULE RSA_PRIME_INFO *pinfo; diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index cc03132d17..f5c6be31a9 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -169,37 +169,38 @@ RSA_PRIME_INFO *rsa_multip_info_new(void); int rsa_multip_calc_product(RSA *rsa); int rsa_multip_cap(int bits); -int rsa_sp800_56b_validate_strength(int nbits, int strength); -int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, - int nbits); -int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, - BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, - BIGNUM *p1q1); - -int rsa_check_public_exponent(const BIGNUM *e); -int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); -int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); - -int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); -int rsa_sp800_56b_check_public(const RSA *rsa); -int rsa_sp800_56b_check_private(const RSA *rsa); -int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, - int strength, int nbits); -int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, - BN_GENCB *cb); - -int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, - const BIGNUM *e, BN_CTX *ctx); -int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, - int nbits, const BIGNUM *e, BN_CTX *ctx, - BN_GENCB *cb); - -int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, - const unsigned char *from, int flen); -int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen); +int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength); +int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, + int nbits); +int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1); + +int ossl_rsa_check_public_exponent(const BIGNUM *e); +int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); +int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); + +int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); +int ossl_rsa_sp800_56b_check_public(const RSA *rsa); +int ossl_rsa_sp800_56b_check_private(const RSA *rsa); +int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits); +int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb); + +int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx); +int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, + int nbits, const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb); + +int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); +int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); #endif /* OSSL_CRYPTO_RSA_LOCAL_H */ diff --git a/crypto/rsa/rsa_mp_names.c b/crypto/rsa/rsa_mp_names.c index 2fb1f53c43..8291b79e7a 100644 --- a/crypto/rsa/rsa_mp_names.c +++ b/crypto/rsa/rsa_mp_names.c @@ -20,7 +20,7 @@ * A fixed table of names for the RSA prime factors starting with * P,Q and up to 8 additional primes. */ -const char *rsa_mp_factor_names[] = { +const char *ossl_rsa_mp_factor_names[] = { OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PKEY_PARAM_RSA_FACTOR2, #ifndef FIPS_MODULE @@ -40,7 +40,7 @@ const char *rsa_mp_factor_names[] = { * A fixed table of names for the RSA exponents starting with * DP,DQ and up to 8 additional exponents. */ -const char *rsa_mp_exp_names[] = { +const char *ossl_rsa_mp_exp_names[] = { OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PKEY_PARAM_RSA_EXPONENT2, #ifndef FIPS_MODULE @@ -60,7 +60,7 @@ const char *rsa_mp_exp_names[] = { * A fixed table of names for the RSA coefficients starting with * QINV and up to 8 additional exponents. */ -const char *rsa_mp_coeff_names[] = { +const char *ossl_rsa_mp_coeff_names[] = { OSSL_PKEY_PARAM_RSA_COEFFICIENT1, #ifndef FIPS_MODULE OSSL_PKEY_PARAM_RSA_COEFFICIENT2, diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index ea9ce0dee4..17200e787a 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -40,8 +40,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, NULL, NULL); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, NULL, NULL); } /* @@ -51,11 +51,12 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, * Step numbers are included here but not in the constant time inverse below * to avoid complicating an already difficult enough function. */ -int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen, const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md) +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, + unsigned char *to, int tlen, + const unsigned char *from, int flen, + const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md) { int rv = 0; int i, emlen = tlen - 1; @@ -138,8 +139,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, md, mgf1md); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, md, mgf1md); } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index d1e8535226..139fb16268 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -111,15 +111,17 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, switch (padding) { case RSA_PKCS1_PADDING: - i = rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, from, flen); + i = ossl_rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, + from, flen); break; case RSA_PKCS1_OAEP_PADDING: - i = rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, from, - flen, NULL, 0, NULL, NULL); + i = ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, + from, flen, NULL, 0, + NULL, NULL); break; #ifndef FIPS_MODULE case RSA_SSLV23_PADDING: - i = rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen); + i = ossl_rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen); break; #endif case RSA_NO_PADDING: diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 05c2933407..64f6864740 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -124,9 +124,9 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, return j; } -int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen) +int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen) { int i, j; unsigned char *p; @@ -164,7 +164,7 @@ int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, const unsigned char *from, int flen) { - return rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen); + return ossl_rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen); } int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, @@ -278,7 +278,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } /* - * rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2 + * ossl_rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2 * padding from a decrypted RSA message in a TLS signature. The result is stored * in the buffer pointed to by |to| which should be |tlen| bytes long. |tlen| * must be at least SSL_MAX_MASTER_KEY_LENGTH. The original decrypted message @@ -298,10 +298,11 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * decrypted data will be randomly generated (as per * https://tools.ietf.org/html/rfc5246#section-7.4.7.1). */ -int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, unsigned char *to, - size_t tlen, const unsigned char *from, - size_t flen, int client_version, - int alt_version) +int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, + unsigned char *to, size_t tlen, + const unsigned char *from, + size_t flen, int client_version, + int alt_version) { unsigned int i, good, version_good; unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH]; diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 261f347a2d..edaa769a6f 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -798,7 +798,7 @@ static const EVP_PKEY_METHOD rsa_pkey_meth = { pkey_rsa_ctrl_str }; -const EVP_PKEY_METHOD *rsa_pkey_method(void) +const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void) { return &rsa_pkey_meth; } @@ -874,7 +874,7 @@ static const EVP_PKEY_METHOD rsa_pss_pkey_meth = { pkey_rsa_ctrl_str }; -const EVP_PKEY_METHOD *rsa_pss_pkey_method(void) +const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void) { return &rsa_pss_pkey_meth; } diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index a5bcdfe1ff..e3a548d2e3 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -288,7 +288,7 @@ static const RSA_PSS_PARAMS_30 default_RSASSA_PSS_params = { 1 /* default trailerField (0xBC) */ }; -int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return 0; @@ -296,7 +296,7 @@ int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) return 1; } -int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) { static RSA_PSS_PARAMS_30 pss_params_cmp = { 0, }; @@ -305,15 +305,15 @@ int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) sizeof(*rsa_pss_params)) == 0; } -int rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, - const RSA_PSS_PARAMS_30 *from) +int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, + const RSA_PSS_PARAMS_30 *from) { memcpy(to, from, sizeof(*to)); return 1; } -int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int hashalg_nid) +int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int hashalg_nid) { if (rsa_pss_params == NULL) return 0; @@ -321,8 +321,8 @@ int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenalg_nid) +int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenalg_nid) { if (rsa_pss_params == NULL) return 0; @@ -330,8 +330,8 @@ int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenhashalg_nid) +int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenhashalg_nid) { if (rsa_pss_params == NULL) return 0; @@ -339,8 +339,8 @@ int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, - int saltlen) +int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, + int saltlen) { if (rsa_pss_params == NULL) return 0; @@ -348,8 +348,8 @@ int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, - int trailerfield) +int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, + int trailerfield) { if (rsa_pss_params == NULL) return 0; @@ -357,35 +357,35 @@ int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.hash_algorithm_nid; return rsa_pss_params->hash_algorithm_nid; } -int rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.mask_gen.algorithm_nid; return rsa_pss_params->mask_gen.algorithm_nid; } -int rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.hash_algorithm_nid; return rsa_pss_params->mask_gen.hash_algorithm_nid; } -int rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.salt_len; return rsa_pss_params->salt_len; } -int rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.trailer_field; diff --git a/crypto/rsa/rsa_schemes.c b/crypto/rsa/rsa_schemes.c index 7a54296a59..98ab13956d 100644 --- a/crypto/rsa/rsa_schemes.c +++ b/crypto/rsa/rsa_schemes.c @@ -67,18 +67,18 @@ static int md_is_a(const void *md, const char *name) return EVP_MD_is_a(md, name); } -int rsa_oaeppss_md2nid(const EVP_MD *md) +int ossl_rsa_oaeppss_md2nid(const EVP_MD *md) { return meth2nid(md, md_is_a, oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map)); } -const char *rsa_oaeppss_nid2name(int md) +const char *ossl_rsa_oaeppss_nid2name(int md) { return nid2name(md, oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map)); } -const char *rsa_mgf_nid2name(int mgf) +const char *ossl_rsa_mgf_nid2name(int mgf) { if (mgf == NID_mgf1) return SN_mgf1; diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index e3425b9e36..bef062d1bd 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -150,7 +150,7 @@ ENCODE_DIGESTINFO_SHA(sha3_512, 0x0a, SHA512_DIGEST_LENGTH) *len = sizeof(digestinfo_##name##_der); \ return digestinfo_##name##_der; -const unsigned char *rsa_digestinfo_encoding(int md_nid, size_t *len) +const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len) { switch (md_nid) { #ifndef FIPS_MODULE @@ -250,7 +250,7 @@ static int encode_pkcs1(unsigned char **out, size_t *out_len, int type, RSAerr(RSA_F_ENCODE_PKCS1, RSA_R_UNKNOWN_ALGORITHM_TYPE); return 0; } - di_prefix = rsa_digestinfo_encoding(type, &di_prefix_len); + di_prefix = ossl_rsa_digestinfo_encoding(type, &di_prefix_len); if (di_prefix == NULL) { RSAerr(RSA_F_ENCODE_PKCS1, RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); diff --git a/crypto/rsa/rsa_sp800_56b_check.c b/crypto/rsa/rsa_sp800_56b_check.c index 9840d08285..2cdc2fa5e6 100644 --- a/crypto/rsa/rsa_sp800_56b_check.c +++ b/crypto/rsa/rsa_sp800_56b_check.c @@ -21,7 +21,7 @@ * 6.4.1.2.3: rsakpv1-crt Step 7 * 6.4.1.3.3: rsakpv2-crt Step 7 */ -int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx) +int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx) { int ret = 0; BIGNUM *r = NULL, *p1 = NULL, *q1 = NULL; @@ -85,7 +85,7 @@ int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx) * * (?2)(2^(nbits/2 - 1) = (?2/2)(2^(nbits/2)) */ -int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx) +int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx) { int ret = 0; BIGNUM *low; @@ -133,7 +133,7 @@ err: * * See SP800-56Br1 6.4.1.2.3 Step 5 (a to d) & (e to h). */ -int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) +int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) { int ret = 0; BIGNUM *p1 = NULL, *gcd = NULL; @@ -141,7 +141,7 @@ int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) /* (Steps 5 a-b) prime test */ if (BN_check_prime(p, ctx, NULL) != 1 /* (Step 5c) (?2)(2^(nbits/2 - 1) <= p <= 2^(nbits/2 - 1) */ - || rsa_check_prime_factor_range(p, nbits, ctx) != 1) + || ossl_rsa_check_prime_factor_range(p, nbits, ctx) != 1) return 0; BN_CTX_start(ctx); @@ -172,7 +172,7 @@ int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) * (Step 6a) 2^(nBit/2) < d < LCM(p?1, q?1). * (Step 6b) 1 = (d*e) mod LCM(p?1, q?1) */ -int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx) +int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx) { int ret; BIGNUM *r, *p1, *q1, *lcm, *p1q1, *gcd; @@ -201,7 +201,8 @@ int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx) } ret = (ret /* LCM(p - 1, q - 1) */ - && (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) == 1) + && (ossl_rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, + p1q1) == 1) /* (Step 6a) d < LCM(p - 1, q - 1) */ && (BN_cmp(rsa->d, lcm) < 0) /* (Step 6b) 1 = (e . d) mod LCM(p - 1, q - 1) */ @@ -229,7 +230,7 @@ static int bn_is_three(const BIGNUM *bn) #endif /* FIPS_MODULE */ /* Check exponent is odd, and has a bitlen ranging from [17..256] */ -int rsa_check_public_exponent(const BIGNUM *e) +int ossl_rsa_check_public_exponent(const BIGNUM *e) { int bitlen; @@ -247,7 +248,7 @@ int rsa_check_public_exponent(const BIGNUM *e) * SP800-56Br1 6.4.1.2.1 (Step 5i): |p - q| > 2^(nbits/2 - 100) * i.e- numbits(p-q-1) > (nbits/2 -100) */ -int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, +int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, int nbits) { int bitlen = (nbits >> 1) - 100; @@ -270,9 +271,9 @@ int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, * Caller should ensure that lcm, gcd, p1, q1, p1q1 are flagged with * BN_FLG_CONSTTIME. */ -int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, - BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, - BIGNUM *p1q1) +int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1) { return BN_sub(p1, p, BN_value_one()) /* p-1 */ && BN_sub(q1, q, BN_value_one()) /* q-1 */ @@ -286,7 +287,7 @@ int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, * SP800-89 5.3.3 (Explicit) Partial Public Key Validation for RSA * caveat is that the modulus must be as specified in SP800-56Br1 */ -int rsa_sp800_56b_check_public(const RSA *rsa) +int ossl_rsa_sp800_56b_check_public(const RSA *rsa) { int ret = 0, status; #ifdef FIPS_MODULE @@ -304,19 +305,18 @@ int rsa_sp800_56b_check_public(const RSA *rsa) * NOTE: changed to allow keys >= 2048 */ nbits = BN_num_bits(rsa->n); - if (!rsa_sp800_56b_validate_strength(nbits, -1)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_KEY_LENGTH); + if (!ossl_rsa_sp800_56b_validate_strength(nbits, -1)) { + RSAerr(0, RSA_R_INVALID_KEY_LENGTH); return 0; } #endif if (!BN_is_odd(rsa->n)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); return 0; } /* (Steps b-c): 2^16 < e < 2^256, n and e must be odd */ - if (!rsa_check_public_exponent(rsa->e)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, - RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + if (!ossl_rsa_check_public_exponent(rsa->e)) { + RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -330,13 +330,13 @@ int rsa_sp800_56b_check_public(const RSA *rsa) * The modulus has no factors smaller than 752. */ if (!BN_gcd(gcd, rsa->n, bn_get0_small_factors(), ctx) || !BN_is_one(gcd)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); goto err; } ret = bn_miller_rabin_is_prime(rsa->n, 0, ctx, NULL, 1, &status); if (ret != 1 || status != BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); ret = 0; goto err; } @@ -351,7 +351,7 @@ err: /* * Perform validation of the RSA private key to check that 0 < D < N. */ -int rsa_sp800_56b_check_private(const RSA *rsa) +int ossl_rsa_sp800_56b_check_private(const RSA *rsa) { if (rsa->d == NULL || rsa->n == NULL) return 0; @@ -369,8 +369,8 @@ int rsa_sp800_56b_check_private(const RSA *rsa) * 6.4.1.2.3 "rsakpv1 - crt" * 6.4.1.3.3 "rsakpv2 - crt" */ -int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, - int strength, int nbits) +int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits) { int ret = 0; BN_CTX *ctx = NULL; @@ -381,31 +381,30 @@ int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, || rsa->e == NULL || rsa->d == NULL || rsa->n == NULL) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + RSAerr(0, RSA_R_INVALID_REQUEST); return 0; } /* (Step 1): Check Ranges */ - if (!rsa_sp800_56b_validate_strength(nbits, strength)) + if (!ossl_rsa_sp800_56b_validate_strength(nbits, strength)) return 0; /* If the exponent is known */ if (efixed != NULL) { /* (2): Check fixed exponent matches public exponent. */ if (BN_cmp(efixed, rsa->e) != 0) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + RSAerr(0, RSA_R_INVALID_REQUEST); return 0; } } /* (Step 1.c): e is odd integer 65537 <= e < 2^256 */ - if (!rsa_check_public_exponent(rsa->e)) { + if (!ossl_rsa_check_public_exponent(rsa->e)) { /* exponent out of range */ - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, - RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } /* (Step 3.b): check the modulus */ if (nbits != BN_num_bits(rsa->n)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR); + RSAerr(0, RSA_R_INVALID_KEYPAIR); return 0; } @@ -419,20 +418,20 @@ int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, goto err; /* (Step 4.c): Check n = pq */ if (BN_cmp(rsa->n, r) != 0) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + RSAerr(0, RSA_R_INVALID_REQUEST); goto err; } /* (Step 5): check prime factors p & q */ - ret = rsa_check_prime_factor(rsa->p, rsa->e, nbits, ctx) - && rsa_check_prime_factor(rsa->q, rsa->e, nbits, ctx) - && (rsa_check_pminusq_diff(r, rsa->p, rsa->q, nbits) > 0) + ret = ossl_rsa_check_prime_factor(rsa->p, rsa->e, nbits, ctx) + && ossl_rsa_check_prime_factor(rsa->q, rsa->e, nbits, ctx) + && (ossl_rsa_check_pminusq_diff(r, rsa->p, rsa->q, nbits) > 0) /* (Step 6): Check the private exponent d */ - && rsa_check_private_exponent(rsa, nbits, ctx) + && ossl_rsa_check_private_exponent(rsa, nbits, ctx) /* 6.4.1.2.3 (Step 7): Check the CRT components */ - && rsa_check_crt_components(rsa, ctx); + && ossl_rsa_check_crt_components(rsa, ctx); if (ret != 1) - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR); + RSAerr(0, RSA_R_INVALID_KEYPAIR); err: BN_clear(r); diff --git a/crypto/rsa/rsa_sp800_56b_gen.c b/crypto/rsa/rsa_sp800_56b_gen.c index df15b8ce87..e8fdcd8940 100644 --- a/crypto/rsa/rsa_sp800_56b_gen.c +++ b/crypto/rsa/rsa_sp800_56b_gen.c @@ -53,8 +53,9 @@ * Xp, Xp1, Xp2, Xq, Xq1, Xq2 are optionally passed in. * (Required for CAVS testing). */ -int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, - const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb) +int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, + int nbits, const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb) { int ret = 0, ok; /* Temp allocated BIGNUMS */ @@ -87,13 +88,12 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, * Signature Generation and Key Agree/Transport. */ if (nbits < RSA_FIPS1864_MIN_KEYGEN_KEYSIZE) { - RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, RSA_R_KEY_SIZE_TOO_SMALL); + RSAerr(0, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } - if (!rsa_check_public_exponent(e)) { - RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, - RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + if (!ossl_rsa_check_public_exponent(e)) { + RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -131,14 +131,14 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, goto err; /* (Step 6) |Xp - Xq| > 2^(nbitlen/2 - 100) */ - ok = rsa_check_pminusq_diff(tmp, Xpo, Xqo, nbits); + ok = ossl_rsa_check_pminusq_diff(tmp, Xpo, Xqo, nbits); if (ok < 0) goto err; if (ok == 0) continue; /* (Step 6) |p - q| > 2^(nbitlen/2 - 100) */ - ok = rsa_check_pminusq_diff(tmp, rsa->p, rsa->q, nbits); + ok = ossl_rsa_check_pminusq_diff(tmp, rsa->p, rsa->q, nbits); if (ok < 0) goto err; if (ok == 0) @@ -169,18 +169,18 @@ err: * strength is unknown. * Returns: 1 if the key size matches the target strength, or 0 otherwise. */ -int rsa_sp800_56b_validate_strength(int nbits, int strength) +int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength) { int s = (int)ifc_ffc_compute_security_bits(nbits); #ifdef FIPS_MODULE if (s < RSA_FIPS1864_MIN_KEYGEN_STRENGTH || s > RSA_FIPS1864_MAX_KEYGEN_STRENGTH) { - RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); return 0; } #endif if (strength != -1 && s != strength) { - RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_STRENGTH); + RSAerr(0, RSA_R_INVALID_STRENGTH); return 0; } return 1; @@ -206,8 +206,8 @@ int rsa_sp800_56b_validate_strength(int nbits, int strength) * 0 = d is too small, * 1 = success. */ -int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, - const BIGNUM *e, BN_CTX *ctx) +int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx) { int ret = -1; BIGNUM *p1, *q1, *lcm, *p1q1, *gcd; @@ -228,7 +228,7 @@ int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, BN_set_flags(gcd, BN_FLG_CONSTTIME); /* LCM((p-1, q-1)) */ - if (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) != 1) + if (ossl_rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) != 1) goto err; /* copy e */ @@ -330,8 +330,8 @@ err: * cb An optional BIGNUM callback. * Returns: 1 if successfully generated otherwise it returns 0. */ -int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, - BN_GENCB *cb) +int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb) { int ret = 0; int ok; @@ -344,7 +344,7 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, #endif /* (Steps 1a-1b) : Currently ignores the strength check */ - if (!rsa_sp800_56b_validate_strength(nbits, -1)) + if (!ossl_rsa_sp800_56b_validate_strength(nbits, -1)) return 0; ctx = BN_CTX_new_ex(rsa->libctx); @@ -363,11 +363,10 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, for (;;) { /* (Step 2) Generate prime factors */ - if (!rsa_fips186_4_gen_prob_primes(rsa, info, nbits, e, ctx, - cb)) + if (!ossl_rsa_fips186_4_gen_prob_primes(rsa, info, nbits, e, ctx, cb)) goto err; /* (Steps 3-5) Compute params d, n, dP, dQ, qInv */ - ok = rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx); + ok = ossl_rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx); if (ok < 0) goto err; if (ok > 0) @@ -376,7 +375,7 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, } /* (Step 6) Do pairwise test - optional validity test has been omitted */ - ret = rsa_sp800_56b_pairwise_test(rsa, ctx); + ret = ossl_rsa_sp800_56b_pairwise_test(rsa, ctx); err: if (efixed == NULL) BN_free(e); @@ -390,7 +389,7 @@ err: * * Returns 1 if the RSA key passes the pairwise test or 0 it it fails. */ -int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx) +int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx) { int ret = 0; BIGNUM *k, *tmp; @@ -407,7 +406,7 @@ int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx) && BN_mod_exp(tmp, tmp, rsa->d, rsa->n, ctx) && BN_cmp(k, tmp) == 0); if (ret == 0) - RSAerr(RSA_F_RSA_SP800_56B_PAIRWISE_TEST, RSA_R_PAIRWISE_TEST_FAILURE); + RSAerr(0, RSA_R_PAIRWISE_TEST_FAILURE); err: BN_CTX_end(ctx); return ret; diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 3565b8c8d6..e2cf98d884 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -21,8 +21,9 @@ #include "internal/constant_time.h" #include "rsa_local.h" -int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, - const unsigned char *from, int flen) +int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen) { int i, j; unsigned char *p; @@ -62,7 +63,7 @@ int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, int RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from, int flen) { - return rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen); + return ossl_rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen); } /* diff --git a/doc/internal/man3/rsa_get0_all_params.pod b/doc/internal/man3/ossl_rsa_get0_all_params.pod similarity index 69% rename from doc/internal/man3/rsa_get0_all_params.pod rename to doc/internal/man3/ossl_rsa_get0_all_params.pod index c71028c13e..7af5d77d63 100644 --- a/doc/internal/man3/rsa_get0_all_params.pod +++ b/doc/internal/man3/ossl_rsa_get0_all_params.pod @@ -2,28 +2,28 @@ =head1 NAME -rsa_set0_all_params, rsa_get0_all_params +ossl_rsa_set0_all_params, ossl_rsa_get0_all_params - Internal routines for getting and setting data in an RSA object =head1 SYNOPSIS #include "crypto/rsa.h" - int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs); - int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs); + int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs); + int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs); =head1 DESCRIPTION -rsa_set0_all_params() sets all primes, CRT exponents and CRT coefficients +ossl_rsa_set0_all_params() sets all primes, CRT exponents and CRT coefficients in the B object I to the contents of the stacks of BIGNUMs I, I and I. The B object takes ownership of the BIGNUMs, but not of the stacks. -rsa_get0_all_params() gets all primes, CRT exponents and CRT coefficients +ossl_rsa_get0_all_params() gets all primes, CRT exponents and CRT coefficients in the B object I and pushes them on the stacks of constant BIGNUMs I, I and I. The B object retains ownership of the BIGNUMs, but not of the stacks. @@ -56,8 +56,8 @@ the number of coefficients must be one less than the number of primes. =head1 RETURN VALUES -rsa_get0_all_params() and rsa_set0_all_params() return 1 on success, or -0 on failure. +ossl_rsa_get0_all_params() and ossl_rsa_set0_all_params() return 1 on success, +or 0 on failure. =head1 SEE ALSO diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 9ca1a6062f..ac20b5b512 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -183,8 +183,8 @@ const EVP_PKEY_METHOD *ecx25519_pkey_method(void); const EVP_PKEY_METHOD *ecx448_pkey_method(void); const EVP_PKEY_METHOD *ed25519_pkey_method(void); const EVP_PKEY_METHOD *ed448_pkey_method(void); -const EVP_PKEY_METHOD *rsa_pkey_method(void); -const EVP_PKEY_METHOD *rsa_pss_pkey_method(void); +const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void); +const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void); struct evp_mac_st { OSSL_PROVIDER *prov; diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index e663681e6e..85682aa55d 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -23,72 +23,75 @@ typedef struct rsa_pss_params_30_st { int trailer_field; } RSA_PSS_PARAMS_30; -RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r); -int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, - const RSA_PSS_PARAMS_30 *from); -int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int hashalg_nid); -int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenalg_nid); -int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenhashalg_nid); -int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, - int saltlen); -int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, - int trailerfield); -int rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params); - -const char *rsa_mgf_nid2name(int mgf); -int rsa_oaeppss_md2nid(const EVP_MD *md); -const char *rsa_oaeppss_nid2name(int md); - -RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx); -OPENSSL_CTX *rsa_get0_libctx(RSA *r); - -int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs); -int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs); - -int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); -int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]); -int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, - OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); -int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, - const OSSL_PARAM params[], OPENSSL_CTX *libctx); - -int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to, - size_t tlen, const unsigned char *from, - size_t flen, int client_version, - int alt_version); -int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen, const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md); - -int rsa_validate_public(const RSA *key); -int rsa_validate_private(const RSA *key); -int rsa_validate_pairwise(const RSA *key); +RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r); +int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, + const RSA_PSS_PARAMS_30 *from); +int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int hashalg_nid); +int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenalg_nid); +int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenhashalg_nid); +int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, + int saltlen); +int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, + int trailerfield); +int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params); + +const char *ossl_rsa_mgf_nid2name(int mgf); +int ossl_rsa_oaeppss_md2nid(const EVP_MD *md); +const char *ossl_rsa_oaeppss_nid2name(int md); + +RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx); +OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r); + +int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs); +int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs); + +int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); +int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]); +int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, + OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); +int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, + const OSSL_PARAM params[], + OPENSSL_CTX *libctx); + +int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to, + size_t tlen, + const unsigned char *from, + size_t flen, int client_version, + int alt_version); +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, + unsigned char *to, int tlen, + const unsigned char *from, int flen, + const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md); + +int ossl_rsa_validate_public(const RSA *key); +int ossl_rsa_validate_private(const RSA *key); +int ossl_rsa_validate_pairwise(const RSA *key); int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *rm, size_t *prm_len, const unsigned char *sigbuf, size_t siglen, RSA *rsa); -const unsigned char *rsa_digestinfo_encoding(int md_nid, size_t *len); +const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len); -extern const char *rsa_mp_factor_names[]; -extern const char *rsa_mp_exp_names[]; -extern const char *rsa_mp_coeff_names[]; +extern const char *ossl_rsa_mp_factor_names[]; +extern const char *ossl_rsa_mp_exp_names[]; +extern const char *ossl_rsa_mp_coeff_names[]; # if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]); diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h index 34df111eaf..794f433a05 100644 --- a/include/openssl/rsaerr.h +++ b/include/openssl/rsaerr.h @@ -41,7 +41,6 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_CHECK_KEY_EX 0 # define RSA_F_RSA_CMS_DECRYPT 0 # define RSA_F_RSA_CMS_VERIFY 0 -# define RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES 0 # define RSA_F_RSA_ITEM_VERIFY 0 # define RSA_F_RSA_METH_DUP 0 # define RSA_F_RSA_METH_NEW 0 @@ -85,10 +84,6 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_SETUP_BLINDING 0 # define RSA_F_RSA_SIGN 0 # define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 0 -# define RSA_F_RSA_SP800_56B_CHECK_KEYPAIR 0 -# define RSA_F_RSA_SP800_56B_CHECK_PUBLIC 0 -# define RSA_F_RSA_SP800_56B_PAIRWISE_TEST 0 -# define RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH 0 # define RSA_F_RSA_VERIFY 0 # define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 0 # define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 0 diff --git a/providers/common/der/der_rsa_key.c b/providers/common/der/der_rsa_key.c index 6e8a37699d..a20c334b23 100644 --- a/providers/common/der/der_rsa_key.c +++ b/providers/common/der/der_rsa_key.c @@ -242,8 +242,8 @@ static const unsigned char der_aid_mgf1SHA512_256Identifier[] = { static int DER_w_MaskGenAlgorithm(WPACKET *pkt, int tag, const RSA_PSS_PARAMS_30 *pss) { - if (pss != NULL && rsa_pss_params_30_maskgenalg(pss) == NID_mgf1) { - int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss); + if (pss != NULL && ossl_rsa_pss_params_30_maskgenalg(pss) == NID_mgf1) { + int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); const unsigned char *maskgenalg = NULL; size_t maskgenalg_sz = 0; @@ -292,17 +292,18 @@ int ossl_DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, * intent. Therefore, we assert that here, the PSS parameters must show * that the key is restricted. */ - if (!ossl_assert(pss != NULL && !rsa_pss_params_30_is_unrestricted(pss))) + if (!ossl_assert(pss != NULL + && !ossl_rsa_pss_params_30_is_unrestricted(pss))) return 0; - hashalg_nid = rsa_pss_params_30_hashalg(pss); - saltlen = rsa_pss_params_30_saltlen(pss); - trailerfield = rsa_pss_params_30_trailerfield(pss); + hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss); + saltlen = ossl_rsa_pss_params_30_saltlen(pss); + trailerfield = ossl_rsa_pss_params_30_trailerfield(pss); /* Getting default values */ - default_hashalg_nid = rsa_pss_params_30_hashalg(NULL); - default_saltlen = rsa_pss_params_30_saltlen(NULL); - default_trailerfield = rsa_pss_params_30_trailerfield(NULL); + default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL); + default_saltlen = ossl_rsa_pss_params_30_saltlen(NULL); + default_trailerfield = ossl_rsa_pss_params_30_trailerfield(NULL); /* * From https://tools.ietf.org/html/rfc8017#appendix-A.2.1: @@ -354,7 +355,7 @@ int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa) int rsa_nid = NID_undef; const unsigned char *rsa_oid = NULL; size_t rsa_oid_sz = 0; - RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa); + RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { case RSA_FLAG_TYPE_RSA: @@ -368,7 +369,7 @@ int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa) return ossl_DER_w_begin_sequence(pkt, tag) && (rsa_nid != NID_rsassaPss - || rsa_pss_params_30_is_unrestricted(pss_params) + || ossl_rsa_pss_params_30_is_unrestricted(pss_params) || ossl_DER_w_RSASSA_PSS_params(pkt, -1, pss_params)) && ossl_DER_w_precompiled(pkt, -1, rsa_oid, rsa_oid_sz) && ossl_DER_w_end_sequence(pkt, tag); diff --git a/providers/common/include/prov/securitycheck.h b/providers/common/include/prov/securitycheck.h index 0d3b9e8bac..8ab3370263 100644 --- a/providers/common/include/prov/securitycheck.h +++ b/providers/common/include/prov/securitycheck.h @@ -8,7 +8,7 @@ */ /* Functions that are common */ -int rsa_check_key(const RSA *rsa, int protect); +int ossl_rsa_check_key(const RSA *rsa, int protect); int ec_check_key(const EC_KEY *ec, int protect); int dsa_check_key(const DSA *dsa, int sign); int dh_check_key(const DH *dh); diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c index 9a425fb630..a95fa9dda9 100644 --- a/providers/common/securitycheck.c +++ b/providers/common/securitycheck.c @@ -25,7 +25,7 @@ * Set protect = 1 for encryption or signing operations, or 0 otherwise. See * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf. */ -int rsa_check_key(const RSA *rsa, int protect) +int ossl_rsa_check_key(const RSA *rsa, int protect) { #if !defined(OPENSSL_NO_FIPS_SECURITYCHECKS) if (securitycheck_enabled()) { diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index 0ce2054e7d..6241ce5fcf 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -113,7 +113,7 @@ static int rsa_init(void *vprsactx, void *vrsa, int operation) ERR_raise(ERR_LIB_PROV, PROV_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } - if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCRYPT)) { + if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCRYPT)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } @@ -165,11 +165,12 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, return 0; } ret = - rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, rsasize, - in, inlen, prsactx->oaep_label, - prsactx->oaep_labellen, - prsactx->oaep_md, - prsactx->mgf1_md); + ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, + rsasize, in, inlen, + prsactx->oaep_label, + prsactx->oaep_labellen, + prsactx->oaep_md, + prsactx->mgf1_md); if (!ret) { OPENSSL_free(tbuf); @@ -263,11 +264,9 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, ERR_raise(ERR_LIB_PROV, PROV_R_BAD_TLS_CLIENT_VERSION); return 0; } - ret = rsa_padding_check_PKCS1_type_2_TLS(prsactx->libctx, out, - outsize, - tbuf, len, - prsactx->client_version, - prsactx->alt_version); + ret = ossl_rsa_padding_check_PKCS1_type_2_TLS( + prsactx->libctx, out, outsize, tbuf, len, + prsactx->client_version, prsactx->alt_version); } OPENSSL_free(tbuf); } else { diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index 2a4a31fe5b..c21b74d9d3 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -624,7 +624,7 @@ static int ecx_priv_to_der(const void *vecxkey, unsigned char **pder) static int prepare_rsa_params(const void *rsa, int nid, void **pstr, int *pstrtype) { - const RSA_PSS_PARAMS_30 *pss = rsa_get0_pss_params_30((RSA *)rsa); + const RSA_PSS_PARAMS_30 *pss = ossl_rsa_get0_pss_params_30((RSA *)rsa); *pstr = NULL; @@ -634,7 +634,7 @@ static int prepare_rsa_params(const void *rsa, int nid, *pstrtype = V_ASN1_NULL; return 1; case RSA_FLAG_TYPE_RSASSAPSS: - if (rsa_pss_params_30_is_unrestricted(pss)) { + if (ossl_rsa_pss_params_30_is_unrestricted(pss)) { *pstrtype = V_ASN1_UNDEF; return 1; } else { diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index 638e16ec27..ac6d42970e 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -627,7 +627,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection) STACK_OF(BIGNUM_const) *exps = NULL; STACK_OF(BIGNUM_const) *coeffs = NULL; int primes; - const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30((RSA *)rsa); + const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30((RSA *)rsa); int ret = 0; if (out == NULL || rsa == NULL) { @@ -655,7 +655,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection) } RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); - rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs); + ossl_rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs); primes = sk_BIGNUM_const_num(factors); if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { @@ -714,33 +714,35 @@ static int rsa_to_text(BIO *out, const void *key, int selection) if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) { switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { case RSA_FLAG_TYPE_RSA: - if (!rsa_pss_params_30_is_unrestricted(pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { if (BIO_printf(out, "(INVALID PSS PARAMETERS)\n") <= 0) goto err; } break; case RSA_FLAG_TYPE_RSASSAPSS: - if (rsa_pss_params_30_is_unrestricted(pss_params)) { + if (ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { if (BIO_printf(out, "No PSS parameter restrictions\n") <= 0) goto err; } else { - int hashalg_nid = rsa_pss_params_30_hashalg(pss_params); - int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss_params); + int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss_params); + int maskgenalg_nid = + ossl_rsa_pss_params_30_maskgenalg(pss_params); int maskgenhashalg_nid = - rsa_pss_params_30_maskgenhashalg(pss_params); - int saltlen = rsa_pss_params_30_saltlen(pss_params); - int trailerfield = rsa_pss_params_30_trailerfield(pss_params); + ossl_rsa_pss_params_30_maskgenhashalg(pss_params); + int saltlen = ossl_rsa_pss_params_30_saltlen(pss_params); + int trailerfield = + ossl_rsa_pss_params_30_trailerfield(pss_params); if (BIO_printf(out, "PSS parameter restrictions:\n") <= 0) goto err; if (BIO_printf(out, " Hash Algorithm: %s%s\n", - rsa_oaeppss_nid2name(hashalg_nid), + ossl_rsa_oaeppss_nid2name(hashalg_nid), (hashalg_nid == NID_sha1 ? " (default)" : "")) <= 0) goto err; if (BIO_printf(out, " Mask Algorithm: %s with %s%s\n", - rsa_mgf_nid2name(maskgenalg_nid), - rsa_oaeppss_nid2name(maskgenhashalg_nid), + ossl_rsa_mgf_nid2name(maskgenalg_nid), + ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid), (maskgenalg_nid == NID_mgf1 && maskgenhashalg_nid == NID_sha1 ? " (default)" : "")) <= 0) diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c index 39ee9f4bac..cb02854100 100644 --- a/providers/implementations/kem/rsa_kem.c +++ b/providers/implementations/kem/rsa_kem.c @@ -126,7 +126,7 @@ static int rsakem_init(void *vprsactx, void *vrsa, int operation) RSA_free(prsactx->rsa); prsactx->rsa = vrsa; - if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCAPSULATE)) { + if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCAPSULATE)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } @@ -205,7 +205,7 @@ static int rsasve_gen_rand_bytes(RSA *rsa_pub, BN_CTX *bnctx; BIGNUM *z, *nminus3; - bnctx = BN_CTX_secure_new_ex(rsa_get0_libctx(rsa_pub)); + bnctx = BN_CTX_secure_new_ex(ossl_rsa_get0_libctx(rsa_pub)); if (bnctx == NULL) return 0; diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index 98c369d97f..4156fbd5b0 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -60,12 +60,12 @@ static int pss_params_fromdata(RSA_PSS_PARAMS_30 *pss_params, const OSSL_PARAM params[], int rsa_type, OPENSSL_CTX *libctx) { - if (!rsa_pss_params_30_fromdata(pss_params, params, libctx)) + if (!ossl_rsa_pss_params_30_fromdata(pss_params, params, libctx)) return 0; /* If not a PSS type RSA, sending us PSS parameters is wrong */ if (rsa_type != RSA_FLAG_TYPE_RSASSAPSS - && !rsa_pss_params_30_is_unrestricted(pss_params)) + && !ossl_rsa_pss_params_30_is_unrestricted(pss_params)) return 0; return 1; @@ -79,7 +79,7 @@ static void *rsa_newdata(void *provctx) if (!ossl_prov_is_running()) return NULL; - rsa = rsa_new_with_ctx(libctx); + rsa = ossl_rsa_new_with_ctx(libctx); if (rsa != NULL) { RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, RSA_FLAG_TYPE_RSA); @@ -95,7 +95,7 @@ static void *rsapss_newdata(void *provctx) if (!ossl_prov_is_running()) return NULL; - rsa = rsa_new_with_ctx(libctx); + rsa = ossl_rsa_new_with_ctx(libctx); if (rsa != NULL) { RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, RSA_FLAG_TYPE_RSASSAPSS); @@ -165,10 +165,10 @@ static int rsa_import(void *keydata, int selection, const OSSL_PARAM params[]) /* TODO(3.0) OAEP should bring on parameters as well */ if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) - ok = ok && pss_params_fromdata(rsa_get0_pss_params_30(rsa), params, - rsa_type, rsa_get0_libctx(rsa)); + ok = ok && pss_params_fromdata(ossl_rsa_get0_pss_params_30(rsa), params, + rsa_type, ossl_rsa_get0_libctx(rsa)); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && rsa_fromdata(rsa, params); + ok = ok && ossl_rsa_fromdata(rsa, params); return ok; } @@ -177,7 +177,7 @@ static int rsa_export(void *keydata, int selection, OSSL_CALLBACK *param_callback, void *cbarg) { RSA *rsa = keydata; - const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa); + const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ok = 1; @@ -192,10 +192,10 @@ static int rsa_export(void *keydata, int selection, return 0; if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) - ok = ok && (rsa_pss_params_30_is_unrestricted(pss_params) - || rsa_pss_params_30_todata(pss_params, tmpl, NULL)); + ok = ok && (ossl_rsa_pss_params_30_is_unrestricted(pss_params) + || ossl_rsa_pss_params_30_todata(pss_params, tmpl, NULL)); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && rsa_todata(rsa, tmpl, NULL); + ok = ok && ossl_rsa_todata(rsa, tmpl, NULL); if (!ok || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) @@ -297,7 +297,7 @@ static const OSSL_PARAM *rsa_export_types(int selection) static int rsa_get_params(void *key, OSSL_PARAM params[]) { RSA *rsa = key; - const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa); + const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); int rsa_type = RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK); OSSL_PARAM *p; @@ -330,17 +330,17 @@ static int rsa_get_params(void *key, OSSL_PARAM params[]) && rsa_type == RSA_FLAG_TYPE_RSASSAPSS) { const char *mdname = RSA_PSS_DEFAULT_MD; - if (!rsa_pss_params_30_is_unrestricted(pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { mdname = - rsa_oaeppss_nid2name(rsa_pss_params_30_hashalg(pss_params)); + ossl_rsa_oaeppss_nid2name(ossl_rsa_pss_params_30_hashalg(pss_params)); if (mdname == NULL || !OSSL_PARAM_set_utf8_string(p, mdname)) return 0; } } return (rsa_type != RSA_FLAG_TYPE_RSASSAPSS - || rsa_pss_params_30_todata(pss_params, NULL, params)) - && rsa_todata(rsa, NULL, params); + || ossl_rsa_pss_params_30_todata(pss_params, NULL, params)) + && ossl_rsa_todata(rsa, NULL, params); } static const OSSL_PARAM rsa_params[] = { @@ -371,12 +371,12 @@ static int rsa_validate(void *keydata, int selection) /* If the whole key is selected, we do a pairwise validation */ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == OSSL_KEYMGMT_SELECT_KEYPAIR) { - ok = ok && rsa_validate_pairwise(rsa); + ok = ok && ossl_rsa_validate_pairwise(rsa); } else { if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) - ok = ok && rsa_validate_private(rsa); + ok = ok && ossl_rsa_validate_private(rsa); if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) - ok = ok && rsa_validate_public(rsa); + ok = ok && ossl_rsa_validate_public(rsa); } return ok; } @@ -489,7 +489,7 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0) /* - * The following must be kept in sync with rsa_pss_params_30_fromdata() + * The following must be kept in sync with ossl_rsa_pss_params_30_fromdata() * in crypto/rsa/rsa_backend.c */ #define rsa_gen_pss \ @@ -532,7 +532,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) switch (gctx->rsa_type) { case RSA_FLAG_TYPE_RSA: /* For plain RSA keys, PSS parameters must not be set */ - if (!rsa_pss_params_30_is_unrestricted(&gctx->pss_params)) + if (!ossl_rsa_pss_params_30_is_unrestricted(&gctx->pss_params)) goto err; break; case RSA_FLAG_TYPE_RSASSAPSS: @@ -546,7 +546,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) return NULL; } - if ((rsa_tmp = rsa_new_with_ctx(gctx->libctx)) == NULL) + if ((rsa_tmp = ossl_rsa_new_with_ctx(gctx->libctx)) == NULL) return NULL; gctx->cb = osslcb; @@ -567,8 +567,8 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) gctx->pub_exp, gencb)) goto err; - if (!rsa_pss_params_30_copy(rsa_get0_pss_params_30(rsa_tmp), - &gctx->pss_params)) + if (!ossl_rsa_pss_params_30_copy(ossl_rsa_get0_pss_params_30(rsa_tmp), + &gctx->pss_params)) goto err; RSA_clear_flags(rsa_tmp, RSA_FLAG_TYPE_MASK); diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index dbebf7d7b1..efcb76661e 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -288,7 +288,7 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, int operation) prsactx->rsa = vrsa; prsactx->operation = operation; - if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_SIGN)) { + if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_SIGN)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } @@ -306,17 +306,17 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, int operation) { const RSA_PSS_PARAMS_30 *pss = - rsa_get0_pss_params_30(prsactx->rsa); + ossl_rsa_get0_pss_params_30(prsactx->rsa); - if (!rsa_pss_params_30_is_unrestricted(pss)) { - int md_nid = rsa_pss_params_30_hashalg(pss); - int mgf1md_nid = rsa_pss_params_30_maskgenhashalg(pss); - int min_saltlen = rsa_pss_params_30_saltlen(pss); + if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) { + int md_nid = ossl_rsa_pss_params_30_hashalg(pss); + int mgf1md_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); + int min_saltlen = ossl_rsa_pss_params_30_saltlen(pss); const char *mdname, *mgf1mdname; size_t len; - mdname = rsa_oaeppss_nid2name(md_nid); - mgf1mdname = rsa_oaeppss_nid2name(mgf1md_nid); + mdname = ossl_rsa_oaeppss_nid2name(md_nid); + mgf1mdname = ossl_rsa_oaeppss_nid2name(mgf1md_nid); prsactx->min_saltlen = min_saltlen; if (mdname == NULL) { diff --git a/test/rsa_mp_test.c b/test/rsa_mp_test.c index 4e82780b8e..0f3db5d4da 100644 --- a/test/rsa_mp_test.c +++ b/test/rsa_mp_test.c @@ -231,7 +231,7 @@ static int key2048p3_v2(RSA *key) || !TEST_int_ne(sk_BIGNUM_push(coeffs, num), 0)) goto err; - if (!TEST_true(rsa_set0_all_params(key, primes, exps, coeffs))) + if (!TEST_true(ossl_rsa_set0_all_params(key, primes, exps, coeffs))) goto err; ret: diff --git a/test/rsa_sp800_56b_test.c b/test/rsa_sp800_56b_test.c index edcf4478fa..72451b37ca 100644 --- a/test/rsa_sp800_56b_test.c +++ b/test/rsa_sp800_56b_test.c @@ -113,19 +113,19 @@ static int test_check_public_exponent(void) ret = TEST_ptr(e = BN_new()) /* e is too small */ && TEST_true(BN_set_word(e, 65535)) - && TEST_false(rsa_check_public_exponent(e)) + && TEST_false(ossl_rsa_check_public_exponent(e)) /* e is even will fail */ && TEST_true(BN_set_word(e, 65536)) - && TEST_false(rsa_check_public_exponent(e)) + && TEST_false(ossl_rsa_check_public_exponent(e)) /* e is ok */ && TEST_true(BN_set_word(e, 65537)) - && TEST_true(rsa_check_public_exponent(e)) + && TEST_true(ossl_rsa_check_public_exponent(e)) /* e = 2^256 is too big */ && TEST_true(BN_lshift(e, BN_value_one(), 256)) - && TEST_false(rsa_check_public_exponent(e)) + && TEST_false(ossl_rsa_check_public_exponent(e)) /* e = 2^256-1 is odd and in range */ && TEST_true(BN_sub(e, e, BN_value_one())) - && TEST_true(rsa_check_public_exponent(e)); + && TEST_true(ossl_rsa_check_public_exponent(e)); BN_free(e); return ret; } @@ -153,19 +153,19 @@ static int test_check_prime_factor_range(void) && TEST_ptr(bn_p4 = bn_load_new(p4, sizeof(p4))) && TEST_ptr(ctx = BN_CTX_new()) && TEST_true(BN_set_word(p, 0xA)) - && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0x10)) - && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0xB)) - && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0xC)) - && TEST_true(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_true(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0xF)) - && TEST_true(rsa_check_prime_factor_range(p, 8, ctx)) - && TEST_false(rsa_check_prime_factor_range(bn_p1, 72, ctx)) - && TEST_false(rsa_check_prime_factor_range(bn_p2, 72, ctx)) - && TEST_true(rsa_check_prime_factor_range(bn_p3, 72, ctx)) - && TEST_true(rsa_check_prime_factor_range(bn_p4, 72, ctx)); + && TEST_true(ossl_rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(bn_p1, 72, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(bn_p2, 72, ctx)) + && TEST_true(ossl_rsa_check_prime_factor_range(bn_p3, 72, ctx)) + && TEST_true(ossl_rsa_check_prime_factor_range(bn_p4, 72, ctx)); BN_free(bn_p4); BN_free(bn_p3); @@ -196,15 +196,15 @@ static int test_check_prime_factor(void) && TEST_ptr(ctx = BN_CTX_new()) /* Fails the prime test */ && TEST_true(BN_set_word(e, 0x1)) - && TEST_false(rsa_check_prime_factor(bn_p1, e, 72, ctx)) + && TEST_false(ossl_rsa_check_prime_factor(bn_p1, e, 72, ctx)) /* p is prime and in range and gcd(p-1, e) = 1 */ - && TEST_true(rsa_check_prime_factor(bn_p2, e, 72, ctx)) + && TEST_true(ossl_rsa_check_prime_factor(bn_p2, e, 72, ctx)) /* gcd(p-1,e) = 1 test fails */ && TEST_true(BN_set_word(e, 0x2)) - && TEST_false(rsa_check_prime_factor(p, e, 72, ctx)) + && TEST_false(ossl_rsa_check_prime_factor(p, e, 72, ctx)) /* p fails the range check */ && TEST_true(BN_set_word(e, 0x1)) - && TEST_false(rsa_check_prime_factor(bn_p3, e, 72, ctx)); + && TEST_false(ossl_rsa_check_prime_factor(bn_p3, e, 72, ctx)); BN_free(bn_p3); BN_free(bn_p2); @@ -250,18 +250,18 @@ static int test_check_private_exponent(void) goto end; } /* fails since d >= lcm(p-1, q-1) */ - ret = TEST_false(rsa_check_private_exponent(key, 8, ctx)) + ret = TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx)) && TEST_true(BN_set_word(d, 45)) /* d is correct size and 1 = e.d mod lcm(p-1, q-1) */ - && TEST_true(rsa_check_private_exponent(key, 8, ctx)) + && TEST_true(ossl_rsa_check_private_exponent(key, 8, ctx)) /* d is too small compared to nbits */ - && TEST_false(rsa_check_private_exponent(key, 16, ctx)) + && TEST_false(ossl_rsa_check_private_exponent(key, 16, ctx)) /* d is too small compared to nbits */ && TEST_true(BN_set_word(d, 16)) - && TEST_false(rsa_check_private_exponent(key, 8, ctx)) + && TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx)) /* fail if 1 != e.d mod lcm(p-1, q-1) */ && TEST_true(BN_set_word(d, 46)) - && TEST_false(rsa_check_private_exponent(key, 8, ctx)); + && TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx)); end: RSA_free(key); BN_CTX_free(ctx); @@ -297,44 +297,44 @@ static int test_check_crt_components(void) BN_free(q); goto end; } - ret = TEST_true(rsa_sp800_56b_derive_params_from_pq(key, 8, e, ctx)) + ret = TEST_true(ossl_rsa_sp800_56b_derive_params_from_pq(key, 8, e, ctx)) && TEST_BN_eq_word(key->n, N) && TEST_BN_eq_word(key->dmp1, DP) && TEST_BN_eq_word(key->dmq1, DQ) && TEST_BN_eq_word(key->iqmp, QINV) - && TEST_true(rsa_check_crt_components(key, ctx)) + && TEST_true(ossl_rsa_check_crt_components(key, ctx)) /* (a) 1 < dP < (p ? 1). */ && TEST_true(BN_set_word(key->dmp1, 1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmp1, P-1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmp1, DP)) /* (b) 1 < dQ < (q - 1). */ && TEST_true(BN_set_word(key->dmq1, 1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmq1, Q-1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmq1, DQ)) /* (c) 1 < qInv < p */ && TEST_true(BN_set_word(key->iqmp, 1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->iqmp, P)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->iqmp, QINV)) /* (d) 1 = (dP . e) mod (p - 1)*/ && TEST_true(BN_set_word(key->dmp1, DP+1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmp1, DP)) /* (e) 1 = (dQ . e) mod (q - 1) */ && TEST_true(BN_set_word(key->dmq1, DQ-1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmq1, DQ)) /* (f) 1 = (qInv . q) mod p */ && TEST_true(BN_set_word(key->iqmp, QINV+1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->iqmp, QINV)) /* check defaults are still valid */ - && TEST_true(rsa_check_crt_components(key, ctx)); + && TEST_true(ossl_rsa_check_crt_components(key, ctx)); end: BN_free(e); RSA_free(key); @@ -353,13 +353,13 @@ static int test_pq_diff(void) /* |1-(2+1)| > 2^1 */ && TEST_true(BN_set_word(p, 1)) && TEST_true(BN_set_word(q, 1+2)) - && TEST_false(rsa_check_pminusq_diff(tmp, p, q, 202)) + && TEST_false(ossl_rsa_check_pminusq_diff(tmp, p, q, 202)) /* Check |p - q| > 2^(nbits/2 - 100) */ && TEST_true(BN_set_word(q, 1+3)) - && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202)) + && TEST_true(ossl_rsa_check_pminusq_diff(tmp, p, q, 202)) && TEST_true(BN_set_word(p, 1+3)) && TEST_true(BN_set_word(q, 1)) - && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202)); + && TEST_true(ossl_rsa_check_pminusq_diff(tmp, p, q, 202)); BN_free(p); BN_free(q); BN_free(tmp); @@ -376,7 +376,7 @@ static int test_invalid_keypair(void) ret = TEST_ptr(key = RSA_new()) && TEST_ptr(ctx = BN_CTX_new()) /* NULL parameters */ - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) /* load key */ && TEST_ptr(p = bn_load_new(cav_p, sizeof(cav_p))) && TEST_ptr(q = bn_load_new(cav_q, sizeof(cav_q))) @@ -398,36 +398,35 @@ static int test_invalid_keypair(void) goto end; } /* bad strength/key size */ - ret = TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 100, 2048)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 112, 1024)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 128, 2048)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 140, 3072)) + ret = TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 100, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 112, 1024)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 128, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 140, 3072)) /* mismatching exponent */ - && TEST_false(rsa_sp800_56b_check_keypair(key, BN_value_one(), -1, - 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, BN_value_one(), + -1, 2048)) /* bad exponent */ && TEST_true(BN_add_word(e, 1)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, - 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_sub_word(e, 1)) /* mismatch between bits and modulus */ - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 3072)) - && TEST_true(rsa_sp800_56b_check_keypair(key, e, 112, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 3072)) + && TEST_true(ossl_rsa_sp800_56b_check_keypair(key, e, 112, 2048)) /* check n == pq failure */ && TEST_true(BN_add_word(n, 1)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_sub_word(n, 1)) /* check p */ && TEST_true(BN_sub_word(p, 2)) && TEST_true(BN_mul(n, p, q, ctx)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_add_word(p, 2)) && TEST_true(BN_mul(n, p, q, ctx)) /* check q */ && TEST_true(BN_sub_word(q, 2)) && TEST_true(BN_mul(n, p, q, ctx)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_add_word(q, 2)) && TEST_true(BN_mul(n, p, q, ctx)); end: @@ -448,10 +447,10 @@ static int test_sp80056b_keygen(int id) int sz = keygen_size[id]; ret = TEST_ptr(key = RSA_new()) - && TEST_true(rsa_sp800_56b_generate_key(key, sz, NULL, NULL)) - && TEST_true(rsa_sp800_56b_check_public(key)) - && TEST_true(rsa_sp800_56b_check_private(key)) - && TEST_true(rsa_sp800_56b_check_keypair(key, NULL, -1, sz)); + && TEST_true(ossl_rsa_sp800_56b_generate_key(key, sz, NULL, NULL)) + && TEST_true(ossl_rsa_sp800_56b_check_public(key)) + && TEST_true(ossl_rsa_sp800_56b_check_private(key)) + && TEST_true(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, sz)); RSA_free(key); return ret; @@ -465,7 +464,7 @@ static int test_check_private_key(void) ret = TEST_ptr(key = RSA_new()) /* check NULL pointers fail */ - && TEST_false(rsa_sp800_56b_check_private(key)) + && TEST_false(ossl_rsa_sp800_56b_check_private(key)) /* load private key */ && TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n))) && TEST_ptr(d = bn_load_new(cav_d, sizeof(cav_d))) @@ -478,13 +477,13 @@ static int test_check_private_key(void) goto end; } /* check d is in range */ - ret = TEST_true(rsa_sp800_56b_check_private(key)) + ret = TEST_true(ossl_rsa_sp800_56b_check_private(key)) /* check d is too low */ && TEST_true(BN_set_word(d, 0)) - && TEST_false(rsa_sp800_56b_check_private(key)) + && TEST_false(ossl_rsa_sp800_56b_check_private(key)) /* check d is too high */ && TEST_ptr(BN_copy(d, n)) - && TEST_false(rsa_sp800_56b_check_private(key)); + && TEST_false(ossl_rsa_sp800_56b_check_private(key)); end: RSA_free(key); return ret; @@ -498,7 +497,7 @@ static int test_check_public_key(void) ret = TEST_ptr(key = RSA_new()) /* check NULL pointers fail */ - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) /* load public key */ && TEST_ptr(e = bn_load_new(cav_e, sizeof(cav_e))) && TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n))) @@ -509,22 +508,22 @@ static int test_check_public_key(void) goto end; } /* check public key is valid */ - ret = TEST_true(rsa_sp800_56b_check_public(key)) + ret = TEST_true(ossl_rsa_sp800_56b_check_public(key)) /* check fail if n is even */ && TEST_true(BN_add_word(n, 1)) - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) && TEST_true(BN_sub_word(n, 1)) /* check fail if n is wrong number of bits */ && TEST_true(BN_lshift1(n, n)) - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) && TEST_true(BN_rshift1(n, n)) /* test odd exponent fails */ && TEST_true(BN_add_word(e, 1)) - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) && TEST_true(BN_sub_word(e, 1)) /* modulus fails composite check */ && TEST_true(BN_add_word(n, 2)) - && TEST_false(rsa_sp800_56b_check_public(key)); + && TEST_false(ossl_rsa_sp800_56b_check_public(key)); end: RSA_free(key); return ret; From no-reply at appveyor.com Tue Oct 6 23:10:06 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 06 Oct 2020 23:10:06 +0000 Subject: Build completed: openssl master.37374 Message-ID: <20201006231006.1.66AA337AE3856698@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 6 23:46:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 06 Oct 2020 23:46:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1602028005.198518.16442.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80475076D77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80E7512EDF7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80E7512EDF7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1294 wallclock secs (12.22 usr 1.33 sys + 1132.18 cusr 144.99 csys = 1290.72 CPU) Result: FAIL Makefile:2542: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2540: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Wed Oct 7 00:20:26 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 07 Oct 2020 00:20:26 +0000 Subject: Still Failing: openssl/openssl#37911 (master - a21db56) In-Reply-To: Message-ID: <5f7d09c9e9d6d_13ff28e6b3120655975@travis-pro-tasks-dc6f6d5bf-fc2x8.mail> Build Update for openssl/openssl ------------------------------------- Build: #37911 Status: Still Failing Duration: 1 hr, 21 mins, and 55 secs Commit: a21db56 (master) Author: Benny Baumann Message: Avoid memory leak of parent on allocation failure for child structure Reviewed-by: Ben Kaduk Reviewed-by: Dmitry Belyavskiy Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13055) View the changeset: https://github.com/openssl/openssl/compare/c5fc6754b7ab...a21db568bf3d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188478615?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 7 01:28:09 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 01:28:09 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1602034089.807473.23282.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 677 wallclock secs (13.81 usr 1.31 sys + 613.59 cusr 55.23 csys = 683.94 CPU) Result: FAIL Makefile:3191: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3189: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 7 02:30:40 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 07 Oct 2020 02:30:40 +0000 Subject: Build failed: openssl master.37378 Message-ID: <20201007023040.1.3721F7CBDB76115C@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Wed Oct 7 02:38:32 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 07 Oct 2020 02:38:32 +0000 Subject: Still Failing: openssl/openssl#37914 (master - 23b2fc0) In-Reply-To: Message-ID: <5f7d2a282f681_13fc350a100381338aa@travis-pro-tasks-76b95b7f8f-rwj72.mail> Build Update for openssl/openssl ------------------------------------- Build: #37914 Status: Still Failing Duration: 1 hr, 28 mins, and 14 secs Commit: 23b2fc0 (master) Author: Pauli Message: rsa: add ossl_ prefix to internal rsa_ calls. The functions being: rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff, rsa_check_prime_factor, rsa_check_prime_factor_range, rsa_check_private_exponent, rsa_check_public_exponent, rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata, rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30, rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names, rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid, rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx, rsa_padding_add_PKCS1_type_2_with_libctx, rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS, rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata, rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted, rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg, rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults, rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg, rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen, rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata, rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params, rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private, rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq, rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test, rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise, rsa_validate_private and rsa_validate_public. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13040) View the changeset: https://github.com/openssl/openssl/compare/a21db568bf3d...23b2fc0b501d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188479318?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 7 03:50:16 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 03:50:16 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1602042616.785080.16895.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" chmod a+x apps/tsget.pl rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-eddsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-eddsa.o -c -o providers/implementations/signature/libimplementations-lib-eddsa.o ../openssl/providers/implementations/signature/eddsa.c Makefile:21531: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3109: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Wed Oct 7 03:57:53 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 07 Oct 2020 03:57:53 +0000 Subject: Build completed: openssl master.37379 Message-ID: <20201007035753.1.91232CB42A55630A@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Wed Oct 7 04:13:16 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Wed, 07 Oct 2020 04:13:16 +0000 Subject: [openssl] master update Message-ID: <1602043996.905446.20678.nullmailer@dev.openssl.org> The branch master has been updated via 1b4417abb89978af5b57c0ff68b02e439cd17a9a (commit) from 23b2fc0b501d6635dd821014aec8ff16689cbb6a (commit) - Log ----------------------------------------------------------------- commit 1b4417abb89978af5b57c0ff68b02e439cd17a9a Author: Pauli Date: Wed Sep 30 20:17:55 2020 +1000 apps: remove internal/cryptlib.h include that isn't used [extended tests] Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13047) ----------------------------------------------------------------------- Summary of changes: apps/openssl.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/apps/openssl.c b/apps/openssl.c index b426f594b3..c0cad3a54f 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -7,7 +7,6 @@ * https://www.openssl.org/source/license.html */ -#include #include #include #include @@ -110,8 +109,10 @@ static size_t internal_trace_cb(const char *buf, size_t cnt, switch (cmd) { case OSSL_TRACE_CTRL_BEGIN: - if (!ossl_assert(!trace_data->ingroup)) + if (trace_data->ingroup) { + BIO_printf(bio_err, "ERROR: tracing already started\n"); return 0; + } trace_data->ingroup = 1; tid = CRYPTO_THREAD_get_current_id(); @@ -123,14 +124,18 @@ static size_t internal_trace_cb(const char *buf, size_t cnt, BIO_set_prefix(trace_data->bio, buffer); break; case OSSL_TRACE_CTRL_WRITE: - if (!ossl_assert(trace_data->ingroup)) + if (!trace_data->ingroup) { + BIO_printf(bio_err, "ERROR: writing when tracing not started\n"); return 0; + } ret = BIO_write(trace_data->bio, buf, cnt); break; case OSSL_TRACE_CTRL_END: - if (!ossl_assert(trace_data->ingroup)) + if (!trace_data->ingroup) { + BIO_printf(bio_err, "ERROR: finishing when tracing not started\n"); return 0; + } trace_data->ingroup = 0; BIO_set_prefix(trace_data->bio, NULL); From openssl at openssl.org Wed Oct 7 05:53:56 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 05:53:56 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1602050036.256870.32172.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0504DF8487F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0A09E8AF07F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0A09E8AF07F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C070FAC1327F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C070FAC1327F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2819:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 654 wallclock secs (13.49 usr 1.15 sys + 596.85 cusr 55.22 csys = 666.71 CPU) Result: FAIL Makefile:3116: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3114: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Wed Oct 7 06:13:09 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 07 Oct 2020 06:13:09 +0000 Subject: Still Failing: openssl/openssl#37918 (master - 1b4417a) In-Reply-To: Message-ID: <5f7d5c74db587_13fb92e3bc9d825027c@travis-pro-tasks-7759796b8-n4nzs.mail> Build Update for openssl/openssl ------------------------------------- Build: #37918 Status: Still Failing Duration: 1 hr, 18 mins, and 20 secs Commit: 1b4417a (master) Author: Pauli Message: apps: remove internal/cryptlib.h include that isn't used [extended tests] Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13047) View the changeset: https://github.com/openssl/openssl/compare/23b2fc0b501d...1b4417abb899 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188506211?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 7 06:16:51 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 06:16:51 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1602051411.791347.22014.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 710 wallclock secs (14.61 usr 1.46 sys + 638.58 cusr 61.05 csys = 715.70 CPU) Result: FAIL Makefile:3186: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3184: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 7 06:38:53 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 06:38:53 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1602052733.615837.9553.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. skipped: dh is not supported by this OpenSSL build 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 25-test_x509.t (Wstat: 256 Tests: 15 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=212, Tests=3574, 673 wallclock secs (14.79 usr 1.32 sys + 598.86 cusr 61.08 csys = 676.05 CPU) Result: FAIL Makefile:3149: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dh' Makefile:3147: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 7 08:39:54 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 07 Oct 2020 08:39:54 +0000 Subject: Build failed: openssl master.37382 Message-ID: <20201007083954.1.714E7C341DDE7096@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 7 09:45:40 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 07 Oct 2020 09:45:40 +0000 Subject: Build failed: openssl master.37383 Message-ID: <20201007094540.1.4A12C3D1213F3D99@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 7 10:02:40 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 10:02:40 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1602064960.399506.11521.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 616 wallclock secs (10.20 usr 1.18 sys + 566.44 cusr 51.56 csys = 629.38 CPU) Result: FAIL Makefile:3101: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3099: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 7 10:54:49 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 10:54:49 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1602068089.833201.8052.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 672 wallclock secs (13.54 usr 1.07 sys + 613.97 cusr 56.06 csys = 684.64 CPU) Result: FAIL Makefile:3175: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3173: recipe for target 'tests' failed make: *** [tests] Error 2 From dev at ddvo.net Wed Oct 7 13:51:28 2020 From: dev at ddvo.net (dev at ddvo.net) Date: Wed, 07 Oct 2020 13:51:28 +0000 Subject: [openssl] master update Message-ID: <1602078688.254485.11493.nullmailer@dev.openssl.org> The branch master has been updated via bdde5b46c74852e38e660a16f64d7d8ba1c7c2e2 (commit) from 1b4417abb89978af5b57c0ff68b02e439cd17a9a (commit) - Log ----------------------------------------------------------------- commit bdde5b46c74852e38e660a16f64d7d8ba1c7c2e2 Author: Dr. David von Oheimb Date: Mon Oct 5 22:56:54 2020 +0200 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13077) ----------------------------------------------------------------------- Summary of changes: include/openssl/ocsp.h.in | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/openssl/ocsp.h.in b/include/openssl/ocsp.h.in index bf1e5a37fd..1a2fb93c4f 100644 --- a/include/openssl/ocsp.h.in +++ b/include/openssl/ocsp.h.in @@ -261,7 +261,8 @@ int OCSP_check_validity(ASN1_GENERALIZEDTIME *thisupd, int OCSP_request_verify(OCSP_REQUEST *req, STACK_OF(X509) *certs, X509_STORE *store, unsigned long flags); -# define OCSP_parse_url OSSL_HTTP_parse_url /* for backward compatibility */ +# define OCSP_parse_url(url, host, port, path, ssl) \ + OSSL_HTTP_parse_url(url, host, port, NULL, path, ssl) /* backward compat */ int OCSP_id_issuer_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b); int OCSP_id_cmp(const OCSP_CERTID *a, const OCSP_CERTID *b); From builds at travis-ci.com Wed Oct 7 15:15:23 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 07 Oct 2020 15:15:23 +0000 Subject: Still Failing: openssl/openssl#37925 (master - bdde5b4) In-Reply-To: Message-ID: <5f7ddb8abae63_13fd1905db050476632@travis-pro-tasks-676b88f4f4-hfhhm.mail> Build Update for openssl/openssl ------------------------------------- Build: #37925 Status: Still Failing Duration: 1 hr, 22 mins, and 20 secs Commit: bdde5b4 (master) Author: Dr. David von Oheimb Message: ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13077) View the changeset: https://github.com/openssl/openssl/compare/1b4417abb899...bdde5b46c748 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188601248?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 7 17:27:30 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 07 Oct 2020 17:27:30 +0000 Subject: Build failed: openssl master.37389 Message-ID: <20201007172730.1.986DECE834790031@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 7 18:01:59 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 18:01:59 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1602093719.361744.8691.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 716 wallclock secs (14.02 usr 1.37 sys + 613.70 cusr 57.80 csys = 686.89 CPU) Result: FAIL Makefile:3169: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3167: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 7 18:47:13 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 07 Oct 2020 18:47:13 +0000 Subject: Build failed: openssl master.37390 Message-ID: <20201007184713.1.99FE72893CA28E0F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 7 19:57:28 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 07 Oct 2020 19:57:28 +0000 Subject: Build completed: openssl master.37391 Message-ID: <20201007195728.1.A8FA361C955C3D04@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 7 20:05:49 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 07 Oct 2020 20:05:49 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1602101149.757495.3167.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2666:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 457 wallclock secs ( 8.34 usr 0.91 sys + 411.16 cusr 41.30 csys = 461.71 CPU) Result: FAIL Makefile:2397: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2395: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 8 01:29:58 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 01:29:58 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1602120598.290873.23987.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4280: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3150: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Thu Oct 8 02:09:51 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 02:09:51 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1602122991.691364.31920.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C0F0CD44797F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 667 wallclock secs (13.10 usr 1.26 sys + 603.89 cusr 57.21 csys = 675.46 CPU) Result: FAIL Makefile:3159: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3157: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 8 05:58:28 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 05:58:28 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1602136708.489876.30675.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c ../openssl/apps/lib/engine.c:46:13: error: implicitly declaring library function 'strcmp' with type 'int (const char *, const char *)' [-Werror,-Wimplicit-function-declaration] if (strcmp(id, "auto") == 0) { ^ ../openssl/apps/lib/engine.c:46:13: note: include the header or explicitly provide a declaration for 'strcmp' 1 error generated. clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c Makefile:4253: recipe for target 'apps/lib/libapps-lib-engine.o' failed make[1]: *** [apps/lib/libapps-lib-engine.o] Error 1 make[1]: *** Waiting for unfinished jobs.... ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4269: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3139: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From levitte at openssl.org Thu Oct 8 07:16:54 2020 From: levitte at openssl.org (Richard Levitte) Date: Thu, 08 Oct 2020 07:16:54 +0000 Subject: [openssl] master update Message-ID: <1602141414.333498.27666.nullmailer@dev.openssl.org> The branch master has been updated via 5884b05109d124f4c69df3be112c177ac4959684 (commit) from bdde5b46c74852e38e660a16f64d7d8ba1c7c2e2 (commit) - Log ----------------------------------------------------------------- commit 5884b05109d124f4c69df3be112c177ac4959684 Author: Daniel Bevenius Date: Mon Oct 5 15:08:15 2020 +0200 ERR: fix comment typo in err.c Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13076) ----------------------------------------------------------------------- Summary of changes: crypto/err/err.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/err/err.c b/crypto/err/err.c index 9098112d1c..2c8240f0ba 100644 --- a/crypto/err/err.c +++ b/crypto/err/err.c @@ -225,7 +225,7 @@ static void err_patch(int lib, ERR_STRING_DATA *str) } /* - * Hash in |str| error strings. Assumes the URN_ONCE was done. + * Hash in |str| error strings. Assumes the RUN_ONCE was done. */ static int err_load_strings(const ERR_STRING_DATA *str) { From builds at travis-ci.com Thu Oct 8 09:20:14 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 09:20:14 +0000 Subject: Errored: openssl/openssl#37935 (master - 5884b05) In-Reply-To: Message-ID: <5f7ed9cdb8145_13fcd8f5d5538399221@travis-pro-tasks-67bb4cd748-kvk6x.mail> Build Update for openssl/openssl ------------------------------------- Build: #37935 Status: Errored Duration: 1 hr, 21 mins, and 8 secs Commit: 5884b05 (master) Author: Daniel Bevenius Message: ERR: fix comment typo in err.c Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13076) View the changeset: https://github.com/openssl/openssl/compare/bdde5b46c748...5884b05109d1 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188748409?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Thu Oct 8 09:31:12 2020 From: levitte at openssl.org (Richard Levitte) Date: Thu, 08 Oct 2020 09:31:12 +0000 Subject: [openssl] master update Message-ID: <1602149472.211326.13753.nullmailer@dev.openssl.org> The branch master has been updated via b19b983017f3865b1b3411a4e635a670d5798774 (commit) via d3ed80802d129fea8be0c128e64d7d253d4586d3 (commit) via 8cab385ec522aa9a78e8f507becc90ec3a6c8fdb (commit) via 403a5edcde4f2cd76f04b519224b13228ee1b0ff (commit) via a1bfcb15d97b9cbb761dd7b4b2173d5b2b4dd2e5 (commit) from 5884b05109d124f4c69df3be112c177ac4959684 (commit) - Log ----------------------------------------------------------------- commit b19b983017f3865b1b3411a4e635a670d5798774 Author: Richard Levitte Date: Tue Oct 6 18:14:12 2020 +0200 Document install_fips in INSTALL.md Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13032) commit d3ed80802d129fea8be0c128e64d7d253d4586d3 Author: Richard Levitte Date: Tue Sep 29 18:32:34 2020 +0200 providers/build.info: Tag the FIPS module, for the build file The build file templates have code to pick up the 'fips' attribute and thereby find out what module is the FIPS without having to resort to ugly hard coding. Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13032) commit 8cab385ec522aa9a78e8f507becc90ec3a6c8fdb Author: Richard Levitte Date: Tue Sep 29 18:31:58 2020 +0200 descrip.mms.tmpl: Add a target to install the FIPS module config Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13032) commit 403a5edcde4f2cd76f04b519224b13228ee1b0ff Author: Richard Levitte Date: Tue Sep 29 18:31:44 2020 +0200 windows-makefile.tmpl: Add a target to install the FIPS module config Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13032) commit a1bfcb15d97b9cbb761dd7b4b2173d5b2b4dd2e5 Author: Richard Levitte Date: Tue Sep 29 11:11:38 2020 +0200 unix-Makefile.tmpl: Add a target to install the FIPS module config Fixes #12195 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13032) ----------------------------------------------------------------------- Summary of changes: Configurations/descrip.mms.tmpl | 19 +++++++++++++++++++ Configurations/unix-Makefile.tmpl | 20 ++++++++++++++++++++ Configurations/windows-makefile.tmpl | 19 +++++++++++++++++++ INSTALL.md | 3 +++ providers/build.info | 2 +- 5 files changed, 62 insertions(+), 1 deletion(-) diff --git a/Configurations/descrip.mms.tmpl b/Configurations/descrip.mms.tmpl index b30d08b53a..a2f3293c54 100644 --- a/Configurations/descrip.mms.tmpl +++ b/Configurations/descrip.mms.tmpl @@ -121,6 +121,13 @@ SHLIB_TARGET={- $target{shared_target} -} LIBS={- join(", ", map { "-\n\t".$_.".OLB" } @libs) -} SHLIBS={- join(", ", map { "-\n\t".$_.".EXE" } @shlibs) -} +FIPSMODULENAME={- # We do some extra checking here, as there should be only one + my @fipsmodules = + grep { !$unified_info{attributes}->{modules}->{$_}->{noinst} + && $unified_info{attributes}->{modules}->{$_}->{fips} } + @{$unified_info{modules}}; + die "More that one FIPS module" if scalar @fipsmodules > 1; + join(", ", map { basename platform->dso($_) } @fipsmodules) -} MODULES={- join(", ", map { "-\n\t".$_.".EXE" } @{$unified_info{modules}}) -} PROGRAMS={- join(", ", map { "-\n\t".$_.".EXE" } @{$unified_info{programs}}) -} SCRIPTS={- join(", ", map { "-\n\t".$_ } @{$unified_info{scripts}}) -} @@ -539,6 +546,18 @@ install_docs : install_html_docs uninstall_docs : uninstall_html_docs +install_fips: install_sw + @ WRITE SYS$OUTPUT "*** Installing FIPS module configuration" + @ WRITE SYS$OUTPUT "fipsinstall $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf" + openssl fipsinstall - + -module ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME) - + -out ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME).cnf - + -macopt "key:$(FIPSKEY)" + +uninstall_fips: uninstall_sw + @ WRITE SYS$OUTPUT "*** Uninstalling FIPS module configuration" + DELETE ossl_installroot:[MODULES{- $sover_dirname.$target{pointer_size} -}.'arch']$(FIPSMODULENAME).cnf;* + install_ssldirs : check_INSTALLTOP - CREATE/DIR/PROT=(S:RWED,O:RWE,G:RE,W:RE) OSSL_DATAROOT:[000000] IF F$SEARCH("OSSL_DATAROOT:[000000]CERTS.DIR;1") .EQS. "" THEN - diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl index 36a7ffbf93..4fab096121 100644 --- a/Configurations/unix-Makefile.tmpl +++ b/Configurations/unix-Makefile.tmpl @@ -87,6 +87,14 @@ MODULES={- join(" \\\n" . ' ' x 8, fill_lines(" ", $COLUMNS - 8, map { platform->dso($_) } @{$unified_info{modules}})) -} +FIPSMODULENAME={- # We do some extra checking here, as there should be only one + my @fipsmodules = + grep { !$unified_info{attributes}->{modules}->{$_}->{noinst} + && $unified_info{attributes}->{modules}->{$_}->{fips} } + @{$unified_info{modules}}; + die "More that one FIPS module" if scalar @fipsmodules > 1; + join(" ", map { basename platform->dso($_) } @fipsmodules) -} + PROGRAMS={- join(" \\\n" . ' ' x 9, fill_lines(" ", $COLUMNS - 9, map { platform->bin($_) } @@ -551,6 +559,18 @@ install_docs: install_man_docs install_html_docs uninstall_docs: uninstall_man_docs uninstall_html_docs $(RM) -r $(DESTDIR)$(DOCDIR) +install_fips: install_sw + @$(ECHO) "*** Installing FIPS module configuration" + @$(ECHO) "fipsinstall $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf" + @openssl fipsinstall -module $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME) \ + -out $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf \ + -macopt 'key:$(FIPSKEY)' + +uninstall_fips: uninstall_sw + @$(ECHO) "*** Uninstalling FIPS module configuration" + @$(ECHO) "$(RM) $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf" + @$(RM) $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf + install_ssldirs: @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/certs @$(PERL) $(SRCDIR)/util/mkdir-p.pl $(DESTDIR)$(OPENSSLDIR)/private diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl index dfabda7eef..ce042d6ee8 100644 --- a/Configurations/windows-makefile.tmpl +++ b/Configurations/windows-makefile.tmpl @@ -51,6 +51,13 @@ SHLIBPDBS={- join(" ", map { platform->sharedlibpdb($_) // () } @{$unified_info{ MODULES={- our @MODULES = map { platform->dso($_) } @{$unified_info{modules}}; join(" ", @MODULES) -} MODULEPDBS={- join(" ", map { platform->dsopdb($_) } @{$unified_info{modules}}) -} +FIPSMODULENAME={- # We do some extra checking here, as there should be only one + my @fipsmodules = + grep { !$unified_info{attributes}->{modules}->{$_}->{noinst} + && $unified_info{attributes}->{modules}->{$_}->{fips} } + @{$unified_info{modules}}; + die "More that one FIPS module" if scalar @fipsmodules > 1; + join(" ", map { basename platform->dso($_) } @fipsmodules) -} PROGRAMS={- our @PROGRAMS = map { platform->bin($_) } @{$unified_info{programs}}; join(" ", @PROGRAMS) -} PROGRAMPDBS={- join(" ", map { $_.".pdb" } @{$unified_info{programs}}) -} SCRIPTS={- our @SCRIPTS = @{$unified_info{scripts}}; join(" ", @SCRIPTS) -} @@ -463,6 +470,18 @@ install_docs: install_html_docs uninstall_docs: uninstall_html_docs +install_fips: install_sw + @$(ECHO) "*** Installing FIPS module configuration" + @$(ECHO) "fipsinstall $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf" + @openssl fipsinstall -module $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME) \ + -out $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf \ + -macopt "key:$(FIPSKEY)" + +uninstall_fips: uninstall_sw + @$(ECHO) "*** Uninstalling FIPS module configuration" + @$(ECHO) "$(RM) $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf" + @$(RM) $(DESTDIR)$(MODULESDIR)/$(FIPSMODULENAME).cnf + install_ssldirs: @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(OPENSSLDIR)\certs" @"$(PERL)" "$(SRCDIR)\util\mkdir-p.pl" "$(OPENSSLDIR)\private" diff --git a/INSTALL.md b/INSTALL.md index 893049b16e..813d8b456d 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1470,6 +1470,9 @@ described here. Examine the Makefiles themselves for the full list. install_html_docs Only install the OpenSSL HTML documentation. + + install_fips + Install the FIPS provider module configuration file. list-tests Prints a list of all the self test names. diff --git a/providers/build.info b/providers/build.info index f2e0d433c9..b365bda0ec 100644 --- a/providers/build.info +++ b/providers/build.info @@ -140,7 +140,7 @@ ENDIF IF[{- !$disabled{fips} -}] # This is the trigger to actually build the FIPS module. Without these # statements, the final build file will not have a trace of it. - MODULES=$FIPSGOAL + MODULES{fips}=$FIPSGOAL LIBS{noinst}=$LIBFIPS ENDIF From openssl at openssl.org Thu Oct 8 09:31:14 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 09:31:14 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1602149474.132702.7644.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 4067AD523F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4037C415F07F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4037C415F07F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1501 wallclock secs (14.07 usr 1.35 sys + 1415.50 cusr 83.32 csys = 1514.24 CPU) Result: FAIL Makefile:3195: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3193: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 8 09:51:18 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 09:51:18 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1602150678.429760.27660.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 684 wallclock secs (12.91 usr 1.10 sys + 588.48 cusr 56.76 csys = 659.25 CPU) Result: FAIL Makefile:3178: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3176: recipe for target 'tests' failed make: *** [tests] Error 2 From beldmit at gmail.com Thu Oct 8 10:27:44 2020 From: beldmit at gmail.com (beldmit at gmail.com) Date: Thu, 08 Oct 2020 10:27:44 +0000 Subject: [openssl] master update Message-ID: <1602152864.935416.26426.nullmailer@dev.openssl.org> The branch master has been updated via db554ae1104eb5d3279ca338f58a42be61155f2f (commit) from b19b983017f3865b1b3411a4e635a670d5798774 (commit) - Log ----------------------------------------------------------------- commit db554ae1104eb5d3279ca338f58a42be61155f2f Author: Jordan Montgomery Date: Thu Oct 1 23:02:52 2020 -0700 Expose PKCS7_get_octet_string and PKCS7_type_is_other Add PKCS7_get_octet_string() and PKCS7_type_is_other() to the public interface. Fixes #11139 Reviewed-by: Tim Hudson Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13059) ----------------------------------------------------------------------- Summary of changes: CHANGES.md | 5 +++++ crypto/pkcs7/pk7_doit.c | 4 ++-- doc/man3/PKCS7_get_octet_string.pod | 40 +++++++++++++++++++++++++++++++++++ doc/man3/PKCS7_type_is_other.pod | 42 +++++++++++++++++++++++++++++++++++++ include/openssl/pkcs7.h.in | 2 ++ util/libcrypto.num | 2 ++ 6 files changed, 93 insertions(+), 2 deletions(-) create mode 100644 doc/man3/PKCS7_get_octet_string.pod create mode 100644 doc/man3/PKCS7_type_is_other.pod diff --git a/CHANGES.md b/CHANGES.md index 03c5e7d4ae..d9fa56f4d6 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -23,6 +23,11 @@ OpenSSL 3.0 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx] + * Add PKCS7_get_octet_string() and PKCS7_type_is_other() to the public + interface. Their functionality remains unchanged. + + *Jordan Montgomery* + * Deprecated EVP_PKEY_set_alias_type(). This function was previously needed as a workaround to recognise SM2 keys. With OpenSSL 3.0, this key type is internally recognised so the workaround is no longer needed. diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index cde158d56a..3598d5f121 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -20,7 +20,7 @@ static int add_attribute(STACK_OF(X509_ATTRIBUTE) **sk, int nid, int atrtype, void *value); static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid); -static int PKCS7_type_is_other(PKCS7 *p7) +int PKCS7_type_is_other(PKCS7 *p7) { int isOther = 1; @@ -43,7 +43,7 @@ static int PKCS7_type_is_other(PKCS7 *p7) } -static ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7) +ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7) { if (PKCS7_type_is_data(p7)) return p7->d.data; diff --git a/doc/man3/PKCS7_get_octet_string.pod b/doc/man3/PKCS7_get_octet_string.pod new file mode 100644 index 0000000000..7e7c3e0f1f --- /dev/null +++ b/doc/man3/PKCS7_get_octet_string.pod @@ -0,0 +1,40 @@ +=pod + +=head1 NAME + +PKCS7_get_octet_string - return octet string from a PKCS#7 envelopedData structure + +=head1 SYNOPSIS + + #include + + ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7); + +=head1 DESCRIPTION + +PKCS7_get_octet_string() returns a pointer to an ASN1 octet string from a +PKCS#7 envelopedData structure or B if the structure cannot be parsed. + +=head1 NOTES + +As the B<0> implies, PKCS7_get_octet_string() returns internal pointers which +should not be freed by the caller. + +=head1 RETURN VALUES + +PKCS7_get_octet_string() returns an ASN1_OCTET_STRING pointer. + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man3/PKCS7_type_is_other.pod b/doc/man3/PKCS7_type_is_other.pod new file mode 100644 index 0000000000..9ce8d5a11e --- /dev/null +++ b/doc/man3/PKCS7_type_is_other.pod @@ -0,0 +1,42 @@ +=pod + +=head1 NAME + +PKCS7_type_is_other - determine content type of PKCS#7 envelopedData structure + +=head1 SYNOPSIS + + #include + + int PKCS7_type_is_other(PKCS7 *p7); + +=head1 DESCRIPTION + +PKCS7_type_is_other() returns the whether the content type of a PKCS#7 envelopedData +structure is one of the following content types: + +NID_pkcs7_data +NID_pkcs7_signed +NID_pkcs7_enveloped +NID_pkcs7_signedAndEnveloped +NID_pkcs7_digest +NID_pkcs7_encrypted + +=head1 RETURN VALUES + +PKCS7_type_is_other() returns either 0 if the content type is matched or 1 otherwise. + +=head1 SEE ALSO + +L, L + +=head1 COPYRIGHT + +Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/include/openssl/pkcs7.h.in b/include/openssl/pkcs7.h.in index e6ee6df100..f612e363ad 100644 --- a/include/openssl/pkcs7.h.in +++ b/include/openssl/pkcs7.h.in @@ -262,6 +262,7 @@ DECLARE_ASN1_PRINT_FUNCTION(PKCS7) long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); +int PKCS7_type_is_other(PKCS7 *p7); int PKCS7_set_type(PKCS7 *p7, int type); int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other); int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); @@ -297,6 +298,7 @@ int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher); int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7); PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx); +ASN1_OCTET_STRING *PKCS7_get_octet_string(PKCS7 *p7); ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk); int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type, void *data); diff --git a/util/libcrypto.num b/util/libcrypto.num index 8e21348e3a..189563fd2a 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5307,3 +5307,5 @@ EVP_ASYM_CIPHER_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION: EVP_ASYM_CIPHER_settable_ctx_params ? 3_0_0 EXIST::FUNCTION: EVP_KEM_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION: EVP_KEM_settable_ctx_params ? 3_0_0 EXIST::FUNCTION: +PKCS7_type_is_other ? 3_0_0 EXIST::FUNCTION: +PKCS7_get_octet_string ? 3_0_0 EXIST::FUNCTION: From no-reply at appveyor.com Thu Oct 8 10:57:24 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 08 Oct 2020 10:57:24 +0000 Subject: Build failed: openssl master.37401 Message-ID: <20201008105724.1.4DD107B8C2C00AE4@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 8 11:12:18 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 08 Oct 2020 11:12:18 +0000 Subject: Build failed: openssl master.37402 Message-ID: <20201008111218.1.9644D55E167321F2@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 8 11:27:30 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 11:27:30 +0000 Subject: Failed: openssl/openssl#37939 (master - b19b983) In-Reply-To: Message-ID: <5f7ef7a23a5dd_13fcd8f5d5cb811400f5@travis-pro-tasks-67bb4cd748-kvk6x.mail> Build Update for openssl/openssl ------------------------------------- Build: #37939 Status: Failed Duration: 1 hr, 20 mins, and 14 secs Commit: b19b983 (master) Author: Richard Levitte Message: Document install_fips in INSTALL.md Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13032) View the changeset: https://github.com/openssl/openssl/compare/5884b05109d1...b19b983017f3 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188782794?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From matt at openssl.org Thu Oct 8 11:40:47 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 08 Oct 2020 11:40:47 +0000 Subject: [openssl] master update Message-ID: <1602157247.522936.24185.nullmailer@dev.openssl.org> The branch master has been updated via df38dcfcd5c3e264e449589ef0b9fce8ce6e428c (commit) via b565a17d9fc69711813a19723a3f656ae5cd2fc9 (commit) via 3861ac3b558a5f4e0cc0285843baeaaeff3fbe4a (commit) from db554ae1104eb5d3279ca338f58a42be61155f2f (commit) - Log ----------------------------------------------------------------- commit df38dcfcd5c3e264e449589ef0b9fce8ce6e428c Author: Matt Caswell Date: Thu Oct 1 17:17:58 2020 +0100 Fix the decoder start type handling If an explicit decoder start type was provided then it wasn't being handled correctly in all cases. Specifically if a PEM start type was provided then the decoder would fail. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13050) commit b565a17d9fc69711813a19723a3f656ae5cd2fc9 Author: Matt Caswell Date: Thu Oct 1 15:34:24 2020 +0100 Add a test for encoding and decoding of parameters files Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13050) commit 3861ac3b558a5f4e0cc0285843baeaaeff3fbe4a Author: Matt Caswell Date: Thu Oct 1 15:33:14 2020 +0100 Fix encoding of DHX parameters files We were getting confused with DHX parameters and encoding them as PKCS3 DH parameters instead. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13050) ----------------------------------------------------------------------- Summary of changes: crypto/encode_decode/decoder_lib.c | 2 +- .../implementations/encode_decode/encode_key2any.c | 19 +- test/endecode_test.c | 199 +++++++++++++++++---- 3 files changed, 183 insertions(+), 37 deletions(-) diff --git a/crypto/encode_decode/decoder_lib.c b/crypto/encode_decode/decoder_lib.c index ab7c537038..e44ca8cbd4 100644 --- a/crypto/encode_decode/decoder_lib.c +++ b/crypto/encode_decode/decoder_lib.c @@ -259,7 +259,7 @@ int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx, * on top of this one, so we don't. */ if (ctx->start_input_type != NULL - && strcasecmp(ctx->start_input_type, input_type) != 0) + && strcasecmp(ctx->start_input_type, input_type) == 0) continue; ERR_set_mark(); diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index c21b74d9d3..beb487e940 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -319,12 +319,23 @@ static int dh_priv_to_der(const void *dh, unsigned char **pder) static int dh_params_to_der_bio(BIO *out, const void *key) { - return i2d_DHparams_bio(out, key); + int type = + DH_test_flags(key, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH; + + if (type == EVP_PKEY_DH) + return i2d_DHparams_bio(out, key); + return i2d_DHxparams_bio(out, key); } static int dh_params_to_pem_bio(BIO *out, const void *key) { - return PEM_write_bio_DHparams(out, key); + int type = + DH_test_flags(key, DH_FLAG_TYPE_DHX) ? EVP_PKEY_DHX : EVP_PKEY_DH; + + if (type == EVP_PKEY_DH) + return PEM_write_bio_DHparams(out, key); + + return PEM_write_bio_DHxparams(out, key); } static int dh_check_key_type(const void *key, int expected_type) @@ -940,8 +951,8 @@ static int key2any_encode_params(struct key2any_ctx_st *ctx, #ifndef OPENSSL_NO_DH MAKE_ENCODER(dh, dh, EVP_PKEY_DH, der); MAKE_ENCODER(dh, dh, EVP_PKEY_DH, pem); -MAKE_ENCODER(dhx, dh, EVP_PKEY_DH, der); -MAKE_ENCODER(dhx, dh, EVP_PKEY_DH, pem); +MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, der); +MAKE_ENCODER(dhx, dh, EVP_PKEY_DHX, pem); #endif #ifndef OPENSSL_NO_DSA MAKE_ENCODER(dsa, dsa, EVP_PKEY_DSA, der); diff --git a/test/endecode_test.c b/test/endecode_test.c index 70258afcc0..b882ff85b1 100644 --- a/test/endecode_test.c +++ b/test/endecode_test.c @@ -93,18 +93,21 @@ typedef int (encoder)(void **encoded, long *encoded_len, void *object, const char *output_type, int selection, const char *pass, const char *pcipher); typedef int (decoder)(void **object, void *encoded, long encoded_len, - const char *pass); + const char *keytype, const char *input_type, + int selection, const char *pass); typedef int (tester)(const void *data1, size_t data1_len, const void *data2, size_t data2_len); typedef int (checker)(const char *type, const void *data, size_t data_len); typedef void (dumper)(const char *label, const void *data, size_t data_len); +#define FLAG_DECODE_WITH_TYPE 0x0001 + static int test_encode_decode(const char *type, EVP_PKEY *pkey, const char *output_type, int selection, const char *pass, const char *pcipher, encoder *encode_cb, decoder *decode_cb, tester *test_cb, checker *check_cb, - dumper *dump_cb) + dumper *dump_cb, int flags) { void *encoded = NULL; long encoded_len = 0; @@ -118,16 +121,23 @@ static int test_encode_decode(const char *type, EVP_PKEY *pkey, * encoding |pkey2| as well. That last encoding is for checking and * dumping purposes. */ - if (!encode_cb(&encoded, &encoded_len, pkey, output_type, selection, - pass, pcipher) - || !check_cb(type, encoded, encoded_len) - || !decode_cb((void **)&pkey2, encoded, encoded_len, pass) - || !encode_cb(&encoded2, &encoded2_len, pkey2, output_type, selection, - pass, pcipher)) + if (!TEST_true(encode_cb(&encoded, &encoded_len, pkey, output_type, + selection, pass, pcipher)) + || !TEST_true(check_cb(type, encoded, encoded_len)) + || !TEST_true(decode_cb((void **)&pkey2, encoded, encoded_len, + (flags & FLAG_DECODE_WITH_TYPE ? type : NULL), + output_type, selection, pass)) + || !TEST_true(encode_cb(&encoded2, &encoded2_len, pkey2, output_type, + selection, pass, pcipher))) goto end; - if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1)) - goto end; + if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) { + if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, pkey2), 1)) + goto end; + } else { + if (!TEST_int_eq(EVP_PKEY_eq(pkey, pkey2), 1)) + goto end; + } /* * Double check the encoding, but only for unprotected keys, @@ -193,25 +203,71 @@ static int encode_EVP_PKEY_prov(void **encoded, long *encoded_len, } static int decode_EVP_PKEY_prov(void **object, void *encoded, long encoded_len, - const char *pass) + const char *keytype, const char *input_type, + int selection, const char *pass) { - EVP_PKEY *pkey = NULL; + EVP_PKEY *pkey = NULL, *testpkey = NULL; OSSL_DECODER_CTX *dctx = NULL; - BIO *mem_deser = NULL; + BIO *encoded_bio = NULL; const unsigned char *upass = (const unsigned char *)pass; int ok = 0; + int i; + const char *badtype; - if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, NULL, NULL, - NULL, NULL)) - || (pass != NULL - && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass))) - || !TEST_ptr(mem_deser = BIO_new_mem_buf(encoded, encoded_len)) - || !TEST_true(OSSL_DECODER_from_bio(dctx, mem_deser))) + if (strcmp(input_type, "DER") == 0) + badtype = "PEM"; + else + badtype = "DER"; + + if (!TEST_ptr(encoded_bio = BIO_new_mem_buf(encoded, encoded_len))) goto end; + + /* + * We attempt the decode 3 times. The first time we provide the expected + * starting input type. The second time we provide NULL for the starting + * type. The third time we provide a bad starting input type. + * The bad starting input type should fail. The other two should succeed + * and produce the same result. + */ + for (i = 0; i < 3; i++) { + const char *testtype = (i == 0) ? input_type + : ((i == 1) ? NULL : badtype); + + if (!TEST_ptr(dctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&testpkey, + testtype, + keytype, + NULL, NULL)) + || (pass != NULL + && !OSSL_DECODER_CTX_set_passphrase(dctx, upass, strlen(pass))) + || !TEST_int_gt(BIO_reset(encoded_bio), 0) + /* We expect to fail when using a bad input type */ + || !TEST_int_eq(OSSL_DECODER_from_bio(dctx, encoded_bio), + (i == 2) ? 0 : 1)) + goto end; + OSSL_DECODER_CTX_free(dctx); + dctx = NULL; + + if (i == 0) { + pkey = testpkey; + testpkey = NULL; + } else if (i == 1) { + if (selection == OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) { + if (!TEST_int_eq(EVP_PKEY_parameters_eq(pkey, testpkey), 1)) + goto end; + } else { + if (!TEST_int_eq(EVP_PKEY_eq(pkey, testpkey), 1)) + goto end; + } + } + } ok = 1; *object = pkey; + pkey = NULL; + end: - BIO_free(mem_deser); + EVP_PKEY_free(pkey); + EVP_PKEY_free(testpkey); + BIO_free(encoded_bio); OSSL_DECODER_CTX_free(dctx); return ok; } @@ -433,7 +489,7 @@ static int test_unprotected_via_DER(const char *type, EVP_PKEY *key) NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_mem, check_unprotected_PKCS8_DER, - dump_der); + dump_der, 0); } static int check_unprotected_PKCS8_PEM(const char *type, @@ -454,7 +510,64 @@ static int test_unprotected_via_PEM(const char *type, EVP_PKEY *key) NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_text, check_unprotected_PKCS8_PEM, - dump_pem); + dump_pem, 0); +} + +static int check_params_DER(const char *type, const void *data, size_t data_len) +{ + const unsigned char *datap = data; + int ok = 0; + int itype = NID_undef; + EVP_PKEY *pkey = NULL; + + if (strcmp(type, "DH") == 0) + itype = EVP_PKEY_DH; + else if (strcmp(type, "X9.42 DH") == 0) + itype = EVP_PKEY_DHX; + else if (strcmp(type, "DSA") == 0) + itype = EVP_PKEY_DSA; + else if (strcmp(type, "EC") == 0) + itype = EVP_PKEY_EC; + + if (itype != NID_undef) { + pkey = d2i_KeyParams(itype, NULL, &datap, data_len); + ok = (pkey != NULL); + EVP_PKEY_free(pkey); + } + + return ok; +} + +static int check_params_PEM(const char *type, + const void *data, size_t data_len) +{ + static char expected_pem_header[80]; + + return + TEST_int_gt(BIO_snprintf(expected_pem_header, + sizeof(expected_pem_header), + "-----BEGIN %s PARAMETERS-----", type), 0) + && TEST_strn_eq(data, expected_pem_header, strlen(expected_pem_header)); +} + +static int test_params_via_DER(const char *type, EVP_PKEY *key) +{ + return test_encode_decode(type, key, + "DER", OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, + encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, + test_mem, check_params_DER, + dump_der, FLAG_DECODE_WITH_TYPE); +} + +static int test_params_via_PEM(const char *type, EVP_PKEY *key) +{ + return test_encode_decode(type, key, + "PEM", OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, + NULL, NULL, + encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, + test_text, check_params_PEM, + dump_pem, 0); } static int check_unprotected_legacy_PEM(const char *type, @@ -477,7 +590,7 @@ static int test_unprotected_via_legacy_PEM(const char *type, EVP_PKEY *key) NULL, NULL, encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov, test_text, check_unprotected_legacy_PEM, - dump_pem); + dump_pem, 0); } #ifndef OPENSSL_NO_DSA @@ -499,7 +612,7 @@ static int test_unprotected_via_MSBLOB(const char *type, EVP_PKEY *key) NULL, NULL, encode_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov, test_mem, check_MSBLOB, - dump_der); + dump_der, 0); } # ifndef OPENSSL_NO_RC4 @@ -520,7 +633,7 @@ static int test_unprotected_via_PVK(const char *type, EVP_PKEY *key) NULL, NULL, encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov, test_mem, check_PVK, - dump_der); + dump_der, 0); } # endif #endif @@ -547,7 +660,7 @@ static int test_protected_via_DER(const char *type, EVP_PKEY *key) pass, pass_cipher, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_mem, check_protected_PKCS8_DER, - dump_der); + dump_der, 0); } static int check_protected_PKCS8_PEM(const char *type, @@ -568,7 +681,7 @@ static int test_protected_via_PEM(const char *type, EVP_PKEY *key) pass, pass_cipher, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, test_text, check_protected_PKCS8_PEM, - dump_pem); + dump_pem, 0); } static int check_protected_legacy_PEM(const char *type, @@ -592,7 +705,7 @@ static int test_protected_via_legacy_PEM(const char *type, EVP_PKEY *key) pass, pass_cipher, encode_EVP_PKEY_legacy_PEM, decode_EVP_PKEY_prov, test_text, check_protected_legacy_PEM, - dump_pem); + dump_pem, 0); } #if !defined(OPENSSL_NO_DSA) && !defined(OPENSSL_NO_RC4) @@ -603,7 +716,7 @@ static int test_protected_via_PVK(const char *type, EVP_PKEY *key) | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, pass, NULL, encode_EVP_PKEY_PVK, decode_EVP_PKEY_prov, - test_mem, check_PVK, dump_der); + test_mem, check_PVK, dump_der, 0); } #endif @@ -624,7 +737,7 @@ static int test_public_via_DER(const char *type, EVP_PKEY *key) | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_mem, check_public_DER, dump_der); + test_mem, check_public_DER, dump_der, 0); } static int check_public_PEM(const char *type, const void *data, size_t data_len) @@ -644,7 +757,7 @@ static int test_public_via_PEM(const char *type, EVP_PKEY *key) | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, NULL, NULL, encode_EVP_PKEY_prov, decode_EVP_PKEY_prov, - test_text, check_public_PEM, dump_pem); + test_text, check_public_PEM, dump_pem, 0); } #ifndef OPENSSL_NO_DSA @@ -667,7 +780,7 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key) NULL, NULL, encode_public_EVP_PKEY_MSBLOB, decode_EVP_PKEY_prov, - test_mem, check_public_MSBLOB, dump_der); + test_mem, check_public_MSBLOB, dump_der, 0); } #endif @@ -726,6 +839,20 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key) ADD_TEST(test_public_##KEYTYPE##_via_DER); \ ADD_TEST(test_public_##KEYTYPE##_via_PEM) +#define IMPLEMENT_TEST_SUITE_PARAMS(KEYTYPE, KEYTYPEstr) \ + static int test_params_##KEYTYPE##_via_DER(void) \ + { \ + return test_params_via_DER(KEYTYPEstr, key_##KEYTYPE); \ + } \ + static int test_params_##KEYTYPE##_via_PEM(void) \ + { \ + return test_params_via_PEM(KEYTYPEstr, key_##KEYTYPE); \ + } + +#define ADD_TEST_SUITE_PARAMS(KEYTYPE) \ + ADD_TEST(test_params_##KEYTYPE##_via_DER); \ + ADD_TEST(test_params_##KEYTYPE##_via_PEM) + #define IMPLEMENT_TEST_SUITE_LEGACY(KEYTYPE, KEYTYPEstr) \ static int test_unprotected_##KEYTYPE##_via_legacy_PEM(void) \ { \ @@ -777,8 +904,10 @@ static int test_public_via_MSBLOB(const char *type, EVP_PKEY *key) #ifndef OPENSSL_NO_DH DOMAIN_KEYS(DH); IMPLEMENT_TEST_SUITE(DH, "DH") +IMPLEMENT_TEST_SUITE_PARAMS(DH, "DH") DOMAIN_KEYS(DHX); IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH") +IMPLEMENT_TEST_SUITE_PARAMS(DHX, "X9.42 DH") /* * DH has no support for PEM_write_bio_PrivateKey_traditional(), * so no legacy tests. @@ -787,6 +916,7 @@ IMPLEMENT_TEST_SUITE(DHX, "X9.42 DH") #ifndef OPENSSL_NO_DSA DOMAIN_KEYS(DSA); IMPLEMENT_TEST_SUITE(DSA, "DSA") +IMPLEMENT_TEST_SUITE_PARAMS(DSA, "DSA") IMPLEMENT_TEST_SUITE_LEGACY(DSA, "DSA") IMPLEMENT_TEST_SUITE_MSBLOB(DSA, "DSA") # ifndef OPENSSL_NO_RC4 @@ -796,6 +926,7 @@ IMPLEMENT_TEST_SUITE_PVK(DSA, "DSA") #ifndef OPENSSL_NO_EC DOMAIN_KEYS(EC); IMPLEMENT_TEST_SUITE(EC, "EC") +IMPLEMENT_TEST_SUITE_PARAMS(EC, "EC") IMPLEMENT_TEST_SUITE_LEGACY(EC, "EC") DOMAIN_KEYS(ECExplicitPrimeNamedCurve); IMPLEMENT_TEST_SUITE(ECExplicitPrimeNamedCurve, "EC") @@ -1101,7 +1232,9 @@ int setup_tests(void) if (ok) { #ifndef OPENSSL_NO_DH ADD_TEST_SUITE(DH); + ADD_TEST_SUITE_PARAMS(DH); ADD_TEST_SUITE(DHX); + ADD_TEST_SUITE_PARAMS(DHX); /* * DH has no support for PEM_write_bio_PrivateKey_traditional(), * so no legacy tests. @@ -1109,6 +1242,7 @@ int setup_tests(void) #endif #ifndef OPENSSL_NO_DSA ADD_TEST_SUITE(DSA); + ADD_TEST_SUITE_PARAMS(DSA); ADD_TEST_SUITE_LEGACY(DSA); ADD_TEST_SUITE_MSBLOB(DSA); # ifndef OPENSSL_NO_RC4 @@ -1117,6 +1251,7 @@ int setup_tests(void) #endif #ifndef OPENSSL_NO_EC ADD_TEST_SUITE(EC); + ADD_TEST_SUITE_PARAMS(EC); ADD_TEST_SUITE_LEGACY(EC); ADD_TEST_SUITE(ECExplicitPrimeNamedCurve); ADD_TEST_SUITE_LEGACY(ECExplicitPrimeNamedCurve); From openssl at openssl.org Thu Oct 8 12:17:50 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 12:17:50 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1602159470.453695.9451.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 654 wallclock secs (12.89 usr 1.13 sys + 594.43 cusr 56.96 csys = 665.41 CPU) Result: FAIL Makefile:3183: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3181: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 8 12:41:24 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 12:41:24 +0000 Subject: Failed: openssl/openssl#37940 (master - db554ae) In-Reply-To: Message-ID: <5f7f08f3f3f1c_13fbabc2b8aac10904f@travis-pro-tasks-5dc5f9b4d9-l6dm7.mail> Build Update for openssl/openssl ------------------------------------- Build: #37940 Status: Failed Duration: 1 hr, 40 mins, and 10 secs Commit: db554ae (master) Author: Jordan Montgomery Message: Expose PKCS7_get_octet_string and PKCS7_type_is_other Add PKCS7_get_octet_string() and PKCS7_type_is_other() to the public interface. Fixes #11139 Reviewed-by: Tim Hudson Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13059) View the changeset: https://github.com/openssl/openssl/compare/b19b983017f3...db554ae1104e View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188791728?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 8 14:32:48 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 14:32:48 +0000 Subject: Still Failing: openssl/openssl#37943 (master - df38dcf) In-Reply-To: Message-ID: <5f7f231030156_13fbabc2b9a9c8154f7@travis-pro-tasks-5dc5f9b4d9-l6dm7.mail> Build Update for openssl/openssl ------------------------------------- Build: #37943 Status: Still Failing Duration: 1 hr, 21 mins, and 33 secs Commit: df38dcf (master) Author: Matt Caswell Message: Fix the decoder start type handling If an explicit decoder start type was provided then it wasn't being handled correctly in all cases. Specifically if a PEM start type was provided then the decoder would fail. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13050) View the changeset: https://github.com/openssl/openssl/compare/db554ae1104e...df38dcfcd5c3 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188802397?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 8 14:38:19 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 14:38:19 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1602167899.566926.14834.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C050E0F6647F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C050E0F6647F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C050E0F6647F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/_vLYRxdX9y default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090F172BC7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090F172BC7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090F172BC7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090F172BC7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090F172BC7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090F172BC7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/_vLYRxdX9y fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 664 wallclock secs (13.23 usr 1.13 sys + 607.13 cusr 56.27 csys = 677.76 CPU) Result: FAIL Makefile:3194: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3192: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 8 14:45:36 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 08 Oct 2020 14:45:36 +0000 Subject: Build failed: openssl master.37407 Message-ID: <20201008144536.1.CABFF0C562E75DFC@appveyor.com> An HTML attachment was scrubbed... URL: From dev at ddvo.net Thu Oct 8 14:50:04 2020 From: dev at ddvo.net (dev at ddvo.net) Date: Thu, 08 Oct 2020 14:50:04 +0000 Subject: [openssl] master update Message-ID: <1602168604.386641.27589.nullmailer@dev.openssl.org> The branch master has been updated via 02a2567173a451d8d00c276e6d8c1d1cb171234d (commit) from df38dcfcd5c3e264e449589ef0b9fce8ce6e428c (commit) - Log ----------------------------------------------------------------- commit 02a2567173a451d8d00c276e6d8c1d1cb171234d Author: Andr? Klitzing Date: Wed Mar 18 16:04:06 2020 +0100 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE This unifies the behaviour of a single certificate with an unknown CA certificate with a self-signed certificate. The user callback can mask that error to retrieve additional error information. So the user application can decide to abort the connection instead to be forced by openssl. This change in behaviour is backward compatible as user callbacks who don't want to ignore UNABLE_TO_VERIFY_LEAF_SIGNATURE will still abort the connection by default. CLA: trivial Fixes #11297 Reviewed-by: David von Oheimb Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13083) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x509_vfy.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index cf89179dfd..710939b619 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -1804,9 +1804,15 @@ static int internal_verify(X509_STORE_CTX *ctx) xs = xi; goto check_cert_time; } - if (n <= 0) - return verify_cb_cert(ctx, xi, 0, - X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE); + if (n <= 0) { + if (!verify_cb_cert(ctx, xi, 0, + X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)) + return 0; + + xs = xi; + goto check_cert_time; + } + n--; ctx->error_depth = n; xs = sk_X509_value(ctx->chain, n); From dev at ddvo.net Thu Oct 8 15:06:57 2020 From: dev at ddvo.net (dev at ddvo.net) Date: Thu, 08 Oct 2020 15:06:57 +0000 Subject: [openssl] master update Message-ID: <1602169617.215765.1503.nullmailer@dev.openssl.org> The branch master has been updated via 55c61473b52aff9fd5217aec543b3d25beea0531 (commit) from 02a2567173a451d8d00c276e6d8c1d1cb171234d (commit) - Log ----------------------------------------------------------------- commit 55c61473b52aff9fd5217aec543b3d25beea0531 Author: Dr. David von Oheimb Date: Wed Sep 30 13:50:34 2020 +0200 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13045) ----------------------------------------------------------------------- Summary of changes: apps/cmp.c | 1 - crypto/conf/conf_lib.c | 16 ++++++++++++++++ crypto/conf/conf_mod.c | 34 ++++++++++++++++++++-------------- crypto/ts/ts_conf.c | 7 +++---- include/openssl/ts.h | 2 +- 5 files changed, 40 insertions(+), 20 deletions(-) diff --git a/apps/cmp.c b/apps/cmp.c index 1137ed0a84..e52eff3c28 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -2626,7 +2626,6 @@ int cmp_main(int argc, char **argv) char mock_server[] = "mock server:1"; int ret = 0; /* default: failure */ - ERR_clear_error(); /* clear leftover errors on loading libengines.so etc. */ if (argc <= 1) { opt_help(cmp_options); goto err; diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index 4cc698400c..54ba692462 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -101,6 +101,7 @@ STACK_OF(CONF_VALUE) *CONF_get_section(LHASH_OF(CONF_VALUE) *conf, return NULL; } else { CONF ctmp; + CONF_set_nconf(&ctmp, conf); return NCONF_get_section(&ctmp, section); } @@ -113,6 +114,7 @@ char *CONF_get_string(LHASH_OF(CONF_VALUE) *conf, const char *group, return NCONF_get_string(NULL, group, name); } else { CONF ctmp; + CONF_set_nconf(&ctmp, conf); return NCONF_get_string(&ctmp, group, name); } @@ -129,6 +131,7 @@ long CONF_get_number(LHASH_OF(CONF_VALUE) *conf, const char *group, status = NCONF_get_number_e(NULL, group, name, &result); } else { CONF ctmp; + CONF_set_nconf(&ctmp, conf); status = NCONF_get_number_e(&ctmp, group, name, &result); } @@ -162,6 +165,7 @@ int CONF_dump_fp(LHASH_OF(CONF_VALUE) *conf, FILE *out) int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out) { CONF ctmp; + CONF_set_nconf(&ctmp, conf); return NCONF_dump_bio(&ctmp, out); } @@ -329,6 +333,18 @@ int NCONF_get_number_e(const CONF *conf, const char *group, const char *name, return 1; } +long _CONF_get_number(const CONF *conf, const char *section, + const char *name) +{ + int status; + long result = 0; + + ERR_set_mark(); + status = NCONF_get_number_e(conf, section, name, &result); + ERR_pop_to_mark(); + return status == 0 ? 0L : result; +} + #ifndef OPENSSL_NO_STDIO int NCONF_dump_fp(const CONF *conf, FILE *out) { diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index 5359a7e06d..a1cb4c5f7b 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -15,6 +15,7 @@ #include #include #include "internal/conf.h" +#include "openssl/conf_api.h" #include "internal/dso.h" #include "internal/thread_once.h" #include @@ -80,14 +81,7 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, const char *name, static int conf_diagnostics(const CONF *cnf) { - long int lflag = 0; - int res; - - ERR_set_mark(); - res = NCONF_get_number(cnf, NULL, "config_diagnostics", &lflag) - && lflag != 0; - ERR_pop_to_mark(); - return res; + return _CONF_get_number(cnf, NULL, "config_diagnostics") != 0; } /* Main function: load modules from a CONF structure */ @@ -109,6 +103,7 @@ int CONF_modules_load(const CONF *cnf, const char *appname, | CONF_MFLAGS_SILENT | CONF_MFLAGS_IGNORE_MISSING_FILE); + ERR_set_mark(); if (appname) vsection = NCONF_get_string(cnf, NULL, appname); @@ -116,7 +111,7 @@ int CONF_modules_load(const CONF *cnf, const char *appname, vsection = NCONF_get_string(cnf, NULL, "openssl_conf"); if (!vsection) { - ERR_clear_error(); + ERR_pop_to_mark(); return 1; } @@ -125,20 +120,28 @@ int CONF_modules_load(const CONF *cnf, const char *appname, if (values == NULL) { if (!(flags & CONF_MFLAGS_SILENT)) { + ERR_clear_last_mark(); CONFerr(0, CONF_R_OPENSSL_CONF_REFERENCES_MISSING_SECTION); ERR_add_error_data(2, "openssl_conf=", vsection); + } else { + ERR_pop_to_mark(); } return 0; } + ERR_pop_to_mark(); for (i = 0; i < sk_CONF_VALUE_num(values); i++) { vl = sk_CONF_VALUE_value(values, i); + ERR_set_mark(); ret = module_run(cnf, vl->name, vl->value, flags); OSSL_TRACE3(CONF, "Running module %s (%s) returned %d\n", vl->name, vl->value, ret); if (ret <= 0) - if (!(flags & CONF_MFLAGS_IGNORE_ERRORS)) + if (!(flags & CONF_MFLAGS_IGNORE_ERRORS)) { + ERR_clear_last_mark(); return ret; + } + ERR_pop_to_mark(); } return 1; @@ -152,6 +155,7 @@ int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, CONF *conf = NULL; int ret = 0, diagnostics = 0; + ERR_set_mark(); conf = NCONF_new_ex(libctx, NULL); if (conf == NULL) goto err; @@ -167,7 +171,6 @@ int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, if (NCONF_load(conf, file, NULL) <= 0) { if ((flags & CONF_MFLAGS_IGNORE_MISSING_FILE) && (ERR_GET_REASON(ERR_peek_last_error()) == CONF_R_NO_SUCH_FILE)) { - ERR_clear_error(); ret = 1; } goto err; @@ -182,8 +185,12 @@ int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, NCONF_free(conf); if ((flags & CONF_MFLAGS_IGNORE_RETURN_CODES) != 0 && !diagnostics) - return 1; + ret = 1; + if (ret) + ERR_pop_to_mark(); + else + ERR_clear_last_mark(); return ret; } @@ -255,9 +262,8 @@ static CONF_MODULE *module_load_dso(const CONF *cnf, CONF_MODULE *md; /* Look for alternative path in module section */ - path = NCONF_get_string(cnf, value, "path"); + path = _CONF_get_string(cnf, value, "path"); if (path == NULL) { - ERR_clear_error(); path = name; } dso = DSO_load(NULL, path, NULL, 0); diff --git a/crypto/ts/ts_conf.c b/crypto/ts/ts_conf.c index 5418bc8bbf..55fae481e1 100644 --- a/crypto/ts/ts_conf.c +++ b/crypto/ts/ts_conf.c @@ -17,6 +17,7 @@ #include #include #include +#include /* Macro definitions for the configuration file. */ #define BASE_SECTION "tsa" @@ -418,7 +419,7 @@ int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx) return ret; } -int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, +int TS_CONF_set_clock_precision_digits(const CONF *conf, const char *section, TS_RESP_CTX *ctx) { int ret = 0; @@ -427,9 +428,7 @@ int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, /* * If not specified, set the default value to 0, i.e. sec precision */ - if (!NCONF_get_number_e(conf, section, ENV_CLOCK_PRECISION_DIGITS, - &digits)) - digits = 0; + digits = _CONF_get_number(conf, section, ENV_CLOCK_PRECISION_DIGITS); if (digits < 0 || digits > TS_MAX_CLOCK_PRECISION_DIGITS) { ts_CONF_invalid(section, ENV_CLOCK_PRECISION_DIGITS); goto err; diff --git a/include/openssl/ts.h b/include/openssl/ts.h index 48cea0f503..e88ad44cfd 100644 --- a/include/openssl/ts.h +++ b/include/openssl/ts.h @@ -486,7 +486,7 @@ int TS_CONF_set_def_policy(CONF *conf, const char *section, int TS_CONF_set_policies(CONF *conf, const char *section, TS_RESP_CTX *ctx); int TS_CONF_set_digests(CONF *conf, const char *section, TS_RESP_CTX *ctx); int TS_CONF_set_accuracy(CONF *conf, const char *section, TS_RESP_CTX *ctx); -int TS_CONF_set_clock_precision_digits(CONF *conf, const char *section, +int TS_CONF_set_clock_precision_digits(const CONF *conf, const char *section, TS_RESP_CTX *ctx); int TS_CONF_set_ordering(CONF *conf, const char *section, TS_RESP_CTX *ctx); int TS_CONF_set_tsa_name(CONF *conf, const char *section, TS_RESP_CTX *ctx); From beldmit at gmail.com Thu Oct 8 15:19:05 2020 From: beldmit at gmail.com (beldmit at gmail.com) Date: Thu, 08 Oct 2020 15:19:05 +0000 Subject: [openssl] master update Message-ID: <1602170345.081272.4884.nullmailer@dev.openssl.org> The branch master has been updated via 13c5ec569ea9286ff18e019fb2d53be64829c62c (commit) via 947fb813458cd93fdc31f6248f5806d9f4fddff3 (commit) from 55c61473b52aff9fd5217aec543b3d25beea0531 (commit) - Log ----------------------------------------------------------------- commit 13c5ec569ea9286ff18e019fb2d53be64829c62c Author: Dmitry Belyavskiy Date: Wed Oct 7 13:23:01 2020 +0300 Fix zero-length content verification in S/MIME format Fixes #13082 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13087) commit 947fb813458cd93fdc31f6248f5806d9f4fddff3 Author: Dmitry Belyavskiy Date: Wed Oct 7 13:05:28 2020 +0300 Tests for processing zero-length content in SMIME format Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13087) ----------------------------------------------------------------------- Summary of changes: crypto/cms/cms_smime.c | 2 +- crypto/pkcs7/pk7_smime.c | 2 +- test/recipes/80-test_cms.t | 17 +++++++++++++++++ .../smcont_zero.txt | 0 4 files changed, 19 insertions(+), 2 deletions(-) copy fuzz/corpora/bignum/da39a3ee5e6b4b0d3255bfef95601890afd80709 => test/smcont_zero.txt (100%) diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index f9a851950f..c8bec75cdd 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -401,7 +401,7 @@ int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, long len; len = BIO_get_mem_data(dcont, &ptr); - tmpin = BIO_new_mem_buf(ptr, len); + tmpin = (len == 0) ? dcont : BIO_new_mem_buf(ptr, len); if (tmpin == NULL) { CMSerr(CMS_F_CMS_VERIFY, ERR_R_MALLOC_FAILURE); goto err2; diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index 5cbc18c63e..e9ae4f3394 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -311,7 +311,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, char *ptr; long len; len = BIO_get_mem_data(indata, &ptr); - tmpin = BIO_new_mem_buf(ptr, len); + tmpin = (len == 0) ? indata : BIO_new_mem_buf(ptr, len); if (tmpin == NULL) { PKCS7err(0, ERR_R_MALLOC_FAILURE); goto err; diff --git a/test/recipes/80-test_cms.t b/test/recipes/80-test_cms.t index 0d086344e7..2cc778624b 100644 --- a/test/recipes/80-test_cms.t +++ b/test/recipes/80-test_cms.t @@ -45,6 +45,7 @@ my $provname = 'default'; my $datadir = srctop_dir("test", "recipes", "80-test_cms_data"); my $smdir = srctop_dir("test", "smime-certs"); my $smcont = srctop_file("test", "smcont.txt"); +my $smcont_zero = srctop_file("test", "smcont_zero.txt"); my ($no_des, $no_dh, $no_dsa, $no_ec, $no_ec2m, $no_rc2, $no_zlib) = disabled qw/des dh dsa ec ec2m rc2 zlib/; @@ -169,6 +170,15 @@ my @smime_pkcs7_tests = ( \&final_compare ], + [ "signed zero-length content S/MIME format, RSA key SHA1", + [ "{cmd1}", @defaultprov, "-sign", "-in", $smcont_zero, "-md", "sha1", + "-certfile", catfile($smdir, "smroot.pem"), + "-signer", catfile($smdir, "smrsa1.pem"), "-out", "{output}.cms" ], + [ "{cmd2}", @prov, "-verify", "-in", "{output}.cms", + "-CAfile", catfile($smdir, "smroot.pem"), "-out", "{output}.txt" ], + \&zero_compare + ], + [ "signed content test streaming S/MIME format, 2 DSA and 2 RSA keys", [ "{cmd1}", @prov, "-sign", "-in", $smcont, "-nodetach", "-signer", catfile($smdir, "smrsa1.pem"), @@ -679,6 +689,13 @@ sub final_compare { return compare_text($smcont, "$opts{output}.txt") == 0; } +sub zero_compare { + my %opts = @_; + + diag "Checking for zero-length file"; + return (-e "$opts{output}.txt" && -z "$opts{output}.txt"); +} + subtest "CMS => PKCS#7 compatibility tests\n" => sub { plan tests => scalar @smime_pkcs7_tests; diff --git a/fuzz/corpora/bignum/da39a3ee5e6b4b0d3255bfef95601890afd80709 b/test/smcont_zero.txt similarity index 100% copy from fuzz/corpora/bignum/da39a3ee5e6b4b0d3255bfef95601890afd80709 copy to test/smcont_zero.txt From tmraz at fedoraproject.org Thu Oct 8 15:54:42 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Thu, 08 Oct 2020 15:54:42 +0000 Subject: [openssl] master update Message-ID: <1602172482.838941.11291.nullmailer@dev.openssl.org> The branch master has been updated via d00bd4e452e846a610284fe2be3e9358153251e7 (commit) from 13c5ec569ea9286ff18e019fb2d53be64829c62c (commit) - Log ----------------------------------------------------------------- commit d00bd4e452e846a610284fe2be3e9358153251e7 Author: Daniel Bevenius Date: Mon Oct 5 08:14:29 2020 +0200 Set mark and pop error in d2i_PrivateKey_ex This commit sets the error mark before calling old_priv_decode and if old_priv_decode returns false, and if EVP_PKCS82PKEY is successful, the errors are popped to the previously set mark. The motivation for this is an issue we found when linking Node.js against OpenSSL 3.0. Details can be found in the link below and the test case provided in this commit attempts cover this. Refs: https://github.com/danbev/learning-libcrypto#asn1-wrong-tag-issue Refs: https://github.com/nodejs/node/issues/29817 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13073) ----------------------------------------------------------------------- Summary of changes: crypto/asn1/d2i_pr.c | 13 +++++++++++-- test/evp_extra_test2.c | 23 +++++++++++++++++++++++ 2 files changed, 34 insertions(+), 2 deletions(-) diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index 838ce25b90..b478112349 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -45,6 +45,7 @@ EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp, goto err; } + ERR_set_mark(); if (!ret->ameth->old_priv_decode || !ret->ameth->old_priv_decode(ret, &p, length)) { if (ret->ameth->priv_decode != NULL @@ -52,20 +53,28 @@ EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp, EVP_PKEY *tmp; PKCS8_PRIV_KEY_INFO *p8 = NULL; p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length); - if (p8 == NULL) + if (p8 == NULL) { + ERR_clear_last_mark(); goto err; + } tmp = EVP_PKCS82PKEY_ex(p8, libctx, propq); PKCS8_PRIV_KEY_INFO_free(p8); - if (tmp == NULL) + if (tmp == NULL) { + ERR_clear_last_mark(); goto err; + } EVP_PKEY_free(ret); ret = tmp; + ERR_pop_to_mark(); if (EVP_PKEY_type(type) != EVP_PKEY_base_id(ret)) goto err; } else { + ERR_clear_last_mark(); ASN1err(0, ERR_R_ASN1_LIB); goto err; } + } else { + ERR_clear_last_mark(); } *pp = p; if (a != NULL) diff --git a/test/evp_extra_test2.c b/test/evp_extra_test2.c index 63380f878a..0667a82647 100644 --- a/test/evp_extra_test2.c +++ b/test/evp_extra_test2.c @@ -15,6 +15,7 @@ */ #include +#include #include #include "testutil.h" #include "internal/nelem.h" @@ -248,6 +249,27 @@ static int test_alternative_default(void) return ok; } +static int test_d2i_PrivateKey_ex(void) { + int ok; + OSSL_PROVIDER *provider; + BIO *key_bio; + EVP_PKEY* pkey; + ok = 0; + + provider = OSSL_PROVIDER_load(NULL, "default"); + key_bio = BIO_new_mem_buf((&keydata[0])->kder, (&keydata)[0]->size); + + ok = TEST_ptr(pkey = PEM_read_bio_PrivateKey(key_bio, NULL, NULL, NULL)); + TEST_int_eq(ERR_peek_error(), 0); + test_openssl_errors(); + + EVP_PKEY_free(pkey); + BIO_free(key_bio); + OSSL_PROVIDER_unload(provider); + + return ok; +} + int setup_tests(void) { mainctx = OPENSSL_CTX_new(); @@ -264,6 +286,7 @@ int setup_tests(void) ADD_TEST(test_alternative_default); ADD_ALL_TESTS(test_d2i_AutoPrivateKey_ex, OSSL_NELEM(keydata)); + ADD_TEST(test_d2i_PrivateKey_ex); return 1; } From no-reply at appveyor.com Thu Oct 8 16:11:45 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 08 Oct 2020 16:11:45 +0000 Subject: Build completed: openssl master.37408 Message-ID: <20201008161145.1.A1EC286C39ED9DAA@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 8 16:18:05 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 16:18:05 +0000 Subject: Still Failing: openssl/openssl#37945 (master - 02a2567) In-Reply-To: Message-ID: <5f7f3bbcc5aae_13fbab1e1dee814892cf@travis-pro-tasks-5dc5f9b4d9-l6dm7.mail> Build Update for openssl/openssl ------------------------------------- Build: #37945 Status: Still Failing Duration: 1 hr, 23 mins, and 8 secs Commit: 02a2567 (master) Author: Andr? Klitzing Message: Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE This unifies the behaviour of a single certificate with an unknown CA certificate with a self-signed certificate. The user callback can mask that error to retrieve additional error information. So the user application can decide to abort the connection instead to be forced by openssl. This change in behaviour is backward compatible as user callbacks who don't want to ignore UNABLE_TO_VERIFY_LEAF_SIGNATURE will still abort the connection by default. CLA: trivial Fixes #11297 Reviewed-by: David von Oheimb Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13083) View the changeset: https://github.com/openssl/openssl/compare/df38dcfcd5c3...02a2567173a4 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188840957?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 8 16:47:28 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 16:47:28 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1602175648.962441.4289.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0204B015A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0204B015A7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0204B015A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/Zay0wmJanl default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C09013048E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C09013048E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C09013048E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C09013048E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C09013048E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C09013048E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/Zay0wmJanl fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 674 wallclock secs (13.55 usr 1.23 sys + 610.44 cusr 56.89 csys = 682.11 CPU) Result: FAIL Makefile:3190: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3188: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 8 17:25:26 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 17:25:26 +0000 Subject: Still Failing: openssl/openssl#37946 (master - 55c6147) In-Reply-To: Message-ID: <5f7f4b8551dd8_13fdf585b8ffc337940@travis-pro-tasks-6f77d748f7-ctqj2.mail> Build Update for openssl/openssl ------------------------------------- Build: #37946 Status: Still Failing Duration: 1 hr, 34 mins, and 9 secs Commit: 55c6147 (master) Author: Dr. David von Oheimb Message: Correct and simplify use of ERR_clear_error() etc. for loading DSO libs Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13045) View the changeset: https://github.com/openssl/openssl/compare/02a2567173a4...55c61473b52a View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188844563?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 8 17:28:02 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 17:28:02 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1602178082.418275.11002.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: c5fc6754b7 Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ bd60ac48a6 Test.pm: Add result_dir and export both result_dir and result_file d8dc853825 Change CVE link style in CHANGES and NEWS 6ffc312776 Update CHANGES and NEWS for 1.1.1h release 5357c10624 ffc: add _ossl to exported but internal functions 69340cafb4 doc: remove duplicated code in example 856198aac7 Some OIDs used in Russian X.509 certificates. Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A0EA59F37F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A0EA59F37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A0EA59F37F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A0EA59F37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/pc6fhqARoI default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C01041937B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C01041937B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C01041937B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C01041937B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/pc6fhqARoI fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 643 wallclock secs (12.23 usr 1.20 sys + 580.58 cusr 55.80 csys = 649.81 CPU) Result: FAIL Makefile:3175: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3173: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 8 18:30:58 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 18:30:58 +0000 Subject: Still Failing: openssl/openssl#37947 (master - 13c5ec5) In-Reply-To: Message-ID: <5f7f5ae028ed3_13fbbd86b98003247d0@travis-pro-tasks-6f77d748f7-7vl42.mail> Build Update for openssl/openssl ------------------------------------- Build: #37947 Status: Still Failing Duration: 1 hr, 33 mins, and 14 secs Commit: 13c5ec5 (master) Author: Dmitry Belyavskiy Message: Fix zero-length content verification in S/MIME format Fixes #13082 Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13087) View the changeset: https://github.com/openssl/openssl/compare/55c61473b52a...13c5ec569ea9 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188846994?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 8 19:46:02 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 08 Oct 2020 19:46:02 +0000 Subject: Build failed: openssl master.37413 Message-ID: <20201008194602.1.9A7809BBC6D5B210@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 8 20:15:55 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 08 Oct 2020 20:15:55 +0000 Subject: Still Failing: openssl/openssl#37949 (master - d00bd4e) In-Reply-To: Message-ID: <5f7f737b4158_13fdf585b8f0c1276521@travis-pro-tasks-6f77d748f7-ctqj2.mail> Build Update for openssl/openssl ------------------------------------- Build: #37949 Status: Still Failing Duration: 1 hr, 22 mins, and 43 secs Commit: d00bd4e (master) Author: Daniel Bevenius Message: Set mark and pop error in d2i_PrivateKey_ex This commit sets the error mark before calling old_priv_decode and if old_priv_decode returns false, and if EVP_PKCS82PKEY is successful, the errors are popped to the previously set mark. The motivation for this is an issue we found when linking Node.js against OpenSSL 3.0. Details can be found in the link below and the test case provided in this commit attempts cover this. Refs: https://github.com/danbev/learning-libcrypto#asn1-wrong-tag-issue Refs: https://github.com/nodejs/node/issues/29817 Reviewed-by: Matt Caswell Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13073) View the changeset: https://github.com/openssl/openssl/compare/13c5ec569ea9...d00bd4e452e8 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188854019?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 8 23:22:57 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 08 Oct 2020 23:22:57 +0000 Subject: Build failed: openssl master.37416 Message-ID: <20201008232257.1.052A17C881B27C96@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 8 23:43:25 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 08 Oct 2020 23:43:25 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1602200605.989886.26421.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 8087CE608A7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 805726E7907F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 805726E7907F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1319 wallclock secs (12.02 usr 1.61 sys + 1155.21 cusr 144.95 csys = 1313.79 CPU) Result: FAIL Makefile:2549: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2547: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 9 01:31:50 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 01:31:50 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1602207110.533387.935.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 682 wallclock secs (13.73 usr 1.30 sys + 617.65 cusr 56.49 csys = 689.17 CPU) Result: FAIL Makefile:3182: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3180: recipe for target 'tests' failed make: *** [tests] Error 2 From pauli at openssl.org Fri Oct 9 02:41:20 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Fri, 09 Oct 2020 02:41:20 +0000 Subject: [openssl] master update Message-ID: <1602211280.369797.22462.nullmailer@dev.openssl.org> The branch master has been updated via a96722219ed431656b0f15a9a3d2c26676b6616e (commit) from d00bd4e452e846a610284fe2be3e9358153251e7 (commit) - Log ----------------------------------------------------------------- commit a96722219ed431656b0f15a9a3d2c26676b6616e Author: Randall S. Becker Date: Tue Sep 29 15:21:38 2020 -0500 Disabled symbol_presence test on NonStop due to different nm format. CLA: trivial Fixes #12996 Signed-off-by: Randall S. Becker Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13036) ----------------------------------------------------------------------- Summary of changes: test/recipes/01-test_symbol_presence.t | 1 + 1 file changed, 1 insertion(+) diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index d339770b0f..81f9d59e0e 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -14,6 +14,7 @@ use OpenSSL::Test::Utils; setup("test_symbol_presence"); +plan skip_all => "Test is disabled on NonStop" if config('target') =~ m|^nonstop|; plan skip_all => "Only useful when building shared libraries" if disabled("shared"); From builds at travis-ci.com Fri Oct 9 04:04:04 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 09 Oct 2020 04:04:04 +0000 Subject: Still Failing: openssl/openssl#37957 (master - a967222) In-Reply-To: Message-ID: <5f7fe13448a1a_13f95c6ec91b8802587@travis-pro-tasks-9d659499-s8fvj.mail> Build Update for openssl/openssl ------------------------------------- Build: #37957 Status: Still Failing Duration: 1 hr, 21 mins, and 26 secs Commit: a967222 (master) Author: Randall S. Becker Message: Disabled symbol_presence test on NonStop due to different nm format. CLA: trivial Fixes #12996 Signed-off-by: Randall S. Becker Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13036) View the changeset: https://github.com/openssl/openssl/compare/d00bd4e452e8...a96722219ed4 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188961227?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 9 04:05:46 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 04:05:46 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1602216346.346411.28602.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl chmod a+x apps/tsget.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" rm -f apps/libapps.a clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-eddsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-eddsa.o -c -o providers/implementations/signature/libimplementations-lib-eddsa.o ../openssl/providers/implementations/signature/eddsa.c Makefile:21554: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3120: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Fri Oct 9 05:12:09 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 09 Oct 2020 05:12:09 +0000 Subject: Build failed: openssl master.37421 Message-ID: <20201009051209.1.07F1A248D8043684@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 9 06:14:24 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 06:14:24 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1602224064.328980.13180.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C050C0BCA17F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0C0BA4F897F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0C0BA4F897F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0200CE7277F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0200CE7277F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 675 wallclock secs (14.03 usr 1.48 sys + 611.02 cusr 58.06 csys = 684.59 CPU) Result: FAIL Makefile:3105: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3103: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 9 06:36:15 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 06:36:15 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1602225375.463176.1112.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 674 wallclock secs (13.52 usr 1.34 sys + 602.79 cusr 60.02 csys = 677.67 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 9 06:58:19 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 06:58:19 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1602226699.695808.20793.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. skipped: dh is not supported by this OpenSSL build 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 25-test_x509.t (Wstat: 256 Tests: 15 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=212, Tests=3574, 682 wallclock secs (14.13 usr 1.43 sys + 604.72 cusr 59.88 csys = 680.16 CPU) Result: FAIL Makefile:3147: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dh' Makefile:3145: recipe for target 'tests' failed make: *** [tests] Error 2 From matt at openssl.org Fri Oct 9 07:05:03 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 09 Oct 2020 07:05:03 +0000 Subject: [web] master update Message-ID: <1602227103.052371.3102.nullmailer@dev.openssl.org> The branch master has been updated via ccf53c574247ac38f8ebfa956c0dee6d9501ed62 (commit) from b4cd56044d440553a1fe8273faac204d26be97ff (commit) - Log ----------------------------------------------------------------- commit ccf53c574247ac38f8ebfa956c0dee6d9501ed62 Author: Pauli Date: Fri Oct 9 07:52:12 2020 +1000 Add Siemens to the list of companies that support the project by donating employee time. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/web/pull/200) ----------------------------------------------------------------------- Summary of changes: community/thanks.html | 1 + 1 file changed, 1 insertion(+) diff --git a/community/thanks.html b/community/thanks.html index 2ee75d3..0a734d0 100644 --- a/community/thanks.html +++ b/community/thanks.html @@ -30,6 +30,7 @@ Google, Oracle, Red Hat, + Siemens, and Softing. From tmraz at fedoraproject.org Fri Oct 9 07:10:00 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Fri, 09 Oct 2020 07:10:00 +0000 Subject: [openssl] master update Message-ID: <1602227400.508247.22346.nullmailer@dev.openssl.org> The branch master has been updated via cad809592579e62c7d38407bdcb11b942571d535 (commit) from a96722219ed431656b0f15a9a3d2c26676b6616e (commit) - Log ----------------------------------------------------------------- commit cad809592579e62c7d38407bdcb11b942571d535 Author: Tomas Mraz Date: Thu Oct 8 17:24:44 2020 +0200 INSTALL.md: Drop trailing spaces on a line Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/13097) ----------------------------------------------------------------------- Summary of changes: INSTALL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INSTALL.md b/INSTALL.md index 813d8b456d..30c88872d2 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1470,7 +1470,7 @@ described here. Examine the Makefiles themselves for the full list. install_html_docs Only install the OpenSSL HTML documentation. - + install_fips Install the FIPS provider module configuration file. From no-reply at appveyor.com Fri Oct 9 07:58:59 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 09 Oct 2020 07:58:59 +0000 Subject: Build failed: openssl master.37422 Message-ID: <20201009075859.1.7815E6550AEB6002@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Fri Oct 9 08:21:01 2020 From: levitte at openssl.org (Richard Levitte) Date: Fri, 09 Oct 2020 08:21:01 +0000 Subject: [openssl] master update Message-ID: <1602231661.691130.2243.nullmailer@dev.openssl.org> The branch master has been updated via 86e5ac6d844136324d4ccb649c768e530ce6e0af (commit) via a23163a3164897d0b370b31de824b9b020e85857 (commit) via 0c12ca7294ac887d3d07a3294d1ee7c35a2be7e4 (commit) from cad809592579e62c7d38407bdcb11b942571d535 (commit) - Log ----------------------------------------------------------------- commit 86e5ac6d844136324d4ccb649c768e530ce6e0af Author: Richard Levitte Date: Thu Oct 8 07:22:38 2020 +0200 make ordinals Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13092) commit a23163a3164897d0b370b31de824b9b020e85857 Author: Richard Levitte Date: Thu Oct 8 06:30:35 2020 +0200 Modify util/mknum.pl to drop new symbols that don't exist any more This makes use of the writer filters in OpenSSL::Ordinals. Fixes #10395 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13092) commit 0c12ca7294ac887d3d07a3294d1ee7c35a2be7e4 Author: Richard Levitte Date: Thu Oct 8 06:27:51 2020 +0200 OpenSSL::Ordinals: Add options for the writing functions OpenSSL::Ordinals::rewrite() and OpenSSL::Ordinals::write() now take options, that are simply passed to OpenSSL::Ordinals::items(). The 'sort' option is forbidden, though, since write() already uses it, but that means it's possible to filter the output. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13092) ----------------------------------------------------------------------- Summary of changes: util/libcrypto.num | 23 ----------------------- util/mknum.pl | 22 +++++++++++++++++----- util/perl/OpenSSL/Ordinals.pm | 21 ++++++++++++++++++--- 3 files changed, 35 insertions(+), 31 deletions(-) diff --git a/util/libcrypto.num b/util/libcrypto.num index 189563fd2a..05e006eb72 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4430,17 +4430,6 @@ OPENSSL_version_build_metadata ? 3_0_0 EXIST::FUNCTION: EVP_aes_128_siv ? 3_0_0 EXIST::FUNCTION:SIV EVP_aes_192_siv ? 3_0_0 EXIST::FUNCTION:SIV EVP_aes_256_siv ? 3_0_0 EXIST::FUNCTION:SIV -CRYPTO_siv128_new ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_init ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_copy_ctx ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_aad ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_encrypt ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_decrypt ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_finish ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_set_tag ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_get_tag ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_cleanup ? 3_0_0 NOEXIST::FUNCTION:SIV -CRYPTO_siv128_speed ? 3_0_0 NOEXIST::FUNCTION:SIV OPENSSL_INIT_set_config_filename ? 3_0_0 EXIST::FUNCTION:STDIO OPENSSL_INIT_set_config_file_flags ? 3_0_0 EXIST::FUNCTION:STDIO ASYNC_WAIT_CTX_get_callback ? 3_0_0 EXIST::FUNCTION: @@ -4626,9 +4615,6 @@ OSSL_CMP_MSG_free ? 3_0_0 EXIST::FUNCTION:CMP ERR_load_CMP_strings ? 3_0_0 EXIST::FUNCTION:CMP EVP_MD_CTX_set_params ? 3_0_0 EXIST::FUNCTION: EVP_MD_CTX_get_params ? 3_0_0 EXIST::FUNCTION: -OPENSSL_CTX_get0_primary_drbg ? 3_0_0 NOEXIST::FUNCTION: -OPENSSL_CTX_get0_public_drbg ? 3_0_0 NOEXIST::FUNCTION: -OPENSSL_CTX_get0_private_drbg ? 3_0_0 NOEXIST::FUNCTION: BN_CTX_new_ex ? 3_0_0 EXIST::FUNCTION: BN_CTX_secure_new_ex ? 3_0_0 EXIST::FUNCTION: OPENSSL_thread_stop_ex ? 3_0_0 EXIST::FUNCTION: @@ -4666,9 +4652,6 @@ ERR_vset_error ? 3_0_0 EXIST::FUNCTION: X509_get0_authority_issuer ? 3_0_0 EXIST::FUNCTION: X509_get0_authority_serial ? 3_0_0 EXIST::FUNCTION: X509_self_signed ? 3_0_0 EXIST::FUNCTION: -EC_GROUP_new_by_curve_name_ex ? 3_0_0 NOEXIST::FUNCTION:EC -EC_KEY_new_ex ? 3_0_0 NOEXIST::FUNCTION:EC -EC_KEY_new_by_curve_name_ex ? 3_0_0 NOEXIST::FUNCTION:EC OPENSSL_hexstr2buf_ex ? 3_0_0 EXIST::FUNCTION: OPENSSL_buf2hexstr_ex ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_allocate_from_text ? 3_0_0 EXIST::FUNCTION: @@ -4792,9 +4775,7 @@ OSSL_CMP_print_to_bio ? 3_0_0 EXIST::FUNCTION:CMP OSSL_CMP_print_errors_cb ? 3_0_0 EXIST::FUNCTION:CMP OSSL_CRMF_CERTID_get0_issuer ? 3_0_0 EXIST::FUNCTION:CRMF OSSL_CRMF_CERTID_get0_serialNumber ? 3_0_0 EXIST::FUNCTION:CRMF -EVP_DigestSignInit_ex ? 3_0_0 NOEXIST::FUNCTION: EVP_DigestSignUpdate ? 3_0_0 EXIST::FUNCTION: -EVP_DigestVerifyInit_ex ? 3_0_0 NOEXIST::FUNCTION: EVP_DigestVerifyUpdate ? 3_0_0 EXIST::FUNCTION: BN_check_prime ? 3_0_0 EXIST::FUNCTION: EVP_KEYMGMT_is_a ? 3_0_0 EXIST::FUNCTION: @@ -5019,7 +5000,6 @@ SRP_Calc_B_ex ? 3_0_0 EXIST::FUNCTION:SRP SRP_Calc_u_ex ? 3_0_0 EXIST::FUNCTION:SRP SRP_Calc_x_ex ? 3_0_0 EXIST::FUNCTION:SRP SRP_Calc_client_key_ex ? 3_0_0 EXIST::FUNCTION:SRP -X509v3_cache_extensions ? 3_0_0 NOEXIST::FUNCTION: EVP_PKEY_gettable_params ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_get_int_param ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_get_size_t_param ? 3_0_0 EXIST::FUNCTION: @@ -5064,8 +5044,6 @@ EVP_PKEY_CTX_set_dhx_rfc5114 ? 3_0_0 EXIST::FUNCTION:DH X509_VERIFY_PARAM_get0_host ? 3_0_0 EXIST::FUNCTION: X509_VERIFY_PARAM_get0_email ? 3_0_0 EXIST::FUNCTION: X509_VERIFY_PARAM_get1_ip_asc ? 3_0_0 EXIST::FUNCTION: -X509_verify_ex ? 3_0_0 NOEXIST::FUNCTION: -X509_REQ_verify_ex ? 3_0_0 NOEXIST::FUNCTION: X509_ALGOR_copy ? 3_0_0 EXIST::FUNCTION: X509_REQ_set0_signature ? 3_0_0 EXIST::FUNCTION: X509_REQ_set1_signature_algo ? 3_0_0 EXIST::FUNCTION: @@ -5094,7 +5072,6 @@ EVP_RAND_uninstantiate ? 3_0_0 EXIST::FUNCTION: EVP_RAND_generate ? 3_0_0 EXIST::FUNCTION: EVP_RAND_reseed ? 3_0_0 EXIST::FUNCTION: EVP_RAND_nonce ? 3_0_0 EXIST::FUNCTION: -EVP_RAND_set_callbacks ? 3_0_0 NOEXIST::FUNCTION: EVP_RAND_enable_locking ? 3_0_0 EXIST::FUNCTION: EVP_RAND_verify_zeroization ? 3_0_0 EXIST::FUNCTION: EVP_RAND_strength ? 3_0_0 EXIST::FUNCTION: diff --git a/util/mknum.pl b/util/mknum.pl index 4ee87c29a8..8f840ffe7f 100644 --- a/util/mknum.pl +++ b/util/mknum.pl @@ -118,7 +118,15 @@ if ($checkexist) { } } } else { - $ordinals->rewrite(); + my $dropped = 0; + my $unassigned; + my $filter = sub { + my $item = shift; + my $result = $item->number() ne '?' || $item->exists(); + $dropped++ unless $result; + return $result; + }; + $ordinals->rewrite(filter => $filter); my %stats = $ordinals->stats(); print STDERR "${ordinals_file}: $stats{modified} old symbols have updated info\n" @@ -128,9 +136,13 @@ if ($checkexist) { } else { print STDERR "${ordinals_file}: No new symbols added\n"; } - if ($stats{unassigned}) { - my $symbol = $stats{unassigned} == 1 ? "symbol" : "symbols"; - my $is = $stats{unassigned} == 1 ? "is" : "are"; - print STDERR "${ordinals_file}: $stats{unassigned} $symbol $is without ordinal number\n"; + if ($dropped) { + print STDERR "${ordinals_file}: Dropped $dropped new symbols\n"; + } + $unassigned = $stats{unassigned} - $dropped; + if ($unassigned) { + my $symbol = $unassigned == 1 ? "symbol" : "symbols"; + my $is = $unassigned == 1 ? "is" : "are"; + print STDERR "${ordinals_file}: $unassigned $symbol $is without ordinal number\n"; } } diff --git a/util/perl/OpenSSL/Ordinals.pm b/util/perl/OpenSSL/Ordinals.pm index 0b1db48dd3..7008ebf536 100644 --- a/util/perl/OpenSSL/Ordinals.pm +++ b/util/perl/OpenSSL/Ordinals.pm @@ -179,7 +179,7 @@ sub renumber { my $self = shift; my $max_assigned = 0; - foreach ($self->items(by => by_number())) { + foreach ($self->items(sort => by_number())) { $_->number($_->intnum()) if $_->number() =~ m|^\?|; if ($max_assigned < $_->number()) { $max_assigned = $_->number(); @@ -190,34 +190,49 @@ sub renumber { =item B<< $ordinals->rewrite >> +=item B<< $ordinals->rewrite >>, I<%options> + If an ordinals file has been loaded, it gets rewritten with the data from the current work database. +If there are more arguments, they are used as I<%options> with the +same semantics as for B<< $ordinals->items >> described below, apart +from B, which is forbidden here. + =cut sub rewrite { my $self = shift; + my %opts = @_; - $self->write($self->{filename}); + $self->write($self->{filename}, %opts); } =item B<< $ordinals->write FILENAME >> +=item B<< $ordinals->write FILENAME >>, I<%options> + Writes the current work database data to the ordinals file FILENAME. This also validates the data, see B<< $ordinals->validate >> below. +If there are more arguments, they are used as I<%options> with the +same semantics as for B<< $ordinals->items >> described next, apart +from B, which is forbidden here. + =cut sub write { my $self = shift; my $filename = shift; + my %opts = @_; croak "Undefined filename" unless defined($filename); + croak "The 'sort' option is not allowed" if $opts{sort}; $self->validate(); open F, '>', $filename or croak "Unable to open $filename"; - foreach ($self->items(by => by_number())) { + foreach ($self->items(%opts, sort => by_number())) { print F $_->to_string(),"\n"; } close F; From builds at travis-ci.com Fri Oct 9 08:53:18 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 09 Oct 2020 08:53:18 +0000 Subject: Still Failing: openssl/openssl#37959 (master - cad8095) In-Reply-To: Message-ID: <5f8024fe3264c_13fd57c6d322418503b@travis-pro-tasks-6985bc8cd-g7mtp.mail> Build Update for openssl/openssl ------------------------------------- Build: #37959 Status: Still Failing Duration: 1 hr, 20 mins, and 42 secs Commit: cad8095 (master) Author: Tomas Mraz Message: INSTALL.md: Drop trailing spaces on a line Reviewed-by: Paul Yang (Merged from https://github.com/openssl/openssl/pull/13097) View the changeset: https://github.com/openssl/openssl/compare/a96722219ed4...cad809592579 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188987829?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 9 09:58:43 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 09 Oct 2020 09:58:43 +0000 Subject: Still Failing: openssl/openssl#37960 (master - 86e5ac6) In-Reply-To: Message-ID: <5f803452f22a3_13fd57c6b85144555ab@travis-pro-tasks-6985bc8cd-g7mtp.mail> Build Update for openssl/openssl ------------------------------------- Build: #37960 Status: Still Failing Duration: 1 hr, 31 mins, and 25 secs Commit: 86e5ac6 (master) Author: Richard Levitte Message: make ordinals Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13092) View the changeset: https://github.com/openssl/openssl/compare/cad809592579...86e5ac6d8441 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/188997393?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 9 10:20:22 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 10:20:22 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1602238822.348137.23122.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 644 wallclock secs (10.64 usr 1.13 sys + 590.48 cusr 51.89 csys = 654.14 CPU) Result: FAIL Makefile:3129: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3127: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 9 10:35:57 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 09 Oct 2020 10:35:57 +0000 Subject: Build failed: openssl master.37424 Message-ID: <20201009103557.1.1CBCF3FFF21F120E@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 9 11:14:28 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 11:14:28 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1602242068.995957.22254.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 705 wallclock secs (13.61 usr 1.27 sys + 643.98 cusr 55.93 csys = 714.79 CPU) Result: FAIL Makefile:3193: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3191: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Fri Oct 9 11:22:06 2020 From: levitte at openssl.org (Richard Levitte) Date: Fri, 09 Oct 2020 11:22:06 +0000 Subject: [openssl] master update Message-ID: <1602242526.274289.1464.nullmailer@dev.openssl.org> The branch master has been updated via 3094351625f0b222f92c22ce4943461df8c7e301 (commit) from 86e5ac6d844136324d4ccb649c768e530ce6e0af (commit) - Log ----------------------------------------------------------------- commit 3094351625f0b222f92c22ce4943461df8c7e301 Author: Richard Levitte Date: Thu Oct 8 08:11:32 2020 +0200 Fix diverse ERR code conflicts There was a number of potential range conflicts between reason codes from different places. Library specific reason codes are allowed to start at 100, so it means that anything "global" is limited to the range 1..99. At the same time, we have the ERR_R_LIB_xxx reason codes, which have the same numbers as ERR_LIB_xxx, potential range 1..255. And then we have the common ERR_R_ reason codes, potential range in OpenSSL 1.1.1 is 1..99, where fatal reasons occupy 64..99. For OpenSSL 3.0-dev, the range for the common reason codes was pushed up to 64..99 in an attempt to reduce the conflicts with the ERR_R_LIB_xxx reason codes. Currently existing conflicts in OpenSSL 1.1.1: ERR_R_BUF_LIB and ERR_R_PASSED_INVALID_ARGUMENT have the same code. There are currently no existing conflicts in OpenSSL 3.0-dev, but considering that ERR_LIB_HTTP is 61, a few more modules and associated ERR_R_LIB_xxx are going to sniff awfully close to 64, where the common ERR_R_ codes currently start. To avoid these range conflicts, the strategy to recognise common reason codes is change to depend on a reason flag, ERR_RFLAG_COMMON, and the common error codes themselves have moved start at 256, giving them the potential range 256..2^18-1, and thus allowing ERR_R_LIB_xxx the full range of library codes, 1..255. The dual purpose ERR_R_FATAL is also handled in this change, by allowing the rflags and reason codes to overlap by 1 bit, and make both ERR_R_FATAL and ERR_RFLAG_FATAL have the same value, 2^18. With this change, there's no need to worry about reason code conflicts any more, every library specific range as well as the common range is 1..2^18-1. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13093) ----------------------------------------------------------------------- Summary of changes: include/openssl/err.h.in | 126 +++++++++++++++++++++++++++-------------------- 1 file changed, 72 insertions(+), 54 deletions(-) diff --git a/include/openssl/err.h.in b/include/openssl/err.h.in index b916f436e3..0e6f4fbad2 100644 --- a/include/openssl/err.h.in +++ b/include/openssl/err.h.in @@ -190,24 +190,43 @@ struct err_state_st { * * A few of the reason bits are reserved as flags with special meaning: * - * <4 bits><-------------- 19 bits -------------> - * +-------+-------------------------------------+ - * | rflags| reason | - * +-------+-------------------------------------+ + * <5 bits-<>--------- 19 bits -----------------> + * +-------+-+-----------------------------------+ + * | rflags| | reason | + * +-------+-+-----------------------------------+ + * ^ + * | + * ERR_RFLAG_FATAL = ERR_R_FATAL * - * We have the reason flags being part of the overall reason code for - * backward compatibility reasons, i.e. how ERR_R_FATAL was implemented. + * The reason flags are part of the overall reason code for practical + * reasons, as they provide an easy way to place different types of + * reason codes in different numeric ranges. + * + * The currently known reason flags are: + * + * ERR_RFLAG_FATAL Flags that the reason code is considered fatal. + * For backward compatibility reasons, this flag + * is also the code for ERR_R_FATAL (that reason + * code served the dual purpose of flag and reason + * code in one in pre-3.0 OpenSSL). + * ERR_RFLAG_COMMON Flags that the reason code is common to all + * libraries. All ERR_R_ macros must use this flag, + * and no other _R_ macro is allowed to use it. */ /* Macros to help decode recorded system errors */ # define ERR_SYSTEM_FLAG ((unsigned int)INT_MAX + 1) # define ERR_SYSTEM_MASK ((unsigned int)INT_MAX) -/* Macros to help decode recorded OpenSSL errors */ +/* + * Macros to help decode recorded OpenSSL errors + * As expressed above, RFLAGS and REASON overlap by one bit to allow + * ERR_R_FATAL to use ERR_RFLAG_FATAL as its reason code. + */ # define ERR_LIB_OFFSET 23L # define ERR_LIB_MASK 0xFF -# define ERR_RFLAGS_OFFSET 19L -# define ERR_RFLAGS_MASK 0xF +# define ERR_RFLAGS_OFFSET 18L +# define ERR_RFLAGS_MASK 0x1F # define ERR_REASON_MASK 0X7FFFFF /* @@ -215,6 +234,7 @@ struct err_state_st { * number. */ # define ERR_RFLAG_FATAL (0x1 << ERR_RFLAGS_OFFSET) +# define ERR_RFLAG_COMMON (0x2 << ERR_RFLAGS_OFFSET) # define ERR_SYSTEM_ERROR(errcode) (((errcode) & ERR_SYSTEM_FLAG) != 0) @@ -249,6 +269,11 @@ static ossl_unused ossl_inline int ERR_FATAL_ERROR(unsigned long errcode) return (ERR_GET_RFLAGS(errcode) & ERR_RFLAG_FATAL) != 0; } +static ossl_unused ossl_inline int ERR_COMMON_ERROR(unsigned long errcode) +{ + return (ERR_GET_RFLAGS(errcode) & ERR_RFLAG_COMMON) != 0; +} + /* * ERR_PACK is a helper macro to properly pack OpenSSL error codes and may * only be used for that purpose. System errors are packed internally. @@ -287,54 +312,47 @@ static ossl_unused ossl_inline int ERR_FATAL_ERROR(unsigned long errcode) # define SYS_F_SENDFILE 0 # endif -/* "we came from here" global reason codes, range 1..63 */ -# define ERR_R_SYS_LIB ERR_LIB_SYS/* 2 */ -# define ERR_R_BN_LIB ERR_LIB_BN/* 3 */ -# define ERR_R_RSA_LIB ERR_LIB_RSA/* 4 */ -# define ERR_R_DH_LIB ERR_LIB_DH/* 5 */ -# define ERR_R_EVP_LIB ERR_LIB_EVP/* 6 */ -# define ERR_R_BUF_LIB ERR_LIB_BUF/* 7 */ -# define ERR_R_OBJ_LIB ERR_LIB_OBJ/* 8 */ -# define ERR_R_PEM_LIB ERR_LIB_PEM/* 9 */ -# define ERR_R_DSA_LIB ERR_LIB_DSA/* 10 */ -# define ERR_R_X509_LIB ERR_LIB_X509/* 11 */ -# define ERR_R_ASN1_LIB ERR_LIB_ASN1/* 13 */ -# define ERR_R_CRYPTO_LIB ERR_LIB_CRYPTO/* 15 */ -# define ERR_R_EC_LIB ERR_LIB_EC/* 16 */ -# define ERR_R_BIO_LIB ERR_LIB_BIO/* 32 */ -# define ERR_R_PKCS7_LIB ERR_LIB_PKCS7/* 33 */ -# define ERR_R_X509V3_LIB ERR_LIB_X509V3/* 34 */ -# define ERR_R_ENGINE_LIB ERR_LIB_ENGINE/* 38 */ -# define ERR_R_UI_LIB ERR_LIB_UI/* 40 */ -# define ERR_R_ECDSA_LIB ERR_LIB_ECDSA/* 42 */ -# define ERR_R_OSSL_STORE_LIB ERR_LIB_OSSL_STORE/* 44 */ -# define ERR_R_OSSL_DECODER_LIB ERR_LIB_OSSL_DECODER/* 60 */ - /* - * global reason codes, range 64..99 (sub-system specific codes start at 100) - * - * ERR_R_FATAL had dual purposes in pre-3.0 OpenSSL, as a standalone reason - * code as well as a fatal flag. This is still possible to do, as 2**6 (64) - * is present in the whole range of global reason codes. + * All ERR_R_ codes must be combined with ERR_RFLAG_COMMON. */ -# define ERR_R_FATAL (64|ERR_RFLAG_FATAL) -# define ERR_R_MALLOC_FAILURE (65|ERR_RFLAG_FATAL) -# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (66|ERR_RFLAG_FATAL) -# define ERR_R_PASSED_NULL_PARAMETER (67|ERR_RFLAG_FATAL) -# define ERR_R_INTERNAL_ERROR (68|ERR_RFLAG_FATAL) -# define ERR_R_DISABLED (69|ERR_RFLAG_FATAL) -# define ERR_R_INIT_FAIL (70|ERR_RFLAG_FATAL) -# define ERR_R_PASSED_INVALID_ARGUMENT (71) -# define ERR_R_OPERATION_FAIL (72|ERR_RFLAG_FATAL) -# define ERR_R_INVALID_PROVIDER_FUNCTIONS (73|ERR_RFLAG_FATAL) -# define ERR_R_INTERRUPTED_OR_CANCELLED (74) -# define ERR_R_NESTED_ASN1_ERROR (76) -# define ERR_R_MISSING_ASN1_EOS (77) -/* - * 99 is the maximum possible ERR_R_... code, higher values are reserved for - * the individual libraries - */ +/* "we came from here" global reason codes, range 1..255 */ +# define ERR_R_SYS_LIB (ERR_LIB_SYS/* 2 */ | ERR_RFLAG_COMMON) +# define ERR_R_BN_LIB (ERR_LIB_BN/* 3 */ | ERR_RFLAG_COMMON) +# define ERR_R_RSA_LIB (ERR_LIB_RSA/* 4 */ | ERR_RFLAG_COMMON) +# define ERR_R_DH_LIB (ERR_LIB_DH/* 5 */ | ERR_RFLAG_COMMON) +# define ERR_R_EVP_LIB (ERR_LIB_EVP/* 6 */ | ERR_RFLAG_COMMON) +# define ERR_R_BUF_LIB (ERR_LIB_BUF/* 7 */ | ERR_RFLAG_COMMON) +# define ERR_R_OBJ_LIB (ERR_LIB_OBJ/* 8 */ | ERR_RFLAG_COMMON) +# define ERR_R_PEM_LIB (ERR_LIB_PEM/* 9 */ | ERR_RFLAG_COMMON) +# define ERR_R_DSA_LIB (ERR_LIB_DSA/* 10 */ | ERR_RFLAG_COMMON) +# define ERR_R_X509_LIB (ERR_LIB_X509/* 11 */ | ERR_RFLAG_COMMON) +# define ERR_R_ASN1_LIB (ERR_LIB_ASN1/* 13 */ | ERR_RFLAG_COMMON) +# define ERR_R_CRYPTO_LIB (ERR_LIB_CRYPTO/* 15 */ | ERR_RFLAG_COMMON) +# define ERR_R_EC_LIB (ERR_LIB_EC/* 16 */ | ERR_RFLAG_COMMON) +# define ERR_R_BIO_LIB (ERR_LIB_BIO/* 32 */ | ERR_RFLAG_COMMON) +# define ERR_R_PKCS7_LIB (ERR_LIB_PKCS7/* 33 */ | ERR_RFLAG_COMMON) +# define ERR_R_X509V3_LIB (ERR_LIB_X509V3/* 34 */ | ERR_RFLAG_COMMON) +# define ERR_R_ENGINE_LIB (ERR_LIB_ENGINE/* 38 */ | ERR_RFLAG_COMMON) +# define ERR_R_UI_LIB (ERR_LIB_UI/* 40 */ | ERR_RFLAG_COMMON) +# define ERR_R_ECDSA_LIB (ERR_LIB_ECDSA/* 42 */ | ERR_RFLAG_COMMON) +# define ERR_R_OSSL_STORE_LIB (ERR_LIB_OSSL_STORE/* 44 */ | ERR_RFLAG_COMMON) +# define ERR_R_OSSL_DECODER_LIB (ERR_LIB_OSSL_DECODER/* 60 */ | ERR_RFLAG_COMMON) + +/* Other common error codes, range 256..2^ERR_RFLAGS_OFFSET-1 */ +# define ERR_R_FATAL (ERR_RFLAG_FATAL|ERR_RFLAG_COMMON) +# define ERR_R_MALLOC_FAILURE (256|ERR_R_FATAL) +# define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (257|ERR_R_FATAL) +# define ERR_R_PASSED_NULL_PARAMETER (258|ERR_R_FATAL) +# define ERR_R_INTERNAL_ERROR (259|ERR_R_FATAL) +# define ERR_R_DISABLED (260|ERR_R_FATAL) +# define ERR_R_INIT_FAIL (261|ERR_R_FATAL) +# define ERR_R_PASSED_INVALID_ARGUMENT (262|ERR_RFLAG_COMMON) +# define ERR_R_OPERATION_FAIL (263|ERR_R_FATAL) +# define ERR_R_INVALID_PROVIDER_FUNCTIONS (264|ERR_R_FATAL) +# define ERR_R_INTERRUPTED_OR_CANCELLED (265|ERR_RFLAG_COMMON) +# define ERR_R_NESTED_ASN1_ERROR (266|ERR_RFLAG_COMMON) +# define ERR_R_MISSING_ASN1_EOS (267|ERR_RFLAG_COMMON) typedef struct ERR_string_data_st { unsigned long error; From no-reply at appveyor.com Fri Oct 9 11:48:42 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 09 Oct 2020 11:48:42 +0000 Subject: Build completed: openssl master.37425 Message-ID: <20201009114842.1.135104A625843162@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 9 13:35:39 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 09 Oct 2020 13:35:39 +0000 Subject: Still Failing: openssl/openssl#37964 (master - 3094351) In-Reply-To: Message-ID: <5f80672b89ab8_13fdd7bdc30283896a8@travis-pro-tasks-7957b885df-2gr5k.mail> Build Update for openssl/openssl ------------------------------------- Build: #37964 Status: Still Failing Duration: 1 hr, 37 mins, and 48 secs Commit: 3094351 (master) Author: Richard Levitte Message: Fix diverse ERR code conflicts There was a number of potential range conflicts between reason codes from different places. Library specific reason codes are allowed to start at 100, so it means that anything "global" is limited to the range 1..99. At the same time, we have the ERR_R_LIB_xxx reason codes, which have the same numbers as ERR_LIB_xxx, potential range 1..255. And then we have the common ERR_R_ reason codes, potential range in OpenSSL 1.1.1 is 1..99, where fatal reasons occupy 64..99. For OpenSSL 3.0-dev, the range for the common reason codes was pushed up to 64..99 in an attempt to reduce the conflicts with the ERR_R_LIB_xxx reason codes. Currently existing conflicts in OpenSSL 1.1.1: ERR_R_BUF_LIB and ERR_R_PASSED_INVALID_ARGUMENT have the same code. There are currently no existing conflicts in OpenSSL 3.0-dev, but considering that ERR_LIB_HTTP is 61, a few more modules and associated ERR_R_LIB_xxx are going to sniff awfully close to 64, where the common ERR_R_ codes currently start. To avoid these range conflicts, the strategy to recognise common reason codes is change to depend on a reason flag, ERR_RFLAG_COMMON, and the common error codes themselves have moved start at 256, giving them the potential range 256..2^18-1, and thus allowing ERR_R_LIB_xxx the full range of library codes, 1..255. The dual purpose ERR_R_FATAL is also handled in this change, by allowing the rflags and reason codes to overlap by 1 bit, and make both ERR_R_FATAL and ERR_RFLAG_FATAL have the same value, 2^18. With this change, there's no need to worry about reason code conflicts any more, every library specific range as well as the common range is 1..2^18-1. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13093) View the changeset: https://github.com/openssl/openssl/compare/86e5ac6d8441...3094351625f0 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189029738?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 9 16:37:31 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 09 Oct 2020 16:37:31 +0000 Subject: Build failed: openssl master.37428 Message-ID: <20201009163731.1.7419A6D57B07B535@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 9 17:47:50 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 09 Oct 2020 17:47:50 +0000 Subject: Build failed: openssl master.37430 Message-ID: <20201009174750.1.713E0310649C4306@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 9 18:09:03 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 18:09:03 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1602266943.813445.21736.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 579 wallclock secs (11.03 usr 1.09 sys + 496.52 cusr 49.83 csys = 558.47 CPU) Result: FAIL Makefile:3195: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3193: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 9 18:59:38 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 09 Oct 2020 18:59:38 +0000 Subject: Build completed: openssl master.37431 Message-ID: <20201009185938.1.B12B6F81E31213C8@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 9 20:16:43 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 09 Oct 2020 20:16:43 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1602274603.297496.13694.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 465 wallclock secs ( 8.15 usr 1.09 sys + 420.53 cusr 38.37 csys = 468.14 CPU) Result: FAIL Makefile:2404: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2402: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 10 01:48:07 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 01:48:07 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1602294487.737191.2863.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4270: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3128: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Sat Oct 10 02:29:40 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 02:29:40 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1602296980.914657.10893.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C0A06CE62F7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 677 wallclock secs (13.89 usr 1.27 sys + 614.00 cusr 57.13 csys = 686.29 CPU) Result: FAIL Makefile:3188: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3186: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 10 06:15:25 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 06:15:25 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1602310525.633523.11664.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c ../openssl/apps/lib/engine.c:46:13: error: implicitly declaring library function 'strcmp' with type 'int (const char *, const char *)' [-Werror,-Wimplicit-function-declaration] if (strcmp(id, "auto") == 0) { ^ ../openssl/apps/lib/engine.c:46:13: note: include the header or explicitly provide a declaration for 'strcmp' 1 error generated. Makefile:4270: recipe for target 'apps/lib/libapps-lib-engine.o' failed make[1]: *** [apps/lib/libapps-lib-engine.o] Error 1 make[1]: *** Waiting for unfinished jobs.... ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4286: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3144: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Sat Oct 10 09:41:28 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 09:41:28 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1602322888.024716.19465.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 40F7A8A6297F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40977DD7767F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40977DD7767F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1376 wallclock secs (13.32 usr 1.34 sys + 1289.85 cusr 81.72 csys = 1386.23 CPU) Result: FAIL Makefile:3186: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3184: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 10 10:02:04 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 10:02:04 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1602324124.034401.8301.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 708 wallclock secs (12.67 usr 1.15 sys + 613.72 cusr 56.67 csys = 684.21 CPU) Result: FAIL Makefile:3179: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3177: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 10 12:31:05 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 12:31:05 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1602333065.463087.21625.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 681 wallclock secs (13.06 usr 1.29 sys + 620.97 cusr 56.21 csys = 691.53 CPU) Result: FAIL Makefile:3185: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3183: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Sat Oct 10 14:06:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 10 Oct 2020 14:06:27 +0000 Subject: Build failed: openssl master.37440 Message-ID: <20201010140627.1.7C60FA4D182137C0@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Sat Oct 10 14:59:04 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 14:59:04 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1602341944.370128.27362.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D013DB3F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0D013DB3F7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D013DB3F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/iKYzBuDnDK default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C060D6C3957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C060D6C3957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C060D6C3957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C060D6C3957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C060D6C3957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C060D6C3957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/iKYzBuDnDK fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 679 wallclock secs (13.28 usr 1.20 sys + 619.41 cusr 56.87 csys = 690.76 CPU) Result: FAIL Makefile:3182: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3180: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Sat Oct 10 15:09:37 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 10 Oct 2020 15:09:37 +0000 Subject: Build failed: openssl master.37441 Message-ID: <20201010150937.1.FB9721C6E8B4B049@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 10 17:02:10 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 10 Oct 2020 17:02:10 +0000 Subject: Build failed: openssl master.37445 Message-ID: <20201010170210.1.C553F42A38A57CE0@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Sat Oct 10 17:05:19 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 17:05:19 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1602349519.894164.18076.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0309DD1B87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0309DD1B87F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0309DD1B87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/_2IHrws1Gj default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C040C8045F7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C040C8045F7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C040C8045F7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C040C8045F7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C040C8045F7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C040C8045F7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/_2IHrws1Gj fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 680 wallclock secs (13.79 usr 1.29 sys + 617.44 cusr 57.77 csys = 690.29 CPU) Result: FAIL Makefile:3205: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3203: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 10 17:48:24 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 10 Oct 2020 17:48:24 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1602352104.573221.23825.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: d00bd4e452 Set mark and pop error in d2i_PrivateKey_ex 13c5ec569e Fix zero-length content verification in S/MIME format 947fb81345 Tests for processing zero-length content in SMIME format 55c61473b5 Correct and simplify use of ERR_clear_error() etc. for loading DSO libs 02a2567173 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE df38dcfcd5 Fix the decoder start type handling b565a17d9f Add a test for encoding and decoding of parameters files 3861ac3b55 Fix encoding of DHX parameters files db554ae110 Expose PKCS7_get_octet_string and PKCS7_type_is_other b19b983017 Document install_fips in INSTALL.md d3ed80802d providers/build.info: Tag the FIPS module, for the build file 8cab385ec5 descrip.mms.tmpl: Add a target to install the FIPS module config 403a5edcde windows-makefile.tmpl: Add a target to install the FIPS module config a1bfcb15d9 unix-Makefile.tmpl: Add a target to install the FIPS module config 5884b05109 ERR: fix comment typo in err.c bdde5b46c7 ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() 1b4417abb8 apps: remove internal/cryptlib.h include that isn't used 23b2fc0b50 rsa: add ossl_ prefix to internal rsa_ calls. a21db568bf Avoid memory leak of parent on allocation failure for child structure 8ad369171f Use size of target buffer for allocation Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C040C42A747F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C040C42A747F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C040C42A747F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C040C42A747F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/TgdRRQsBQo default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C060F61BEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C060F61BEE7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C060F61BEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C060F61BEE7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/TgdRRQsBQo fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 642 wallclock secs (12.29 usr 1.12 sys + 578.06 cusr 54.54 csys = 646.01 CPU) Result: FAIL Makefile:3191: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3189: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Sat Oct 10 18:27:19 2020 From: levitte at openssl.org (Richard Levitte) Date: Sat, 10 Oct 2020 18:27:19 +0000 Subject: [openssl] master update Message-ID: <1602354439.776760.13557.nullmailer@dev.openssl.org> The branch master has been updated via 113adc1f61ce56cc3fcb7404fb521988b792750c (commit) via 25cf949fc620ff7053e51acca3ec4d0fd094f8b0 (commit) from 3094351625f0b222f92c22ce4943461df8c7e301 (commit) - Log ----------------------------------------------------------------- commit 113adc1f61ce56cc3fcb7404fb521988b792750c Author: Richard Levitte Date: Mon Oct 5 14:27:37 2020 +0200 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() The functions i2d_PrivateKey(), try_key_value() i store_result.c and X509_PUBKEY_set() were all essentially duplicating this functionality to some degree. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13094) commit 25cf949fc620ff7053e51acca3ec4d0fd094f8b0 Author: Richard Levitte Date: Mon Oct 5 14:23:55 2020 +0200 ENCODER / DECODER: Add functions to encode/decode to/from a buffer This adds OSSL_ENCODER_to_data() and OSSL_DECODER_from_data(). These functions allow fairly simple rewrites of type-specific i2d and d2i calls. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13094) ----------------------------------------------------------------------- Summary of changes: crypto/asn1/i2d_pr.c | 32 +++++++------------------ crypto/encode_decode/decoder_lib.c | 21 +++++++++++++++++ crypto/encode_decode/encoder_lib.c | 48 ++++++++++++++++++++++++++++++++++++++ crypto/store/store_result.c | 10 +++----- crypto/x509/x_pubkey.c | 14 +++++------ doc/man3/OSSL_DECODER_from_bio.pod | 9 +++++++ doc/man3/OSSL_ENCODER_to_bio.pod | 30 ++++++++++++++++++------ include/openssl/decoder.h | 2 ++ include/openssl/encoder.h | 2 ++ util/libcrypto.num | 2 ++ 10 files changed, 126 insertions(+), 44 deletions(-) diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index e35781f4bd..80cfde9a22 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -8,6 +8,7 @@ */ #include +#include #include "internal/cryptlib.h" #include #include @@ -30,35 +31,20 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) } return ret; } - if (a->keymgmt != NULL) { + if (evp_pkey_is_provided(a)) { + /* |*pp| is unbounded, so we need an upper limit */ + size_t length = INT_MAX; /* The private key includes everything */ int selection = OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | OSSL_KEYMGMT_SELECT_KEYPAIR; - OSSL_ENCODER_CTX *ctx = - OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, "DER", selection, NULL, NULL); - BIO *out = BIO_new(BIO_s_mem()); - BUF_MEM *buf = NULL; int ret = -1; + OSSL_ENCODER_CTX *ctx; - if (ctx != NULL - && out != NULL + if ((ctx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, "DER", selection, + NULL, NULL)) != NULL && OSSL_ENCODER_CTX_get_num_encoders(ctx) != 0 - && OSSL_ENCODER_to_bio(ctx, out) - && BIO_get_mem_ptr(out, &buf) > 0) { - ret = buf->length; - - if (pp != NULL) { - if (*pp == NULL) { - *pp = (unsigned char *)buf->data; - buf->length = 0; - buf->data = NULL; - } else { - memcpy(*pp, buf->data, ret); - *pp += ret; - } - } - } - BIO_free(out); + && OSSL_ENCODER_to_data(ctx, pp, &length)) + ret = (int)length; OSSL_ENCODER_CTX_free(ctx); return ret; } diff --git a/crypto/encode_decode/decoder_lib.c b/crypto/encode_decode/decoder_lib.c index e44ca8cbd4..192d33089b 100644 --- a/crypto/encode_decode/decoder_lib.c +++ b/crypto/encode_decode/decoder_lib.c @@ -77,6 +77,27 @@ int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *fp) } #endif +int OSSL_DECODER_from_data(OSSL_DECODER_CTX *ctx, const unsigned char **pdata, + size_t *pdata_len) +{ + BIO *membio; + int ret = 0; + + if (pdata == NULL || *pdata == NULL || pdata_len == NULL) { + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + membio = BIO_new_mem_buf(*pdata, (int)*pdata_len); + if (OSSL_DECODER_from_bio(ctx, membio)) { + *pdata_len = (size_t)BIO_get_mem_data(membio, pdata); + ret = 1; + } + BIO_free(membio); + + return ret; +} + int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx, const char *input_type) { diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c index 179c6d3dc3..6d3aa279d7 100644 --- a/crypto/encode_decode/encoder_lib.c +++ b/crypto/encode_decode/encoder_lib.c @@ -49,6 +49,54 @@ int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp) } #endif +int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, + size_t *pdata_len) +{ + BIO *out = BIO_new(BIO_s_mem()); + BUF_MEM *buf = NULL; + int ret = 0; + + if (pdata_len == NULL) { + ERR_raise(ERR_LIB_OSSL_DECODER, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + + if (OSSL_ENCODER_to_bio(ctx, out) + && BIO_get_mem_ptr(out, &buf) > 0) { + ret = 1; /* Hope for the best. A too small buffer will clear this */ + + if (pdata != NULL && *pdata != NULL) { + if (*pdata_len < buf->length) + /* + * It's tempting to do |*pdata_len = (size_t)buf->length| + * However, it's believed to be confusing more than helpful, + * so we don't. + */ + ret = 0; + else + *pdata_len -= buf->length; + } else { + /* The buffer with the right size is already allocated for us */ + *pdata_len = (size_t)buf->length; + } + + if (ret) { + if (pdata != NULL) { + if (*pdata != NULL) { + memcpy(*pdata, buf->data, buf->length); + *pdata += buf->length; + } else { + /* In this case, we steal the data from BIO_s_mem() */ + *pdata = (unsigned char *)buf->data; + buf->data = NULL; + } + } + } + } + BIO_free(out); + return ret; +} + int OSSL_ENCODER_CTX_set_output_type(OSSL_ENCODER_CTX *ctx, const char *output_type) { diff --git a/crypto/store/store_result.c b/crypto/store/store_result.c index 8ba4f8880c..200544d72d 100644 --- a/crypto/store/store_result.c +++ b/crypto/store/store_result.c @@ -251,21 +251,17 @@ static EVP_PKEY *try_key_value(struct extracted_param_data_st *data, { EVP_PKEY *pk = NULL; OSSL_DECODER_CTX *decoderctx = NULL; - BIO *membio = - BIO_new_mem_buf(data->octet_data, (int)data->octet_data_size); - - if (membio == NULL) - return 0; + const unsigned char *pdata = data->octet_data; + size_t pdatalen = data->octet_data_size; decoderctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pk, "DER", NULL, libctx, propq); (void)OSSL_DECODER_CTX_set_passphrase_cb(decoderctx, cb, cbarg); /* No error if this couldn't be decoded */ - (void)OSSL_DECODER_from_bio(decoderctx, membio); + (void)OSSL_DECODER_from_data(decoderctx, &pdata, &pdatalen); OSSL_DECODER_CTX_free(decoderctx); - BIO_free(membio); return pk; } diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index d63a33e301..bd6a65e1c5 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -98,25 +98,25 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) X509err(X509_F_X509_PUBKEY_SET, X509_R_METHOD_NOT_SUPPORTED); goto error; } - } else if (pkey->keymgmt != NULL) { + } else if (evp_pkey_is_provided(pkey)) { const OSSL_PROVIDER *pkprov = EVP_KEYMGMT_provider(pkey->keymgmt); OPENSSL_CTX *libctx = ossl_provider_library_context(pkprov); - BIO *bmem = BIO_new(BIO_s_mem()); + unsigned char *der = NULL; + size_t derlen = 0; int selection = (OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS); OSSL_ENCODER_CTX *ectx = OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, "DER", selection, libctx, NULL); - if (OSSL_ENCODER_to_bio(ectx, bmem)) { - const unsigned char *der = NULL; - long derlen = BIO_get_mem_data(bmem, (char **)&der); + if (OSSL_ENCODER_to_data(ectx, &der, &derlen)) { + const unsigned char *pder = der; - pk = d2i_X509_PUBKEY(NULL, &der, derlen); + pk = d2i_X509_PUBKEY(NULL, &pder, (long)derlen); } OSSL_ENCODER_CTX_free(ectx); - BIO_free(bmem); + OPENSSL_free(der); } if (pk == NULL) diff --git a/doc/man3/OSSL_DECODER_from_bio.pod b/doc/man3/OSSL_DECODER_from_bio.pod index 7de550746e..3bd43200d3 100644 --- a/doc/man3/OSSL_DECODER_from_bio.pod +++ b/doc/man3/OSSL_DECODER_from_bio.pod @@ -2,6 +2,7 @@ =head1 NAME +OSSL_DECODER_from_data, OSSL_DECODER_from_bio, OSSL_DECODER_from_fp - Routines to perform a decoding @@ -12,6 +13,8 @@ OSSL_DECODER_from_fp int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in); int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *fp); + int OSSL_DECODER_from_data(OSSL_DECODER_CTX *ctx, const unsigned char **pdata, + size_t *pdata_len); Feature availability macros: @@ -24,6 +27,12 @@ is undefined. =head1 DESCRIPTION +OSSL_DECODER_from_data() runs the decoding process for the context I, +with input coming from I<*pdata>, I<*pdata_len> bytes long. Both I<*pdata> +and I<*pdata_len> must be non-NULL. When OSSL_DECODER_from_data() returns, +I<*pdata> is updated to point at the location after what has been decoded, +and I<*pdata_len> to have the number of remaining bytes. + OSSL_DECODER_from_bio() runs the decoding process for the context I, with the input coming from the B I. Should it make a difference, it's recommended to have the BIO set in binary mode rather than text mode. diff --git a/doc/man3/OSSL_ENCODER_to_bio.pod b/doc/man3/OSSL_ENCODER_to_bio.pod index 6f75f592e4..f28228bf10 100644 --- a/doc/man3/OSSL_ENCODER_to_bio.pod +++ b/doc/man3/OSSL_ENCODER_to_bio.pod @@ -2,6 +2,7 @@ =head1 NAME +OSSL_ENCODER_to_data, OSSL_ENCODER_to_bio, OSSL_ENCODER_to_fp - Routines to perform an encoding @@ -10,6 +11,8 @@ OSSL_ENCODER_to_fp #include + int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, + size_t *pdata_len); int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out); int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp); @@ -24,20 +27,33 @@ is undefined. =head1 DESCRIPTION +OSSL_ENCODER_to_data() runs the encoding process for the context I, +with the output going to the I<*pdata> and I<*pdata_len>. +If I<*pdata> is NULL when OSSL_ENCODER_to_data() is called, a buffer will be +allocated using L, and I<*pdata> will be set to point at +the start of that buffer, and I<*pdata_len> will be assigned its length when +OSSL_ENCODER_to_data() returns. +If I<*pdata> is non-NULL when OSSL_ENCODER_to_data() is called, I<*pdata_len> +is assumed to have its size. In this case, I<*pdata> will be set to point +after the encoded bytes, and I<*pdata_len> will be assigned the number of +remaining bytes. + OSSL_ENCODER_to_bio() runs the encoding process for the context I, with -the output going to the B I. The application is required to set -up the B properly, for example to have it in text or binary mode if -that's appropriate. +the output going to the B I. + +OSSL_ENCODER_to_fp() does the same thing as OSSL_ENCODER_to_bio(), except +that the output is going to the B I. =for comment Know your encoder! -OSSL_ENCODER_to_fp() does the same thing as OSSL_ENCODER_to_bio(), -except that the output is going to the B I. +For OSSL_ENCODER_to_bio() and OSSL_ENCODER_to_fp(), the application is +required to set up the B or B properly, for example to have +it in text or binary mode as is appropriate for the encoder output type. =head1 RETURN VALUES -OSSL_ENCODER_to_bio() and OSSL_ENCODER_to_fp() return 1 on success, or 0 on -failure. +OSSL_ENCODER_to_bio(), OSSL_ENCODER_to_fp() and OSSL_ENCODER_to_data() +return 1 on success, or 0 on failure. =begin comment TODO(3.0) Add examples! diff --git a/include/openssl/decoder.h b/include/openssl/decoder.h index 66790f43c8..1eb1cbe543 100644 --- a/include/openssl/decoder.h +++ b/include/openssl/decoder.h @@ -106,6 +106,8 @@ int OSSL_DECODER_from_bio(OSSL_DECODER_CTX *ctx, BIO *in); #ifndef OPENSSL_NO_STDIO int OSSL_DECODER_from_fp(OSSL_DECODER_CTX *ctx, FILE *in); #endif +int OSSL_DECODER_from_data(OSSL_DECODER_CTX *ctx, const unsigned char **pdata, + size_t *pdata_len); /* * Create the OSSL_DECODER_CTX with an associated type. This will perform diff --git a/include/openssl/encoder.h b/include/openssl/encoder.h index 6698769e24..2d8871df12 100644 --- a/include/openssl/encoder.h +++ b/include/openssl/encoder.h @@ -101,6 +101,8 @@ int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out); #ifndef OPENSSL_NO_STDIO int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp); #endif +int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, + size_t *pdata_len); /* * Create the OSSL_ENCODER_CTX with an associated type. This will perform diff --git a/util/libcrypto.num b/util/libcrypto.num index 05e006eb72..fb0069c9e8 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5286,3 +5286,5 @@ EVP_KEM_gettable_ctx_params ? 3_0_0 EXIST::FUNCTION: EVP_KEM_settable_ctx_params ? 3_0_0 EXIST::FUNCTION: PKCS7_type_is_other ? 3_0_0 EXIST::FUNCTION: PKCS7_get_octet_string ? 3_0_0 EXIST::FUNCTION: +OSSL_DECODER_from_data ? 3_0_0 EXIST::FUNCTION: +OSSL_ENCODER_to_data ? 3_0_0 EXIST::FUNCTION: From builds at travis-ci.com Sat Oct 10 19:48:03 2020 From: builds at travis-ci.com (Travis CI) Date: Sat, 10 Oct 2020 19:48:03 +0000 Subject: Still Failing: openssl/openssl#37982 (master - 113adc1) In-Reply-To: Message-ID: <5f820fefb83d7_13f93bf60fad04841d2@travis-pro-tasks-5797f86688-dqxjm.mail> Build Update for openssl/openssl ------------------------------------- Build: #37982 Status: Still Failing Duration: 1 hr, 19 mins, and 4 secs Commit: 113adc1 (master) Author: Richard Levitte Message: Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() The functions i2d_PrivateKey(), try_key_value() i store_result.c and X509_PUBKEY_set() were all essentially duplicating this functionality to some degree. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13094) View the changeset: https://github.com/openssl/openssl/compare/3094351625f0...113adc1f61ce View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189214455?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 10 20:22:55 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 10 Oct 2020 20:22:55 +0000 Subject: Build failed: openssl master.37446 Message-ID: <20201010202255.1.73DCC912E1E8D1EB@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 10 21:00:53 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 10 Oct 2020 21:00:53 +0000 Subject: Build failed: openssl master.37448 Message-ID: <20201010210053.1.098F6FAD2036AD3F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 10 21:05:46 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 10 Oct 2020 21:05:46 +0000 Subject: Build failed: openssl master.37449 Message-ID: <20201010210546.1.9E4E25FE270DA5A5@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 05:28:57 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 05:28:57 +0000 Subject: Build completed: openssl master.37450 Message-ID: <20201011052857.1.B78EBBFEA5640154@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sun Oct 11 07:53:38 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 11 Oct 2020 07:53:38 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5f82ba01a8093_a428f2adb2e3a0f50303d6@prd-scan-dashboard-0.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DUnJp_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeGZFZm6SPbaP7LEc3rT5oP0tRu3i5SStwtXMavFHx7MEtW8UBpMpPPGKGg0m52YTO-2FxZQneVb1BZ1qOplUdBcTl9WQr1AqcJj73KNtXAQtEmmJuoqx95uFC6np4bTHZCgD5PwfHUO4KnvER-2F-2F-2Fu2F-2FQQsV4kAsiXHUKXUyQMUhgyW1QmcKX1d2mwqP7Tju5jLA-3D Build ID: 344892 Analysis Summary: New defects found: 0 Defects eliminated: 0 From scan-admin at coverity.com Sun Oct 11 07:54:09 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 11 Oct 2020 07:54:09 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5f82ba21626de_a42d02adb2e3a0f503032b@prd-scan-dashboard-0.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3Dj04Z_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHlrGkxIjpgfxo-2FgTIk9kpmRw-2BOP-2Fz4rMc4Htqjekes5FLVJ3JKAsaX7yjammHpOA8stRTTUJ-2FTv6b9Pmq3j4V4pqatCSBeo10-2FqdN3D7lvwQjxiCEY8ES3qmirDbZ3cxlv-2BZN-2BUsKHGQ57LHvqt0Z-2BdVYyALnvILvPq4et99BkWIsMM5CXU4eFwvMbb-2BYno-2BQ-3D Build ID: 344891 Analysis Summary: New defects found: 4 Defects eliminated: 7 If you have difficulty understanding any defects, email us at scan-admin at coverity.com, or post your question to StackOverflow at https://u15810271.ct.sendgrid.net/ls/click?upn=CTPegkVN6peWFCMEieYYmPWIi1E4yUS9EoqKFcNAiqhRq8qmgeBE-2Bdt3uvFRAFXd-2FlwX83-2FVVdybfzIMOby0qA-3D-3DKP0u_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHlrGkxIjpgfxo-2FgTIk9kpmRw-2BOP-2Fz4rMc4Htqjekes5IxNUYE3M1v-2BJNyFG3Ghq-2B1SarmYVsbngVeODJtOvV-2BgkGjrvd4hkgZFSQhMSue-2F2r1zwilD3lqVptpQ5qdLgvrjXB8ToeKGFgmogpsstCL3aZx9ECwjSl8SiPgi5QRdKFq-2FvFgbrv2Ut-2BL-2BDPrt0HI-3D From no-reply at appveyor.com Sun Oct 11 10:25:21 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 10:25:21 +0000 Subject: Build failed: openssl master.37452 Message-ID: <20201011102521.1.EDEC1D3927B55550@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 10:39:09 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 10:39:09 +0000 Subject: Build failed: openssl master.37453 Message-ID: <20201011103909.1.5632B28AD9147D48@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 10:58:17 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 10:58:17 +0000 Subject: Build failed: openssl master.37454 Message-ID: <20201011105817.1.D032A7BD5BE88992@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 13:20:39 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 13:20:39 +0000 Subject: Build failed: openssl master.37455 Message-ID: <20201011132039.1.9BF4317A3428B93C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 15:26:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 15:26:51 +0000 Subject: Build failed: openssl master.37456 Message-ID: <20201011152651.1.6163DD090122DA4D@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 15:36:57 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 15:36:57 +0000 Subject: Build failed: openssl master.37457 Message-ID: <20201011153657.1.FDBE6BADD7505D3D@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 16:39:03 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 16:39:03 +0000 Subject: Build failed: openssl master.37458 Message-ID: <20201011163903.1.760F28FD6B4845D2@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 16:50:43 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 16:50:43 +0000 Subject: Build failed: openssl master.37459 Message-ID: <20201011165043.1.72FDC4A571E65C13@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 20:39:26 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 20:39:26 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37460 Message-ID: <20201011203926.1.EDE6B8C148759DA1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 11 21:15:23 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 11 Oct 2020 21:15:23 +0000 Subject: Build failed: openssl master.37461 Message-ID: <20201011211523.1.02578D9EAE7733FB@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Sun Oct 11 23:46:51 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sun, 11 Oct 2020 23:46:51 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1602460011.527782.1982.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80870D63077F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 8037CC84707F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 8037CC84707F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1284 wallclock secs (11.59 usr 1.43 sys + 1123.24 cusr 143.55 csys = 1279.81 CPU) Result: FAIL Makefile:2548: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2546: recipe for target 'tests' failed make: *** [tests] Error 2 From pauli at openssl.org Mon Oct 12 00:28:09 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Mon, 12 Oct 2020 00:28:09 +0000 Subject: [openssl] master update Message-ID: <1602462489.638799.21903.nullmailer@dev.openssl.org> The branch master has been updated via 71abae18f5a27656302cb0fc076b0cd98df9e9f0 (commit) via fb33f99409972ea3d217399558d3baed4a57926d (commit) via 19431e5e44144b57ab936ddb93fe75fe34279290 (commit) from 113adc1f61ce56cc3fcb7404fb521988b792750c (commit) - Log ----------------------------------------------------------------- commit 71abae18f5a27656302cb0fc076b0cd98df9e9f0 Author: Pauli Date: Fri Oct 9 09:36:50 2020 +1000 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13091) commit fb33f99409972ea3d217399558d3baed4a57926d Author: Pauli Date: Fri Oct 9 09:32:04 2020 +1000 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13091) commit 19431e5e44144b57ab936ddb93fe75fe34279290 Author: Pauli Date: Thu Oct 8 10:25:06 2020 +1000 vms: move otherwise dead code into the VMS relevant path. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13091) ----------------------------------------------------------------------- Summary of changes: crypto/x509/by_dir.c | 7 +++++-- test/lhash_test.c | 25 +++++++++++++++++++++++-- test/v3nametest.c | 4 ++-- 3 files changed, 30 insertions(+), 6 deletions(-) diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index 3f44d541cf..f182764899 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -284,6 +284,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, } for (;;) { char c = '/'; + #ifdef OPENSSL_SYS_VMS c = ent->dir[strlen(ent->dir) - 1]; if (c != ':' && c != '>' && c != ']') { @@ -297,7 +298,7 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, } else { c = '\0'; } -#endif + if (c == '\0') { /* * This is special. When c == '\0', no directory separator @@ -305,7 +306,9 @@ static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, */ BIO_snprintf(b->data, b->max, "%s%08lx.%s%d", ent->dir, h, postfix, k); - } else { + } else +#endif + { BIO_snprintf(b->data, b->max, "%s%c%08lx.%s%d", ent->dir, c, h, postfix, k); } diff --git a/test/lhash_test.c b/test/lhash_test.c index c9dc8b4cee..a9aac5fb86 100644 --- a/test/lhash_test.c +++ b/test/lhash_test.c @@ -33,6 +33,7 @@ static int int_tests[] = { 65537, 13, 1, 3, -5, 6, 7, 4, -10, -12, -14, 22, 9, -17, 16, 17, -23, 35, 37, 173, 11 }; static const unsigned int n_int_tests = OSSL_NELEM(int_tests); static short int_found[OSSL_NELEM(int_tests)]; +static short int_not_found; static unsigned long int int_hash(const int *p) { @@ -56,12 +57,22 @@ static int int_find(int n) static void int_doall(int *v) { - int_found[int_find(*v)]++; + const int n = int_find(*v); + + if (n < 0) + int_not_found++; + else + int_found[n]++; } static void int_doall_arg(int *p, short *f) { - f[int_find(*p)]++; + const int n = int_find(*p); + + if (n < 0) + int_not_found++; + else + f[n]++; } IMPLEMENT_LHASH_DOALL_ARG(int, short); @@ -124,7 +135,12 @@ static int test_int_lhash(void) /* do_all */ memset(int_found, 0, sizeof(int_found)); + int_not_found = 0; lh_int_doall(h, &int_doall); + if (!TEST_int_eq(int_not_found, 0)) { + TEST_info("lhash int doall encountered a not found condition"); + goto end; + } for (i = 0; i < n_int_tests; i++) if (!TEST_int_eq(int_found[i], 1)) { TEST_info("lhash int doall %d", i); @@ -133,7 +149,12 @@ static int test_int_lhash(void) /* do_all_arg */ memset(int_found, 0, sizeof(int_found)); + int_not_found = 0; lh_int_doall_short(h, int_doall_arg, int_found); + if (!TEST_int_eq(int_not_found, 0)) { + TEST_info("lhash int doall arg encountered a not found condition"); + goto end; + } for (i = 0; i < n_int_tests; i++) if (!TEST_int_eq(int_found[i], 1)) { TEST_info("lhash int doall arg %d", i); diff --git a/test/v3nametest.c b/test/v3nametest.c index 9b81988ddd..df12c15f09 100644 --- a/test/v3nametest.c +++ b/test/v3nametest.c @@ -289,10 +289,10 @@ static int run_cert(X509 *crt, const char *nameincert, for (; *pname != NULL; ++pname) { int samename = strcasecmp(nameincert, *pname) == 0; size_t namelen = strlen(*pname); - char *name = OPENSSL_malloc(namelen); + char *name = OPENSSL_malloc(namelen + 1); int match, ret; - memcpy(name, *pname, namelen); + memcpy(name, *pname, namelen + 1); match = -1; if (!TEST_int_ge(ret = X509_check_host(crt, name, namelen, 0, NULL), From no-reply at appveyor.com Mon Oct 12 00:47:14 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 00:47:14 +0000 Subject: Build failed: openssl master.37468 Message-ID: <20201012004714.1.9EB8930A977A5829@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 12 01:38:29 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 01:38:29 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1602466709.761613.9203.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 675 wallclock secs (13.74 usr 1.28 sys + 610.58 cusr 57.04 csys = 682.64 CPU) Result: FAIL Makefile:3197: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3195: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 12 01:50:20 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 01:50:20 +0000 Subject: Build completed: openssl master.37469 Message-ID: <20201012015020.1.01FBAF020AF2B39A@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Mon Oct 12 02:05:06 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 12 Oct 2020 02:05:06 +0000 Subject: Still Failing: openssl/openssl#38002 (master - 71abae1) In-Reply-To: Message-ID: <5f83b9d21d100_13ff0094dbc8018129a@travis-pro-tasks-86d855f59c-lwv8r.mail> Build Update for openssl/openssl ------------------------------------- Build: #38002 Status: Still Failing Duration: 1 hr, 21 mins, and 4 secs Commit: 71abae1 (master) Author: Pauli Message: coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13091) View the changeset: https://github.com/openssl/openssl/compare/113adc1f61ce...71abae18f5a2 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189373200?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 12 03:46:35 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 03:46:35 +0000 Subject: Build failed: openssl master.37470 Message-ID: <20201012034635.1.B8913C4043C613A7@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 12 04:11:38 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 04:11:38 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1602475898.515592.4464.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/srptest-bin-srptest.d.tmp -MT test/srptest-bin-srptest.o -c -o test/srptest-bin-srptest.o ../openssl/test/srptest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" chmod a+x apps/tsget.pl rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21562: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3128: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Mon Oct 12 04:49:33 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 04:49:33 +0000 Subject: Build completed: openssl master.37471 Message-ID: <20201012044933.1.1DFAA379096424BD@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 12 06:15:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 06:15:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1602483345.412425.21345.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0D0E1D3C87F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C04041F3067F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C04041F3067F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0F0A646FD7E0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0F0A646FD7E0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 674 wallclock secs (14.64 usr 1.32 sys + 611.64 cusr 57.34 csys = 684.94 CPU) Result: FAIL Makefile:3129: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3127: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Mon Oct 12 06:34:52 2020 From: levitte at openssl.org (Richard Levitte) Date: Mon, 12 Oct 2020 06:34:52 +0000 Subject: [openssl] master update Message-ID: <1602484492.917639.14999.nullmailer@dev.openssl.org> The branch master has been updated via 8ebd88950d9d0a94037e4962daa6e80a464bea06 (commit) via d406f0fe679a571af3f2cfd48b4d830b3d743694 (commit) via 3ad9c478642d6edf5964c8c890845d93b40cb9a0 (commit) via 895419b7d13bd9ba68718e6a25c92e52fd6fec7f (commit) via 053730c5b7e9f4d0e97108e01d0fce472f300edd (commit) via 77c30753cdcf4da182953b3b169296c6612089ef (commit) via f044964e7a8b731d1452bbaf5028311db329a45b (commit) via 6fbb89fb12b6a5ca9838b357ca6c810c57f474e4 (commit) via abd9d035a727648f4fd77fda464bd1ee5e9cf9c2 (commit) from 71abae18f5a27656302cb0fc076b0cd98df9e9f0 (commit) - Log ----------------------------------------------------------------- commit 8ebd88950d9d0a94037e4962daa6e80a464bea06 Author: Richard Levitte Date: Tue Oct 6 16:11:17 2020 +0200 Document how deprecation should be done Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit d406f0fe679a571af3f2cfd48b4d830b3d743694 Author: Richard Levitte Date: Mon Oct 5 07:55:14 2020 +0200 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit 3ad9c478642d6edf5964c8c890845d93b40cb9a0 Author: Richard Levitte Date: Sun Oct 4 12:51:42 2020 +0200 Add PEM declaration macros that take attributes This makes it possible to easily deprecated selections of PEM functions. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit 895419b7d13bd9ba68718e6a25c92e52fd6fec7f Author: Richard Levitte Date: Sun Oct 4 12:20:17 2020 +0200 Add ASN1 declaration macros that take attributes This makes it possible to easily deprecated selections of ASN1 functions. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit 053730c5b7e9f4d0e97108e01d0fce472f300edd Author: Richard Levitte Date: Sun Oct 4 11:51:20 2020 +0200 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently The triggering macro that decides if a symbol is to be considered deprecated is OPENSSL_NO_DEPRECATEDIN_x_y[_z]. OpenSSL::ParseC renames any OPENSSL_NO_DEPRECATED_x_y[_z] by inserting "IN". Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit 77c30753cdcf4da182953b3b169296c6612089ef Author: Richard Levitte Date: Sun Oct 4 11:13:28 2020 +0200 Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} As opposed to DEPRECATEDIN_{major}_{minor}(), any use of these macros must be guarded with a corresponding OPENSSL_NO_DEPRECATED_{major}_{minor}: #ifndef OPENSSL_NO_DEPRECATED_3_0 OSSL_DEPRECATEDIN_3_0 int RSA_size(const RSA *rsa); #endif Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit f044964e7a8b731d1452bbaf5028311db329a45b Author: Richard Levitte Date: Sat Oct 3 09:45:24 2020 +0200 Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC It turns out that they have __declspec(deprecated) that correspond pretty much to GCC's __attribute__((deprecated)), including for messages. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit 6fbb89fb12b6a5ca9838b357ca6c810c57f474e4 Author: Richard Levitte Date: Sat Oct 3 09:33:32 2020 +0200 Change OSSL_DEPRECATED to take a version argument The macro value is changed to use deprecation messages where whose are supported. We also add the macro OSSL_DEPRECATED_FOR(), to be used whenever an additional message text is desirable, for example to tell the user what the deprecated is replaced with. Example: OSSL_DEPRECATED_FOR(3.0,"use EVP_PKEY and EVP_PKEY_size() instead") int RSA_size(const RSA *rsa); Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) commit abd9d035a727648f4fd77fda464bd1ee5e9cf9c2 Author: Richard Levitte Date: Sat Oct 3 09:26:36 2020 +0200 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes The diverse DEPRECATEDIN_x_y_z macros are rewritten in terms of this macro. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) ----------------------------------------------------------------------- Summary of changes: doc/internal/man7/deprecation.pod | 225 ++++++++++++++++++++++++++++++++++++ doc/man7/openssl_user_macros.pod.in | 3 +- include/openssl/asn1.h.in | 111 +++++++++++------- include/openssl/macros.h | 136 ++++++++++++++++------ include/openssl/pem.h | 122 ++++++++++++------- util/missingmacro.txt | 11 ++ util/perl/OpenSSL/Ordinals.pm | 1 - util/perl/OpenSSL/ParseC.pm | 64 ++++++++-- 8 files changed, 547 insertions(+), 126 deletions(-) create mode 100644 doc/internal/man7/deprecation.pod diff --git a/doc/internal/man7/deprecation.pod b/doc/internal/man7/deprecation.pod new file mode 100644 index 0000000000..e55da1ffe4 --- /dev/null +++ b/doc/internal/man7/deprecation.pod @@ -0,0 +1,225 @@ +=pod + +=head1 NAME + +deprecation - Macros used for deprecating symbols and simulate removal + +=head1 SYNOPSIS + + #include + + OSSL_DEPRECATED(since) + OSSL_DEPRECATED_FOR(since, msg) + + OPENSSL_NO_DEPRECATED_3_0 + OSSL_DEPRECATEDIN_3_0 + OSSL_DEPRECATEDIN_3_0_FOR(msg) + + OPENSSL_NO_DEPRECATED_1_1_1 + OSSL_DEPRECATEDIN_1_1_1 + OSSL_DEPRECATEDIN_1_1_1_FOR(msg) + + OPENSSL_NO_DEPRECATED_1_1_0 + OSSL_DEPRECATEDIN_1_1_0 + OSSL_DEPRECATEDIN_1_1_0_FOR(msg) + + OPENSSL_NO_DEPRECATED_1_0_2 + OSSL_DEPRECATEDIN_1_0_2 + OSSL_DEPRECATEDIN_1_0_2_FOR(msg) + + OPENSSL_NO_DEPRECATED_1_0_1 + OSSL_DEPRECATEDIN_1_0_1 + OSSL_DEPRECATEDIN_1_0_1_FOR(msg) + + OPENSSL_NO_DEPRECATED_1_0_0 + OSSL_DEPRECATEDIN_1_0_0 + OSSL_DEPRECATEDIN_1_0_0_FOR(msg) + + OPENSSL_NO_DEPRECATED_0_9_8 + OSSL_DEPRECATEDIN_0_9_8 + OSSL_DEPRECATEDIN_0_9_8_FOR(msg) + +=head1 DESCRIPTION + +Deprecation of a symbol is adding an attribute to the declaration of that +symbol (function, type, variable, but we currently only do that for +functions in our F<< >> header files). + +Removal of a symbol is not the same thing as deprecation, as it actually +removes the symbol from public view. + +OpenSSL configuration supports deprecation as well as simulating removal of +symbols from public view, and also supports doing this in terms of a +specified OpenSSL version. + +Deprecation is done using attribute macros having names starting with +B, used with any declaration it applies to. + +Simulating removal is done with guard macros having names starting with +L. + +The implementation of a deprecated symbol is kept for two reasons: + +=over 4 + +=item Kept as legacy for the deprecation period + +It's implemented only to have it available as long as the symbol isn't +removed entirely (be it by explicitly removing it when it's judged that it +has been deprecated long enough, or because the removal is simulated). +These need to be guarded appropriately, as shown in the L. + +=item Kept for internal purposes + +The implementation doesn't need to change or be guarded. However, it's +necessary to ensure that the declaration remains available for the +translation unit where the implementation is located, even when the symbol +is publicly unavailable through simulated removal. That's done by including +an internal header file very early in the translation unit. See +L. + +In a future cleanup, the declaration should be explicitly moved to an +internal header file, with the deprecation attribute removed, and the +translation unit should adjust its header inclusions accordingly. + +=back + +=head2 General macros + +I + +OSSL_DEPRECATED() implements the deprecated attribute if the compiler +supports it, otherwise it expands to nothing. It takes one argument +I that should be set to the OpenSSL version where the symbol was +deprecated, and will be displayed with the deprecation warning message, +for compilers that support user specified deprecation messages. + +OSSL_DEPRECATED_FOR() does the same as OSSL_DEPRECATED(), but also takes a +second argument I, which is an additional text messages to be displayed +with the deprecation warning along with the OpenSSL version number, for +compilers that support user specified deprecation messages. + +B is a macro that's generated by OpenSSL +configuration in response to the C configuration option. +This macro suppresses the definition of deprecated symbols. + +=head2 Version specific macros + +OSSL_DEPRECATEDIN_I_I() macros that are defined to +OSSL_DEPRECATED() with that version number as I, for any version up +to and including the one expressed with L. For any +known version above the version expressed with L, +The are defined to nothing. + +OSSL_DEPRECATEDIN_I_I_FOR() macros that are defined to +OSSL_DEPRECATED() with that version number as I, under the same +conditions as OSSL_DEPRECATEDIN_I_I(). + +B_I> macros should be used as +guards around declarations that will eventually disappear from the public +header files (F<< >>). + +Any set of symbols deprecated with a B_I> +attribute macro B be wrapped with a guard using the corresponding +B_I> macro, see L +example below. This not only affects what the user of the header file will +have available, it's also used to determine the conditions for exporting the +symbol in the shared libraries. + +=head1 EXAMPLES + +=head2 Header files + +In public header files (F<< >>), a deprecated symbol will +always be wrapped with a negative test of the guard: + + # ifndef OPENSSL_NO_DEPRECATED_1_1_0 + /* ... */ + OSSL_DEPRECATEDIN_1_1_0 __owur int + HMAC_Init(HMAC_CTX *ctx, const void *key, int len, const EVP_MD *md); + /* ... */ + # endif + +=head2 Implementations of deprecated symbols + +At least for the period of deprecation for any symbol, its implementation +needs to be kept, and for symbols that are kept internally, for longer than +that. There are two things to deal with: + +=over 4 + +=item Deprecation warnings + +To remedy deprecation warnings, simply define the macro +B at the beginning of the translation unit. + +=item Simulated removal + +=over 4 + +=item * + +For symbols that are kept as legacy, the simulated removal should be +enforced, by guarding the implementation the exact same way as the +declaration in the public header file. + +=item * + +For symbols that are planned to be kept internally beyond their deprecation +period, the translation units that implement them must ensure that the +public header files they include to that declare the symbols don't remove +the symbols, even when removal is otherwise simulated. + +=back + +=back + +=head3 Implementations kept as legacy + +For a deprecated function that we plan to simply remove, for example +RSA_new_method(), the following should be found very early (before including +any OpenSSL header file) in the translation unit: + + /* + * Suppress deprecation warnings for RSA low level implementations that are + * kept until removal. + */ + #define OPENSSL_SUPPRESS_DEPRECATED + +And RSA_new_method() implementation itself should be guarded like this: + + #ifndef OPENSSL_NO_DEPRECATED_3_0 + RSA *RSA_new_method(ENGINE *engine) + { + /* ... */ + } + #endif + +=head3 Implementations kept for internal purposes + +For a deprecated function that we plan to keep internally, for example +RSA_size(), the following should be found very early (before including any +other OpenSSL header file) in the translation unit: + + /* + * RSA low level APIs are deprecated for public use, but are kept for + * internal use. + */ + #include "internal/deprecated.h" + +=head1 SEE ALSO + +L + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/doc/man7/openssl_user_macros.pod.in b/doc/man7/openssl_user_macros.pod.in index 8e9d116e17..33969e2476 100644 --- a/doc/man7/openssl_user_macros.pod.in +++ b/doc/man7/openssl_user_macros.pod.in @@ -2,7 +2,8 @@ =head1 NAME -openssl_user_macros, OPENSSL_API_COMPAT - User defined macros +openssl_user_macros, OPENSSL_API_COMPAT, OPENSSL_NO_DEPRECATED +- User defined macros =head1 DESCRIPTION diff --git a/include/openssl/asn1.h.in b/include/openssl/asn1.h.in index 9b141dba4c..878c7e43f2 100644 --- a/include/openssl/asn1.h.in +++ b/include/openssl/asn1.h.in @@ -230,45 +230,76 @@ typedef struct ASN1_VALUE_st ASN1_VALUE; /* Declare ASN1 functions: the implement macro in in asn1t.h */ -# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) - -# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) - -# define DECLARE_ASN1_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name) - -# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \ - DECLARE_ASN1_ITEM(itname) +/* + * The mysterious 'extern' that's passed to some macros is innocuous, + * and is there to quiet pre-C99 compilers that may complain about empty + * arguments in macro calls. + */ +# define DECLARE_ASN1_FUNCTIONS_attr(attr, type) \ + DECLARE_ASN1_FUNCTIONS_name_attr(attr, type, type) +# define DECLARE_ASN1_FUNCTIONS(type) \ + DECLARE_ASN1_FUNCTIONS_attr(extern, type) + +# define DECLARE_ASN1_ALLOC_FUNCTIONS_attr(attr, type) \ + DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(attr, type, type) +# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ + DECLARE_ASN1_ALLOC_FUNCTIONS_attr(extern, type) + +# define DECLARE_ASN1_FUNCTIONS_name_attr(attr, type, name) \ + DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(attr, type, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(attr, type, name) +# define DECLARE_ASN1_FUNCTIONS_name(type, name) \ + DECLARE_ASN1_FUNCTIONS_name_attr(extern, type, name) + +# define DECLARE_ASN1_ENCODE_FUNCTIONS_attr(attr, type, itname, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(attr, type, name) \ + DECLARE_ASN1_ITEM_attr(attr, itname) +# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS_attr(extern, type, itname, name) + +# define DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(attr, type, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS_attr(attr, type, name, name) # define DECLARE_ASN1_ENCODE_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) - -# define DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(const type *a, unsigned char **out); - -# define DECLARE_ASN1_NDEF_FUNCTION(name) \ - int i2d_##name##_NDEF(const name *a, unsigned char **out); - -# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - type *name##_new(void); \ - void name##_free(type *a); - -# define DECLARE_ASN1_DUP_FUNCTION(type) \ - DECLARE_ASN1_DUP_FUNCTION_name(type, type) - -# define DECLARE_ASN1_DUP_FUNCTION_name(type, name) \ - type *name##_dup(const type *a); - -# define DECLARE_ASN1_PRINT_FUNCTION(stname) \ - DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) - -# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ - int fname##_print_ctx(BIO *out, const stname *x, int indent, \ - const ASN1_PCTX *pctx); + DECLARE_ASN1_ENCODE_FUNCTIONS_name_attr(extern, type, name) + +# define DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(attr, type, name) \ + attr type *d2i_##name(type **a, const unsigned char **in, long len); \ + attr int i2d_##name(const type *a, unsigned char **out); +# define DECLARE_ASN1_ENCODE_FUNCTIONS_only(type, name) \ + DECLARE_ASN1_ENCODE_FUNCTIONS_only_attr(extern, type, name) + +# define DECLARE_ASN1_NDEF_FUNCTION_attr(attr, name) \ + attr int i2d_##name##_NDEF(const name *a, unsigned char **out); +# define DECLARE_ASN1_NDEF_FUNCTION(name) \ + DECLARE_ASN1_NDEF_FUNCTION_attr(extern, name) + +# define DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(attr, type, name) \ + attr type *name##_new(void); \ + attr void name##_free(type *a); +# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ + DECLARE_ASN1_ALLOC_FUNCTIONS_name_attr(extern, type, name) + +# define DECLARE_ASN1_DUP_FUNCTION_attr(attr, type) \ + DECLARE_ASN1_DUP_FUNCTION_name_attr(attr, type, type) +# define DECLARE_ASN1_DUP_FUNCTION(type) \ + DECLARE_ASN1_DUP_FUNCTION_attr(extern, type) + +# define DECLARE_ASN1_DUP_FUNCTION_name_attr(attr, type, name) \ + attr type *name##_dup(const type *a); +# define DECLARE_ASN1_DUP_FUNCTION_name(type, name) \ + DECLARE_ASN1_DUP_FUNCTION_name_attr(extern, type, name) + +# define DECLARE_ASN1_PRINT_FUNCTION_attr(attr, stname) \ + DECLARE_ASN1_PRINT_FUNCTION_fname_attr(attr, stname, stname) +# define DECLARE_ASN1_PRINT_FUNCTION(stname) \ + DECLARE_ASN1_PRINT_FUNCTION_attr(extern, stname) + +# define DECLARE_ASN1_PRINT_FUNCTION_fname_attr(attr, stname, fname) \ + attr int fname##_print_ctx(BIO *out, const stname *x, int indent, \ + const ASN1_PCTX *pctx); +# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ + DECLARE_ASN1_PRINT_FUNCTION_fname_attr(extern, stname, fname) # define D2I_OF(type) type *(*)(type **,const unsigned char **,long) # define I2D_OF(type) int (*)(const type *,unsigned char **) @@ -344,8 +375,10 @@ typedef const ASN1_ITEM *ASN1_ITEM_EXP (void); # define ASN1_ITEM_rptr(ref) (ref##_it()) -# define DECLARE_ASN1_ITEM(name) \ - const ASN1_ITEM * name##_it(void); +# define DECLARE_ASN1_ITEM_attr(attr, name) \ + attr const ASN1_ITEM * name##_it(void); +# define DECLARE_ASN1_ITEM(name) \ + DECLARE_ASN1_ITEM_attr(extern, name) /* Parameters used by ASN1_STRING_print_ex() */ diff --git a/include/openssl/macros.h b/include/openssl/macros.h index 2ed8fcf002..24fad673bd 100644 --- a/include/openssl/macros.h +++ b/include/openssl/macros.h @@ -25,27 +25,56 @@ /* * Generic deprecation macro - * - * If OPENSSL_SUPPRESS_DEPRECATED is defined, then DECLARE_DEPRECATED - * becomes a no-op + * + * If OPENSSL_SUPPRESS_DEPRECATED is defined, then OSSL_DEPRECATED and + * OSSL_DEPRECATED_FOR become no-ops */ -# ifndef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f; +# ifndef OSSL_DEPRECATED +# undef OSSL_DEPRECATED_FOR # ifndef OPENSSL_SUPPRESS_DEPRECATED -# ifdef __GNUC__ -# if __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0) -# undef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +# if defined(_MSC_VER) + /* + * MSVC supports __declspec(deprecated) since MSVC 2003 (13.10), + * and __declspec(deprecated(message)) since MSVC 2005 (14.00) + */ +# if _MSC_VER >= 1400 +# define OSSL_DEPRECATED(since) \ + __declspec(deprecated("Since OpenSSL " # since)) +# define OSSL_DEPRECATED_FOR(since, message) \ + __declspec(deprecated("Since OpenSSL " # since ";" message)) +# elif _MSC_VER >= 1310 +# define OSSL_DEPRECATED(since) __declspec(deprecated) +# define OSSL_DEPRECATED_FOR(since, message) __declspec(deprecated) +# endif +# elif defined(__GNUC__) + /* + * According to GCC documentation, deprecations with message appeared in + * GCC 4.5.0 + */ +# if __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) +# define OSSL_DEPRECATED(since) \ + __attribute__((deprecated("Since OpenSSL " # since))) +# define OSSL_DEPRECATED_FOR(since, message) \ + __attribute__((deprecated("Since OpenSSL " # since ";" message))) +# elif __GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ > 0) +# define OSSL_DEPRECATED(since) __attribute__((deprecated)) +# define OSSL_DEPRECATED_FOR(since, message) __attribute__((deprecated)) # endif # elif defined(__SUNPRO_C) # if (__SUNPRO_C >= 0x5130) -# undef DECLARE_DEPRECATED -# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated)); +# define OSSL_DEPRECATED(since) __attribute__ ((deprecated)) +# define OSSL_DEPRECATED_FOR(since, message) __attribute__ ((deprecated)) # endif # endif # endif # endif +/* Still not defined? Then define empty macros */ +# ifndef OSSL_DEPRECATED +# define OSSL_DEPRECATED(since) +# define OSSL_DEPRECATED_FOR(since, message) +# endif + /* * Applications should use -DOPENSSL_API_COMPAT= to suppress the * declarations of functions deprecated in or before . If this is @@ -122,10 +151,17 @@ # endif /* - * Define macros for deprecation purposes. We always define the macros - * DEPERECATEDIN_{major}_{minor}() for all OpenSSL versions we care for, - * and OPENSSL_NO_DEPRECATED_{major}_{minor} to be used to check if - * removal of deprecated functions applies on that particular version. + * Define macros for deprecation and simulated removal purposes. + * + * The macros OSSL_DEPRECATED_{major}_{minor} are always defined for + * all OpenSSL versions we care for. They can be used as attributes + * in function declarations where appropriate. + * + * The macros OPENSSL_NO_DEPRECATED_{major}_{minor} are defined for + * all OpenSSL versions up to or equal to the version given with + * OPENSSL_API_COMPAT. They are used as guards around anything that's + * deprecated up to that version, as an effect of the developer option + * 'no-deprecated'. */ # undef OPENSSL_NO_DEPRECATED_3_0 @@ -138,73 +174,101 @@ # if OPENSSL_API_LEVEL >= 30000 # ifndef OPENSSL_NO_DEPRECATED -# define DEPRECATEDIN_3_0(f) DECLARE_DEPRECATED(f) +# define OSSL_DEPRECATEDIN_3_0 OSSL_DEPRECATED(3.0) +# define OSSL_DEPRECATEDIN_3_0_FOR(msg) OSSL_DEPRECATED_FOR(3.0, msg) +# define DEPRECATEDIN_3_0(f) OSSL_DEPRECATEDIN_3_0 f; # else -# define DEPRECATEDIN_3_0(f) # define OPENSSL_NO_DEPRECATED_3_0 +# define DEPRECATEDIN_3_0(f) # endif # else -# define DEPRECATEDIN_3_0(f) f; +# define OSSL_DEPRECATEDIN_3_0 +# define OSSL_DEPRECATEDIN_3_0_FOR(msg) +# define DEPRECATEDIN_3_0(f) f; # endif # if OPENSSL_API_LEVEL >= 10101 # ifndef OPENSSL_NO_DEPRECATED -# define DEPRECATEDIN_1_1_1(f) DECLARE_DEPRECATED(f) +# define OSSL_DEPRECATEDIN_1_1_1 OSSL_DEPRECATED(1.1.1) +# define OSSL_DEPRECATEDIN_1_1_1_FOR(msg) OSSL_DEPRECATED_FOR(1.1.1, msg) +# define DEPRECATEDIN_1_1_1(f) OSSL_DEPRECATEDIN_1_1_1 f; # else -# define DEPRECATEDIN_1_1_1(f) # define OPENSSL_NO_DEPRECATED_1_1_1 +# define DEPRECATEDIN_1_1_1(f) # endif # else -# define DEPRECATEDIN_1_1_1(f) f; +# define OSSL_DEPRECATEDIN_1_1_1 +# define OSSL_DEPRECATEDIN_1_1_1_FOR(msg) +# define DEPRECATEDIN_1_1_1(f) f; # endif # if OPENSSL_API_LEVEL >= 10100 # ifndef OPENSSL_NO_DEPRECATED -# define DEPRECATEDIN_1_1_0(f) DECLARE_DEPRECATED(f) +# define OSSL_DEPRECATEDIN_1_1_0 OSSL_DEPRECATED(1.1.0) +# define OSSL_DEPRECATEDIN_1_1_0_FOR(msg) OSSL_DEPRECATED_FOR(1.1.0, msg) +# define DEPRECATEDIN_1_1_0(f) OSSL_DEPRECATEDIN_1_1_0 f; # else -# define DEPRECATEDIN_1_1_0(f) # define OPENSSL_NO_DEPRECATED_1_1_0 +# define DEPRECATEDIN_1_1_0(f) # endif # else -# define DEPRECATEDIN_1_1_0(f) f; +# define OSSL_DEPRECATEDIN_1_1_0 +# define OSSL_DEPRECATEDIN_1_1_0_FOR(msg) +# define DEPRECATEDIN_1_1_0(f) f; # endif # if OPENSSL_API_LEVEL >= 10002 # ifndef OPENSSL_NO_DEPRECATED -# define DEPRECATEDIN_1_0_2(f) DECLARE_DEPRECATED(f) +# define OSSL_DEPRECATEDIN_1_0_2 OSSL_DEPRECATED(1.0.2) +# define OSSL_DEPRECATEDIN_1_0_2_FOR(msg) OSSL_DEPRECATED_FOR(1.0.2, msg) +# define DEPRECATEDIN_1_0_2(f) OSSL_DEPRECATEDIN_1_0_2 f; # else -# define DEPRECATEDIN_1_0_2(f) # define OPENSSL_NO_DEPRECATED_1_0_2 +# define DEPRECATEDIN_1_0_2(f) # endif # else -# define DEPRECATEDIN_1_0_2(f) f; +# define OSSL_DEPRECATEDIN_1_0_2 +# define OSSL_DEPRECATEDIN_1_0_2_FOR(msg) +# define DEPRECATEDIN_1_0_2(f) f; # endif # if OPENSSL_API_LEVEL >= 10001 # ifndef OPENSSL_NO_DEPRECATED -# define DEPRECATEDIN_1_0_1(f) DECLARE_DEPRECATED(f) +# define OSSL_DEPRECATEDIN_1_0_1 OSSL_DEPRECATED(1.0.1) +# define OSSL_DEPRECATEDIN_1_0_1_FOR(msg) OSSL_DEPRECATED_FOR(1.0.1, msg) +# define DEPRECATEDIN_1_0_1(f) OSSL_DEPRECATEDIN_1_0_1 f; # else -# define DEPRECATEDIN_1_0_1(f) # define OPENSSL_NO_DEPRECATED_1_0_1 +# define DEPRECATEDIN_1_0_1(f) # endif # else -# define DEPRECATEDIN_1_0_1(f) f; +# define OSSL_DEPRECATEDIN_1_0_1 +# define OSSL_DEPRECATEDIN_1_0_1_FOR(msg) +# define DEPRECATEDIN_1_0_1(f) f; # endif # if OPENSSL_API_LEVEL >= 10000 # ifndef OPENSSL_NO_DEPRECATED -# define DEPRECATEDIN_1_0_0(f) DECLARE_DEPRECATED(f) +# define OSSL_DEPRECATEDIN_1_0_0 OSSL_DEPRECATED(1.0.0) +# define OSSL_DEPRECATEDIN_1_0_0_FOR(msg) OSSL_DEPRECATED_FOR(1.0.0, msg) +# define DEPRECATEDIN_1_0_0(f) OSSL_DEPRECATEDIN_1_0_0 f; # else -# define DEPRECATEDIN_1_0_0(f) # define OPENSSL_NO_DEPRECATED_1_0_0 +# define DEPRECATEDIN_1_0_0(f) # endif # else -# define DEPRECATEDIN_1_0_0(f) f; +# define OSSL_DEPRECATEDIN_1_0_0 +# define OSSL_DEPRECATEDIN_1_0_0_FOR(msg) +# define DEPRECATEDIN_1_0_0(f) f; # endif # if OPENSSL_API_LEVEL >= 908 # ifndef OPENSSL_NO_DEPRECATED -# define DEPRECATEDIN_0_9_8(f) DECLARE_DEPRECATED(f) +# define OSSL_DEPRECATEDIN_0_9_8 OSSL_DEPRECATED(0.9.8) +# define OSSL_DEPRECATEDIN_0_9_8_FOR(msg) OSSL_DEPRECATED_FOR(0.9.8, msg) +# define DEPRECATEDIN_0_9_8(f) OSSL_DEPRECATEDIN_0_9_8 f; # else -# define DEPRECATEDIN_0_9_8(f) # define OPENSSL_NO_DEPRECATED_0_9_8 +# define DEPRECATEDIN_0_9_8(f) # endif # else -# define DEPRECATEDIN_0_9_8(f) f; +# define OSSL_DEPRECATEDIN_0_9_8 +# define OSSL_DEPRECATEDIN_0_9_8_FOR(msg) +# define DEPRECATEDIN_0_9_8(f) f; # endif /* diff --git a/include/openssl/pem.h b/include/openssl/pem.h index 9247922574..a5e0077715 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -191,72 +191,110 @@ extern "C" { /* These are the same except they are for the declarations */ +/* + * The mysterious 'extern' that's passed to some macros is innocuous, + * and is there to quiet pre-C99 compilers that may complain about empty + * arguments in macro calls. + */ # if defined(OPENSSL_NO_STDIO) -# define DECLARE_PEM_read_fp(name, type) /**/ -# define DECLARE_PEM_write_fp(name, type) /**/ +# define DECLARE_PEM_read_fp_attr(attr, name, type) /**/ +# define DECLARE_PEM_write_fp_attr(attr, name, type) /**/ +# define DECLARE_PEM_write_fp_attr(attr, name, type) /**/ # ifndef OPENSSL_NO_DEPRECATED_3_0 -# define DECLARE_PEM_write_fp_const(name, type) /**/ +# define DECLARE_PEM_write_fp_const_attr(attr, name, type) /**/ # endif -# define DECLARE_PEM_write_cb_fp(name, type) /**/ -# else +# define DECLARE_PEM_write_cb_fp_attr(attr, name, type) /**/ -# define DECLARE_PEM_read_fp(name, type) \ - type *PEM_read_##name(FILE *fp, type **x, pem_password_cb *cb, void *u); - -# define DECLARE_PEM_write_fp(name, type) \ - PEM_write_fnsig(name, type, FILE, write); +# else +# define DECLARE_PEM_read_fp_attr(attr, name, type) \ + attr type *PEM_read_##name(FILE *fp, type **x, \ + pem_password_cb *cb, void *u); +# define DECLARE_PEM_write_fp_attr(attr, name, type) \ + attr PEM_write_fnsig(name, type, FILE, write); # ifndef OPENSSL_NO_DEPRECATED_3_0 -# define DECLARE_PEM_write_fp_const(name, type) \ - PEM_write_fnsig(name, type, FILE, write); +# define DECLARE_PEM_write_fp_const_attr(attr, name, type) \ + attr PEM_write_fnsig(name, type, FILE, write); # endif +# define DECLARE_PEM_write_cb_fp_attr(attr, name, type) \ + attr PEM_write_cb_fnsig(name, type, FILE, write); -# define DECLARE_PEM_write_cb_fp(name, type) \ - PEM_write_cb_fnsig(name, type, FILE, write); +# endif +# define DECLARE_PEM_read_fp(name, type) \ + DECLARE_PEM_read_fp_attr(extern, name, type) +# define DECLARE_PEM_write_fp(name, type) \ + DECLARE_PEM_write_fp_attr(extern, name, type) +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define DECLARE_PEM_write_fp_const(name, type) \ + DECLARE_PEM_write_fp_const_attr(extern, name, type) # endif +# define DECLARE_PEM_write_cb_fp(name, type) \ + DECLARE_PEM_write_cb_fp_attr(extern, name, type) -# define DECLARE_PEM_read_bio(name, type) \ - type *PEM_read_bio_##name(BIO *bp, type **x, \ - pem_password_cb *cb, void *u); +# define DECLARE_PEM_read_bio_attr(attr, name, type) \ + attr type *PEM_read_bio_##name(BIO *bp, type **x, \ + pem_password_cb *cb, void *u); +# define DECLARE_PEM_read_bio(name, type) \ + DECLARE_PEM_read_bio_attr(extern, name, type) -# define DECLARE_PEM_write_bio(name, type) \ - PEM_write_fnsig(name, type, BIO, write_bio); +# define DECLARE_PEM_write_bio_attr(attr, name, type) \ + attr PEM_write_fnsig(name, type, BIO, write_bio); +# define DECLARE_PEM_write_bio(name, type) \ + DECLARE_PEM_write_bio_attr(extern, name, type) -# ifndef OPENSSL_NO_DEPRECATED_3_0 -# define DECLARE_PEM_write_bio_const(name, type) \ - PEM_write_fnsig(name, type, BIO, write_bio); -# endif +# ifndef OPENSSL_NO_DEPRECATED_3_0 +# define DECLARE_PEM_write_bio_const_attr(attr, name, type) \ + attr PEM_write_fnsig(name, type, BIO, write_bio); +# define DECLARE_PEM_write_bio_const(name, type) \ + DECLARE_PEM_write_bio_const_attr(extern, name, type) +# endif -# define DECLARE_PEM_write_cb_bio(name, type) \ - PEM_write_cb_fnsig(name, type, BIO, write_bio); +# define DECLARE_PEM_write_cb_bio_attr(attr, name, type) \ + attr PEM_write_cb_fnsig(name, type, BIO, write_bio); +# define DECLARE_PEM_write_cb_bio(name, type) \ + DECLARE_PEM_write_cb_bio_attr(extern, name, type) +# define DECLARE_PEM_write_attr(attr, name, type) \ + DECLARE_PEM_write_bio_attr(attr, name, type) \ + DECLARE_PEM_write_fp_attr(attr, name, type) # define DECLARE_PEM_write(name, type) \ - DECLARE_PEM_write_bio(name, type) \ - DECLARE_PEM_write_fp(name, type) + DECLARE_PEM_write_attr(extern, name, type) # ifndef OPENSSL_NO_DEPRECATED_3_0 -# define DECLARE_PEM_write_const(name, type) \ - DECLARE_PEM_write_bio_const(name, type) \ - DECLARE_PEM_write_fp_const(name, type) +# define DECLARE_PEM_write_const_attr(attr, name, type) \ + DECLARE_PEM_write_bio_const_attr(attr, name, type) \ + DECLARE_PEM_write_fp_const_attr(attr, name, type) +# define DECLARE_PEM_write_const(name, type) \ + DECLARE_PEM_write_const_attr(extern, name, type) # endif -# define DECLARE_PEM_write_cb(name, type) \ - DECLARE_PEM_write_cb_bio(name, type) \ - DECLARE_PEM_write_cb_fp(name, type) -# define DECLARE_PEM_read(name, type) \ - DECLARE_PEM_read_bio(name, type) \ - DECLARE_PEM_read_fp(name, type) +# define DECLARE_PEM_write_cb_attr(attr, name, type) \ + DECLARE_PEM_write_cb_bio_attr(attr, name, type) \ + DECLARE_PEM_write_cb_fp_attr(attr, name, type) +# define DECLARE_PEM_write_cb(name, type) \ + DECLARE_PEM_write_cb_attr(extern, name, type) +# define DECLARE_PEM_read_attr(attr, name, type) \ + DECLARE_PEM_read_bio_attr(attr, name, type) \ + DECLARE_PEM_read_fp_attr(attr, name, type) +# define DECLARE_PEM_read(name, type) \ + DECLARE_PEM_read_attr(extern, name, type) +# define DECLARE_PEM_rw_attr(attr, name, type) \ + DECLARE_PEM_read_attr(attr, name, type) \ + DECLARE_PEM_write_attr(attr, name, type) # define DECLARE_PEM_rw(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write(name, type) + DECLARE_PEM_rw_attr(extern, name, type) # ifndef OPENSSL_NO_DEPRECATED_3_0 +# define DECLARE_PEM_rw_const_attr(attr, name, type) \ + DECLARE_PEM_read_attr(attr, name, type) \ + DECLARE_PEM_write_const_attr(attr, name, type) # define DECLARE_PEM_rw_const(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_const(name, type) + DECLARE_PEM_rw_const_attr(extern, name, type) # endif +# define DECLARE_PEM_rw_cb_attr(attr, name, type) \ + DECLARE_PEM_read_attr(attr, name, type) \ + DECLARE_PEM_write_cb_attr(attr, name, type) # define DECLARE_PEM_rw_cb(name, type) \ - DECLARE_PEM_read(name, type) \ - DECLARE_PEM_write_cb(name, type) + DECLARE_PEM_rw_cb_attr(extern, name, type) int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher); int PEM_do_header(EVP_CIPHER_INFO *cipher, unsigned char *data, long *len, diff --git a/util/missingmacro.txt b/util/missingmacro.txt index 2b02fef5f5..109bb0870f 100644 --- a/util/missingmacro.txt +++ b/util/missingmacro.txt @@ -176,3 +176,14 @@ X509V3_set_ctx_test(3) X509V3_set_ctx_nodb(3) EXT_BITSTRING(3) EXT_IA5STRING(3) + +# These are documented internally, in doc/internal/man7/deprecation.pod +OSSL_DEPRECATED(3) +OSSL_DEPRECATED_FOR(3) +OSSL_DEPRECATEDIN_3_0_FOR(3) +OSSL_DEPRECATEDIN_1_1_1_FOR(3) +OSSL_DEPRECATEDIN_1_1_0_FOR(3) +OSSL_DEPRECATEDIN_1_0_2_FOR(3) +OSSL_DEPRECATEDIN_1_0_1_FOR(3) +OSSL_DEPRECATEDIN_1_0_0_FOR(3) +OSSL_DEPRECATEDIN_0_9_8_FOR(3) diff --git a/util/perl/OpenSSL/Ordinals.pm b/util/perl/OpenSSL/Ordinals.pm index 7008ebf536..8f113fb8f6 100644 --- a/util/perl/OpenSSL/Ordinals.pm +++ b/util/perl/OpenSSL/Ordinals.pm @@ -407,7 +407,6 @@ sub _parse_features { if ($def =~ m{^ZLIB$}) { $features{$&} = $op; } if ($def =~ m{^OPENSSL_USE_}) { $features{$'} = $op; } if ($def =~ m{^OPENSSL_NO_}) { $features{$'} = !$op; } - if ($def =~ m{^DEPRECATEDIN_(.*)$}) { $features{$&} = !$op; } } return %features; diff --git a/util/perl/OpenSSL/ParseC.pm b/util/perl/OpenSSL/ParseC.pm index 7e6377dd17..5cc5f28bf3 100644 --- a/util/perl/OpenSSL/ParseC.pm +++ b/util/perl/OpenSSL/ParseC.pm @@ -75,7 +75,7 @@ my @opensslcpphandlers = ( #if$1 OPENSSL_NO_DEPRECATEDIN_$2 EOF } - } + } ); my @cpphandlers = ( ################################################################## @@ -262,17 +262,40 @@ my @opensslchandlers = ( # Deprecated stuff, by OpenSSL release. # We trick the parser by pretending that the declaration is wrapped in a - # check if the DEPRECATEDIN macro is defined or not. Callers of parse() - # will have to decide what to do with it. + # check if the OPENSSL_NO_DEPRECATEDIN_x_y[_z] macro is defined or not. + # Callers of parse() will have to decide what to do with it. { regexp => qr/(DEPRECATEDIN_\d+_\d+(?:_\d+)?)<<<\((.*)\)>>>/, massager => sub { return (<<"EOF"); -#ifndef $1 +#ifndef OPENSSL_NO_$1 $2; #endif EOF }, }, + # OSSL_DEPRECATEDIN_x_y[_z] is simply ignored. Such declarations are + # supposed to be guarded with an '#ifdef OPENSSL_NO_DEPRECATED_x_y[_z]' + { regexp => qr/OSSL_DEPRECATEDIN_\d+_\d+(?:_\d+)?\s+(.*)/, + massager => sub { return $1; }, + }, + { regexp => qr/(.*?)\s+OSSL_DEPRECATEDIN_\d+_\d+(?:_\d+)?\s+(.*)/, + massager => sub { return "$1 $2"; }, + }, + + ##### + # Core stuff + + # OSSL_CORE_MAKE_FUNC is a macro to create the necessary data and inline + # function the libcrypto<->provider interface + { regexp => qr/OSSL_CORE_MAKE_FUNC<<<\((.*?),(.*?),(.*?)\)>>>/, + massager => sub { + return (<<"EOF"); +typedef $1 OSSL_FUNC_$2_fn$3; +static ossl_inline OSSL_FUNC_$2_fn *OSSL_FUNC_$2(const OSSL_DISPATCH *opf); +EOF + }, + }, + ##### # LHASH stuff @@ -498,9 +521,27 @@ int $2_dup(void); EOF } }, + # Universal translator of attributed PEM declarators + { regexp => qr/ + DECLARE_ASN1 + (_ENCODE_FUNCTIONS_only|_ENCODE_FUNCTIONS|_ENCODE_FUNCTIONS_name + |_ALLOC_FUNCTIONS_name|_ALLOC_FUNCTIONS|_FUNCTIONS_name|_FUNCTIONS + |_NDEF_FUNCTION|_PRINT_FUNCTION|_PRINT_FUNCTION_name + |_DUP_FUNCTION|_DUP_FUNCTION_name) + _attr + <<<\(\s*OSSL_DEPRECATEDIN_(.*?)\s*,(.*?)\)>>> + /x, + massager => sub { return (<<"EOF"); +DECLARE_ASN1$1($3) +EOF + }, + }, { regexp => qr/DECLARE_PKCS12_SET_OF<<<\((.*)\)>>>/, massager => sub { return (); } }, + + ##### + # PEM stuff { regexp => qr/DECLARE_PEM(?|_rw|_rw_cb|_rw_const)<<<\((.*?),.*\)>>>/, massager => sub { return (<<"EOF"); #ifndef OPENSSL_NO_STDIO @@ -512,9 +553,6 @@ int PEM_write_bio_$1(void); EOF }, }, - - ##### - # PEM stuff { regexp => qr/DECLARE_PEM(?|_write|_write_cb|_write_const)<<<\((.*?),.*\)>>>/, massager => sub { return (<<"EOF"); #ifndef OPENSSL_NO_STDIO @@ -530,6 +568,18 @@ EOF int PEM_read_$1(void); #endif int PEM_read_bio_$1(void); +EOF + }, + }, + # Universal translator of attributed PEM declarators + { regexp => qr/ + DECLARE_PEM + (_rw|_rw_cb|_rw_const|_write|_write_cb|_write_const|_read|_read_cb) + _attr + <<<\(\s*OSSL_DEPRECATEDIN_(.*?)\s*,(.*?)\)>>> + /x, + massager => sub { return (<<"EOF"); +DECLARE_PEM$1($3) EOF }, }, From openssl at openssl.org Mon Oct 12 06:36:15 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 06:36:15 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1602484575.121017.9205.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 638 wallclock secs (13.08 usr 1.31 sys + 566.13 cusr 58.15 csys = 638.67 CPU) Result: FAIL Makefile:3177: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3175: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 12 06:58:12 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 06:58:12 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1602485892.403419.28802.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. skipped: dh is not supported by this OpenSSL build 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 25-test_x509.t (Wstat: 256 Tests: 15 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=212, Tests=3574, 678 wallclock secs (14.20 usr 1.32 sys + 598.00 cusr 60.55 csys = 674.07 CPU) Result: FAIL Makefile:3168: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dh' Makefile:3166: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Mon Oct 12 08:16:06 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 12 Oct 2020 08:16:06 +0000 Subject: Errored: openssl/openssl#38004 (master - 8ebd889) In-Reply-To: Message-ID: <5f8410c5bd7cf_13fedb56bd7fc6999d9@travis-pro-tasks-67ff46d589-jrxm7.mail> Build Update for openssl/openssl ------------------------------------- Build: #38004 Status: Errored Duration: 1 hr, 39 mins, and 48 secs Commit: 8ebd889 (master) Author: Richard Levitte Message: Document how deprecation should be done Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13074) View the changeset: https://github.com/openssl/openssl/compare/71abae18f5a2...8ebd88950d9d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189410338?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 12 08:46:06 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 08:46:06 +0000 Subject: Build failed: openssl master.37472 Message-ID: <20201012084606.1.AFF210AFFD3F6CC1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 12 09:19:07 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 09:19:07 +0000 Subject: Build failed: openssl master.37473 Message-ID: <20201012091907.1.F035659E53BE969D@appveyor.com> An HTML attachment was scrubbed... URL: From tmraz at fedoraproject.org Mon Oct 12 09:39:47 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Mon, 12 Oct 2020 09:39:47 +0000 Subject: [openssl] master update Message-ID: <1602495587.644798.23510.nullmailer@dev.openssl.org> The branch master has been updated via c804f2965ef6908dc1f30447d4547192fc3ba974 (commit) from 8ebd88950d9d0a94037e4962daa6e80a464bea06 (commit) - Log ----------------------------------------------------------------- commit c804f2965ef6908dc1f30447d4547192fc3ba974 Author: Rainer Jung Date: Tue Jul 21 11:32:02 2020 +0200 Make TAP::Harness and TAP::Parser optional. In OpenSSL 1.1.1 the script run_tests.pl has an effectiver workaround to fall back to Test::Harness, if TAP::Harness is not available. That code has substantially changed, but it seems it should still fall back but doesn't. Observed on SuSE Linux Enterprise Server 11 (SLES11). Error messages: Can't locate TAP/Parser.pm in @inc (@inc contains: /path/to/bld/openssl300/test/../util/perl /path/to/local/perl/lib/perl5 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 /usr/lib/perl5/site_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.10.0 /usr/lib/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl .) at /path/to/local/perl/lib/perl5/parent.pm line 20. BEGIN failed--compilation aborted at /path/to/bld/openssl300/test/run_tests.pl line 131. and Can't locate TAP/Harness.pm in @inc (@inc contains: /path/to/bld/openssl300/test/../util/perl /path/to/local/perl/lib/perl5 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 /usr/lib/perl5/site_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.10.0 /usr/lib/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl .) at /path/to/local/perl/lib/perl5/parent.pm line 20. BEGIN failed--compilation aborted at /path/to/bld/openssl300/test/run_tests.pl line 215. Concerning the fix: the docs for parent.pm show, that without the "-norequire" it puts the require statement in a BEGIN block which probably runs before the eval, to the loading is no longer encapsulated by the eval. Without the additional require line, the loading doesn't happen at all, so the availability testing fails. Combining the "-norequire" and an explicit "require" worked for me. Tested on the original problem platform SLES 11, but also on SLES 12 and 15, RHEL 6, 7 and 8 plus Solaris 10 Sparc. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12500) ----------------------------------------------------------------------- Summary of changes: test/run_tests.pl | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/run_tests.pl b/test/run_tests.pl index 14e195b468..8a9e156a54 100644 --- a/test/run_tests.pl +++ b/test/run_tests.pl @@ -148,7 +148,8 @@ my $eres; $eres = eval { package TAP::Parser::OpenSSL; - use parent 'TAP::Parser'; + use parent -norequire, 'TAP::Parser'; + require TAP::Parser; sub new { my $class = shift; @@ -231,7 +232,8 @@ $eres = eval { } package TAP::Harness::OpenSSL; - use parent 'TAP::Harness'; + use parent -norequire, 'TAP::Harness'; + require TAP::Harness; package main; From openssl at openssl.org Mon Oct 12 10:21:51 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 10:21:51 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1602498111.139688.31251.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 653 wallclock secs (10.55 usr 1.17 sys + 599.58 cusr 52.20 csys = 663.50 CPU) Result: FAIL Makefile:3139: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3137: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 12 10:24:35 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 10:24:35 +0000 Subject: Build completed: openssl master.37474 Message-ID: <20201012102435.1.4C0C8507A8B6946C@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Mon Oct 12 11:02:57 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 12 Oct 2020 11:02:57 +0000 Subject: Failed: openssl/openssl#38007 (master - c804f29) In-Reply-To: Message-ID: <5f8437e184879_13fe67da3d70478742a@travis-pro-tasks-785bc448bf-l2259.mail> Build Update for openssl/openssl ------------------------------------- Build: #38007 Status: Failed Duration: 1 hr, 21 mins, and 47 secs Commit: c804f29 (master) Author: Rainer Jung Message: Make TAP::Harness and TAP::Parser optional. In OpenSSL 1.1.1 the script run_tests.pl has an effectiver workaround to fall back to Test::Harness, if TAP::Harness is not available. That code has substantially changed, but it seems it should still fall back but doesn't. Observed on SuSE Linux Enterprise Server 11 (SLES11). Error messages: Can't locate TAP/Parser.pm in @inc (@inc contains: /path/to/bld/openssl300/test/../util/perl /path/to/local/perl/lib/perl5 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 /usr/lib/perl5/site_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.10.0 /usr/lib/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl .) at /path/to/local/perl/lib/perl5/parent.pm line 20. BEGIN failed--compilation aborted at /path/to/bld/openssl300/test/run_tests.pl line 131. and Can't locate TAP/Harness.pm in @inc (@inc contains: /path/to/bld/openssl300/test/../util/perl /path/to/local/perl/lib/perl5 /usr/lib/perl5/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/5.10.0 /usr/lib/perl5/site_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/5.10.0 /usr/lib/perl5/vendor_perl/5.10.0/x86_64-linux-thread-multi /usr/lib/perl5/vendor_perl/5.10.0 /usr/lib/perl5/vendor_perl .) at /path/to/local/perl/lib/perl5/parent.pm line 20. BEGIN failed--compilation aborted at /path/to/bld/openssl300/test/run_tests.pl line 215. Concerning the fix: the docs for parent.pm show, that without the "-norequire" it puts the require statement in a BEGIN block which probably runs before the eval, to the loading is no longer encapsulated by the eval. Without the additional require line, the loading doesn't happen at all, so the availability testing fails. Combining the "-norequire" and an explicit "require" worked for me. Tested on the original problem platform SLES 11, but also on SLES 12 and 15, RHEL 6, 7 and 8 plus Solaris 10 Sparc. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/12500) View the changeset: https://github.com/openssl/openssl/compare/8ebd88950d9d...c804f2965ef6 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189444981?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 12 11:13:17 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 11:13:17 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1602501197.729985.28950.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 667 wallclock secs (13.30 usr 1.21 sys + 607.71 cusr 55.85 csys = 678.07 CPU) Result: FAIL Makefile:3175: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3173: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 12 12:29:07 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 12:29:07 +0000 Subject: Build failed: openssl master.37475 Message-ID: <20201012122907.1.30997A564E351788@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 12 13:43:06 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 12 Oct 2020 13:43:06 +0000 Subject: Build completed: openssl master.37476 Message-ID: <20201012134306.1.AC5A93877D997517@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 12 18:18:42 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 18:18:42 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1602526722.967950.30495.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 706 wallclock secs (14.01 usr 1.25 sys + 608.01 cusr 57.54 csys = 680.81 CPU) Result: FAIL Makefile:3204: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3202: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 12 20:25:25 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 12 Oct 2020 20:25:25 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1602534325.613192.24048.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 559 wallclock secs ( 9.94 usr 1.12 sys + 503.09 cusr 46.34 csys = 560.49 CPU) Result: FAIL Makefile:2409: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2407: recipe for target 'tests' failed make: *** [tests] Error 2 From kaduk at mit.edu Tue Oct 13 00:07:35 2020 From: kaduk at mit.edu (kaduk at mit.edu) Date: Tue, 13 Oct 2020 00:07:35 +0000 Subject: [openssl] master update Message-ID: <1602547655.919413.24507.nullmailer@dev.openssl.org> The branch master has been updated via 9f7505ab6a1ce76497654ea8cf6a74307da78989 (commit) from c804f2965ef6908dc1f30447d4547192fc3ba974 (commit) - Log ----------------------------------------------------------------- commit 9f7505ab6a1ce76497654ea8cf6a74307da78989 Author: Ikko Ashimine Date: Tue Oct 13 00:30:07 2020 +0900 Fixed typo in ssl_lib.c orignal -> original CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13111) ----------------------------------------------------------------------- Summary of changes: ssl/ssl_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 6f5d2fee28..e8b004f4a6 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2842,7 +2842,7 @@ const char *SSL_get_servername(const SSL *s, const int type) * - Otherwise it returns NULL * * During/after the handshake (TLSv1.2 or below resumption occurred): - * - If the session from the orignal handshake had a servername accepted + * - If the session from the original handshake had a servername accepted * by the server then it will return that servername. * - Otherwise it returns the servername set via * SSL_set_tlsext_host_name() (or NULL if it was not called). From kaduk at mit.edu Tue Oct 13 00:08:39 2020 From: kaduk at mit.edu (kaduk at mit.edu) Date: Tue, 13 Oct 2020 00:08:39 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1602547719.408413.25770.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 11358e0e3c583fe2ce34d9ab719e49127fc2bd46 (commit) from 7455f247e6f9d621fa79ae3af1588df23078fb11 (commit) - Log ----------------------------------------------------------------- commit 11358e0e3c583fe2ce34d9ab719e49127fc2bd46 Author: Ikko Ashimine Date: Tue Oct 13 00:30:07 2020 +0900 Fixed typo in ssl_lib.c orignal -> original CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13111) (cherry picked from commit 9f7505ab6a1ce76497654ea8cf6a74307da78989) ----------------------------------------------------------------------- Summary of changes: ssl/ssl_lib.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index b1df374817..98057921f8 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -2678,7 +2678,7 @@ const char *SSL_get_servername(const SSL *s, const int type) * - Otherwise it returns NULL * * During/after the handshake (TLSv1.2 or below resumption occurred): - * - If the session from the orignal handshake had a servername accepted + * - If the session from the original handshake had a servername accepted * by the server then it will return that servername. * - Otherwise it returns the servername set via * SSL_set_tlsext_host_name() (or NULL if it was not called). From openssl at openssl.org Tue Oct 13 01:53:05 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 01:53:05 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1602553985.336514.12938.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dgst.pod.in > doc/man1/openssl-dgst.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4302: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3160: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From builds at travis-ci.com Tue Oct 13 01:54:14 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 13 Oct 2020 01:54:14 +0000 Subject: Still Failing: openssl/openssl#38015 (master - 9f7505a) In-Reply-To: Message-ID: <5f8508c5b2e1a_13f897a5ab1b0198164@travis-pro-tasks-5b5ffb86c9-fvjj8.mail> Build Update for openssl/openssl ------------------------------------- Build: #38015 Status: Still Failing Duration: 1 hr, 22 mins, and 55 secs Commit: 9f7505a (master) Author: Ikko Ashimine Message: Fixed typo in ssl_lib.c orignal -> original CLA: trivial Reviewed-by: Paul Dale Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13111) View the changeset: https://github.com/openssl/openssl/compare/c804f2965ef6...9f7505ab6a1c View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189603047?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 13 02:27:24 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 13 Oct 2020 02:27:24 +0000 Subject: Build failed: openssl master.37483 Message-ID: <20201013022724.1.DC23848C5BCBAABE@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 13 02:34:52 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 02:34:52 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1602556492.361880.21026.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C0C0BDC3AC7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 631 wallclock secs (12.77 usr 1.34 sys + 571.77 cusr 52.74 csys = 638.62 CPU) Result: FAIL Makefile:3175: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3173: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 13 03:35:14 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 13 Oct 2020 03:35:14 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37484 Message-ID: <20201013033514.1.800F85003966A97B@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Oct 13 04:46:06 2020 From: levitte at openssl.org (Richard Levitte) Date: Tue, 13 Oct 2020 04:46:06 +0000 Subject: [openssl] master update Message-ID: <1602564366.555601.5805.nullmailer@dev.openssl.org> The branch master has been updated via a8154452e5f5404982a2f6e54d56b1a17b6a5c4d (commit) from 9f7505ab6a1ce76497654ea8cf6a74307da78989 (commit) - Log ----------------------------------------------------------------- commit a8154452e5f5404982a2f6e54d56b1a17b6a5c4d Author: Richard Levitte Date: Fri Sep 25 09:28:14 2020 +0200 EVP: Take care of locks when downgrading an EVP_PKEY The temporary copy that's made didn't have a lock, which could end up with a crash. We now handle locks a bit better, and take extra care to lock it and keep track of which lock is used where and which lock is thrown away. Fixes #12876 Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/12978) ----------------------------------------------------------------------- Summary of changes: crypto/evp/p_lib.c | 61 ++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 48 insertions(+), 13 deletions(-) diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index e3a885cd7a..b394fcdebf 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1379,6 +1379,13 @@ size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt) /*- All methods below can also be used in FIPS_MODULE */ +/* + * This reset function must be used very carefully, as it literally throws + * away everything in an EVP_PKEY without freeing them, and may cause leaks + * of memory, locks, what have you. + * The only reason we have this is to have the same code for EVP_PKEY_new() + * and evp_pkey_downgrade(). + */ static int evp_pkey_reset_unlocked(EVP_PKEY *pk) { if (pk == NULL) @@ -1389,6 +1396,12 @@ static int evp_pkey_reset_unlocked(EVP_PKEY *pk) pk->save_type = EVP_PKEY_NONE; pk->references = 1; pk->save_parameters = 1; + + pk->lock = CRYPTO_THREAD_lock_new(); + if (pk->lock == NULL) { + EVPerr(0, ERR_R_MALLOC_FAILURE); + return 0; + } return 1; } @@ -1404,11 +1417,6 @@ EVP_PKEY *EVP_PKEY_new(void) if (!evp_pkey_reset_unlocked(ret)) goto err; - ret->lock = CRYPTO_THREAD_lock_new(); - if (ret->lock == NULL) { - EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); - goto err; - } #ifndef FIPS_MODULE if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_EVP_PKEY, ret, &ret->ex_data)) { EVPerr(EVP_F_EVP_PKEY_NEW, ERR_R_MALLOC_FAILURE); @@ -1908,24 +1916,41 @@ int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) int evp_pkey_downgrade(EVP_PKEY *pk) { - EVP_PKEY tmp_copy; /* Stack allocated! */ + EVP_PKEY tmp_copy; /* Stack allocated! */ + CRYPTO_RWLOCK *tmp_lock = NULL; /* Temporary lock */ + int rv = 0; + + if (!ossl_assert(pk != NULL)) + return 0; + + /* + * Throughout this whole function, we must ensure that we lock / unlock + * the exact same lock. Note that we do pass it around a bit. + */ + if (!CRYPTO_THREAD_write_lock(pk->lock)) + return 0; /* If this isn't an assigned provider side key, we're done */ - if (!evp_pkey_is_assigned(pk) || !evp_pkey_is_provided(pk)) - return 1; + if (!evp_pkey_is_assigned(pk) || !evp_pkey_is_provided(pk)) { + rv = 1; + goto end; + } /* * To be able to downgrade, we steal the contents of |pk|, then reset * it, and finally try to make it a downgraded copy. If any of that * fails, we restore the copied contents into |pk|. */ - tmp_copy = *pk; + tmp_copy = *pk; /* |tmp_copy| now owns THE lock */ if (evp_pkey_reset_unlocked(pk) && evp_pkey_copy_downgraded(&pk, &tmp_copy)) { + /* Grab the temporary lock to avoid lock leak */ + tmp_lock = pk->lock; + /* Restore the common attributes, then empty |tmp_copy| */ pk->references = tmp_copy.references; - pk->lock = tmp_copy.lock; + pk->lock = tmp_copy.lock; /* |pk| now owns THE lock */ pk->attributes = tmp_copy.attributes; pk->save_parameters = tmp_copy.save_parameters; pk->ex_data = tmp_copy.ex_data; @@ -1955,12 +1980,22 @@ int evp_pkey_downgrade(EVP_PKEY *pk) tmp_copy.keydata = NULL; evp_pkey_free_it(&tmp_copy); + rv = 1; + } else { + /* Grab the temporary lock to avoid lock leak */ + tmp_lock = pk->lock; - return 1; + /* Restore the original key */ + *pk = tmp_copy; /* |pk| now owns THE lock */ } - *pk = tmp_copy; - return 0; + /* Free the temporary lock. It should never be NULL */ + CRYPTO_THREAD_lock_free(tmp_lock); + + end: + if (!CRYPTO_THREAD_unlock(pk->lock)) + return 0; + return rv; } #endif /* FIPS_MODULE */ From openssl at openssl.org Tue Oct 13 06:26:04 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 06:26:04 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1602570364.649419.22424.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c ../openssl/apps/lib/engine.c:46:13: error: implicitly declaring library function 'strcmp' with type 'int (const char *, const char *)' [-Werror,-Wimplicit-function-declaration] if (strcmp(id, "auto") == 0) { ^ ../openssl/apps/lib/engine.c:46:13: note: include the header or explicitly provide a declaration for 'strcmp' 1 error generated. Makefile:4267: recipe for target 'apps/lib/libapps-lib-engine.o' failed make[1]: *** [apps/lib/libapps-lib-engine.o] Error 1 make[1]: *** Waiting for unfinished jobs.... ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4283: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3141: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From builds at travis-ci.com Tue Oct 13 08:29:46 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 13 Oct 2020 08:29:46 +0000 Subject: Still Failing: openssl/openssl#38021 (master - a815445) In-Reply-To: Message-ID: <5f85657a56bdb_13fee46db7bd416369@travis-pro-tasks-649b6dbb4d-rnvkz.mail> Build Update for openssl/openssl ------------------------------------- Build: #38021 Status: Still Failing Duration: 1 hr, 25 mins, and 1 sec Commit: a815445 (master) Author: Richard Levitte Message: EVP: Take care of locks when downgrading an EVP_PKEY The temporary copy that's made didn't have a lock, which could end up with a crash. We now handle locks a bit better, and take extra care to lock it and keep track of which lock is used where and which lock is thrown away. Fixes #12876 Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/12978) View the changeset: https://github.com/openssl/openssl/compare/9f7505ab6a1c...a8154452e5f5 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189628184?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 13 09:27:57 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 13 Oct 2020 09:27:57 +0000 Subject: Build failed: openssl master.37489 Message-ID: <20201013092757.1.A1C6BD48589B3B56@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 13 09:53:56 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 09:53:56 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1602582836.781430.29502.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 40A78C557D7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4097B640D77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4097B640D77F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1456 wallclock secs (14.09 usr 1.38 sys + 1367.26 cusr 83.81 csys = 1466.54 CPU) Result: FAIL Makefile:3189: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3187: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 13 10:15:24 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 10:15:24 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1602584124.897065.18306.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 711 wallclock secs (13.65 usr 1.25 sys + 616.29 cusr 56.47 csys = 687.66 CPU) Result: FAIL Makefile:3188: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3186: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 13 10:37:17 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 13 Oct 2020 10:37:17 +0000 Subject: Build completed: openssl master.37490 Message-ID: <20201013103717.1.033BF821EFD6A008@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 13 12:43:01 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 12:43:01 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1602592981.425705.31530.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 685 wallclock secs (13.31 usr 1.24 sys + 625.20 cusr 57.37 csys = 697.12 CPU) Result: FAIL Makefile:3183: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3181: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 13 15:06:23 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 15:06:23 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1602601583.965346.5869.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070900B207F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070900B207F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070900B207F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/NwtRTtsjsQ default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0B07F3B6E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0B07F3B6E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0B07F3B6E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0B07F3B6E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0B07F3B6E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0B07F3B6E7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/NwtRTtsjsQ fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 681 wallclock secs (13.48 usr 1.23 sys + 621.64 cusr 56.28 csys = 692.63 CPU) Result: FAIL Makefile:3180: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3178: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 13 17:15:55 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 17:15:55 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1602609355.008519.27948.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C030337EF17F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C030337EF17F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C030337EF17F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/ZTk7egVbIG default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05053B27C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05053B27C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05053B27C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05053B27C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05053B27C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05053B27C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/ZTk7egVbIG fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 690 wallclock secs (13.72 usr 1.11 sys + 631.00 cusr 57.04 csys = 702.87 CPU) Result: FAIL Makefile:3179: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3177: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 13 17:57:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 17:57:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1602611833.274910.1176.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: 113adc1f61 Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() 25cf949fc6 ENCODER / DECODER: Add functions to encode/decode to/from a buffer 3094351625 Fix diverse ERR code conflicts 86e5ac6d84 make ordinals a23163a316 Modify util/mknum.pl to drop new symbols that don't exist any more 0c12ca7294 OpenSSL::Ordinals: Add options for the writing functions cad8095925 INSTALL.md: Drop trailing spaces on a line a96722219e Disabled symbol_presence test on NonStop due to different nm format. Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C01066FBA77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C01066FBA77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C01066FBA77F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C01066FBA77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/nc8NTeGGqn default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C09089E1367F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C09089E1367F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C09089E1367F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C09089E1367F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/nc8NTeGGqn fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 655 wallclock secs (11.52 usr 1.09 sys + 596.07 cusr 54.18 csys = 662.86 CPU) Result: FAIL Makefile:3176: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3174: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 13 23:44:38 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 13 Oct 2020 23:44:38 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1602632678.459374.16751.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 8027A313487F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80471DAC147F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80471DAC147F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1280 wallclock secs (11.83 usr 1.34 sys + 1120.90 cusr 145.63 csys = 1279.70 CPU) Result: FAIL Makefile:2537: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2535: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 14 01:38:14 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 01:38:14 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1602639494.223787.23920.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 674 wallclock secs (13.69 usr 1.17 sys + 610.87 cusr 56.75 csys = 682.48 CPU) Result: FAIL Makefile:3190: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3188: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Wed Oct 14 02:17:57 2020 From: levitte at openssl.org (Richard Levitte) Date: Wed, 14 Oct 2020 02:17:57 +0000 Subject: [openssl] master update Message-ID: <1602641877.090880.23267.nullmailer@dev.openssl.org> The branch master has been updated via 58608c7c7ac664e03d8f4acffd9420e56d148320 (commit) from a8154452e5f5404982a2f6e54d56b1a17b6a5c4d (commit) - Log ----------------------------------------------------------------- commit 58608c7c7ac664e03d8f4acffd9420e56d148320 Author: Randall S. Becker Date: Fri Oct 9 15:17:34 2020 -0600 Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. The default settings are now IEEE float. CLA: Permission is granted by the author to the ITUGLIB team to use these modifications. Fixes #12919 Signed-off-by: Randall S. Becker Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13108) ----------------------------------------------------------------------- Summary of changes: Configurations/50-nonstop.conf | 48 +++++++++++++++++++++++++++++++----------- 1 file changed, 36 insertions(+), 12 deletions(-) diff --git a/Configurations/50-nonstop.conf b/Configurations/50-nonstop.conf index 21cd64833d..37ccbb40a5 100644 --- a/Configurations/50-nonstop.conf +++ b/Configurations/50-nonstop.conf @@ -134,20 +134,32 @@ template => 1, lflags => '-Wld="-set floattype tandem_float"', }, + 'nonstop-efloat-itanium' => { + template => 1, + cflags => '-WIEEE_float', + lflags => '-Weld="-set floattype ieee_float"', + }, 'nonstop-nfloat-itanium' => { template => 1, lflags => '-Weld="-set floattype neutral_float"', }, 'nonstop-tfloat-itanium' => { template => 1, + cflags => '-WTandem_float', lflags => '-Weld="-set floattype tandem_float"', }, + 'nonstop-efloat-x86_64' => { + template => 1, + cflags => '-WIEEE_float', + lflags => '-Wxld="-set floattype ieee_float"', + }, 'nonstop-nfloat-x86_64' => { template => 1, lflags => '-Wxld="-set floattype neutral_float"', }, 'nonstop-tfloat-x86_64' => { template => 1, + cflags => '-WTandem_float', lflags => '-Wxld="-set floattype tandem_float"', }, @@ -181,39 +193,45 @@ 'nonstop-nsx' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-x86_64-oss', - 'nonstop-ilp32', 'nonstop-nfloat-x86_64', + 'nonstop-ilp32', + 'nonstop-efloat-x86_64', 'nonstop-model-floss' ], disable => ['threads'], }, 'nonstop-nsx_put' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-x86_64-oss', - 'nonstop-ilp32', 'nonstop-nfloat-x86_64', + 'nonstop-ilp32', + 'nonstop-efloat-x86_64', 'nonstop-model-put' ], }, 'nonstop-nsx_64' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-x86_64-oss', - 'nonstop-lp64-x86_64', 'nonstop-nfloat-x86_64', + 'nonstop-lp64-x86_64', + 'nonstop-efloat-x86_64', 'nonstop-model-floss' ], disable => ['threads'], }, 'nonstop-nsx_64_put' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-x86_64-oss', - 'nonstop-lp64-x86_64', 'nonstop-nfloat-x86_64', + 'nonstop-lp64-x86_64', + 'nonstop-efloat-x86_64', 'nonstop-model-put' ], }, 'nonstop-nsx_spt' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-x86_64-oss', - 'nonstop-ilp32', 'nonstop-nfloat-x86_64', + 'nonstop-ilp32', + 'nonstop-efloat-x86_64', 'nonstop-model-spt' ], }, 'nonstop-nsx_spt_floss' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-x86_64-oss', - 'nonstop-ilp32', 'nonstop-nfloat-x86_64', + 'nonstop-ilp32', + 'nonstop-efloat-x86_64', 'nonstop-model-floss', 'nonstop-model-spt'], }, 'nonstop-nsx_g' => { @@ -234,39 +252,45 @@ 'nonstop-nse' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-itanium-oss', - 'nonstop-ilp32', 'nonstop-nfloat-itanium', + 'nonstop-ilp32', + 'nonstop-efloat-itanium', 'nonstop-model-floss' ], disable => ['threads'], }, 'nonstop-nse_put' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-itanium-oss', - 'nonstop-ilp32', 'nonstop-nfloat-itanium', + 'nonstop-ilp32', + 'nonstop-efloat-itanium', 'nonstop-model-put' ], }, 'nonstop-nse_64' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-itanium-oss', - 'nonstop-lp64-itanium', 'nonstop-nfloat-itanium', + 'nonstop-lp64-itanium', + 'nonstop-efloat-itanium', 'nonstop-model-floss' ], disable => ['threads'], }, 'nonstop-nse_64_put' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-itanium-oss', - 'nonstop-lp64-itanium', 'nonstop-nfloat-itanium', + 'nonstop-lp64-itanium', + 'nonstop-efloat-itanium', 'nonstop-model-put' ], }, 'nonstop-nse_spt' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-itanium-oss', - 'nonstop-ilp32', 'nonstop-nfloat-itanium', + 'nonstop-ilp32', + 'nonstop-efloat-itanium', 'nonstop-model-spt' ], }, 'nonstop-nse_spt_floss' => { inherit_from => [ 'nonstop-common', 'nonstop-archenv-itanium-oss', - 'nonstop-ilp32', 'nonstop-nfloat-itanium', + 'nonstop-ilp32', + 'nonstop-efloat-itanium', 'nonstop-model-floss', 'nonstop-model-spt' ], }, 'nonstop-nse_g' => { From builds at travis-ci.com Wed Oct 14 03:39:21 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 14 Oct 2020 03:39:21 +0000 Subject: Still Failing: openssl/openssl#38029 (master - 58608c7) In-Reply-To: Message-ID: <5f8672e96f9d0_13f8c834aa5fc7500bd@travis-pro-tasks-6cb679c67b-fgmdg.mail> Build Update for openssl/openssl ------------------------------------- Build: #38029 Status: Still Failing Duration: 1 hr, 19 mins, and 57 secs Commit: 58608c7 (master) Author: Randall S. Becker Message: Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. The default settings are now IEEE float. CLA: Permission is granted by the author to the ITUGLIB team to use these modifications. Fixes #12919 Signed-off-by: Randall S. Becker Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13108) View the changeset: https://github.com/openssl/openssl/compare/a8154452e5f5...58608c7c7ac6 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189864341?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 14 04:15:12 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 04:15:12 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1602648912.920785.19202.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" chmod a+x apps/tsget.pl rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-eddsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-eddsa.o -c -o providers/implementations/signature/libimplementations-lib-eddsa.o ../openssl/providers/implementations/signature/eddsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21565: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3131: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Wed Oct 14 04:15:42 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 14 Oct 2020 04:15:42 +0000 Subject: Build failed: openssl master.37497 Message-ID: <20201014041542.1.9A6E7C91DB0C116F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 14 05:18:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 14 Oct 2020 05:18:27 +0000 Subject: Build completed: openssl master.37498 Message-ID: <20201014051827.1.FBF9F6B5F21BC068@appveyor.com> An HTML attachment was scrubbed... URL: From matthias.st.pierre at ncp-e.com Wed Oct 14 05:53:00 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Wed, 14 Oct 2020 05:53:00 +0000 Subject: [openssl] master update Message-ID: <1602654780.121056.24537.nullmailer@dev.openssl.org> The branch master has been updated via 8e596a93bc266259f1ef0d56601e58bbfe18317a (commit) from 58608c7c7ac664e03d8f4acffd9420e56d148320 (commit) - Log ----------------------------------------------------------------- commit 8e596a93bc266259f1ef0d56601e58bbfe18317a Author: Yury Is Date: Tue Oct 13 02:24:52 2020 +0300 syscall_random(): don't fail if the getentropy() function is a dummy Several embedded toolchains may provide dummy implemented getentropy() function which always returns -1 and sets errno to the ENOSYS. As a result the function SSL_CTX_new() fails to create a new context. Fixes #13002 Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13114) ----------------------------------------------------------------------- Summary of changes: providers/implementations/rands/seeding/rand_unix.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/providers/implementations/rands/seeding/rand_unix.c b/providers/implementations/rands/seeding/rand_unix.c index 26d81d6054..ddd453fff8 100644 --- a/providers/implementations/rands/seeding/rand_unix.c +++ b/providers/implementations/rands/seeding/rand_unix.c @@ -376,12 +376,19 @@ static ssize_t syscall_random(void *buf, size_t buflen) * - OpenBSD since 5.6 * - Linux since 3.17 with glibc 2.25 * - FreeBSD since 12.0 (1200061) + * + * Note: Sometimes getentropy() can be provided but not implemented + * internally. So we need to check errno for ENOSYS */ # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) extern int getentropy(void *buffer, size_t length) __attribute__((weak)); - if (getentropy != NULL) - return getentropy(buf, buflen) == 0 ? (ssize_t)buflen : -1; + if (getentropy != NULL) { + if (getentropy(buf, buflen) == 0) + return (ssize_t)buflen; + if (errno != ENOSYS) + return -1; + } # elif !defined(FIPS_MODULE) union { void *p; From matthias.st.pierre at ncp-e.com Wed Oct 14 06:00:16 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Wed, 14 Oct 2020 06:00:16 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1602655216.840998.27758.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via b316d06dd99ec55f0a5275ca8ca4188848227b3b (commit) from 11358e0e3c583fe2ce34d9ab719e49127fc2bd46 (commit) - Log ----------------------------------------------------------------- commit b316d06dd99ec55f0a5275ca8ca4188848227b3b Author: Yury Is Date: Tue Oct 13 02:28:26 2020 +0300 syscall_random(): don't fail if the getentropy() function is a dummy Several embedded toolchains may provide dummy implemented getentropy() function which always returns -1 and sets errno to the ENOSYS. As a result the function SSL_CTX_new() fails to create a new context. Fixes #13002 Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13112) ----------------------------------------------------------------------- Summary of changes: crypto/rand/rand_unix.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index da66773e4a..ec6be791b3 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -365,12 +365,19 @@ static ssize_t syscall_random(void *buf, size_t buflen) * - OpenBSD since 5.6 * - Linux since 3.17 with glibc 2.25 * - FreeBSD since 12.0 (1200061) + * + * Note: Sometimes getentropy() can be provided but not implemented + * internally. So we need to check errno for ENOSYS */ # if defined(__GNUC__) && __GNUC__>=2 && defined(__ELF__) && !defined(__hpux) extern int getentropy(void *buffer, size_t length) __attribute__((weak)); - if (getentropy != NULL) - return getentropy(buf, buflen) == 0 ? (ssize_t)buflen : -1; + if (getentropy != NULL) { + if (getentropy(buf, buflen) == 0) + return (ssize_t)buflen; + if (errno != ENOSYS) + return -1; + } # else union { void *p; From openssl at openssl.org Wed Oct 14 06:28:26 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 06:28:26 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1602656906.852882.4126.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0D0B106DA7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0007FA9B37F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0007FA9B37F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C090CDF8767F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C090CDF8767F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 716 wallclock secs (14.61 usr 1.36 sys + 650.87 cusr 59.02 csys = 725.86 CPU) Result: FAIL Makefile:3151: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3149: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 14 06:51:20 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 06:51:20 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1602658280.207423.24182.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 714 wallclock secs (14.10 usr 1.36 sys + 643.52 cusr 60.89 csys = 719.87 CPU) Result: FAIL Makefile:3183: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3181: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 14 07:13:11 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 07:13:11 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1602659591.246577.12290.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. skipped: dh is not supported by this OpenSSL build 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 25-test_x509.t (Wstat: 256 Tests: 15 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=212, Tests=3574, 670 wallclock secs (14.29 usr 1.32 sys + 599.86 cusr 59.63 csys = 675.10 CPU) Result: FAIL Makefile:3164: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dh' Makefile:3162: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Wed Oct 14 07:45:42 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 14 Oct 2020 07:45:42 +0000 Subject: Still Failing: openssl/openssl#38032 (master - 8e596a9) In-Reply-To: Message-ID: <5f86aca5c7e0a_13fe3d0aa807c58714e@travis-pro-tasks-54f6957965-bz6b4.mail> Build Update for openssl/openssl ------------------------------------- Build: #38032 Status: Still Failing Duration: 1 hr, 25 mins, and 19 secs Commit: 8e596a9 (master) Author: Yury Is Message: syscall_random(): don't fail if the getentropy() function is a dummy Several embedded toolchains may provide dummy implemented getentropy() function which always returns -1 and sets errno to the ENOSYS. As a result the function SSL_CTX_new() fails to create a new context. Fixes #13002 Reviewed-by: Paul Dale Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/13114) View the changeset: https://github.com/openssl/openssl/compare/58608c7c7ac6...8e596a93bc26 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189887161?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From kurt at openssl.org Wed Oct 14 07:55:35 2020 From: kurt at openssl.org (Kurt Roeckx) Date: Wed, 14 Oct 2020 07:55:35 +0000 Subject: [openssl] master update Message-ID: <1602662135.703943.17806.nullmailer@dev.openssl.org> The branch master has been updated via 47690cd4ceb3a1cfdf097d575cb0d3cf9c6dac13 (commit) from 8e596a93bc266259f1ef0d56601e58bbfe18317a (commit) - Log ----------------------------------------------------------------- commit 47690cd4ceb3a1cfdf097d575cb0d3cf9c6dac13 Author: Kurt Roeckx Date: Sat Jul 11 17:17:09 2020 +0200 Use __BYTE_ORDER__ to test the endianness when available Reviewed-by: Paul Dale GH: #13085 ----------------------------------------------------------------------- Summary of changes: include/internal/endian.h | 34 +++++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/include/internal/endian.h b/include/internal/endian.h index f581c14b24..b4e486da3a 100644 --- a/include/internal/endian.h +++ b/include/internal/endian.h @@ -10,13 +10,41 @@ #ifndef OSSL_INTERNAL_ENDIAN_H # define OSSL_INTERNAL_ENDIAN_H -# define DECLARE_IS_ENDIAN \ +/* + * IS_LITTLE_ENDIAN and IS_BIG_ENDIAN can be used to detect the endiannes + * at compile time. To use it, DECLARE_IS_ENDIAN must be used to declare + * a variable. + * + * L_ENDIAN and B_ENDIAN can be used at preprocessor time. They can be set + * in the configarion using the lib_cppflags variable. If neither is + * set, it will fall back to code works with either endianness. + */ + +# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) +# define DECLARE_IS_ENDIAN const int ossl_is_little_endian = __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ +# define IS_LITTLE_ENDIAN (ossl_is_little_endian) +# define IS_BIG_ENDIAN (!ossl_is_little_endian) +# if defined(L_ENDIAN) && (__BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__) +# error "L_ENDIAN defined on a big endian machine" +# endif +# if defined(B_ENDIAN) && (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) +# error "B_ENDIAN defined on a little endian machine" +# endif +# if !defined(L_ENDIAN) && (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) +# define L_ENDIAN +# endif +# if !defined(B_ENDIAN) && (__BYTE_ORDER__ != __ORDER_LITTLE_ENDIAN__) +# define B_ENDIAN +# endif +# else +# define DECLARE_IS_ENDIAN \ const union { \ long one; \ char little; \ } ossl_is_endian = { 1 } -# define IS_LITTLE_ENDIAN (ossl_is_endian.little != 0) -# define IS_BIG_ENDIAN (ossl_is_endian.little == 0) +# define IS_LITTLE_ENDIAN (ossl_is_endian.little != 0) +# define IS_BIG_ENDIAN (ossl_is_endian.little == 0) +# endif #endif From builds at travis-ci.com Wed Oct 14 09:32:37 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 14 Oct 2020 09:32:37 +0000 Subject: Still Failing: openssl/openssl#38035 (master - 47690cd) In-Reply-To: Message-ID: <5f86c5b59e0f6_13fbd323b6bfc300355@travis-pro-tasks-77d9564878-tbqf4.mail> Build Update for openssl/openssl ------------------------------------- Build: #38035 Status: Still Failing Duration: 1 hr, 25 mins, and 35 secs Commit: 47690cd (master) Author: Kurt Roeckx Message: Use __BYTE_ORDER__ to test the endianness when available Reviewed-by: Paul Dale GH: #13085 View the changeset: https://github.com/openssl/openssl/compare/8e596a93bc26...47690cd4ceb3 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/189905279?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 14 10:45:22 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 10:45:22 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1602672322.630152.13553.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 665 wallclock secs (10.68 usr 1.22 sys + 610.00 cusr 53.97 csys = 675.87 CPU) Result: FAIL Makefile:3121: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3119: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 14 11:14:17 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 14 Oct 2020 11:14:17 +0000 Subject: Build failed: openssl master.37503 Message-ID: <20201014111417.1.54CC6E5D629BAF21@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 14 11:41:11 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 11:41:11 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1602675671.072757.12738.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 690 wallclock secs (13.44 usr 1.16 sys + 630.69 cusr 55.64 csys = 700.93 CPU) Result: FAIL Makefile:3179: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3177: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 14 12:23:53 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 14 Oct 2020 12:23:53 +0000 Subject: Build completed: openssl master.37504 Message-ID: <20201014122353.1.ADC610DBF3521E9E@appveyor.com> An HTML attachment was scrubbed... URL: From nic.tuv at gmail.com Wed Oct 14 16:17:08 2020 From: nic.tuv at gmail.com (nic.tuv at gmail.com) Date: Wed, 14 Oct 2020 16:17:08 +0000 Subject: [openssl] master update Message-ID: <1602692228.083969.12090.nullmailer@dev.openssl.org> The branch master has been updated via 5b70206cb316024c6dc30ce54f585ce5cf001a56 (commit) via 8b17fbaf46ae8a1319be5975ad8da3e0f4932e77 (commit) via a011b5861b545b40df3c6f111df4fbde74cd7c82 (commit) via c1a74f59ac799087c511d641cb086722817b805b (commit) via ecff43e0ca48b25ddb001b6b63f3b7f8431f6962 (commit) via c8e3a4c61346915a30b0c3594a7710753b8d1126 (commit) via 32fea070dc679f656a9e3d152aa570f6b658bc8e (commit) from 47690cd4ceb3a1cfdf097d575cb0d3cf9c6dac13 (commit) - Log ----------------------------------------------------------------- commit 5b70206cb316024c6dc30ce54f585ce5cf001a56 Author: Nicola Tuveri Date: Mon Sep 28 08:37:13 2020 +0300 [test][tls-provider] Implement KEM algorithm Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) commit 8b17fbaf46ae8a1319be5975ad8da3e0f4932e77 Author: Nicola Tuveri Date: Mon Sep 28 04:32:03 2020 +0300 [ssl] Support ssl_encapsulate on server side Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) commit a011b5861b545b40df3c6f111df4fbde74cd7c82 Author: Nicola Tuveri Date: Mon Sep 28 03:45:30 2020 +0300 [ssl] Support ssl_decapsulate on client side Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) commit c1a74f59ac799087c511d641cb086722817b805b Author: Nicola Tuveri Date: Mon Sep 28 02:16:29 2020 +0300 Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM Note that with this commit the optional parameter is introduced, but libssl still ignores it. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) commit ecff43e0ca48b25ddb001b6b63f3b7f8431f6962 Author: Nicola Tuveri Date: Mon Sep 28 01:58:24 2020 +0300 [test][tls-provider] Add 2nd pluggable tls group for KEM Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) commit c8e3a4c61346915a30b0c3594a7710753b8d1126 Author: Nicola Tuveri Date: Mon Sep 28 01:26:41 2020 +0300 [test][sslapitest] Add test for pluggable KEM group Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) commit 32fea070dc679f656a9e3d152aa570f6b658bc8e Author: Nicola Tuveri Date: Mon Sep 28 01:05:27 2020 +0300 [test][tls-provider] Group xor_group properties in a struct Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) ----------------------------------------------------------------------- Summary of changes: crypto/err/openssl.txt | 2 + doc/man7/provider-base.pod | 41 +++++- include/openssl/core_names.h | 1 + include/openssl/sslerr.h | 2 + ssl/s3_lib.c | 162 ++++++++++++++++++--- ssl/ssl_local.h | 8 ++ ssl/statem/extensions_clnt.c | 55 ++++--- ssl/statem/extensions_srvr.c | 106 ++++++++++---- ssl/t1_lib.c | 8 ++ test/sslapitest.c | 13 +- test/tls-provider.c | 334 ++++++++++++++++++++++++++++++++++++------- 11 files changed, 610 insertions(+), 122 deletions(-) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 1724982709..2aca84f838 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1401,11 +1401,13 @@ SSL_F_SSL_CTX_USE_SERVERINFO_EX:543:SSL_CTX_use_serverinfo_ex SSL_F_SSL_CTX_USE_SERVERINFO_FILE:337:SSL_CTX_use_serverinfo_file SSL_F_SSL_DANE_DUP:403:ssl_dane_dup SSL_F_SSL_DANE_ENABLE:395:SSL_dane_enable +SSL_F_SSL_DECAPSULATE:643: SSL_F_SSL_DERIVE:590:ssl_derive SSL_F_SSL_DO_CONFIG:391:ssl_do_config SSL_F_SSL_DO_HANDSHAKE:180:SSL_do_handshake SSL_F_SSL_DUP_CA_LIST:408:SSL_dup_CA_list SSL_F_SSL_ENABLE_CT:402:SSL_enable_ct +SSL_F_SSL_ENCAPSULATE:644: SSL_F_SSL_GENERATE_PKEY_GROUP:559:ssl_generate_pkey_group SSL_F_SSL_GENERATE_SESSION_ID:547:ssl_generate_session_id SSL_F_SSL_GET_NEW_SESSION:181:ssl_get_new_session diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod index efec869e25..b92f117d86 100644 --- a/doc/man7/provider-base.pod +++ b/doc/man7/provider-base.pod @@ -364,15 +364,17 @@ Applications can query the capabilities to discover those services. The "TLS-GROUP" capability can be queried by libssl to discover the list of TLS groups that a provider can support. Each group supported can be used for -key exchange during a TLS handshake. TLS clients can advertise the list of -TLS groups they support in the supported_groups extension, and TLS servers can -select a group from the offered list that they also support. In this way a -provider can add to the list of groups that libssl already supports with -additional ones. +I (KEX) or I (KEM) during a TLS +handshake. +TLS clients can advertise the list of TLS groups they support in the +supported_groups extension, and TLS servers can select a group from the offered +list that they also support. In this way a provider can add to the list of +groups that libssl already supports with additional ones. Each TLS group that a provider supports should be described via the callback passed in through the provider_get_capabilities function. Each group should have -the following details supplied (all are mandatory): +the following details supplied (all are mandatory, except +B): =over 4 @@ -393,7 +395,9 @@ The TLS group id value as given in the IANA TLS Supported Groups registry. =item "tls-group-alg" (B) The name of a Key Management algorithm that the provider offers and that should -be used with this group. Keys created should be able to support key exchange. +be used with this group. Keys created should be able to support I +or I (KEM), as implied by the optional +B flag. The algorithm must support key and parameter generation as well as the key/parameter generation parameter, B. The group name given via "tls-group-name-internal" above will be passed via @@ -405,6 +409,29 @@ The number of bits of security offered by keys in this group. The number of bits should be comparable with the ones given in table 2 and 3 of the NIST SP800-57 document. +=item "tls-group-is-kem" (B) + +Boolean flag to describe if the group should be used in I (KEX) +mode (0, default) or in I (KEM) mode (1). + +This parameter is optional: if not specified, KEX mode is assumed as the default +mode for the group. + +In KEX mode, in a typical Diffie-Hellman fashion, both sides execute I +then I against the peer public key. To operate in KEX mode, the group +implementation must support the provider functions as described in +L. + +In KEM mode, the client executes I and sends its public key, the server +executes I using the client's public key and sends back the +resulting I, finally the client executes I to retrieve +the same I generated by the server's I. To operate +in KEM mode, the group implementation must support the provider functions as +described in L. + +Both in KEX and KEM mode, the resulting I is then used according +to the protocol specification. + =item "tls-min-tls" (B) =item "tls-max-tls" (B) diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index c9f2bfab5e..4a4bd36cbe 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -492,6 +492,7 @@ extern "C" { #define OSSL_CAPABILITY_TLS_GROUP_ID "tls-group-id" #define OSSL_CAPABILITY_TLS_GROUP_ALG "tls-group-alg" #define OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS "tls-group-sec-bits" +#define OSSL_CAPABILITY_TLS_GROUP_IS_KEM "tls-group-is-kem" #define OSSL_CAPABILITY_TLS_GROUP_MIN_TLS "tls-min-tls" #define OSSL_CAPABILITY_TLS_GROUP_MAX_TLS "tls-max-tls" #define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls" diff --git a/include/openssl/sslerr.h b/include/openssl/sslerr.h index d4ee837a1e..56ece0d175 100644 --- a/include/openssl/sslerr.h +++ b/include/openssl/sslerr.h @@ -183,11 +183,13 @@ int ERR_load_SSL_strings(void); # define SSL_F_SSL_CTX_USE_SERVERINFO_FILE 0 # define SSL_F_SSL_DANE_DUP 0 # define SSL_F_SSL_DANE_ENABLE 0 +# define SSL_F_SSL_DECAPSULATE 0 # define SSL_F_SSL_DERIVE 0 # define SSL_F_SSL_DO_CONFIG 0 # define SSL_F_SSL_DO_HANDSHAKE 0 # define SSL_F_SSL_DUP_CA_LIST 0 # define SSL_F_SSL_ENABLE_CT 0 +# define SSL_F_SSL_ENCAPSULATE 0 # define SSL_F_SSL_GENERATE_PKEY_GROUP 0 # define SSL_F_SSL_GENERATE_SESSION_ID 0 # define SSL_F_SSL_GET_NEW_SESSION 0 diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 94c2d8c2ce..1fd424a52e 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4832,6 +4832,32 @@ EVP_PKEY *ssl_generate_param_group(SSL *s, uint16_t id) return pkey; } +/* Generate secrets from pms */ +int ssl_gensecret(SSL *s, unsigned char *pms, size_t pmslen) +{ + int rv = 0; + + /* SSLfatal() called as appropriate in the below functions */ + if (SSL_IS_TLS13(s)) { + /* + * If we are resuming then we already generated the early secret + * when we created the ClientHello, so don't recreate it. + */ + if (!s->hit) + rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL, + 0, + (unsigned char *)&s->early_secret); + else + rv = 1; + + rv = rv && tls13_generate_handshake_secret(s, pms, pmslen); + } else { + rv = ssl_generate_master_secret(s, pms, pmslen, 0); + } + + return rv; +} + /* Derive secrets for ECDH/DH */ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret) { @@ -4876,22 +4902,118 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret) if (gensecret) { /* SSLfatal() called as appropriate in the below functions */ - if (SSL_IS_TLS13(s)) { - /* - * If we are resuming then we already generated the early secret - * when we created the ClientHello, so don't recreate it. - */ - if (!s->hit) - rv = tls13_generate_secret(s, ssl_handshake_md(s), NULL, NULL, - 0, - (unsigned char *)&s->early_secret); - else - rv = 1; - - rv = rv && tls13_generate_handshake_secret(s, pms, pmslen); - } else { - rv = ssl_generate_master_secret(s, pms, pmslen, 0); - } + rv = ssl_gensecret(s, pms, pmslen); + } else { + /* Save premaster secret */ + s->s3.tmp.pms = pms; + s->s3.tmp.pmslen = pmslen; + pms = NULL; + rv = 1; + } + + err: + OPENSSL_clear_free(pms, pmslen); + EVP_PKEY_CTX_free(pctx); + return rv; +} + +/* Decapsulate secrets for KEM */ +int ssl_decapsulate(SSL *s, EVP_PKEY *privkey, + const unsigned char *ct, size_t ctlen, + int gensecret) +{ + int rv = 0; + unsigned char *pms = NULL; + size_t pmslen = 0; + EVP_PKEY_CTX *pctx; + + if (privkey == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DECAPSULATE, + ERR_R_INTERNAL_ERROR); + return 0; + } + + pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, privkey, s->ctx->propq); + + if (EVP_PKEY_decapsulate_init(pctx) <= 0 + || EVP_PKEY_decapsulate(pctx, NULL, &pmslen, ct, ctlen) <= 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DECAPSULATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + + pms = OPENSSL_malloc(pmslen); + if (pms == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DECAPSULATE, + ERR_R_MALLOC_FAILURE); + goto err; + } + + if (EVP_PKEY_decapsulate(pctx, pms, &pmslen, ct, ctlen) <= 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_DECAPSULATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + + if (gensecret) { + /* SSLfatal() called as appropriate in the below functions */ + rv = ssl_gensecret(s, pms, pmslen); + } else { + /* Save premaster secret */ + s->s3.tmp.pms = pms; + s->s3.tmp.pmslen = pmslen; + pms = NULL; + rv = 1; + } + + err: + OPENSSL_clear_free(pms, pmslen); + EVP_PKEY_CTX_free(pctx); + return rv; +} + +int ssl_encapsulate(SSL *s, EVP_PKEY *pubkey, + unsigned char **ctp, size_t *ctlenp, + int gensecret) +{ + int rv = 0; + unsigned char *pms = NULL, *ct = NULL; + size_t pmslen = 0, ctlen = 0; + EVP_PKEY_CTX *pctx; + + if (pubkey == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ENCAPSULATE, + ERR_R_INTERNAL_ERROR); + return 0; + } + + pctx = EVP_PKEY_CTX_new_from_pkey(s->ctx->libctx, pubkey, s->ctx->propq); + + if (EVP_PKEY_encapsulate_init(pctx) <= 0 + || EVP_PKEY_encapsulate(pctx, NULL, &ctlen, NULL, &pmslen) <= 0 + || pmslen == 0 || ctlen == 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ENCAPSULATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + + pms = OPENSSL_malloc(pmslen); + ct = OPENSSL_malloc(ctlen); + if (pms == NULL || ct == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ENCAPSULATE, + ERR_R_MALLOC_FAILURE); + goto err; + } + + if (EVP_PKEY_encapsulate(pctx, ct, &ctlen, pms, &pmslen) <= 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ENCAPSULATE, + ERR_R_INTERNAL_ERROR); + goto err; + } + + if (gensecret) { + /* SSLfatal() called as appropriate in the below functions */ + rv = ssl_gensecret(s, pms, pmslen); } else { /* Save premaster secret */ s->s3.tmp.pms = pms; @@ -4900,8 +5022,16 @@ int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int gensecret) rv = 1; } + if (rv > 0) { + /* Pass ownership of ct to caller */ + *ctp = ct; + *ctlenp = ctlen; + ct = NULL; + } + err: OPENSSL_clear_free(pms, pmslen); + OPENSSL_free(ct); EVP_PKEY_CTX_free(pctx); return rv; } diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index fd4eacdc38..66a84cf54e 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -818,6 +818,7 @@ typedef struct tls_group_info_st { int maxtls; /* Maximum TLS version (or 0 for undefined) */ int mindtls; /* Minimum DTLS version, -1 unsupported */ int maxdtls; /* Maximum DTLS version (or 0 for undefined) */ + char is_kem; /* Mode for this Group: 0 is KEX, 1 is KEM */ } TLS_GROUP_INFO; /* flags values */ @@ -2453,8 +2454,15 @@ __owur int ssl_fill_hello_random(SSL *s, int server, unsigned char *field, __owur int ssl_generate_master_secret(SSL *s, unsigned char *pms, size_t pmslen, int free_pms); __owur EVP_PKEY *ssl_generate_pkey(SSL *s, EVP_PKEY *pm); +__owur int ssl_gensecret(SSL *s, unsigned char *pms, size_t pmslen); __owur int ssl_derive(SSL *s, EVP_PKEY *privkey, EVP_PKEY *pubkey, int genmaster); +__owur int ssl_decapsulate(SSL *s, EVP_PKEY *privkey, + const unsigned char *ct, size_t ctlen, + int gensecret); +__owur int ssl_encapsulate(SSL *s, EVP_PKEY *pubkey, + unsigned char **ctp, size_t *ctlenp, + int gensecret); __owur EVP_PKEY *ssl_dh_to_pkey(DH *dh); __owur unsigned int ssl_get_max_send_fragment(const SSL *ssl); __owur unsigned int ssl_get_split_send_fragment(const SSL *ssl); diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 189e2c9e5e..15cd622ed5 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -1830,6 +1830,7 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, unsigned int group_id; PACKET encoded_pt; EVP_PKEY *ckey = s->s3.tmp.pkey, *skey = NULL; + const TLS_GROUP_INFO *ginf = NULL; /* Sanity check */ if (ckey == NULL || s->s3.peer_tmp != NULL) { @@ -1893,6 +1894,12 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } + if ((ginf = tls1_group_id_lookup(s->ctx, group_id)) == NULL) { + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_KEY_SHARE, + SSL_R_BAD_KEY_SHARE); + return 0; + } + if (!PACKET_as_length_prefixed_2(pkt, &encoded_pt) || PACKET_remaining(&encoded_pt) == 0) { SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_F_TLS_PARSE_STOC_KEY_SHARE, @@ -1900,27 +1907,39 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } - skey = EVP_PKEY_new(); - if (skey == NULL || EVP_PKEY_copy_parameters(skey, ckey) <= 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_KEY_SHARE, - SSL_R_COPY_PARAMETERS_FAILED); - return 0; - } + if (!ginf->is_kem) { + /* Regular KEX */ + skey = EVP_PKEY_new(); + if (skey == NULL || EVP_PKEY_copy_parameters(skey, ckey) <= 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PARSE_STOC_KEY_SHARE, + SSL_R_COPY_PARAMETERS_FAILED); + return 0; + } - if (!EVP_PKEY_set1_tls_encodedpoint(skey, PACKET_data(&encoded_pt), - PACKET_remaining(&encoded_pt))) { - SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_KEY_SHARE, - SSL_R_BAD_ECPOINT); - EVP_PKEY_free(skey); - return 0; - } + if (!EVP_PKEY_set1_tls_encodedpoint(skey, PACKET_data(&encoded_pt), + PACKET_remaining(&encoded_pt))) { + SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_KEY_SHARE, + SSL_R_BAD_ECPOINT); + EVP_PKEY_free(skey); + return 0; + } - if (ssl_derive(s, ckey, skey, 1) == 0) { - /* SSLfatal() already called */ - EVP_PKEY_free(skey); - return 0; + if (ssl_derive(s, ckey, skey, 1) == 0) { + /* SSLfatal() already called */ + EVP_PKEY_free(skey); + return 0; + } + s->s3.peer_tmp = skey; + } else { + /* KEM Mode */ + const unsigned char *ct = PACKET_data(&encoded_pt); + size_t ctlen = PACKET_remaining(&encoded_pt); + + if (ssl_decapsulate(s, ckey, ct, ctlen, 1) == 0) { + /* SSLfatal() already called */ + return 0; + } } - s->s3.peer_tmp = skey; #endif return 1; diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index 9ec48ef56a..eb24d0a19e 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -1696,6 +1696,7 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, unsigned char *encodedPoint; size_t encoded_pt_len = 0; EVP_PKEY *ckey = s->s3.peer_tmp, *skey = NULL; + const TLS_GROUP_INFO *ginf = NULL; if (s->hello_retry_request == SSL_HRR_PENDING) { if (ckey != NULL) { @@ -1733,37 +1734,92 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, return EXT_RETURN_FAIL; } - skey = ssl_generate_pkey(s, ckey); - if (skey == NULL) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, - ERR_R_MALLOC_FAILURE); + if ((ginf = tls1_group_id_lookup(s->ctx, s->s3.group_id)) == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, ERR_R_INTERNAL_ERROR); return EXT_RETURN_FAIL; } - /* Generate encoding of server key */ - encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(skey, &encodedPoint); - if (encoded_pt_len == 0) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, - ERR_R_EC_LIB); - EVP_PKEY_free(skey); - return EXT_RETURN_FAIL; - } + if (!ginf->is_kem) { + /* Regular KEX */ + skey = ssl_generate_pkey(s, ckey); + if (skey == NULL) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, + ERR_R_MALLOC_FAILURE); + return EXT_RETURN_FAIL; + } - if (!WPACKET_sub_memcpy_u16(pkt, encodedPoint, encoded_pt_len) - || !WPACKET_close(pkt)) { - SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, - ERR_R_INTERNAL_ERROR); - EVP_PKEY_free(skey); + /* Generate encoding of server key */ + encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(skey, &encodedPoint); + if (encoded_pt_len == 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, + ERR_R_EC_LIB); + EVP_PKEY_free(skey); + return EXT_RETURN_FAIL; + } + + if (!WPACKET_sub_memcpy_u16(pkt, encodedPoint, encoded_pt_len) + || !WPACKET_close(pkt)) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, + ERR_R_INTERNAL_ERROR); + EVP_PKEY_free(skey); + OPENSSL_free(encodedPoint); + return EXT_RETURN_FAIL; + } OPENSSL_free(encodedPoint); - return EXT_RETURN_FAIL; - } - OPENSSL_free(encodedPoint); - /* This causes the crypto state to be updated based on the derived keys */ - s->s3.tmp.pkey = skey; - if (ssl_derive(s, skey, ckey, 1) == 0) { - /* SSLfatal() already called */ - return EXT_RETURN_FAIL; + /* + * This causes the crypto state to be updated based on the derived keys + */ + s->s3.tmp.pkey = skey; + if (ssl_derive(s, skey, ckey, 1) == 0) { + /* SSLfatal() already called */ + return EXT_RETURN_FAIL; + } + } else { + /* KEM mode */ + unsigned char *ct = NULL; + size_t ctlen = 0; + + /* + * This does not update the crypto state. + * + * The generated pms is stored in `s->s3.tmp.pms` to be later used via + * ssl_gensecret(). + */ + if (ssl_encapsulate(s, ckey, &ct, &ctlen, 0) == 0) { + /* SSLfatal() already called */ + return EXT_RETURN_FAIL; + } + + if (ctlen == 0) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, + ERR_R_INTERNAL_ERROR); + OPENSSL_free(ct); + return EXT_RETURN_FAIL; + } + + if (!WPACKET_sub_memcpy_u16(pkt, ct, ctlen) + || !WPACKET_close(pkt)) { + SSLfatal(s, SSL_AD_INTERNAL_ERROR, + SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, + ERR_R_INTERNAL_ERROR); + OPENSSL_free(ct); + return EXT_RETURN_FAIL; + } + OPENSSL_free(ct); + + /* + * This causes the crypto state to be updated based on the generated pms + */ + if (ssl_gensecret(s, s->s3.tmp.pms, s->s3.tmp.pmslen) == 0) { + /* SSLfatal() already called */ + return EXT_RETURN_FAIL; + } } return EXT_RETURN_SENT; #else diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 927154fd98..8005f4ee32 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -249,6 +249,7 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) TLS_GROUP_INFO *ginf = NULL; EVP_KEYMGMT *keymgmt; unsigned int gid; + unsigned int is_kem = 0; int ret = 0; if (ctx->group_list_max_len == ctx->group_list_len) { @@ -321,6 +322,13 @@ static int add_provider_groups(const OSSL_PARAM params[], void *data) goto err; } + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_IS_KEM); + if (p != NULL && (!OSSL_PARAM_get_uint(p, &is_kem) || is_kem > 1)) { + SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); + goto err; + } + ginf->is_kem = 1 & is_kem; + p = OSSL_PARAM_locate_const(params, OSSL_CAPABILITY_TLS_GROUP_MIN_TLS); if (p == NULL || !OSSL_PARAM_get_int(p, &ginf->mintls)) { SSLerr(0, ERR_R_PASSED_INVALID_ARGUMENT); diff --git a/test/sslapitest.c b/test/sslapitest.c index 4331f41549..6dc3be92cb 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -7935,7 +7935,7 @@ static int test_sigalgs_available(int idx) #endif /* OPENSSL_NO_EC */ #ifndef OPENSSL_NO_TLS1_3 -static int test_pluggable_group(void) +static int test_pluggable_group(int idx) { SSL_CTX *cctx = NULL, *sctx = NULL; SSL *clientssl = NULL, *serverssl = NULL; @@ -7943,6 +7943,7 @@ static int test_pluggable_group(void) OSSL_PROVIDER *tlsprov = OSSL_PROVIDER_load(libctx, "tls-provider"); /* Check that we are not impacted by a provider without any groups */ OSSL_PROVIDER *legacyprov = OSSL_PROVIDER_load(libctx, "legacy"); + const char *group_name = idx == 0 ? "xorgroup" : "xorkemgroup"; if (!TEST_ptr(tlsprov) || !TEST_ptr(legacyprov)) goto end; @@ -7956,8 +7957,8 @@ static int test_pluggable_group(void) NULL, NULL))) goto end; - if (!TEST_true(SSL_set1_groups_list(serverssl, "xorgroup")) - || !TEST_true(SSL_set1_groups_list(clientssl, "xorgroup"))) + if (!TEST_true(SSL_set1_groups_list(serverssl, group_name)) + || !TEST_true(SSL_set1_groups_list(clientssl, group_name))) goto end; if (!TEST_true(create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE))) @@ -8136,10 +8137,10 @@ int setup_tests(void) goto err; #if !defined(OPENSSL_NO_KTLS) && !defined(OPENSSL_NO_SOCK) -#if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3) +# if !defined(OPENSSL_NO_TLS1_2) || !defined(OPENSSL_NO_TLS1_3) ADD_ALL_TESTS(test_ktls, 32); ADD_ALL_TESTS(test_ktls_sendfile_anytls, 6); -#endif +# endif #endif ADD_TEST(test_large_message_tls); ADD_TEST(test_large_message_tls_read_ahead); @@ -8247,7 +8248,7 @@ int setup_tests(void) ADD_ALL_TESTS(test_sigalgs_available, 6); #endif #ifndef OPENSSL_NO_TLS1_3 - ADD_TEST(test_pluggable_group); + ADD_ALL_TESTS(test_pluggable_group, 2); #endif #ifndef OPENSSL_NO_TLS1_2 ADD_TEST(test_ssl_dup); diff --git a/test/tls-provider.c b/test/tls-provider.c index 924ede501b..bcbcd710ce 100644 --- a/test/tls-provider.c +++ b/test/tls-provider.c @@ -41,41 +41,134 @@ typedef struct xorkey_st { int haspubkey; } XORKEY; -/* We define a dummy TLS group called "xorgroup" for test purposes */ -static unsigned int group_id = 0; /* IANA reserved for private use */ -static unsigned int secbits = 128; -static unsigned int mintls = TLS1_3_VERSION; -static unsigned int maxtls = 0; -static unsigned int mindtls = -1; -static unsigned int maxdtls = -1; +/* Key Management for the dummy XOR KEX and KEM algorithms */ + +static OSSL_FUNC_keymgmt_new_fn xor_newdata; +static OSSL_FUNC_keymgmt_free_fn xor_freedata; +static OSSL_FUNC_keymgmt_has_fn xor_has; +static OSSL_FUNC_keymgmt_copy_fn xor_copy; +static OSSL_FUNC_keymgmt_gen_init_fn xor_gen_init; +static OSSL_FUNC_keymgmt_gen_set_params_fn xor_gen_set_params; +static OSSL_FUNC_keymgmt_gen_settable_params_fn xor_gen_settable_params; +static OSSL_FUNC_keymgmt_gen_fn xor_gen; +static OSSL_FUNC_keymgmt_gen_cleanup_fn xor_gen_cleanup; +static OSSL_FUNC_keymgmt_get_params_fn xor_get_params; +static OSSL_FUNC_keymgmt_gettable_params_fn xor_gettable_params; +static OSSL_FUNC_keymgmt_set_params_fn xor_set_params; +static OSSL_FUNC_keymgmt_settable_params_fn xor_settable_params; + +/* + * Dummy "XOR" Key Exchange algorithm. We just xor the private and public keys + * together. Don't use this! + */ + +static OSSL_FUNC_keyexch_newctx_fn xor_newctx; +static OSSL_FUNC_keyexch_init_fn xor_init; +static OSSL_FUNC_keyexch_set_peer_fn xor_set_peer; +static OSSL_FUNC_keyexch_derive_fn xor_derive; +static OSSL_FUNC_keyexch_freectx_fn xor_freectx; +static OSSL_FUNC_keyexch_dupctx_fn xor_dupctx; + +/* + * Dummy "XOR" Key Encapsulation Method. We just build a KEM over the xor KEX. + * Don't use this! + */ + +static OSSL_FUNC_kem_newctx_fn xor_newctx; +static OSSL_FUNC_kem_freectx_fn xor_freectx; +static OSSL_FUNC_kem_dupctx_fn xor_dupctx; +static OSSL_FUNC_kem_encapsulate_init_fn xor_init; +static OSSL_FUNC_kem_encapsulate_fn xor_encapsulate; +static OSSL_FUNC_kem_decapsulate_init_fn xor_init; +static OSSL_FUNC_kem_decapsulate_fn xor_decapsulate; + + +/* + * We define 2 dummy TLS groups called "xorgroup" and "xorkemgroup" for test + * purposes + */ +struct tls_group_st { + unsigned int group_id; /* for "tls-group-id", see provider-base(7) */ + unsigned int secbits; + unsigned int mintls; + unsigned int maxtls; + unsigned int mindtls; + unsigned int maxdtls; + unsigned int is_kem; /* boolean */ +}; + +#define XORGROUP_NAME "xorgroup" +#define XORGROUP_NAME_INTERNAL "xorgroup-int" +static struct tls_group_st xor_group = { + 0, /* group_id, set by randomize_tls_group_id() */ + 128, /* secbits */ + TLS1_3_VERSION, /* mintls */ + 0, /* maxtls */ + -1, /* mindtls */ + -1, /* maxdtls */ + 0 /* is_kem */ +}; + +#define XORKEMGROUP_NAME "xorkemgroup" +#define XORKEMGROUP_NAME_INTERNAL "xorkemgroup-int" +static struct tls_group_st xor_kemgroup = { + 0, /* group_id, set by randomize_tls_group_id() */ + 128, /* secbits */ + TLS1_3_VERSION, /* mintls */ + 0, /* maxtls */ + -1, /* mindtls */ + -1, /* maxdtls */ + 1 /* is_kem */ +}; -#define GROUP_NAME "xorgroup" -#define GROUP_NAME_INTERNAL "xorgroup-int" #define ALGORITHM "XOR" static const OSSL_PARAM xor_group_params[] = { OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME, - GROUP_NAME, sizeof(GROUP_NAME)), + XORGROUP_NAME, sizeof(XORGROUP_NAME)), OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL, - GROUP_NAME_INTERNAL, sizeof(GROUP_NAME_INTERNAL)), + XORGROUP_NAME_INTERNAL, + sizeof(XORGROUP_NAME_INTERNAL)), OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_ALG, ALGORITHM, sizeof(ALGORITHM)), - OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_ID, &group_id), - OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS, &secbits), - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_TLS, &mintls), - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_TLS, &maxtls), - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS, &mindtls), - OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS, &maxdtls), + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_ID, &xor_group.group_id), + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS, + &xor_group.secbits), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_TLS, &xor_group.mintls), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_TLS, &xor_group.maxtls), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS, &xor_group.mindtls), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS, &xor_group.maxdtls), + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_IS_KEM, &xor_group.is_kem), OSSL_PARAM_END }; +static const OSSL_PARAM xor_kemgroup_params[] = { + OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME, + XORKEMGROUP_NAME, sizeof(XORKEMGROUP_NAME)), + OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_NAME_INTERNAL, + XORKEMGROUP_NAME_INTERNAL, + sizeof(XORKEMGROUP_NAME_INTERNAL)), + OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_GROUP_ALG, ALGORITHM, + sizeof(ALGORITHM)), + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_ID, &xor_kemgroup.group_id), + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_SECURITY_BITS, + &xor_kemgroup.secbits), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_TLS, &xor_kemgroup.mintls), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_TLS, &xor_kemgroup.maxtls), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS, &xor_kemgroup.mindtls), + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS, &xor_kemgroup.maxdtls), + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_GROUP_IS_KEM, &xor_kemgroup.is_kem), + OSSL_PARAM_END +}; + + static int tls_prov_get_capabilities(void *provctx, const char *capability, OSSL_CALLBACK *cb, void *arg) { - /* We're only adding one group so we only call the callback once */ if (strcmp(capability, "TLS-GROUP") == 0) - return cb(xor_group_params, arg); + return cb(xor_group_params, arg) + && cb(xor_kemgroup_params, arg); /* We don't support this capability */ return 0; @@ -86,16 +179,10 @@ static int tls_prov_get_capabilities(void *provctx, const char *capability, * together. Don't use this! */ -static OSSL_FUNC_keyexch_newctx_fn xor_newctx; -static OSSL_FUNC_keyexch_init_fn xor_init; -static OSSL_FUNC_keyexch_set_peer_fn xor_set_peer; -static OSSL_FUNC_keyexch_derive_fn xor_derive; -static OSSL_FUNC_keyexch_freectx_fn xor_freectx; -static OSSL_FUNC_keyexch_dupctx_fn xor_dupctx; - typedef struct { XORKEY *key; XORKEY *peerkey; + void *provctx; } PROV_XOR_CTX; static void *xor_newctx(void *provctx) @@ -105,6 +192,8 @@ static void *xor_newctx(void *provctx) if (pxorctx == NULL) return NULL; + pxorctx->provctx = provctx; + return pxorctx; } @@ -188,21 +277,136 @@ static const OSSL_ALGORITHM tls_prov_keyexch[] = { { NULL, NULL, NULL } }; -/* Key Management for the dummy XOR key exchange algorithm */ +/* + * Dummy "XOR" Key Encapsulation Method. We just build a KEM over the xor KEX. + * Don't use this! + */ -static OSSL_FUNC_keymgmt_new_fn xor_newdata; -static OSSL_FUNC_keymgmt_free_fn xor_freedata; -static OSSL_FUNC_keymgmt_has_fn xor_has; -static OSSL_FUNC_keymgmt_copy_fn xor_copy; -static OSSL_FUNC_keymgmt_gen_init_fn xor_gen_init; -static OSSL_FUNC_keymgmt_gen_set_params_fn xor_gen_set_params; -static OSSL_FUNC_keymgmt_gen_settable_params_fn xor_gen_settable_params; -static OSSL_FUNC_keymgmt_gen_fn xor_gen; -static OSSL_FUNC_keymgmt_gen_cleanup_fn xor_gen_cleanup; -static OSSL_FUNC_keymgmt_get_params_fn xor_get_params; -static OSSL_FUNC_keymgmt_gettable_params_fn xor_gettable_params; -static OSSL_FUNC_keymgmt_set_params_fn xor_set_params; -static OSSL_FUNC_keymgmt_settable_params_fn xor_settable_params; +static int xor_encapsulate(void *vpxorctx, + unsigned char *ct, size_t *ctlen, + unsigned char *ss, size_t *sslen) +{ + /* + * We are building this around a KEX: + * + * 1. we generate ephemeral keypair + * 2. we encode our ephemeral pubkey as the outgoing ct + * 3. we derive using our ephemeral privkey in combination with the peer + * pubkey from the ctx; the result is our ss. + */ + int rv = 0; + void *genctx = NULL, *derivectx = NULL; + XORKEY *ourkey = NULL; + PROV_XOR_CTX *pxorctx = vpxorctx; + + if (ct == NULL || ss == NULL) { + /* Just return sizes */ + + if (ctlen == NULL && sslen == NULL) + return 0; + if (ctlen != NULL) + *ctlen = XOR_KEY_SIZE; + if (sslen != NULL) + *sslen = XOR_KEY_SIZE; + return 1; + } + + /* 1. Generate keypair */ + genctx = xor_gen_init(pxorctx->provctx, OSSL_KEYMGMT_SELECT_KEYPAIR); + if (genctx == NULL) + goto end; + ourkey = xor_gen(genctx, NULL, NULL); + if (ourkey == NULL) + goto end; + + /* 2. Encode ephemeral pubkey as ct */ + memcpy(ct, ourkey->pubkey, XOR_KEY_SIZE); + *ctlen = XOR_KEY_SIZE; + + /* 3. Derive ss via KEX */ + derivectx = xor_newctx(pxorctx->provctx); + if (derivectx == NULL + || !xor_init(derivectx, ourkey) + || !xor_set_peer(derivectx, pxorctx->key) + || !xor_derive(derivectx, ss, sslen, XOR_KEY_SIZE)) + goto end; + + rv = 1; + + end: + xor_gen_cleanup(genctx); + xor_freedata(ourkey); + xor_freectx(derivectx); + return rv; +} + +static int xor_decapsulate(void *vpxorctx, + unsigned char *ss, size_t *sslen, + const unsigned char *ct, size_t ctlen) +{ + /* + * We are building this around a KEX: + * + * - ct is our peer's pubkey + * - decapsulate is just derive. + */ + int rv = 0; + void *derivectx = NULL; + XORKEY *peerkey = NULL; + PROV_XOR_CTX *pxorctx = vpxorctx; + + if (ss == NULL) { + /* Just return size */ + if (sslen == NULL) + return 0; + *sslen = XOR_KEY_SIZE; + return 1; + } + + if (ctlen != XOR_KEY_SIZE) + return 0; + peerkey = xor_newdata(pxorctx->provctx); + if (peerkey == NULL) + goto end; + memcpy(peerkey->pubkey, ct, XOR_KEY_SIZE); + + /* Derive ss via KEX */ + derivectx = xor_newctx(pxorctx->provctx); + if (derivectx == NULL + || !xor_init(derivectx, pxorctx->key) + || !xor_set_peer(derivectx, peerkey) + || !xor_derive(derivectx, ss, sslen, XOR_KEY_SIZE)) + goto end; + + rv = 1; + + end: + xor_freedata(peerkey); + xor_freectx(derivectx); + return rv; +} + +static const OSSL_DISPATCH xor_kem_functions[] = { + { OSSL_FUNC_KEM_NEWCTX, (void (*)(void))xor_newctx }, + { OSSL_FUNC_KEM_FREECTX, (void (*)(void))xor_freectx }, + { OSSL_FUNC_KEM_DUPCTX, (void (*)(void))xor_dupctx }, + { OSSL_FUNC_KEM_ENCAPSULATE_INIT, (void (*)(void))xor_init }, + { OSSL_FUNC_KEM_ENCAPSULATE, (void (*)(void))xor_encapsulate }, + { OSSL_FUNC_KEM_DECAPSULATE_INIT, (void (*)(void))xor_init }, + { OSSL_FUNC_KEM_DECAPSULATE, (void (*)(void))xor_decapsulate }, + { 0, NULL } +}; + +static const OSSL_ALGORITHM tls_prov_kem[] = { + /* + * Obviously this is not FIPS approved, but in order to test in conjuction + * with the FIPS provider we pretend that it is. + */ + { "XOR", "provider=tls-provider,fips=yes", xor_kem_functions }, + { NULL, NULL, NULL } +}; + +/* Key Management for the dummy XOR key exchange algorithm */ static void *xor_newdata(void *provctx) { @@ -269,7 +473,7 @@ static ossl_inline int xor_get_params(void *vkey, OSSL_PARAM params[]) return 0; if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_BITS)) != NULL - && !OSSL_PARAM_set_int(p, secbits)) + && !OSSL_PARAM_set_int(p, xor_group.secbits)) return 0; if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) { @@ -355,7 +559,8 @@ static int xor_gen_set_params(void *genctx, const OSSL_PARAM params[]) p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_GROUP_NAME); if (p != NULL) { if (p->data_type != OSSL_PARAM_UTF8_STRING - || strcmp(p->data, GROUP_NAME_INTERNAL) != 0) + || (strcmp(p->data, XORGROUP_NAME_INTERNAL) != 0 + && strcmp(p->data, XORKEMGROUP_NAME_INTERNAL) != 0)) return 0; } @@ -435,6 +640,8 @@ static const OSSL_ALGORITHM *tls_prov_query(void *provctx, int operation_id, return tls_prov_keymgmt; case OSSL_OP_KEYEXCH: return tls_prov_keyexch; + case OSSL_OP_KEM: + return tls_prov_kem; } return NULL; } @@ -447,19 +654,19 @@ static const OSSL_DISPATCH tls_prov_dispatch_table[] = { { 0, NULL } }; -int tls_provider_init(const OSSL_CORE_HANDLE *handle, - const OSSL_DISPATCH *in, - const OSSL_DISPATCH **out, - void **provctx) +static +unsigned int randomize_tls_group_id(OPENSSL_CTX *libctx) { - OPENSSL_CTX *libctx = OPENSSL_CTX_new(); - - *provctx = libctx; - /* * Randomise the group_id we're going to use to ensure we don't interoperate * with anything but ourselves. */ + unsigned int group_id; + static unsigned int mem[10] = { 0 }; + static int in_mem = 0; + int i; + + retry: if (!RAND_bytes_ex(libctx, (unsigned char *)&group_id, sizeof(group_id))) return 0; /* @@ -469,6 +676,33 @@ int tls_provider_init(const OSSL_CORE_HANDLE *handle, group_id %= 65279 - 65024; group_id += 65024; + /* Ensure we did not already issue this group_id */ + for (i = 0; i < in_mem; i++) + if (mem[i] == group_id) + goto retry; + + /* Add this group_id to the list of ids issued by this function */ + mem[in_mem++] = group_id; + + return group_id; +} + +int tls_provider_init(const OSSL_CORE_HANDLE *handle, + const OSSL_DISPATCH *in, + const OSSL_DISPATCH **out, + void **provctx) +{ + OPENSSL_CTX *libctx = OPENSSL_CTX_new(); + + *provctx = libctx; + + /* + * Randomise the group_id we're going to use to ensure we don't interoperate + * with anything but ourselves. + */ + xor_group.group_id = randomize_tls_group_id(libctx); + xor_kemgroup.group_id = randomize_tls_group_id(libctx); + *out = tls_prov_dispatch_table; return 1; } From builds at travis-ci.com Wed Oct 14 17:44:26 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 14 Oct 2020 17:44:26 +0000 Subject: Still Failing: openssl/openssl#38039 (master - 5b70206) In-Reply-To: Message-ID: <5f8738fa7b65f_13fa34bcc6f2c467750@travis-pro-tasks-9fdd9df5-cqsjz.mail> Build Update for openssl/openssl ------------------------------------- Build: #38039 Status: Still Failing Duration: 1 hr, 25 mins, and 51 secs Commit: 5b70206 (master) Author: Nicola Tuveri Message: [test][tls-provider] Implement KEM algorithm Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13018) View the changeset: https://github.com/openssl/openssl/compare/47690cd4ceb3...5b70206cb316 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190066433?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 14 18:28:40 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 14 Oct 2020 18:28:40 +0000 Subject: Build failed: openssl master.37507 Message-ID: <20201014182840.1.8A94ED7403A7E34F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 14 18:56:26 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 14 Oct 2020 18:56:26 +0000 Subject: Build failed: openssl master.37508 Message-ID: <20201014185626.1.B87B3F0833939980@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 14 19:23:29 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 19:23:29 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1602703409.892199.14394.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 732 wallclock secs (14.15 usr 1.32 sys + 630.52 cusr 60.04 csys = 706.03 CPU) Result: FAIL Makefile:3194: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3192: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 14 21:42:37 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 14 Oct 2020 21:42:37 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1602711757.992282.7836.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 573 wallclock secs ( 9.62 usr 1.27 sys + 518.94 cusr 46.64 csys = 576.47 CPU) Result: FAIL Makefile:2399: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2397: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 15 03:35:31 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 03:35:31 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1602732931.784079.30649.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4286: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3144: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Thu Oct 15 04:21:52 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 04:21:52 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1602735712.288552.6300.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C0C039A64B7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 729 wallclock secs (14.60 usr 1.26 sys + 660.56 cusr 61.47 csys = 737.89 CPU) Result: FAIL Makefile:3174: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3172: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 15 04:48:05 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 15 Oct 2020 04:48:05 +0000 Subject: Build failed: openssl master.37509 Message-ID: <20201015044805.1.EE56A11B6B09B238@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 15 06:52:36 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 15 Oct 2020 06:52:36 +0000 Subject: Build completed: openssl master.37510 Message-ID: <20201015065236.1.C72528DA53F066E8@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 15 08:25:47 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 08:25:47 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1602750347.478102.8074.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c ../openssl/apps/lib/engine.c:46:13: error: implicitly declaring library function 'strcmp' with type 'int (const char *, const char *)' [-Werror,-Wimplicit-function-declaration] if (strcmp(id, "auto") == 0) { ^ ../openssl/apps/lib/engine.c:46:13: note: include the header or explicitly provide a declaration for 'strcmp' 1 error generated. Makefile:4283: recipe for target 'apps/lib/libapps-lib-engine.o' failed make[1]: *** [apps/lib/libapps-lib-engine.o] Error 1 make[1]: *** Waiting for unfinished jobs.... ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4299: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3157: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From matt at openssl.org Thu Oct 15 09:09:34 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 09:09:34 +0000 Subject: [openssl] master update Message-ID: <1602752974.844646.14311.nullmailer@dev.openssl.org> The branch master has been updated via 29000e43ea257bf54f6ccb2064b3744853b821b2 (commit) via 0d30e15a57fdd9c27a9148c17289a1005345f0c7 (commit) via 7022d9b9032794330cd2d753f077670db95d33d4 (commit) via 9ab7fe483629704b09dc43c1998e0e489615390f (commit) via 0b3a4ef27a6c2a427dc2d4a87c52677d57c90f4c (commit) via 99b3b762c33fad9383cb2d1791be9c9f7d44710a (commit) from 5b70206cb316024c6dc30ce54f585ce5cf001a56 (commit) - Log ----------------------------------------------------------------- commit 29000e43ea257bf54f6ccb2064b3744853b821b2 Author: Matt Caswell Date: Mon Oct 12 17:12:03 2020 +0100 Make evp_pkey_ctx_get0_libctx/propq public API These were previously added as an internal API. But since the CMS code needs them, other code might do too. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) commit 0d30e15a57fdd9c27a9148c17289a1005345f0c7 Author: Matt Caswell Date: Tue Oct 6 17:02:45 2020 +0100 Remove some more CMS key downgrades Fixes #12983 Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) commit 7022d9b9032794330cd2d753f077670db95d33d4 Author: Matt Caswell Date: Wed Oct 7 15:59:28 2020 +0100 Remove CMS recipient info information out of the algorithm implementations Low level algorithm implementations have no business knowing about details of the higher level CMS concept. This knowledge is therefore moved into the CMS layer. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) commit 9ab7fe483629704b09dc43c1998e0e489615390f Author: Matt Caswell Date: Wed Oct 7 14:45:22 2020 +0100 Move CMS signing code out of the algorithms and into CMS There is a large amount of CMS sepcific code in the algorithms. This is in the wrong place and breaks layering. This code should be in the CMS layer. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) commit 0b3a4ef27a6c2a427dc2d4a87c52677d57c90f4c Author: Matt Caswell Date: Tue Oct 6 16:02:43 2020 +0100 Move CMS enveloping code out of the algorithms and into CMS There is quite a large amount of algorithm specific CMS code sitting in the algorithm directories. However, this seems to break layering. Algorithms really have no business knowing anything about CMS. Really it should be the other way around. Where there is algorithm specific CMS code it is the CMS layer that should know how to handle different algorithms. Therefore we move this code into the CMS layer. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) commit 99b3b762c33fad9383cb2d1791be9c9f7d44710a Author: Matt Caswell Date: Fri Oct 2 11:25:25 2020 +0100 Remove a CMS key downgrade We were downgrading a key in the CMS code. This is no longer necessary. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) ----------------------------------------------------------------------- Summary of changes: apps/cms.c | 14 -- crypto/asn1/asn1_err.c | 1 + crypto/asn1/x_algor.c | 63 +++++ crypto/cms/build.info | 9 +- crypto/cms/cms_dh.c | 320 ++++++++++++++++++++++++++ crypto/cms/cms_ec.c | 419 ++++++++++++++++++++++++++++++++++ crypto/cms/cms_env.c | 29 +++ crypto/cms/cms_err.c | 12 + crypto/cms/cms_kari.c | 46 ---- crypto/cms/cms_local.h | 6 + crypto/cms/cms_rsa.c | 253 ++++++++++++++++++++ crypto/cms/cms_sd.c | 9 + crypto/dh/dh_ameth.c | 334 +-------------------------- crypto/dsa/dsa_ameth.c | 22 -- crypto/ec/ec_ameth.c | 358 ----------------------------- crypto/err/openssl.txt | 9 + crypto/evp/pmeth_lib.c | 10 + crypto/rsa/rsa_ameth.c | 338 ++------------------------- doc/man3/EVP_PKEY_CTX_get0_libctx.pod | 45 ++++ include/crypto/asn1.h | 5 + include/crypto/rsa.h | 4 + include/openssl/asn1err.h | 1 + include/openssl/cmserr.h | 8 + include/openssl/evp.h | 3 + util/libcrypto.num | 2 + 25 files changed, 1228 insertions(+), 1092 deletions(-) create mode 100644 crypto/cms/cms_dh.c create mode 100644 crypto/cms/cms_ec.c create mode 100644 crypto/cms/cms_rsa.c create mode 100644 doc/man3/EVP_PKEY_CTX_get0_libctx.pod diff --git a/apps/cms.c b/apps/cms.c index 91d951980d..37b1e96a14 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -862,13 +862,6 @@ int cms_main(int argc, char **argv) key = load_key(keyfile, keyform, 0, passin, e, "signing key"); if (key == NULL) goto end; - - /* - * TODO: Remove this when CMS has full support for provider-native - * EVP_PKEYs - */ - if (EVP_PKEY_get0(key) == NULL) - goto end; } in = bio_open_default(infile, 'r', informat); @@ -1067,13 +1060,6 @@ int cms_main(int argc, char **argv) goto end; } - /* - * TODO: Remove this when CMS has full support for provider-native - * EVP_PKEYs - */ - if (EVP_PKEY_get0(key) == NULL) - goto end; - for (kparam = key_first; kparam; kparam = kparam->next) { if (kparam->idx == i) { tflags |= CMS_KEY_PARAM; diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index 6a599bc067..814cd91373 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -171,6 +171,7 @@ static const ERR_STRING_DATA ASN1_str_reasons[] = { {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNEXPECTED_EOC), "unexpected eoc"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), "universalstring is wrong length"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_DIGEST), "unknown digest"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_FORMAT), "unknown format"}, {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), "unknown message digest algorithm"}, diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index f29d26d91c..7e198a558c 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -11,6 +11,8 @@ #include #include #include +#include +#include "crypto/asn1.h" #include "crypto/evp.h" ASN1_SEQUENCE(X509_ALGOR) = { @@ -125,3 +127,64 @@ int X509_ALGOR_copy(X509_ALGOR *dest, const X509_ALGOR *src) return 1; } + +/* allocate and set algorithm ID from EVP_MD, default SHA1 */ +int x509_algor_new_from_md(X509_ALGOR **palg, const EVP_MD *md) +{ + /* Default is SHA1 so no need to create it - still success */ + if (md == NULL || EVP_MD_is_a(md, "SHA1")) + return 1; + *palg = X509_ALGOR_new(); + if (*palg == NULL) + return 0; + X509_ALGOR_set_md(*palg, md); + return 1; +} + +/* convert algorithm ID to EVP_MD, default SHA1 */ +const EVP_MD *x509_algor_get_md(X509_ALGOR *alg) +{ + const EVP_MD *md; + + if (alg == NULL) + return EVP_sha1(); + md = EVP_get_digestbyobj(alg->algorithm); + if (md == NULL) + ASN1err(0, ASN1_R_UNKNOWN_DIGEST); + return md; +} + +X509_ALGOR *x509_algor_mgf1_decode(X509_ALGOR *alg) +{ + if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) + return NULL; + return ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(X509_ALGOR), + alg->parameter); +} + +/* Allocate and set MGF1 algorithm ID from EVP_MD */ +int x509_algor_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md) +{ + X509_ALGOR *algtmp = NULL; + ASN1_STRING *stmp = NULL; + + *palg = NULL; + if (mgf1md == NULL || EVP_MD_is_a(mgf1md, "SHA1")) + return 1; + /* need to embed algorithm ID inside another */ + if (!x509_algor_new_from_md(&algtmp, mgf1md)) + goto err; + if (ASN1_item_pack(algtmp, ASN1_ITEM_rptr(X509_ALGOR), &stmp) == NULL) + goto err; + *palg = X509_ALGOR_new(); + if (*palg == NULL) + goto err; + X509_ALGOR_set0(*palg, OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp); + stmp = NULL; + err: + ASN1_STRING_free(stmp); + X509_ALGOR_free(algtmp); + if (*palg != NULL) + return 1; + return 0; +} diff --git a/crypto/cms/build.info b/crypto/cms/build.info index cb675436ef..c7579f78c1 100644 --- a/crypto/cms/build.info +++ b/crypto/cms/build.info @@ -2,4 +2,11 @@ LIBS=../../libcrypto SOURCE[../../libcrypto]= \ cms_lib.c cms_asn1.c cms_att.c cms_io.c cms_smime.c cms_err.c \ cms_sd.c cms_dd.c cms_cd.c cms_env.c cms_enc.c cms_ess.c \ - cms_pwri.c cms_kari.c + cms_pwri.c cms_kari.c cms_rsa.c + +IF[{- !$disabled{dh} -}] + SOURCE[../../libcrypto]=cms_dh.c +ENDIF +IF[{- !$disabled{ec} || !$disabled{dsa}-}] + SOURCE[../../libcrypto]=cms_ec.c +ENDIF diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c new file mode 100644 index 0000000000..0d9eac50b3 --- /dev/null +++ b/crypto/cms/cms_dh.c @@ -0,0 +1,320 @@ +/* + * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include +#include "cms_local.h" + +static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx, + X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) +{ + const ASN1_OBJECT *aoid; + int atype; + const void *aval; + ASN1_INTEGER *public_key = NULL; + int rv = 0; + EVP_PKEY *pkpeer = NULL, *pk = NULL; + const unsigned char *p; + int plen; + + X509_ALGOR_get0(&aoid, &atype, &aval, alg); + if (OBJ_obj2nid(aoid) != NID_dhpublicnumber) + goto err; + /* Only absent parameters allowed in RFC XXXX */ + if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL) + goto err; + + pk = EVP_PKEY_CTX_get0_pkey(pctx); + if (pk == NULL || !EVP_PKEY_is_a(pk, "DHX")) + goto err; + + /* Get public key */ + plen = ASN1_STRING_length(pubkey); + p = ASN1_STRING_get0_data(pubkey); + if (p == NULL || plen == 0) + goto err; + + pkpeer = EVP_PKEY_new(); + if (pkpeer == NULL + || !EVP_PKEY_copy_parameters(pkpeer, pk) + /* + * TODO(3.0): This is badly named!! Can we make this more + * generic and not TLS specific? + */ + || !EVP_PKEY_set1_tls_encodedpoint(pkpeer, p, plen)) + goto err; + + if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) + rv = 1; + err: + ASN1_INTEGER_free(public_key); + EVP_PKEY_free(pkpeer); + return rv; +} + +static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) +{ + int rv = 0; + X509_ALGOR *alg, *kekalg = NULL; + ASN1_OCTET_STRING *ukm; + const unsigned char *p; + unsigned char *dukm = NULL; + size_t dukmlen = 0; + int keylen, plen; + const EVP_CIPHER *kekcipher; + EVP_CIPHER_CTX *kekctx; + + if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) + goto err; + + /* + * For DH we only have one OID permissible. If ever any more get defined + * we will need something cleverer. + */ + if (OBJ_obj2nid(alg->algorithm) != NID_id_smime_alg_ESDH) { + CMSerr(0, CMS_R_KDF_PARAMETER_ERROR); + goto err; + } + + if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, EVP_PKEY_DH_KDF_X9_42) <= 0 + || EVP_PKEY_CTX_set_dh_kdf_md(pctx, EVP_sha1()) <= 0) + goto err; + + if (alg->parameter->type != V_ASN1_SEQUENCE) + goto err; + + p = alg->parameter->value.sequence->data; + plen = alg->parameter->value.sequence->length; + kekalg = d2i_X509_ALGOR(NULL, &p, plen); + if (kekalg == NULL) + goto err; + kekctx = CMS_RecipientInfo_kari_get0_ctx(ri); + if (kekctx == NULL) + goto err; + kekcipher = EVP_get_cipherbyobj(kekalg->algorithm); + if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE) + goto err; + if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL)) + goto err; + if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) + goto err; + + keylen = EVP_CIPHER_CTX_key_length(kekctx); + if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0) + goto err; + /* Use OBJ_nid2obj to ensure we use built in OID that isn't freed */ + if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx, + OBJ_nid2obj(EVP_CIPHER_type(kekcipher))) + <= 0) + goto err; + + if (ukm != NULL) { + dukmlen = ASN1_STRING_length(ukm); + dukm = OPENSSL_memdup(ASN1_STRING_get0_data(ukm), dukmlen); + if (dukm == NULL) + goto err; + } + + if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0) + goto err; + dukm = NULL; + + rv = 1; + err: + X509_ALGOR_free(kekalg); + OPENSSL_free(dukm); + return rv; +} + +static int dh_cms_decrypt(CMS_RecipientInfo *ri) +{ + EVP_PKEY_CTX *pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + + if (pctx == NULL) + return 0; + /* See if we need to set peer key */ + if (!EVP_PKEY_CTX_get0_peerkey(pctx)) { + X509_ALGOR *alg; + ASN1_BIT_STRING *pubkey; + + if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey, + NULL, NULL, NULL)) + return 0; + if (alg == NULL || pubkey == NULL) + return 0; + if (!dh_cms_set_peerkey(pctx, alg, pubkey)) { + DHerr(DH_F_DH_CMS_DECRYPT, DH_R_PEER_KEY_ERROR); + return 0; + } + } + /* Set DH derivation parameters and initialise unwrap context */ + if (!dh_cms_set_shared_info(pctx, ri)) { + DHerr(DH_F_DH_CMS_DECRYPT, DH_R_SHARED_INFO_ERROR); + return 0; + } + return 1; +} + +static int dh_cms_encrypt(CMS_RecipientInfo *ri) +{ + EVP_PKEY_CTX *pctx; + EVP_PKEY *pkey; + EVP_CIPHER_CTX *ctx; + int keylen; + X509_ALGOR *talg, *wrap_alg = NULL; + const ASN1_OBJECT *aoid; + ASN1_BIT_STRING *pubkey; + ASN1_STRING *wrap_str; + ASN1_OCTET_STRING *ukm; + unsigned char *penc = NULL, *dukm = NULL; + int penclen; + size_t dukmlen = 0; + int rv = 0; + int kdf_type, wrap_nid; + const EVP_MD *kdf_md; + + pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + if (pctx == NULL) + return 0; + /* Get ephemeral key */ + pkey = EVP_PKEY_CTX_get0_pkey(pctx); + if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey, + NULL, NULL, NULL)) + goto err; + + /* Is everything uninitialised? */ + X509_ALGOR_get0(&aoid, NULL, NULL, talg); + if (aoid == OBJ_nid2obj(NID_undef)) { + BIGNUM *bn_pub_key = NULL; + ASN1_INTEGER *pubk; + + if (!EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, &bn_pub_key)) + goto err; + + pubk = BN_to_ASN1_INTEGER(bn_pub_key, NULL); + BN_free(bn_pub_key); + if (pubk == NULL) + goto err; + + /* Set the key */ + penclen = i2d_ASN1_INTEGER(pubk, &penc); + ASN1_INTEGER_free(pubk); + if (penclen <= 0) + goto err; + ASN1_STRING_set0(pubkey, penc, penclen); + pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); + pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT; + + penc = NULL; + X509_ALGOR_set0(talg, OBJ_nid2obj(NID_dhpublicnumber), + V_ASN1_UNDEF, NULL); + } + + /* See if custom parameters set */ + kdf_type = EVP_PKEY_CTX_get_dh_kdf_type(pctx); + if (kdf_type <= 0 || !EVP_PKEY_CTX_get_dh_kdf_md(pctx, &kdf_md)) + goto err; + + if (kdf_type == EVP_PKEY_DH_KDF_NONE) { + kdf_type = EVP_PKEY_DH_KDF_X9_42; + if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, kdf_type) <= 0) + goto err; + } else if (kdf_type != EVP_PKEY_DH_KDF_X9_42) + /* Unknown KDF */ + goto err; + if (kdf_md == NULL) { + /* Only SHA1 supported */ + kdf_md = EVP_sha1(); + if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, kdf_md) <= 0) + goto err; + } else if (EVP_MD_type(kdf_md) != NID_sha1) + /* Unsupported digest */ + goto err; + + if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm)) + goto err; + + /* Get wrap NID */ + ctx = CMS_RecipientInfo_kari_get0_ctx(ri); + wrap_nid = EVP_CIPHER_CTX_type(ctx); + if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx, OBJ_nid2obj(wrap_nid)) <= 0) + goto err; + keylen = EVP_CIPHER_CTX_key_length(ctx); + + /* Package wrap algorithm in an AlgorithmIdentifier */ + + wrap_alg = X509_ALGOR_new(); + if (wrap_alg == NULL) + goto err; + wrap_alg->algorithm = OBJ_nid2obj(wrap_nid); + wrap_alg->parameter = ASN1_TYPE_new(); + if (wrap_alg->parameter == NULL) + goto err; + if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0) + goto err; + if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) { + ASN1_TYPE_free(wrap_alg->parameter); + wrap_alg->parameter = NULL; + } + + if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0) + goto err; + + if (ukm != NULL) { + dukmlen = ASN1_STRING_length(ukm); + dukm = OPENSSL_memdup(ASN1_STRING_get0_data(ukm), dukmlen); + if (dukm == NULL) + goto err; + } + + if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0) + goto err; + dukm = NULL; + + /* + * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter + * of another AlgorithmIdentifier. + */ + penc = NULL; + penclen = i2d_X509_ALGOR(wrap_alg, &penc); + if (penc == NULL || penclen == 0) + goto err; + wrap_str = ASN1_STRING_new(); + if (wrap_str == NULL) + goto err; + ASN1_STRING_set0(wrap_str, penc, penclen); + penc = NULL; + X509_ALGOR_set0(talg, OBJ_nid2obj(NID_id_smime_alg_ESDH), + V_ASN1_SEQUENCE, wrap_str); + + rv = 1; + + err: + OPENSSL_free(penc); + X509_ALGOR_free(wrap_alg); + OPENSSL_free(dukm); + return rv; +} + +int cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt) +{ + assert(decrypt == 0 || decrypt == 1); + + if (decrypt == 1) + return dh_cms_decrypt(ri); + + if (decrypt == 0) + return dh_cms_encrypt(ri); + + CMSerr(0, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + return 0; +} diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c new file mode 100644 index 0000000000..ca2294ebc3 --- /dev/null +++ b/crypto/cms/cms_ec.c @@ -0,0 +1,419 @@ +/* + * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include +#include "cms_local.h" +#include "crypto/evp.h" + +#ifndef OPENSSL_NO_EC +static EVP_PKEY *pkey_type2param(int ptype, const void *pval, + OPENSSL_CTX *libctx, const char *propq) +{ + EVP_PKEY *pkey = NULL; + EVP_PKEY_CTX *pctx = NULL; + + if (ptype == V_ASN1_SEQUENCE) { + const ASN1_STRING *pstr = pval; + const unsigned char *pm = pstr->data; + int pmlen = pstr->length; + OSSL_DECODER_CTX *ctx = NULL; + BIO *membio = NULL; + + /* TODO(3.0): Need to be able to specify here that only params will do */ + ctx = OSSL_DECODER_CTX_new_by_EVP_PKEY(&pkey, "DER", "EC", libctx, + propq); + if (ctx == NULL) + goto err; + + membio = BIO_new_mem_buf(pm, pmlen); + if (membio == NULL) { + OSSL_DECODER_CTX_free(ctx); + goto err; + } + OSSL_DECODER_from_bio(ctx, membio); + BIO_free(membio); + OSSL_DECODER_CTX_free(ctx); + } else if (ptype == V_ASN1_OBJECT) { + const ASN1_OBJECT *poid = pval; + const char *groupname; + + /* type == V_ASN1_OBJECT => the parameters are given by an asn1 OID */ + pctx = EVP_PKEY_CTX_new_from_name(libctx, "EC", propq); + if (pctx == NULL || EVP_PKEY_paramgen_init(pctx) <= 0) + goto err; + groupname = OBJ_nid2sn(OBJ_obj2nid(poid)); + if (groupname == NULL + || !EVP_PKEY_CTX_set_group_name(pctx, groupname)) { + CMSerr(0, CMS_R_DECODE_ERROR); + goto err; + } + if (EVP_PKEY_paramgen(pctx, &pkey) <= 0) + goto err; + } else { + CMSerr(0, CMS_R_DECODE_ERROR); + goto err; + } + + return pkey; + + err: + EVP_PKEY_free(pkey); + EVP_PKEY_CTX_free(pctx); + return NULL; +} + +static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx, + X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) +{ + const ASN1_OBJECT *aoid; + int atype; + const void *aval; + int rv = 0; + EVP_PKEY *pkpeer = NULL; + const unsigned char *p; + int plen; + + X509_ALGOR_get0(&aoid, &atype, &aval, alg); + if (OBJ_obj2nid(aoid) != NID_X9_62_id_ecPublicKey) + goto err; + + /* If absent parameters get group from main key */ + if (atype == V_ASN1_UNDEF || atype == V_ASN1_NULL) { + EVP_PKEY *pk; + + pk = EVP_PKEY_CTX_get0_pkey(pctx); + if (pk == NULL) + goto err; + + pkpeer = EVP_PKEY_new(); + if (pkpeer == NULL) + goto err; + if (!EVP_PKEY_copy_parameters(pkpeer, pk)) + goto err; + } else { + pkpeer = pkey_type2param(atype, aval, + EVP_PKEY_CTX_get0_libctx(pctx), + EVP_PKEY_CTX_get0_propq(pctx)); + if (pkpeer == NULL) + goto err; + } + /* We have parameters now set public key */ + plen = ASN1_STRING_length(pubkey); + p = ASN1_STRING_get0_data(pubkey); + if (p == NULL || plen == 0) + goto err; + + /* TODO(3.0): Terrible name. We need a non-tls specific name */ + if (!EVP_PKEY_set1_tls_encodedpoint(pkpeer, p, plen)) + goto err; + + if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) + rv = 1; + err: + EVP_PKEY_free(pkpeer); + return rv; +} + +/* Set KDF parameters based on KDF NID */ +static int ecdh_cms_set_kdf_param(EVP_PKEY_CTX *pctx, int eckdf_nid) +{ + int kdf_nid, kdfmd_nid, cofactor; + const EVP_MD *kdf_md; + + if (eckdf_nid == NID_undef) + return 0; + + /* Lookup KDF type, cofactor mode and digest */ + if (!OBJ_find_sigid_algs(eckdf_nid, &kdfmd_nid, &kdf_nid)) + return 0; + + if (kdf_nid == NID_dh_std_kdf) + cofactor = 0; + else if (kdf_nid == NID_dh_cofactor_kdf) + cofactor = 1; + else + return 0; + + if (EVP_PKEY_CTX_set_ecdh_cofactor_mode(pctx, cofactor) <= 0) + return 0; + + if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) + return 0; + + kdf_md = EVP_get_digestbynid(kdfmd_nid); + if (!kdf_md) + return 0; + + if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0) + return 0; + return 1; +} + +static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) +{ + int rv = 0; + X509_ALGOR *alg, *kekalg = NULL; + ASN1_OCTET_STRING *ukm; + const unsigned char *p; + unsigned char *der = NULL; + int plen, keylen; + EVP_CIPHER *kekcipher = NULL; + EVP_CIPHER_CTX *kekctx; + const char *name; + + if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) + return 0; + + if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) { + CMSerr(0, CMS_R_KDF_PARAMETER_ERROR); + return 0; + } + + if (alg->parameter->type != V_ASN1_SEQUENCE) + return 0; + + p = alg->parameter->value.sequence->data; + plen = alg->parameter->value.sequence->length; + kekalg = d2i_X509_ALGOR(NULL, &p, plen); + if (kekalg == NULL) + goto err; + kekctx = CMS_RecipientInfo_kari_get0_ctx(ri); + if (kekctx == NULL) + goto err; + name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm)); + kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery); + if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE) + goto err; + if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL)) + goto err; + if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) + goto err; + + keylen = EVP_CIPHER_CTX_key_length(kekctx); + if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0) + goto err; + + plen = CMS_SharedInfo_encode(&der, kekalg, ukm, keylen); + + if (plen <= 0) + goto err; + + if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, der, plen) <= 0) + goto err; + der = NULL; + + rv = 1; + err: + EVP_CIPHER_free(kekcipher); + X509_ALGOR_free(kekalg); + OPENSSL_free(der); + return rv; +} + +static int ecdh_cms_decrypt(CMS_RecipientInfo *ri) +{ + EVP_PKEY_CTX *pctx; + + pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + if (pctx == NULL) + return 0; + /* See if we need to set peer key */ + if (!EVP_PKEY_CTX_get0_peerkey(pctx)) { + X509_ALGOR *alg; + ASN1_BIT_STRING *pubkey; + + if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey, + NULL, NULL, NULL)) + return 0; + if (alg == NULL || pubkey == NULL) + return 0; + if (!ecdh_cms_set_peerkey(pctx, alg, pubkey)) { + CMSerr(0, CMS_R_PEER_KEY_ERROR); + return 0; + } + } + /* Set ECDH derivation parameters and initialise unwrap context */ + if (!ecdh_cms_set_shared_info(pctx, ri)) { + CMSerr(0, CMS_R_SHARED_INFO_ERROR); + return 0; + } + return 1; +} + +static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) +{ + EVP_PKEY_CTX *pctx; + EVP_PKEY *pkey; + EVP_CIPHER_CTX *ctx; + int keylen; + X509_ALGOR *talg, *wrap_alg = NULL; + const ASN1_OBJECT *aoid; + ASN1_BIT_STRING *pubkey; + ASN1_STRING *wrap_str; + ASN1_OCTET_STRING *ukm; + unsigned char *penc = NULL; + size_t penclen; + int rv = 0; + int ecdh_nid, kdf_type, kdf_nid, wrap_nid; + const EVP_MD *kdf_md; + + pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + if (pctx == NULL) + return 0; + /* Get ephemeral key */ + pkey = EVP_PKEY_CTX_get0_pkey(pctx); + if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey, + NULL, NULL, NULL)) + goto err; + X509_ALGOR_get0(&aoid, NULL, NULL, talg); + /* Is everything uninitialised? */ + if (aoid == OBJ_nid2obj(NID_undef)) { + /* Set the key */ + + /* TODO(3.0): Terrible name. Needs a non TLS specific name */ + penclen = EVP_PKEY_get1_tls_encodedpoint(pkey, &penc); + ASN1_STRING_set0(pubkey, penc, penclen); + pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); + pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT; + + penc = NULL; + X509_ALGOR_set0(talg, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), + V_ASN1_UNDEF, NULL); + } + + /* See if custom parameters set */ + kdf_type = EVP_PKEY_CTX_get_ecdh_kdf_type(pctx); + if (kdf_type <= 0) + goto err; + if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) + goto err; + ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx); + if (ecdh_nid < 0) + goto err; + else if (ecdh_nid == 0) + ecdh_nid = NID_dh_std_kdf; + else if (ecdh_nid == 1) + ecdh_nid = NID_dh_cofactor_kdf; + + if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) { + kdf_type = EVP_PKEY_ECDH_KDF_X9_63; + if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0) + goto err; + } else + /* Unknown KDF */ + goto err; + if (kdf_md == NULL) { + /* Fixme later for better MD */ + kdf_md = EVP_sha1(); + if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0) + goto err; + } + + if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm)) + goto err; + + /* Lookup NID for KDF+cofactor+digest */ + + if (!OBJ_find_sigid_by_algs(&kdf_nid, EVP_MD_type(kdf_md), ecdh_nid)) + goto err; + /* Get wrap NID */ + ctx = CMS_RecipientInfo_kari_get0_ctx(ri); + wrap_nid = EVP_CIPHER_CTX_type(ctx); + keylen = EVP_CIPHER_CTX_key_length(ctx); + + /* Package wrap algorithm in an AlgorithmIdentifier */ + + wrap_alg = X509_ALGOR_new(); + if (wrap_alg == NULL) + goto err; + wrap_alg->algorithm = OBJ_nid2obj(wrap_nid); + wrap_alg->parameter = ASN1_TYPE_new(); + if (wrap_alg->parameter == NULL) + goto err; + if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0) + goto err; + if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) { + ASN1_TYPE_free(wrap_alg->parameter); + wrap_alg->parameter = NULL; + } + + if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0) + goto err; + + penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen); + + if (penclen == 0) + goto err; + + if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, penc, penclen) <= 0) + goto err; + penc = NULL; + + /* + * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter + * of another AlgorithmIdentifier. + */ + penclen = i2d_X509_ALGOR(wrap_alg, &penc); + if (penc == NULL || penclen == 0) + goto err; + wrap_str = ASN1_STRING_new(); + if (wrap_str == NULL) + goto err; + ASN1_STRING_set0(wrap_str, penc, penclen); + penc = NULL; + X509_ALGOR_set0(talg, OBJ_nid2obj(kdf_nid), V_ASN1_SEQUENCE, wrap_str); + + rv = 1; + + err: + OPENSSL_free(penc); + X509_ALGOR_free(wrap_alg); + return rv; +} + +int cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt) +{ + assert(decrypt == 0 || decrypt == 1); + + if (decrypt == 1) + return ecdh_cms_decrypt(ri); + + if (decrypt == 0) + return ecdh_cms_encrypt(ri); + + CMSerr(0, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + return 0; +} +#endif + +/* ECDSA and DSA implementation is the same */ +int cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify) +{ + assert(verify == 0 || verify == 1); + + if (verify == 0) { + int snid, hnid; + X509_ALGOR *alg1, *alg2; + EVP_PKEY *pkey = si->pkey; + + CMS_SignerInfo_get0_algs(si, NULL, NULL, &alg1, &alg2); + if (alg1 == NULL || alg1->algorithm == NULL) + return -1; + hnid = OBJ_obj2nid(alg1->algorithm); + if (hnid == NID_undef) + return -1; + if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) + return -1; + X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); + } + return 1; +} diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index b1bba4c2d6..8f3e2db339 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -115,6 +115,21 @@ int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd) return 0; } else return 0; + +#ifndef OPENSSL_NO_DH + if (EVP_PKEY_is_a(pkey, "DHX")) + return cms_dh_envelope(ri, cmd); + else +#endif +#ifndef OPENSSL_NO_EC + if (EVP_PKEY_is_a(pkey, "EC")) + return cms_ecdh_envelope(ri, cmd); + else +#endif + if (EVP_PKEY_is_a(pkey, "RSA")) + return cms_rsa_envelope(ri, cmd); + + /* Something else? We'll give engines etc a chance to handle this */ if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL) return 1; i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri); @@ -1288,6 +1303,20 @@ err: */ int cms_pkey_get_ri_type(EVP_PKEY *pk) { + /* Check types that we know about */ + if (EVP_PKEY_is_a(pk, "DH")) + return CMS_RECIPINFO_AGREE; + else if (EVP_PKEY_is_a(pk, "DSA")) + return CMS_RECIPINFO_NONE; + else if (EVP_PKEY_is_a(pk, "EC")) + return CMS_RECIPINFO_AGREE; + else if (EVP_PKEY_is_a(pk, "RSA")) + return CMS_RECIPINFO_TRANS; + + /* + * Otherwise this might ben an engine implementation, so see if we can get + * the type from the ameth. + */ if (pk->ameth && pk->ameth->pkey_ctrl) { int i, r; i = pk->ameth->pkey_ctrl(pk, ASN1_PKEY_CTRL_CMS_RI_TYPE, 0, &r); diff --git a/crypto/cms/cms_err.c b/crypto/cms/cms_err.c index da14c726c4..fdb2b7f5c8 100644 --- a/crypto/cms/cms_err.c +++ b/crypto/cms/cms_err.c @@ -47,6 +47,7 @@ static const ERR_STRING_DATA CMS_str_reasons[] = { "content verify error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_ERROR), "ctrl error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_CTRL_FAILURE), "ctrl failure"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_DECODE_ERROR), "decode error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_DECRYPT_ERROR), "decrypt error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_ERROR_GETTING_PUBLIC_KEY), "error getting public key"}, @@ -64,6 +65,11 @@ static const ERR_STRING_DATA CMS_str_reasons[] = { {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER), "invalid key encryption parameter"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_KEY_LENGTH), "invalid key length"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_LABEL), "invalid label"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_INVALID_OAEP_PARAMETERS), + "invalid oaep parameters"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_KDF_PARAMETER_ERROR), + "kdf parameter error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MD_BIO_INIT_ERROR), "md bio init error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH), "messagedigest attribute wrong length"}, @@ -102,11 +108,13 @@ static const ERR_STRING_DATA CMS_str_reasons[] = { {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_PUBLIC_KEY), "no public key"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_RECEIPT_REQUEST), "no receipt request"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_NO_SIGNERS), "no signers"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_PEER_KEY_ERROR), "peer key error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE), "private key does not match certificate"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECEIPT_DECODE_ERROR), "receipt decode error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_RECIPIENT_ERROR), "recipient error"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SHARED_INFO_ERROR), "shared info error"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNER_CERTIFICATE_NOT_FOUND), "signer certificate not found"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_SIGNFINAL_ERROR), "signfinal error"}, @@ -131,10 +139,14 @@ static const ERR_STRING_DATA CMS_str_reasons[] = { "unsupported compression algorithm"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_CONTENT_TYPE), "unsupported content type"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_ENCRYPTION_TYPE), + "unsupported encryption type"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEK_ALGORITHM), "unsupported kek algorithm"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM), "unsupported key encryption algorithm"}, + {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_LABEL_SOURCE), + "unsupported label source"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE), "unsupported recipientinfo type"}, {ERR_PACK(ERR_LIB_CMS, 0, CMS_R_UNSUPPORTED_RECIPIENT_TYPE), diff --git a/crypto/cms/cms_kari.c b/crypto/cms/cms_kari.c index 82a03e6c6b..13f7e78d37 100644 --- a/crypto/cms/cms_kari.c +++ b/crypto/cms/cms_kari.c @@ -261,26 +261,6 @@ int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, size_t ceklen; CMS_EncryptedContentInfo *ec; - { - /* - * TODO(3.0) Remove this when we have functionality to deserialize - * parameters in EVP_PKEY form from an X509_ALGOR. - * This is needed to be able to replace the EC_KEY specific decoding - * that happens in ecdh_cms_set_peerkey() (crypto/ec/ec_ameth.c) - * - * THIS IS TEMPORARY - */ - EVP_PKEY_CTX *pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - - EVP_PKEY_get0(pkey); - if (EVP_PKEY_id(pkey) == EVP_PKEY_NONE) { - CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_DECRYPT, - CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - goto err; - } - } - enckeylen = rek->encryptedKey->length; enckey = rek->encryptedKey->data; /* Setup all parameters to derive KEK */ @@ -499,32 +479,6 @@ int cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms, STACK_OF(CMS_RecipientEncryptedKey) *reks; int i; - { - /* - * TODO(3.0) Remove this when we have figured out all the details - * need to set up encryption right. With legacy keys, a *lot* is - * happening in the CMS specific EVP_PKEY_ASN1_METHOD functions, - * such as automatically setting a default KDF type, KDF digest, - * all that kind of stuff. - * With EVP_SIGNATURE, setting a default digest is done by getting - * the default MD for the key, and then inject that back into the - * signature implementation... we could do something similar with - * CMS, possibly using CMS specific OSSL_PARAM keys, just like we - * have for certain AlgorithmIdentifier retrievals. - * - * THIS IS TEMPORARY - */ - EVP_PKEY_CTX *pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - - EVP_PKEY_get0(pkey); - if (EVP_PKEY_id(pkey) == EVP_PKEY_NONE) { - CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, - CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); - return 0; - } - } - if (ri->type != CMS_RECIPINFO_AGREE) { CMSerr(CMS_F_CMS_RECIPIENTINFO_KARI_ENCRYPT, CMS_R_NOT_KEY_AGREEMENT); return 0; diff --git a/crypto/cms/cms_local.h b/crypto/cms/cms_local.h index 336c354655..0b663a9e88 100644 --- a/crypto/cms/cms_local.h +++ b/crypto/cms/cms_local.h @@ -471,6 +471,12 @@ void cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms); /* ESS routines */ int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain); +int cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt); +int cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt); +int cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt); +int cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify); +int cms_rsa_sign(CMS_SignerInfo *si, int verify); + DECLARE_ASN1_ITEM(CMS_CertificateChoices) DECLARE_ASN1_ITEM(CMS_DigestedData) DECLARE_ASN1_ITEM(CMS_EncryptedData) diff --git a/crypto/cms/cms_rsa.c b/crypto/cms/cms_rsa.c new file mode 100644 index 0000000000..88201d7b44 --- /dev/null +++ b/crypto/cms/cms_rsa.c @@ -0,0 +1,253 @@ +/* + * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include +#include +#include +#include "crypto/asn1.h" +#include "crypto/rsa.h" +#include "cms_local.h" + +static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg) +{ + RSA_OAEP_PARAMS *oaep; + + oaep = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(RSA_OAEP_PARAMS), + alg->parameter); + + if (oaep == NULL) + return NULL; + + if (oaep->maskGenFunc != NULL) { + oaep->maskHash = x509_algor_mgf1_decode(oaep->maskGenFunc); + if (oaep->maskHash == NULL) { + RSA_OAEP_PARAMS_free(oaep); + return NULL; + } + } + return oaep; +} + +static int rsa_cms_decrypt(CMS_RecipientInfo *ri) +{ + EVP_PKEY_CTX *pkctx; + X509_ALGOR *cmsalg; + int nid; + int rv = -1; + unsigned char *label = NULL; + int labellen = 0; + const EVP_MD *mgf1md = NULL, *md = NULL; + RSA_OAEP_PARAMS *oaep; + + pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + if (pkctx == NULL) + return 0; + if (!CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &cmsalg)) + return -1; + nid = OBJ_obj2nid(cmsalg->algorithm); + if (nid == NID_rsaEncryption) + return 1; + if (nid != NID_rsaesOaep) { + CMSerr(0, CMS_R_UNSUPPORTED_ENCRYPTION_TYPE); + return -1; + } + /* Decode OAEP parameters */ + oaep = rsa_oaep_decode(cmsalg); + + if (oaep == NULL) { + CMSerr(0, CMS_R_INVALID_OAEP_PARAMETERS); + goto err; + } + + mgf1md = x509_algor_get_md(oaep->maskHash); + if (mgf1md == NULL) + goto err; + md = x509_algor_get_md(oaep->hashFunc); + if (md == NULL) + goto err; + + if (oaep->pSourceFunc != NULL) { + X509_ALGOR *plab = oaep->pSourceFunc; + + if (OBJ_obj2nid(plab->algorithm) != NID_pSpecified) { + CMSerr(0, CMS_R_UNSUPPORTED_LABEL_SOURCE); + goto err; + } + if (plab->parameter->type != V_ASN1_OCTET_STRING) { + CMSerr(0, CMS_R_INVALID_LABEL); + goto err; + } + + label = plab->parameter->value.octet_string->data; + /* Stop label being freed when OAEP parameters are freed */ + plab->parameter->value.octet_string->data = NULL; + labellen = plab->parameter->value.octet_string->length; + } + + if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0) + goto err; + if (EVP_PKEY_CTX_set_rsa_oaep_md(pkctx, md) <= 0) + goto err; + if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) + goto err; + if (label != NULL + && EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) + goto err; + /* Carry on */ + rv = 1; + + err: + RSA_OAEP_PARAMS_free(oaep); + return rv; +} + +static int rsa_cms_encrypt(CMS_RecipientInfo *ri) +{ + const EVP_MD *md, *mgf1md; + RSA_OAEP_PARAMS *oaep = NULL; + ASN1_STRING *os = NULL; + X509_ALGOR *alg; + EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri); + int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen; + unsigned char *label; + + if (CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg) <= 0) + return 0; + if (pkctx != NULL) { + if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0) + return 0; + } + if (pad_mode == RSA_PKCS1_PADDING) { + X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0); + return 1; + } + /* Not supported */ + if (pad_mode != RSA_PKCS1_OAEP_PADDING) + return 0; + if (EVP_PKEY_CTX_get_rsa_oaep_md(pkctx, &md) <= 0) + goto err; + if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0) + goto err; + labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkctx, &label); + if (labellen < 0) + goto err; + oaep = RSA_OAEP_PARAMS_new(); + if (oaep == NULL) + goto err; + if (!x509_algor_new_from_md(&oaep->hashFunc, md)) + goto err; + if (!x509_algor_md_to_mgf1(&oaep->maskGenFunc, mgf1md)) + goto err; + if (labellen > 0) { + ASN1_OCTET_STRING *los; + + oaep->pSourceFunc = X509_ALGOR_new(); + if (oaep->pSourceFunc == NULL) + goto err; + los = ASN1_OCTET_STRING_new(); + if (los == NULL) + goto err; + if (!ASN1_OCTET_STRING_set(los, label, labellen)) { + ASN1_OCTET_STRING_free(los); + goto err; + } + X509_ALGOR_set0(oaep->pSourceFunc, OBJ_nid2obj(NID_pSpecified), + V_ASN1_OCTET_STRING, los); + } + /* create string with pss parameter encoding. */ + if (!ASN1_item_pack(oaep, ASN1_ITEM_rptr(RSA_OAEP_PARAMS), &os)) + goto err; + X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaesOaep), V_ASN1_SEQUENCE, os); + os = NULL; + rv = 1; + err: + RSA_OAEP_PARAMS_free(oaep); + ASN1_STRING_free(os); + return rv; +} + +int cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt) +{ + assert(decrypt == 0 || decrypt == 1); + + if (decrypt == 1) + return rsa_cms_decrypt(ri); + + if (decrypt == 0) + return rsa_cms_encrypt(ri); + + CMSerr(0, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + return 0; +} + +static int rsa_cms_sign(CMS_SignerInfo *si) +{ + int pad_mode = RSA_PKCS1_PADDING; + X509_ALGOR *alg; + EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si); + ASN1_STRING *os = NULL; + + CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg); + if (pkctx != NULL) { + if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0) + return 0; + } + if (pad_mode == RSA_PKCS1_PADDING) { + X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0); + return 1; + } + /* We don't support it */ + if (pad_mode != RSA_PKCS1_PSS_PADDING) + return 0; + os = ossl_rsa_ctx_to_pss_string(pkctx); + if (os == NULL) + return 0; + X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os); + return 1; +} + +static int rsa_cms_verify(CMS_SignerInfo *si) +{ + int nid, nid2; + X509_ALGOR *alg; + EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si); + EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pkctx); + + CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg); + nid = OBJ_obj2nid(alg->algorithm); + if (nid == EVP_PKEY_RSA_PSS) + return ossl_rsa_pss_to_ctx(NULL, pkctx, alg, NULL); + /* Only PSS allowed for PSS keys */ + if (EVP_PKEY_is_a(pkey, "RSA-PSS")) { + RSAerr(RSA_F_RSA_CMS_VERIFY, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); + return 0; + } + if (nid == NID_rsaEncryption) + return 1; + /* Workaround for some implementation that use a signature OID */ + if (OBJ_find_sigid_algs(nid, NULL, &nid2)) { + if (nid2 == NID_rsaEncryption) + return 1; + } + return 0; +} + +int cms_rsa_sign(CMS_SignerInfo *si, int verify) +{ + assert(verify == 0 || verify == 1); + + if (verify == 1) + return rsa_cms_verify(si); + + if (verify == 0) + return rsa_cms_sign(si); + + CMSerr(0, CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE); + return 0; +} diff --git a/crypto/cms/cms_sd.c b/crypto/cms/cms_sd.c index 1338211072..377fac5917 100644 --- a/crypto/cms/cms_sd.c +++ b/crypto/cms/cms_sd.c @@ -233,6 +233,15 @@ static int cms_sd_asn1_ctrl(CMS_SignerInfo *si, int cmd) EVP_PKEY *pkey = si->pkey; int i; +#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_EC) + if (EVP_PKEY_is_a(pkey, "DSA") || EVP_PKEY_is_a(pkey, "EC")) + return cms_ecdsa_dsa_sign(si, cmd); + else +#endif + if (EVP_PKEY_is_a(pkey, "RSA") || EVP_PKEY_is_a(pkey, "RSA-PSS")) + return cms_rsa_sign(si, cmd); + + /* Something else? We'll give engines etc a chance to handle this */ if (pkey->ameth == NULL || pkey->ameth->pkey_ctrl == NULL) return 1; i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_SIGN, cmd, si); diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index e32de78638..9ad75d2092 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -14,18 +14,17 @@ #include "internal/deprecated.h" #include -#include "internal/cryptlib.h" #include #include -#include "dh_local.h" #include -#include "crypto/asn1.h" -#include "crypto/dh.h" -#include "crypto/evp.h" -#include #include #include #include "internal/ffc.h" +#include "internal/cryptlib.h" +#include "crypto/asn1.h" +#include "crypto/dh.h" +#include "crypto/evp.h" +#include "dh_local.h" /* * i2d/d2i like DH parameter functions which use the appropriate routine for @@ -434,11 +433,6 @@ int DHparams_print(BIO *bp, const DH *x) return do_dh_print(bp, x, 4, 0); } -#ifndef OPENSSL_NO_CMS -static int dh_cms_decrypt(CMS_RecipientInfo *ri); -static int dh_cms_encrypt(CMS_RecipientInfo *ri); -#endif - static int dh_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) { switch (op) { @@ -454,19 +448,6 @@ static int dh_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) static int dhx_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) { switch (op) { -#ifndef OPENSSL_NO_CMS - - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (arg1 == 1) - return dh_cms_decrypt(arg2); - else if (arg1 == 0) - return dh_cms_encrypt(arg2); - return -2; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_AGREE; - return 1; -#endif default: return -2; } @@ -675,308 +656,3 @@ const EVP_PKEY_ASN1_METHOD dhx_asn1_meth = { dh_pkey_export_to, dhx_pkey_import_from, }; - -#ifndef OPENSSL_NO_CMS - -static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx, - X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) -{ - const ASN1_OBJECT *aoid; - int atype; - const void *aval; - ASN1_INTEGER *public_key = NULL; - int rv = 0; - EVP_PKEY *pkpeer = NULL, *pk = NULL; - DH *dhpeer = NULL; - const unsigned char *p; - int plen; - - X509_ALGOR_get0(&aoid, &atype, &aval, alg); - if (OBJ_obj2nid(aoid) != NID_dhpublicnumber) - goto err; - /* Only absent parameters allowed in RFC XXXX */ - if (atype != V_ASN1_UNDEF && atype == V_ASN1_NULL) - goto err; - - pk = EVP_PKEY_CTX_get0_pkey(pctx); - if (pk == NULL) - goto err; - if (pk->type != EVP_PKEY_DHX) - goto err; - /* Get parameters from parent key */ - dhpeer = DHparams_dup(pk->pkey.dh); - /* We have parameters now set public key */ - plen = ASN1_STRING_length(pubkey); - p = ASN1_STRING_get0_data(pubkey); - if (p == NULL || plen == 0) - goto err; - - if ((public_key = d2i_ASN1_INTEGER(NULL, &p, plen)) == NULL) { - DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_DECODE_ERROR); - goto err; - } - - /* We have parameters now set public key */ - if ((dhpeer->pub_key = ASN1_INTEGER_to_BN(public_key, NULL)) == NULL) { - DHerr(DH_F_DH_CMS_SET_PEERKEY, DH_R_BN_DECODE_ERROR); - goto err; - } - - pkpeer = EVP_PKEY_new(); - if (pkpeer == NULL) - goto err; - EVP_PKEY_assign(pkpeer, pk->ameth->pkey_id, dhpeer); - dhpeer = NULL; - if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) - rv = 1; - err: - ASN1_INTEGER_free(public_key); - EVP_PKEY_free(pkpeer); - DH_free(dhpeer); - return rv; -} - -static int dh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) -{ - int rv = 0; - - X509_ALGOR *alg, *kekalg = NULL; - ASN1_OCTET_STRING *ukm; - const unsigned char *p; - unsigned char *dukm = NULL; - size_t dukmlen = 0; - int keylen, plen; - const EVP_CIPHER *kekcipher; - EVP_CIPHER_CTX *kekctx; - - if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) - goto err; - - /* - * For DH we only have one OID permissible. If ever any more get defined - * we will need something cleverer. - */ - if (OBJ_obj2nid(alg->algorithm) != NID_id_smime_alg_ESDH) { - DHerr(DH_F_DH_CMS_SET_SHARED_INFO, DH_R_KDF_PARAMETER_ERROR); - goto err; - } - - if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, EVP_PKEY_DH_KDF_X9_42) <= 0) - goto err; - - if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, EVP_sha1()) <= 0) - goto err; - - if (alg->parameter->type != V_ASN1_SEQUENCE) - goto err; - - p = alg->parameter->value.sequence->data; - plen = alg->parameter->value.sequence->length; - kekalg = d2i_X509_ALGOR(NULL, &p, plen); - if (!kekalg) - goto err; - kekctx = CMS_RecipientInfo_kari_get0_ctx(ri); - if (!kekctx) - goto err; - kekcipher = EVP_get_cipherbyobj(kekalg->algorithm); - if (!kekcipher || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE) - goto err; - if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL)) - goto err; - if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) - goto err; - - keylen = EVP_CIPHER_CTX_key_length(kekctx); - if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0) - goto err; - /* Use OBJ_nid2obj to ensure we use built in OID that isn't freed */ - if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx, - OBJ_nid2obj(EVP_CIPHER_type(kekcipher))) - <= 0) - goto err; - - if (ukm) { - dukmlen = ASN1_STRING_length(ukm); - dukm = OPENSSL_memdup(ASN1_STRING_get0_data(ukm), dukmlen); - if (!dukm) - goto err; - } - - if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0) - goto err; - dukm = NULL; - - rv = 1; - err: - X509_ALGOR_free(kekalg); - OPENSSL_free(dukm); - return rv; -} - -static int dh_cms_decrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pctx; - - pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - - if (pctx == NULL) - return 0; - /* See if we need to set peer key */ - if (!EVP_PKEY_CTX_get0_peerkey(pctx)) { - X509_ALGOR *alg; - ASN1_BIT_STRING *pubkey; - if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey, - NULL, NULL, NULL)) - return 0; - if (!alg || !pubkey) - return 0; - if (!dh_cms_set_peerkey(pctx, alg, pubkey)) { - DHerr(DH_F_DH_CMS_DECRYPT, DH_R_PEER_KEY_ERROR); - return 0; - } - } - /* Set DH derivation parameters and initialise unwrap context */ - if (!dh_cms_set_shared_info(pctx, ri)) { - DHerr(DH_F_DH_CMS_DECRYPT, DH_R_SHARED_INFO_ERROR); - return 0; - } - return 1; -} - -static int dh_cms_encrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pctx; - EVP_PKEY *pkey; - EVP_CIPHER_CTX *ctx; - int keylen; - X509_ALGOR *talg, *wrap_alg = NULL; - const ASN1_OBJECT *aoid; - ASN1_BIT_STRING *pubkey; - ASN1_STRING *wrap_str; - ASN1_OCTET_STRING *ukm; - unsigned char *penc = NULL, *dukm = NULL; - int penclen; - size_t dukmlen = 0; - int rv = 0; - int kdf_type, wrap_nid; - const EVP_MD *kdf_md; - - pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - if (pctx == NULL) - return 0; - /* Get ephemeral key */ - pkey = EVP_PKEY_CTX_get0_pkey(pctx); - if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey, - NULL, NULL, NULL)) - goto err; - X509_ALGOR_get0(&aoid, NULL, NULL, talg); - /* Is everything uninitialised? */ - if (aoid == OBJ_nid2obj(NID_undef)) { - ASN1_INTEGER *pubk = BN_to_ASN1_INTEGER(pkey->pkey.dh->pub_key, NULL); - - if (pubk == NULL) - goto err; - /* Set the key */ - - penclen = i2d_ASN1_INTEGER(pubk, &penc); - ASN1_INTEGER_free(pubk); - if (penclen <= 0) - goto err; - ASN1_STRING_set0(pubkey, penc, penclen); - pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT; - - penc = NULL; - X509_ALGOR_set0(talg, OBJ_nid2obj(NID_dhpublicnumber), - V_ASN1_UNDEF, NULL); - } - - /* See if custom parameters set */ - kdf_type = EVP_PKEY_CTX_get_dh_kdf_type(pctx); - if (kdf_type <= 0) - goto err; - if (!EVP_PKEY_CTX_get_dh_kdf_md(pctx, &kdf_md)) - goto err; - - if (kdf_type == EVP_PKEY_DH_KDF_NONE) { - kdf_type = EVP_PKEY_DH_KDF_X9_42; - if (EVP_PKEY_CTX_set_dh_kdf_type(pctx, kdf_type) <= 0) - goto err; - } else if (kdf_type != EVP_PKEY_DH_KDF_X9_42) - /* Unknown KDF */ - goto err; - if (kdf_md == NULL) { - /* Only SHA1 supported */ - kdf_md = EVP_sha1(); - if (EVP_PKEY_CTX_set_dh_kdf_md(pctx, kdf_md) <= 0) - goto err; - } else if (EVP_MD_type(kdf_md) != NID_sha1) - /* Unsupported digest */ - goto err; - - if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm)) - goto err; - - /* Get wrap NID */ - ctx = CMS_RecipientInfo_kari_get0_ctx(ri); - wrap_nid = EVP_CIPHER_CTX_type(ctx); - if (EVP_PKEY_CTX_set0_dh_kdf_oid(pctx, OBJ_nid2obj(wrap_nid)) <= 0) - goto err; - keylen = EVP_CIPHER_CTX_key_length(ctx); - - /* Package wrap algorithm in an AlgorithmIdentifier */ - - wrap_alg = X509_ALGOR_new(); - if (wrap_alg == NULL) - goto err; - wrap_alg->algorithm = OBJ_nid2obj(wrap_nid); - wrap_alg->parameter = ASN1_TYPE_new(); - if (wrap_alg->parameter == NULL) - goto err; - if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0) - goto err; - if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) { - ASN1_TYPE_free(wrap_alg->parameter); - wrap_alg->parameter = NULL; - } - - if (EVP_PKEY_CTX_set_dh_kdf_outlen(pctx, keylen) <= 0) - goto err; - - if (ukm) { - dukmlen = ASN1_STRING_length(ukm); - dukm = OPENSSL_memdup(ASN1_STRING_get0_data(ukm), dukmlen); - if (!dukm) - goto err; - } - - if (EVP_PKEY_CTX_set0_dh_kdf_ukm(pctx, dukm, dukmlen) <= 0) - goto err; - dukm = NULL; - - /* - * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter - * of another AlgorithmIdentifier. - */ - penc = NULL; - penclen = i2d_X509_ALGOR(wrap_alg, &penc); - if (penc == NULL || penclen == 0) - goto err; - wrap_str = ASN1_STRING_new(); - if (wrap_str == NULL) - goto err; - ASN1_STRING_set0(wrap_str, penc, penclen); - penc = NULL; - X509_ALGOR_set0(talg, OBJ_nid2obj(NID_id_smime_alg_ESDH), - V_ASN1_SEQUENCE, wrap_str); - - rv = 1; - - err: - OPENSSL_free(penc); - X509_ALGOR_free(wrap_alg); - OPENSSL_free(dukm); - return rv; -} - -#endif diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 7619c05b5e..98b531ea24 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -17,7 +17,6 @@ #include #include #include -#include #include #include #include "internal/cryptlib.h" @@ -481,27 +480,6 @@ static int dsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); } return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - int snid, hnid; - X509_ALGOR *alg1, *alg2; - CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); - } - return 1; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_NONE; - return 1; -#endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: *(int *)arg2 = NID_sha256; diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index 4bbbabff07..caeb7f70cc 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -18,7 +18,6 @@ #include #include #include -#include #include #include "crypto/asn1.h" #include "crypto/evp.h" @@ -27,11 +26,6 @@ #include "openssl/param_build.h" #include "ec_local.h" -#ifndef OPENSSL_NO_CMS -static int ecdh_cms_decrypt(CMS_RecipientInfo *ri); -static int ecdh_cms_encrypt(CMS_RecipientInfo *ri); -#endif - static int eckey_param2type(int *pptype, void **ppval, const EC_KEY *ec_key) { const EC_GROUP *group; @@ -494,34 +488,6 @@ static int ec_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); } return 1; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) { - int snid, hnid; - X509_ALGOR *alg1, *alg2; - CMS_SignerInfo_get0_algs(arg2, NULL, NULL, &alg1, &alg2); - if (alg1 == NULL || alg1->algorithm == NULL) - return -1; - hnid = OBJ_obj2nid(alg1->algorithm); - if (hnid == NID_undef) - return -1; - if (!OBJ_find_sigid_by_algs(&snid, hnid, EVP_PKEY_id(pkey))) - return -1; - X509_ALGOR_set0(alg2, OBJ_nid2obj(snid), V_ASN1_UNDEF, 0); - } - return 1; - - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (arg1 == 1) - return ecdh_cms_decrypt(arg2); - else if (arg1 == 0) - return ecdh_cms_encrypt(arg2); - return -2; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - *(int *)arg2 = CMS_RECIPINFO_AGREE; - return 1; -#endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: if (EVP_PKEY_id(pkey) == EVP_PKEY_SM2) { @@ -828,327 +794,3 @@ int ECParameters_print(BIO *bp, const EC_KEY *x) { return do_EC_KEY_print(bp, x, 4, EC_KEY_PRINT_PARAM); } - -#ifndef OPENSSL_NO_CMS - -static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx, - X509_ALGOR *alg, ASN1_BIT_STRING *pubkey) -{ - const ASN1_OBJECT *aoid; - int atype; - const void *aval; - int rv = 0; - EVP_PKEY *pkpeer = NULL; - EC_KEY *ecpeer = NULL; - const unsigned char *p; - int plen; - - X509_ALGOR_get0(&aoid, &atype, &aval, alg); - if (OBJ_obj2nid(aoid) != NID_X9_62_id_ecPublicKey) - goto err; - /* If absent parameters get group from main key */ - if (atype == V_ASN1_UNDEF || atype == V_ASN1_NULL) { - const EC_GROUP *grp; - EVP_PKEY *pk; - pk = EVP_PKEY_CTX_get0_pkey(pctx); - if (pk == NULL) - goto err; - grp = EC_KEY_get0_group(pk->pkey.ec); - ecpeer = EC_KEY_new(); - if (ecpeer == NULL) - goto err; - if (!EC_KEY_set_group(ecpeer, grp)) - goto err; - } else { - ecpeer = eckey_type2param(atype, aval, pctx->libctx, pctx->propquery); - if (!ecpeer) - goto err; - } - /* We have parameters now set public key */ - plen = ASN1_STRING_length(pubkey); - p = ASN1_STRING_get0_data(pubkey); - if (p == NULL || plen == 0) - goto err; - if (!o2i_ECPublicKey(&ecpeer, &p, plen)) - goto err; - pkpeer = EVP_PKEY_new(); - if (pkpeer == NULL) - goto err; - EVP_PKEY_set1_EC_KEY(pkpeer, ecpeer); - if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) - rv = 1; - err: - EC_KEY_free(ecpeer); - EVP_PKEY_free(pkpeer); - return rv; -} - -/* Set KDF parameters based on KDF NID */ -static int ecdh_cms_set_kdf_param(EVP_PKEY_CTX *pctx, int eckdf_nid) -{ - int kdf_nid, kdfmd_nid, cofactor; - const EVP_MD *kdf_md; - if (eckdf_nid == NID_undef) - return 0; - - /* Lookup KDF type, cofactor mode and digest */ - if (!OBJ_find_sigid_algs(eckdf_nid, &kdfmd_nid, &kdf_nid)) - return 0; - - if (kdf_nid == NID_dh_std_kdf) - cofactor = 0; - else if (kdf_nid == NID_dh_cofactor_kdf) - cofactor = 1; - else - return 0; - - if (EVP_PKEY_CTX_set_ecdh_cofactor_mode(pctx, cofactor) <= 0) - return 0; - - if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) - return 0; - - kdf_md = EVP_get_digestbynid(kdfmd_nid); - if (!kdf_md) - return 0; - - if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0) - return 0; - return 1; -} - -static int ecdh_cms_set_shared_info(EVP_PKEY_CTX *pctx, CMS_RecipientInfo *ri) -{ - int rv = 0; - - X509_ALGOR *alg, *kekalg = NULL; - ASN1_OCTET_STRING *ukm; - const unsigned char *p; - unsigned char *der = NULL; - int plen, keylen; - EVP_CIPHER *kekcipher = NULL; - EVP_CIPHER_CTX *kekctx; - const char *name; - - if (!CMS_RecipientInfo_kari_get0_alg(ri, &alg, &ukm)) - return 0; - - if (!ecdh_cms_set_kdf_param(pctx, OBJ_obj2nid(alg->algorithm))) { - ECerr(EC_F_ECDH_CMS_SET_SHARED_INFO, EC_R_KDF_PARAMETER_ERROR); - return 0; - } - - if (alg->parameter->type != V_ASN1_SEQUENCE) - return 0; - - p = alg->parameter->value.sequence->data; - plen = alg->parameter->value.sequence->length; - kekalg = d2i_X509_ALGOR(NULL, &p, plen); - if (kekalg == NULL) - goto err; - kekctx = CMS_RecipientInfo_kari_get0_ctx(ri); - if (kekctx == NULL) - goto err; - name = OBJ_nid2sn(OBJ_obj2nid(kekalg->algorithm)); - kekcipher = EVP_CIPHER_fetch(pctx->libctx, name, pctx->propquery); - if (kekcipher == NULL || EVP_CIPHER_mode(kekcipher) != EVP_CIPH_WRAP_MODE) - goto err; - if (!EVP_EncryptInit_ex(kekctx, kekcipher, NULL, NULL, NULL)) - goto err; - if (EVP_CIPHER_asn1_to_param(kekctx, kekalg->parameter) <= 0) - goto err; - - keylen = EVP_CIPHER_CTX_key_length(kekctx); - if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0) - goto err; - - plen = CMS_SharedInfo_encode(&der, kekalg, ukm, keylen); - - if (plen <= 0) - goto err; - - if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, der, plen) <= 0) - goto err; - der = NULL; - - rv = 1; - err: - EVP_CIPHER_free(kekcipher); - X509_ALGOR_free(kekalg); - OPENSSL_free(der); - return rv; -} - -static int ecdh_cms_decrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pctx; - - pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - if (pctx == NULL) - return 0; - /* See if we need to set peer key */ - if (!EVP_PKEY_CTX_get0_peerkey(pctx)) { - X509_ALGOR *alg; - ASN1_BIT_STRING *pubkey; - - if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &alg, &pubkey, - NULL, NULL, NULL)) - return 0; - if (!alg || !pubkey) - return 0; - if (!ecdh_cms_set_peerkey(pctx, alg, pubkey)) { - ECerr(EC_F_ECDH_CMS_DECRYPT, EC_R_PEER_KEY_ERROR); - return 0; - } - } - /* Set ECDH derivation parameters and initialise unwrap context */ - if (!ecdh_cms_set_shared_info(pctx, ri)) { - ECerr(EC_F_ECDH_CMS_DECRYPT, EC_R_SHARED_INFO_ERROR); - return 0; - } - return 1; -} - -static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pctx; - EVP_PKEY *pkey; - EVP_CIPHER_CTX *ctx; - int keylen; - X509_ALGOR *talg, *wrap_alg = NULL; - const ASN1_OBJECT *aoid; - ASN1_BIT_STRING *pubkey; - ASN1_STRING *wrap_str; - ASN1_OCTET_STRING *ukm; - unsigned char *penc = NULL; - int penclen; - int rv = 0; - int ecdh_nid, kdf_type, kdf_nid, wrap_nid; - const EVP_MD *kdf_md; - - pctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - if (pctx == NULL) - return 0; - /* Get ephemeral key */ - pkey = EVP_PKEY_CTX_get0_pkey(pctx); - if (!CMS_RecipientInfo_kari_get0_orig_id(ri, &talg, &pubkey, - NULL, NULL, NULL)) - goto err; - X509_ALGOR_get0(&aoid, NULL, NULL, talg); - /* Is everything uninitialised? */ - if (aoid == OBJ_nid2obj(NID_undef)) { - - EC_KEY *eckey = pkey->pkey.ec; - /* Set the key */ - unsigned char *p; - - penclen = i2o_ECPublicKey(eckey, NULL); - if (penclen <= 0) - goto err; - penc = OPENSSL_malloc(penclen); - if (penc == NULL) - goto err; - p = penc; - penclen = i2o_ECPublicKey(eckey, &p); - if (penclen <= 0) - goto err; - ASN1_STRING_set0(pubkey, penc, penclen); - pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); - pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT; - - penc = NULL; - X509_ALGOR_set0(talg, OBJ_nid2obj(NID_X9_62_id_ecPublicKey), - V_ASN1_UNDEF, NULL); - } - - /* See if custom parameters set */ - kdf_type = EVP_PKEY_CTX_get_ecdh_kdf_type(pctx); - if (kdf_type <= 0) - goto err; - if (!EVP_PKEY_CTX_get_ecdh_kdf_md(pctx, &kdf_md)) - goto err; - ecdh_nid = EVP_PKEY_CTX_get_ecdh_cofactor_mode(pctx); - if (ecdh_nid < 0) - goto err; - else if (ecdh_nid == 0) - ecdh_nid = NID_dh_std_kdf; - else if (ecdh_nid == 1) - ecdh_nid = NID_dh_cofactor_kdf; - - if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) { - kdf_type = EVP_PKEY_ECDH_KDF_X9_63; - if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0) - goto err; - } else - /* Unknown KDF */ - goto err; - if (kdf_md == NULL) { - /* Fixme later for better MD */ - kdf_md = EVP_sha1(); - if (EVP_PKEY_CTX_set_ecdh_kdf_md(pctx, kdf_md) <= 0) - goto err; - } - - if (!CMS_RecipientInfo_kari_get0_alg(ri, &talg, &ukm)) - goto err; - - /* Lookup NID for KDF+cofactor+digest */ - - if (!OBJ_find_sigid_by_algs(&kdf_nid, EVP_MD_type(kdf_md), ecdh_nid)) - goto err; - /* Get wrap NID */ - ctx = CMS_RecipientInfo_kari_get0_ctx(ri); - wrap_nid = EVP_CIPHER_CTX_type(ctx); - keylen = EVP_CIPHER_CTX_key_length(ctx); - - /* Package wrap algorithm in an AlgorithmIdentifier */ - - wrap_alg = X509_ALGOR_new(); - if (wrap_alg == NULL) - goto err; - wrap_alg->algorithm = OBJ_nid2obj(wrap_nid); - wrap_alg->parameter = ASN1_TYPE_new(); - if (wrap_alg->parameter == NULL) - goto err; - if (EVP_CIPHER_param_to_asn1(ctx, wrap_alg->parameter) <= 0) - goto err; - if (ASN1_TYPE_get(wrap_alg->parameter) == NID_undef) { - ASN1_TYPE_free(wrap_alg->parameter); - wrap_alg->parameter = NULL; - } - - if (EVP_PKEY_CTX_set_ecdh_kdf_outlen(pctx, keylen) <= 0) - goto err; - - penclen = CMS_SharedInfo_encode(&penc, wrap_alg, ukm, keylen); - - if (!penclen) - goto err; - - if (EVP_PKEY_CTX_set0_ecdh_kdf_ukm(pctx, penc, penclen) <= 0) - goto err; - penc = NULL; - - /* - * Now need to wrap encoding of wrap AlgorithmIdentifier into parameter - * of another AlgorithmIdentifier. - */ - penclen = i2d_X509_ALGOR(wrap_alg, &penc); - if (!penc || !penclen) - goto err; - wrap_str = ASN1_STRING_new(); - if (wrap_str == NULL) - goto err; - ASN1_STRING_set0(wrap_str, penc, penclen); - penc = NULL; - X509_ALGOR_set0(talg, OBJ_nid2obj(kdf_nid), V_ASN1_SEQUENCE, wrap_str); - - rv = 1; - - err: - OPENSSL_free(penc); - X509_ALGOR_free(wrap_alg); - return rv; -} - -#endif diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 2aca84f838..7bb83593a6 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1996,6 +1996,7 @@ ASN1_R_TYPE_NOT_CONSTRUCTED:156:type not constructed ASN1_R_TYPE_NOT_PRIMITIVE:195:type not primitive ASN1_R_UNEXPECTED_EOC:159:unexpected eoc ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH:215:universalstring is wrong length +ASN1_R_UNKNOWN_DIGEST:229:unknown digest ASN1_R_UNKNOWN_FORMAT:160:unknown format ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM:161:unknown message digest algorithm ASN1_R_UNKNOWN_OBJECT_TYPE:162:unknown object type @@ -2181,6 +2182,7 @@ CMS_R_CONTENT_TYPE_NOT_SIGNED_DATA:108:content type not signed data CMS_R_CONTENT_VERIFY_ERROR:109:content verify error CMS_R_CTRL_ERROR:110:ctrl error CMS_R_CTRL_FAILURE:111:ctrl failure +CMS_R_DECODE_ERROR:187:decode error CMS_R_DECRYPT_ERROR:112:decrypt error CMS_R_ERROR_GETTING_PUBLIC_KEY:113:error getting public key CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE:114:\ @@ -2192,6 +2194,9 @@ CMS_R_ESS_SIGNING_CERTID_MISMATCH_ERROR:183:ess signing certid mismatch error CMS_R_INVALID_ENCRYPTED_KEY_LENGTH:117:invalid encrypted key length CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER:176:invalid key encryption parameter CMS_R_INVALID_KEY_LENGTH:118:invalid key length +CMS_R_INVALID_LABEL:190:invalid label +CMS_R_INVALID_OAEP_PARAMETERS:191:invalid oaep parameters +CMS_R_KDF_PARAMETER_ERROR:186:kdf parameter error CMS_R_MD_BIO_INIT_ERROR:119:md bio init error CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH:120:\ messagedigest attribute wrong length @@ -2223,10 +2228,12 @@ CMS_R_NO_PRIVATE_KEY:133:no private key CMS_R_NO_PUBLIC_KEY:134:no public key CMS_R_NO_RECEIPT_REQUEST:168:no receipt request CMS_R_NO_SIGNERS:135:no signers +CMS_R_PEER_KEY_ERROR:188:peer key error CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE:136:\ private key does not match certificate CMS_R_RECEIPT_DECODE_ERROR:169:receipt decode error CMS_R_RECIPIENT_ERROR:137:recipient error +CMS_R_SHARED_INFO_ERROR:189:shared info error CMS_R_SIGNER_CERTIFICATE_NOT_FOUND:138:signer certificate not found CMS_R_SIGNFINAL_ERROR:139:signfinal error CMS_R_SMIME_TEXT_ERROR:140:smime text error @@ -2242,9 +2249,11 @@ CMS_R_UNKNOWN_DIGEST_ALGORITHM:149:unknown digest algorithm CMS_R_UNKNOWN_ID:150:unknown id CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM:151:unsupported compression algorithm CMS_R_UNSUPPORTED_CONTENT_TYPE:152:unsupported content type +CMS_R_UNSUPPORTED_ENCRYPTION_TYPE:192:unsupported encryption type CMS_R_UNSUPPORTED_KEK_ALGORITHM:153:unsupported kek algorithm CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM:179:\ unsupported key encryption algorithm +CMS_R_UNSUPPORTED_LABEL_SOURCE:193:unsupported label source CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE:155:unsupported recipientinfo type CMS_R_UNSUPPORTED_RECIPIENT_TYPE:154:unsupported recipient type CMS_R_UNSUPPORTED_TYPE:156:unsupported type diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index fc06a101c8..042035a75a 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -1762,6 +1762,16 @@ int evp_pkey_ctx_use_cached_data(EVP_PKEY_CTX *ctx) return ret; } +OPENSSL_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx) +{ + return ctx->libctx; +} + +const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx) +{ + return ctx->propquery; +} + /* Utility functions to send a string of hex string to a ctrl */ int EVP_PKEY_CTX_str2ctrl(EVP_PKEY_CTX *ctx, int cmd, const char *str) diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 6105b7849a..c693ca7e21 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -18,7 +18,6 @@ #include #include #include -#include #include #include #include "crypto/asn1.h" @@ -26,13 +25,6 @@ #include "crypto/rsa.h" #include "rsa_local.h" -#ifndef OPENSSL_NO_CMS -static int rsa_cms_sign(CMS_SignerInfo *si); -static int rsa_cms_verify(CMS_SignerInfo *si); -static int rsa_cms_decrypt(CMS_RecipientInfo *ri); -static int rsa_cms_encrypt(CMS_RecipientInfo *ri); -#endif - static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg); static int rsa_sync_to_pss_params_30(RSA *rsa); @@ -256,14 +248,6 @@ static void int_rsa_free(EVP_PKEY *pkey) RSA_free(pkey->pkey.rsa); } -static X509_ALGOR *rsa_mgf1_decode(X509_ALGOR *alg) -{ - if (OBJ_obj2nid(alg->algorithm) != NID_mgf1) - return NULL; - return ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(X509_ALGOR), - alg->parameter); -} - static int rsa_pss_param_print(BIO *bp, int pss_key, RSA_PSS_PARAMS *pss, int indent) { @@ -315,7 +299,7 @@ static int rsa_pss_param_print(BIO *bp, int pss_key, RSA_PSS_PARAMS *pss, goto err; if (BIO_puts(bp, " with ") <= 0) goto err; - maskHash = rsa_mgf1_decode(pss->maskGenAlgorithm); + maskHash = x509_algor_mgf1_decode(pss->maskGenAlgorithm); if (maskHash != NULL) { if (i2a_ASN1_OBJECT(bp, maskHash->algorithm) <= 0) goto err; @@ -471,7 +455,7 @@ static RSA_PSS_PARAMS *rsa_pss_decode(const X509_ALGOR *alg) return NULL; if (pss->maskGenAlgorithm != NULL) { - pss->maskHash = rsa_mgf1_decode(pss->maskGenAlgorithm); + pss->maskHash = x509_algor_mgf1_decode(pss->maskGenAlgorithm); if (pss->maskHash == NULL) { RSA_PSS_PARAMS_free(pss); return NULL; @@ -520,29 +504,6 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) if (arg1 == 0) PKCS7_RECIP_INFO_get0_alg(arg2, &alg); break; -#ifndef OPENSSL_NO_CMS - case ASN1_PKEY_CTRL_CMS_SIGN: - if (arg1 == 0) - return rsa_cms_sign(arg2); - else if (arg1 == 1) - return rsa_cms_verify(arg2); - break; - - case ASN1_PKEY_CTRL_CMS_ENVELOPE: - if (pkey_is_pss(pkey)) - return -2; - if (arg1 == 0) - return rsa_cms_encrypt(arg2); - else if (arg1 == 1) - return rsa_cms_decrypt(arg2); - break; - - case ASN1_PKEY_CTRL_CMS_RI_TYPE: - if (pkey_is_pss(pkey)) - return -2; - *(int *)arg2 = CMS_RECIPINFO_TRANS; - return 1; -#endif case ASN1_PKEY_CTRL_DEFAULT_MD_NID: if (pkey->pkey.rsa->pss != NULL) { @@ -570,58 +531,6 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) } -/* allocate and set algorithm ID from EVP_MD, default SHA1 */ -static int rsa_md_to_algor(X509_ALGOR **palg, const EVP_MD *md) -{ - if (md == NULL || EVP_MD_type(md) == NID_sha1) - return 1; - *palg = X509_ALGOR_new(); - if (*palg == NULL) - return 0; - X509_ALGOR_set_md(*palg, md); - return 1; -} - -/* Allocate and set MGF1 algorithm ID from EVP_MD */ -static int rsa_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md) -{ - X509_ALGOR *algtmp = NULL; - ASN1_STRING *stmp = NULL; - - *palg = NULL; - if (mgf1md == NULL || EVP_MD_type(mgf1md) == NID_sha1) - return 1; - /* need to embed algorithm ID inside another */ - if (!rsa_md_to_algor(&algtmp, mgf1md)) - goto err; - if (ASN1_item_pack(algtmp, ASN1_ITEM_rptr(X509_ALGOR), &stmp) == NULL) - goto err; - *palg = X509_ALGOR_new(); - if (*palg == NULL) - goto err; - X509_ALGOR_set0(*palg, OBJ_nid2obj(NID_mgf1), V_ASN1_SEQUENCE, stmp); - stmp = NULL; - err: - ASN1_STRING_free(stmp); - X509_ALGOR_free(algtmp); - if (*palg) - return 1; - return 0; -} - -/* convert algorithm ID to EVP_MD, default SHA1 */ -static const EVP_MD *rsa_algor_to_md(X509_ALGOR *alg) -{ - const EVP_MD *md; - - if (!alg) - return EVP_sha1(); - md = EVP_get_digestbyobj(alg->algorithm); - if (md == NULL) - RSAerr(RSA_F_RSA_ALGOR_TO_MD, RSA_R_UNKNOWN_DIGEST); - return md; -} - /* * Convert EVP_PKEY_CTX in PSS mode into corresponding algorithm parameter, * suitable for setting an AlgorithmIdentifier. @@ -631,7 +540,6 @@ static RSA_PSS_PARAMS *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx) { const EVP_MD *sigmd, *mgf1md; EVP_PKEY *pk = EVP_PKEY_CTX_get0_pkey(pkctx); - RSA *rsa = EVP_PKEY_get0_RSA(pk); int saltlen; if (EVP_PKEY_CTX_get_signature_md(pkctx, &sigmd) <= 0) @@ -643,7 +551,7 @@ static RSA_PSS_PARAMS *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx) if (saltlen == -1) { saltlen = EVP_MD_size(sigmd); } else if (saltlen == -2 || saltlen == -3) { - saltlen = RSA_size(rsa) - EVP_MD_size(sigmd) - 2; + saltlen = EVP_PKEY_size(pk) - EVP_MD_size(sigmd) - 2; if ((EVP_PKEY_bits(pk) & 0x7) == 1) saltlen--; if (saltlen < 0) @@ -667,13 +575,13 @@ RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, if (!ASN1_INTEGER_set(pss->saltLength, saltlen)) goto err; } - if (!rsa_md_to_algor(&pss->hashAlgorithm, sigmd)) + if (!x509_algor_new_from_md(&pss->hashAlgorithm, sigmd)) goto err; if (mgf1md == NULL) mgf1md = sigmd; - if (!rsa_md_to_mgf1(&pss->maskGenAlgorithm, mgf1md)) + if (!x509_algor_md_to_mgf1(&pss->maskGenAlgorithm, mgf1md)) goto err; - if (!rsa_md_to_algor(&pss->maskHash, mgf1md)) + if (!x509_algor_new_from_md(&pss->maskHash, mgf1md)) goto err; return pss; err: @@ -681,7 +589,7 @@ RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, return NULL; } -static ASN1_STRING *rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx) +ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx) { RSA_PSS_PARAMS *pss = rsa_ctx_to_pss(pkctx); ASN1_STRING *os; @@ -700,8 +608,8 @@ static ASN1_STRING *rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx) * passed to pkctx instead. */ -static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, - const X509_ALGOR *sigalg, EVP_PKEY *pkey) +int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, + const X509_ALGOR *sigalg, EVP_PKEY *pkey) { int rv = -1; int saltlen; @@ -710,14 +618,14 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, /* Sanity check: make sure it is PSS */ if (OBJ_obj2nid(sigalg->algorithm) != EVP_PKEY_RSA_PSS) { - RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); + RSAerr(0, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); return -1; } /* Decode PSS parameters */ pss = rsa_pss_decode(sigalg); if (!rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) { - RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_INVALID_PSS_PARAMETERS); + RSAerr(0, RSA_R_INVALID_PSS_PARAMETERS); goto err; } @@ -730,7 +638,7 @@ static int rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, if (EVP_PKEY_CTX_get_signature_md(pkctx, &checkmd) <= 0) goto err; if (EVP_MD_type(md) != EVP_MD_type(checkmd)) { - RSAerr(RSA_F_RSA_PSS_TO_CTX, RSA_R_DIGEST_DOES_NOT_MATCH); + RSAerr(0, RSA_R_DIGEST_DOES_NOT_MATCH); goto err; } } @@ -781,10 +689,10 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, if (pss == NULL) return 0; - *pmd = rsa_algor_to_md(pss->hashAlgorithm); + *pmd = x509_algor_get_md(pss->hashAlgorithm); if (*pmd == NULL) return 0; - *pmgf1md = rsa_algor_to_md(pss->maskHash); + *pmgf1md = x509_algor_get_md(pss->maskHash); if (*pmgf1md == NULL) return 0; if (pss->saltLength) @@ -851,33 +759,6 @@ static int rsa_sync_to_pss_params_30(RSA *rsa) return 1; } -#ifndef OPENSSL_NO_CMS -static int rsa_cms_verify(CMS_SignerInfo *si) -{ - int nid, nid2; - X509_ALGOR *alg; - EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si); - - CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg); - nid = OBJ_obj2nid(alg->algorithm); - if (nid == EVP_PKEY_RSA_PSS) - return rsa_pss_to_ctx(NULL, pkctx, alg, NULL); - /* Only PSS allowed for PSS keys */ - if (pkey_ctx_is_pss(pkctx)) { - RSAerr(RSA_F_RSA_CMS_VERIFY, RSA_R_ILLEGAL_OR_UNSUPPORTED_PADDING_MODE); - return 0; - } - if (nid == NID_rsaEncryption) - return 1; - /* Workaround for some implementation that use a signature OID */ - if (OBJ_find_sigid_algs(nid, NULL, &nid2)) { - if (nid2 == NID_rsaEncryption) - return 1; - } - return 0; -} -#endif - /* * Customised RSA item verification routine. This is called when a signature * is encountered requiring special handling. We currently only handle PSS. @@ -892,41 +773,13 @@ static int rsa_item_verify(EVP_MD_CTX *ctx, const ASN1_ITEM *it, RSAerr(RSA_F_RSA_ITEM_VERIFY, RSA_R_UNSUPPORTED_SIGNATURE_TYPE); return -1; } - if (rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { + if (ossl_rsa_pss_to_ctx(ctx, NULL, sigalg, pkey) > 0) { /* Carry on */ return 2; } return -1; } -#ifndef OPENSSL_NO_CMS -static int rsa_cms_sign(CMS_SignerInfo *si) -{ - int pad_mode = RSA_PKCS1_PADDING; - X509_ALGOR *alg; - EVP_PKEY_CTX *pkctx = CMS_SignerInfo_get0_pkey_ctx(si); - ASN1_STRING *os = NULL; - - CMS_SignerInfo_get0_algs(si, NULL, NULL, NULL, &alg); - if (pkctx) { - if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0) - return 0; - } - if (pad_mode == RSA_PKCS1_PADDING) { - X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0); - return 1; - } - /* We don't support it */ - if (pad_mode != RSA_PKCS1_PSS_PADDING) - return 0; - os = rsa_ctx_to_pss_string(pkctx); - if (!os) - return 0; - X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_PKEY_RSA_PSS), V_ASN1_SEQUENCE, os); - return 1; -} -#endif - static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *asn, X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig) @@ -940,7 +793,7 @@ static int rsa_item_sign(EVP_MD_CTX *ctx, const ASN1_ITEM *it, const void *asn, return 2; if (pad_mode == RSA_PKCS1_PSS_PADDING) { ASN1_STRING *os1 = NULL; - os1 = rsa_ctx_to_pss_string(pkctx); + os1 = ossl_rsa_ctx_to_pss_string(pkctx); if (!os1) return 0; /* Duplicate parameters if we have to */ @@ -1013,165 +866,6 @@ static int rsa_sig_info_set(X509_SIG_INFO *siginf, const X509_ALGOR *sigalg, return rv; } -#ifndef OPENSSL_NO_CMS -static RSA_OAEP_PARAMS *rsa_oaep_decode(const X509_ALGOR *alg) -{ - RSA_OAEP_PARAMS *oaep; - - oaep = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(RSA_OAEP_PARAMS), - alg->parameter); - - if (oaep == NULL) - return NULL; - - if (oaep->maskGenFunc != NULL) { - oaep->maskHash = rsa_mgf1_decode(oaep->maskGenFunc); - if (oaep->maskHash == NULL) { - RSA_OAEP_PARAMS_free(oaep); - return NULL; - } - } - return oaep; -} - -static int rsa_cms_decrypt(CMS_RecipientInfo *ri) -{ - EVP_PKEY_CTX *pkctx; - X509_ALGOR *cmsalg; - int nid; - int rv = -1; - unsigned char *label = NULL; - int labellen = 0; - const EVP_MD *mgf1md = NULL, *md = NULL; - RSA_OAEP_PARAMS *oaep; - - pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - if (pkctx == NULL) - return 0; - if (!CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &cmsalg)) - return -1; - nid = OBJ_obj2nid(cmsalg->algorithm); - if (nid == NID_rsaEncryption) - return 1; - if (nid != NID_rsaesOaep) { - RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_UNSUPPORTED_ENCRYPTION_TYPE); - return -1; - } - /* Decode OAEP parameters */ - oaep = rsa_oaep_decode(cmsalg); - - if (oaep == NULL) { - RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_INVALID_OAEP_PARAMETERS); - goto err; - } - - mgf1md = rsa_algor_to_md(oaep->maskHash); - if (mgf1md == NULL) - goto err; - md = rsa_algor_to_md(oaep->hashFunc); - if (md == NULL) - goto err; - - if (oaep->pSourceFunc != NULL) { - X509_ALGOR *plab = oaep->pSourceFunc; - - if (OBJ_obj2nid(plab->algorithm) != NID_pSpecified) { - RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_UNSUPPORTED_LABEL_SOURCE); - goto err; - } - if (plab->parameter->type != V_ASN1_OCTET_STRING) { - RSAerr(RSA_F_RSA_CMS_DECRYPT, RSA_R_INVALID_LABEL); - goto err; - } - - label = plab->parameter->value.octet_string->data; - /* Stop label being freed when OAEP parameters are freed */ - plab->parameter->value.octet_string->data = NULL; - labellen = plab->parameter->value.octet_string->length; - } - - if (EVP_PKEY_CTX_set_rsa_padding(pkctx, RSA_PKCS1_OAEP_PADDING) <= 0) - goto err; - if (EVP_PKEY_CTX_set_rsa_oaep_md(pkctx, md) <= 0) - goto err; - if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkctx, mgf1md) <= 0) - goto err; - if (label != NULL - && EVP_PKEY_CTX_set0_rsa_oaep_label(pkctx, label, labellen) <= 0) - goto err; - /* Carry on */ - rv = 1; - - err: - RSA_OAEP_PARAMS_free(oaep); - return rv; -} - -static int rsa_cms_encrypt(CMS_RecipientInfo *ri) -{ - const EVP_MD *md, *mgf1md; - RSA_OAEP_PARAMS *oaep = NULL; - ASN1_STRING *os = NULL; - X509_ALGOR *alg; - EVP_PKEY_CTX *pkctx = CMS_RecipientInfo_get0_pkey_ctx(ri); - int pad_mode = RSA_PKCS1_PADDING, rv = 0, labellen; - unsigned char *label; - - if (CMS_RecipientInfo_ktri_get0_algs(ri, NULL, NULL, &alg) <= 0) - return 0; - if (pkctx) { - if (EVP_PKEY_CTX_get_rsa_padding(pkctx, &pad_mode) <= 0) - return 0; - } - if (pad_mode == RSA_PKCS1_PADDING) { - X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaEncryption), V_ASN1_NULL, 0); - return 1; - } - /* Not supported */ - if (pad_mode != RSA_PKCS1_OAEP_PADDING) - return 0; - if (EVP_PKEY_CTX_get_rsa_oaep_md(pkctx, &md) <= 0) - goto err; - if (EVP_PKEY_CTX_get_rsa_mgf1_md(pkctx, &mgf1md) <= 0) - goto err; - labellen = EVP_PKEY_CTX_get0_rsa_oaep_label(pkctx, &label); - if (labellen < 0) - goto err; - oaep = RSA_OAEP_PARAMS_new(); - if (oaep == NULL) - goto err; - if (!rsa_md_to_algor(&oaep->hashFunc, md)) - goto err; - if (!rsa_md_to_mgf1(&oaep->maskGenFunc, mgf1md)) - goto err; - if (labellen > 0) { - ASN1_OCTET_STRING *los; - oaep->pSourceFunc = X509_ALGOR_new(); - if (oaep->pSourceFunc == NULL) - goto err; - los = ASN1_OCTET_STRING_new(); - if (los == NULL) - goto err; - if (!ASN1_OCTET_STRING_set(los, label, labellen)) { - ASN1_OCTET_STRING_free(los); - goto err; - } - X509_ALGOR_set0(oaep->pSourceFunc, OBJ_nid2obj(NID_pSpecified), - V_ASN1_OCTET_STRING, los); - } - /* create string with pss parameter encoding. */ - if (!ASN1_item_pack(oaep, ASN1_ITEM_rptr(RSA_OAEP_PARAMS), &os)) - goto err; - X509_ALGOR_set0(alg, OBJ_nid2obj(NID_rsaesOaep), V_ASN1_SEQUENCE, os); - os = NULL; - rv = 1; - err: - RSA_OAEP_PARAMS_free(oaep); - ASN1_STRING_free(os); - return rv; -} -#endif - static int rsa_pkey_check(const EVP_PKEY *pkey) { return RSA_check_key_ex(pkey->pkey.rsa, NULL); diff --git a/doc/man3/EVP_PKEY_CTX_get0_libctx.pod b/doc/man3/EVP_PKEY_CTX_get0_libctx.pod new file mode 100644 index 0000000000..2536ae820e --- /dev/null +++ b/doc/man3/EVP_PKEY_CTX_get0_libctx.pod @@ -0,0 +1,45 @@ +=pod + +=head1 NAME + +EVP_PKEY_CTX_get0_libctx, +EVP_PKEY_CTX_get0_propq +- functions for getting OPENSSL_CTX and property query data from an EVP_PKEY_CTX + +=head1 SYNOPSIS + + #include + + OPENSSL_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx); + const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx); + +=head1 DESCRIPTION + +The EVP_PKEY_CTX_get0_libctx() and EVP_PKEY_CTX_get0_propq() functions obtain +the OPENSSL_CTX and property query string values respectively that were +associated with the EVP_PKEY_CTX when it was constructed. + +=head1 RETURN VALUES + +EVP_PKEY_CTX_get0_libctx() and EVP_PKEY_CTX_get0_propq() functions return the +OPENSSL_CTX and property query string associated with the EVP_PKEY_CTX or NULL +if they are not set. The returned values should not be freed by the caller. + +=head1 SEE ALSO + +L + +=head1 HISTORY + +All functions were added in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut diff --git a/include/crypto/asn1.h b/include/crypto/asn1.h index 5f6987e066..08018e4cf1 100644 --- a/include/crypto/asn1.h +++ b/include/crypto/asn1.h @@ -133,3 +133,8 @@ int asn1_type_set_octetstring_int(ASN1_TYPE *a, long num, unsigned char *data, int len); int asn1_type_get_octetstring_int(const ASN1_TYPE *a, long *num, unsigned char *data, int max_len); + +int x509_algor_new_from_md(X509_ALGOR **palg, const EVP_MD *md); +const EVP_MD *x509_algor_get_md(X509_ALGOR *alg); +X509_ALGOR *x509_algor_mgf1_decode(X509_ALGOR *alg); +int x509_algor_md_to_mgf1(X509_ALGOR **palg, const EVP_MD *mgf1md); diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index 85682aa55d..7ec745766f 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -93,6 +93,10 @@ extern const char *ossl_rsa_mp_factor_names[]; extern const char *ossl_rsa_mp_exp_names[]; extern const char *ossl_rsa_mp_coeff_names[]; +ASN1_STRING *ossl_rsa_ctx_to_pss_string(EVP_PKEY_CTX *pkctx); +int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, + const X509_ALGOR *sigalg, EVP_PKEY *pkey); + # if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]); void rsa_acvp_test_gen_params_free(OSSL_PARAM *dst); diff --git a/include/openssl/asn1err.h b/include/openssl/asn1err.h index b58339ba47..a29722e868 100644 --- a/include/openssl/asn1err.h +++ b/include/openssl/asn1err.h @@ -244,6 +244,7 @@ int ERR_load_ASN1_strings(void); # define ASN1_R_TYPE_NOT_PRIMITIVE 195 # define ASN1_R_UNEXPECTED_EOC 159 # define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215 +# define ASN1_R_UNKNOWN_DIGEST 229 # define ASN1_R_UNKNOWN_FORMAT 160 # define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 # define ASN1_R_UNKNOWN_OBJECT_TYPE 162 diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h index 1e7daf044b..e234ad0126 100644 --- a/include/openssl/cmserr.h +++ b/include/openssl/cmserr.h @@ -146,6 +146,7 @@ int ERR_load_CMS_strings(void); # define CMS_R_CONTENT_VERIFY_ERROR 109 # define CMS_R_CTRL_ERROR 110 # define CMS_R_CTRL_FAILURE 111 +# define CMS_R_DECODE_ERROR 187 # define CMS_R_DECRYPT_ERROR 112 # define CMS_R_ERROR_GETTING_PUBLIC_KEY 113 # define CMS_R_ERROR_READING_MESSAGEDIGEST_ATTRIBUTE 114 @@ -156,6 +157,9 @@ int ERR_load_CMS_strings(void); # define CMS_R_INVALID_ENCRYPTED_KEY_LENGTH 117 # define CMS_R_INVALID_KEY_ENCRYPTION_PARAMETER 176 # define CMS_R_INVALID_KEY_LENGTH 118 +# define CMS_R_INVALID_LABEL 190 +# define CMS_R_INVALID_OAEP_PARAMETERS 191 +# define CMS_R_KDF_PARAMETER_ERROR 186 # define CMS_R_MD_BIO_INIT_ERROR 119 # define CMS_R_MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH 120 # define CMS_R_MESSAGEDIGEST_WRONG_LENGTH 121 @@ -186,9 +190,11 @@ int ERR_load_CMS_strings(void); # define CMS_R_NO_PUBLIC_KEY 134 # define CMS_R_NO_RECEIPT_REQUEST 168 # define CMS_R_NO_SIGNERS 135 +# define CMS_R_PEER_KEY_ERROR 188 # define CMS_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 136 # define CMS_R_RECEIPT_DECODE_ERROR 169 # define CMS_R_RECIPIENT_ERROR 137 +# define CMS_R_SHARED_INFO_ERROR 189 # define CMS_R_SIGNER_CERTIFICATE_NOT_FOUND 138 # define CMS_R_SIGNFINAL_ERROR 139 # define CMS_R_SMIME_TEXT_ERROR 140 @@ -204,8 +210,10 @@ int ERR_load_CMS_strings(void); # define CMS_R_UNKNOWN_ID 150 # define CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM 151 # define CMS_R_UNSUPPORTED_CONTENT_TYPE 152 +# define CMS_R_UNSUPPORTED_ENCRYPTION_TYPE 192 # define CMS_R_UNSUPPORTED_KEK_ALGORITHM 153 # define CMS_R_UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM 179 +# define CMS_R_UNSUPPORTED_LABEL_SOURCE 193 # define CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 155 # define CMS_R_UNSUPPORTED_RECIPIENT_TYPE 154 # define CMS_R_UNSUPPORTED_TYPE 156 diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 8c2d00813c..5527709be0 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1966,6 +1966,9 @@ int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen), int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name); int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen); +OPENSSL_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx); +const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx); + # ifdef __cplusplus } # endif diff --git a/util/libcrypto.num b/util/libcrypto.num index fb0069c9e8..12ba103689 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5288,3 +5288,5 @@ PKCS7_type_is_other ? 3_0_0 EXIST::FUNCTION: PKCS7_get_octet_string ? 3_0_0 EXIST::FUNCTION: OSSL_DECODER_from_data ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_to_data ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_CTX_get0_libctx ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_CTX_get0_propq ? 3_0_0 EXIST::FUNCTION: From builds at travis-ci.com Thu Oct 15 10:49:57 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 15 Oct 2020 10:49:57 +0000 Subject: Still Failing: openssl/openssl#38044 (master - 29000e4) In-Reply-To: Message-ID: <5f88295588b33_13f84dddfbde86671a7@travis-pro-tasks-6fcb54cdc9-vtk2f.mail> Build Update for openssl/openssl ------------------------------------- Build: #38044 Status: Still Failing Duration: 1 hr, 38 mins, and 27 secs Commit: 29000e4 (master) Author: Matt Caswell Message: Make evp_pkey_ctx_get0_libctx/propq public API These were previously added as an internal API. But since the CMS code needs them, other code might do too. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13088) View the changeset: https://github.com/openssl/openssl/compare/5b70206cb316...29000e43ea25 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190214658?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From matt at openssl.org Thu Oct 15 11:14:05 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 11:14:05 +0000 Subject: [openssl] master update Message-ID: <1602760445.200738.25403.nullmailer@dev.openssl.org> The branch master has been updated via a829b735b645516041b55746e013692babd8cd31 (commit) via b425001010044adbdbcd98f8682694b30b73bbf4 (commit) from 29000e43ea257bf54f6ccb2064b3744853b821b2 (commit) - Log ----------------------------------------------------------------- commit a829b735b645516041b55746e013692babd8cd31 Author: Dr. Matthias St. Pierre Date: Thu Oct 15 12:55:50 2020 +0300 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' This change makes the naming more consistent, because three different terms were used for the same thing. (The term libctx was used by far most often.) Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/12621) commit b425001010044adbdbcd98f8682694b30b73bbf4 Author: Dr. Matthias St. Pierre Date: Thu Oct 15 12:55:50 2020 +0300 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Many of the new types introduced by OpenSSL 3.0 have an OSSL_ prefix, e.g., OSSL_CALLBACK, OSSL_PARAM, OSSL_ALGORITHM, OSSL_SERIALIZER. The OPENSSL_CTX type stands out a little by using a different prefix. For consistency reasons, this type is renamed to OSSL_LIB_CTX. Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/12621) ----------------------------------------------------------------------- Summary of changes: CHANGES.md | 17 +-- NEWS.md | 2 +- apps/cmp_mock_srv.c | 2 +- apps/cmp_mock_srv.h | 3 +- apps/cms.c | 9 +- apps/fipsinstall.c | 2 +- apps/genpkey.c | 8 +- apps/include/apps.h | 10 +- apps/lib/app_provider.c | 2 +- apps/lib/apps.c | 12 +- apps/openssl.c | 2 +- apps/pkcs7.c | 2 +- apps/pkeyutl.c | 6 +- apps/smime.c | 2 +- apps/storeutl.c | 6 +- apps/ts.c | 2 +- crypto/asn1/a_digest.c | 2 +- crypto/asn1/a_sign.c | 2 +- crypto/asn1/a_verify.c | 2 +- crypto/asn1/asn_mime.c | 2 +- crypto/asn1/d2i_pr.c | 5 +- crypto/async/async.c | 10 +- crypto/async/async_local.h | 2 +- crypto/bn/bn_ctx.c | 8 +- crypto/bn/bn_rand.c | 4 +- crypto/cmp/cmp_ctx.c | 2 +- crypto/cmp/cmp_local.h | 4 +- crypto/cmp/cmp_server.c | 2 +- crypto/cmp/cmp_util.c | 2 +- crypto/cms/cms_cd.c | 2 +- crypto/cms/cms_dd.c | 3 +- crypto/cms/cms_ec.c | 2 +- crypto/cms/cms_env.c | 4 +- crypto/cms/cms_ess.c | 2 +- crypto/cms/cms_lib.c | 6 +- crypto/cms/cms_local.h | 14 ++- crypto/cms/cms_smime.c | 10 +- crypto/conf/conf_lib.c | 2 +- crypto/conf/conf_mod.c | 2 +- crypto/context.c | 126 ++++++++++----------- crypto/core_algorithm.c | 4 +- crypto/core_fetch.c | 4 +- crypto/core_namemap.c | 12 +- crypto/crmf/crmf_lib.c | 8 +- crypto/crmf/crmf_pbm.c | 4 +- crypto/ct/ct_b64.c | 2 +- crypto/ct/ct_local.h | 6 +- crypto/ct/ct_log.c | 8 +- crypto/ct/ct_policy.c | 2 +- crypto/ct/ct_sct_ctx.c | 2 +- crypto/dh/dh_ameth.c | 2 +- crypto/dh/dh_gen.c | 2 +- crypto/dh/dh_group_params.c | 6 +- crypto/dh/dh_kdf.c | 4 +- crypto/dh/dh_lib.c | 6 +- crypto/dh/dh_local.h | 2 +- crypto/dh/dh_pmeth.c | 2 +- crypto/dsa/dsa_ameth.c | 2 +- crypto/dsa/dsa_lib.c | 6 +- crypto/dsa/dsa_local.h | 2 +- crypto/ec/curve25519.c | 6 +- crypto/ec/curve448/curve448_local.h | 4 +- crypto/ec/curve448/ed448.h | 12 +- crypto/ec/curve448/eddsa.c | 26 ++--- crypto/ec/ec_ameth.c | 8 +- crypto/ec/ec_backend.c | 3 +- crypto/ec/ec_curve.c | 4 +- crypto/ec/ec_cvt.c | 4 +- crypto/ec/ec_key.c | 6 +- crypto/ec/ec_kmeth.c | 2 +- crypto/ec/ec_lib.c | 8 +- crypto/ec/ec_local.h | 8 +- crypto/ec/ecdh_kdf.c | 2 +- crypto/ec/ecx_key.c | 2 +- crypto/ec/ecx_meth.c | 6 +- crypto/encode_decode/decoder_lib.c | 2 +- crypto/encode_decode/decoder_meth.c | 34 +++--- crypto/encode_decode/decoder_pkey.c | 4 +- crypto/encode_decode/encoder_lib.c | 2 +- crypto/encode_decode/encoder_meth.c | 34 +++--- crypto/encode_decode/encoder_pkey.c | 4 +- crypto/evp/asymcipher.c | 4 +- crypto/evp/digest.c | 6 +- crypto/evp/evp_enc.c | 10 +- crypto/evp/evp_fetch.c | 58 +++++----- crypto/evp/evp_local.h | 8 +- crypto/evp/evp_pkey.c | 2 +- crypto/evp/evp_rand.c | 4 +- crypto/evp/exchange.c | 4 +- crypto/evp/kdf_meth.c | 4 +- crypto/evp/kem.c | 4 +- crypto/evp/keymgmt_meth.c | 6 +- crypto/evp/m_sigver.c | 6 +- crypto/evp/mac_meth.c | 4 +- crypto/evp/names.c | 5 +- crypto/evp/p5_crpt2.c | 2 +- crypto/evp/p_lib.c | 21 ++-- crypto/evp/p_sign.c | 2 +- crypto/evp/p_verify.c | 2 +- crypto/evp/pbe_scrypt.c | 2 +- crypto/evp/pmeth_lib.c | 8 +- crypto/evp/signature.c | 4 +- crypto/ex_data.c | 28 ++--- crypto/ffc/ffc_params_generate.c | 12 +- crypto/ffc/ffc_params_validate.c | 6 +- crypto/init.c | 10 +- crypto/initthread.c | 30 ++--- crypto/modes/siv128.c | 4 +- crypto/ocsp/ocsp_srv.c | 4 +- crypto/pem/pem_info.c | 4 +- crypto/pem/pem_pk8.c | 8 +- crypto/pem/pem_pkey.c | 12 +- crypto/pkcs12/p12_key.c | 2 +- crypto/pkcs7/pk7_asn1.c | 2 +- crypto/pkcs7/pk7_lib.c | 2 +- crypto/pkcs7/pk7_local.h | 2 +- crypto/pkcs7/pk7_smime.c | 4 +- crypto/property/defn_cache.c | 18 +-- crypto/property/property.c | 16 +-- crypto/property/property_local.h | 8 +- crypto/property/property_parse.c | 16 +-- crypto/property/property_string.c | 16 +-- crypto/provider.c | 10 +- crypto/provider_conf.c | 2 +- crypto/provider_core.c | 33 +++--- crypto/rand/rand_lib.c | 30 ++--- crypto/rsa/rsa_ameth.c | 6 +- crypto/rsa/rsa_backend.c | 2 +- crypto/rsa/rsa_gen.c | 4 +- crypto/rsa/rsa_lib.c | 8 +- crypto/rsa/rsa_local.h | 6 +- crypto/rsa/rsa_oaep.c | 2 +- crypto/rsa/rsa_pk1.c | 4 +- crypto/rsa/rsa_ssl.c | 2 +- crypto/self_test_core.c | 14 +-- crypto/sm2/sm2_crypt.c | 4 +- crypto/sm2/sm2_sign.c | 6 +- crypto/srp/srp_lib.c | 13 ++- crypto/srp/srp_vfy.c | 4 +- crypto/store/store_lib.c | 4 +- crypto/store/store_local.h | 4 +- crypto/store/store_meth.c | 32 +++--- crypto/store/store_result.c | 24 ++-- crypto/x509/by_dir.c | 4 +- crypto/x509/by_file.c | 8 +- crypto/x509/by_store.c | 8 +- crypto/x509/x509_d2.c | 8 +- crypto/x509/x509_local.h | 4 +- crypto/x509/x509_lu.c | 4 +- crypto/x509/x509_vfy.c | 2 +- crypto/x509/x_all.c | 6 +- crypto/x509/x_crl.c | 2 +- crypto/x509/x_pubkey.c | 10 +- crypto/x509/x_x509.c | 4 +- doc/internal/man3/OSSL_METHOD_STORE.pod | 6 +- doc/internal/man3/evp_generic_fetch.pod | 6 +- doc/internal/man3/evp_pkey_export_to_provider.pod | 4 +- doc/internal/man3/ossl_algorithm_do_all.pod | 2 +- doc/internal/man3/ossl_cmp_mock_srv_new.pod | 2 +- doc/internal/man3/ossl_cmp_msg_protect.pod | 2 +- ..._ctx_get_data.pod => ossl_lib_ctx_get_data.pod} | 58 +++++----- doc/internal/man3/ossl_method_construct.pod | 8 +- doc/internal/man3/ossl_namemap_new.pod | 2 +- doc/internal/man3/ossl_provider_new.pod | 14 +-- doc/internal/man3/x509v3_cache_extensions.pod | 2 +- doc/man3/BN_CTX_new.pod | 4 +- doc/man3/BN_generate_prime.pod | 4 +- doc/man3/CMS_EncryptedData_encrypt.pod | 2 +- doc/man3/CMS_EnvelopedData_create.pod | 4 +- doc/man3/CMS_data_create.pod | 2 +- doc/man3/CMS_digest_create.pod | 2 +- doc/man3/CMS_encrypt.pod | 2 +- doc/man3/CMS_get1_ReceiptRequest.pod | 2 +- doc/man3/CMS_sign.pod | 2 +- doc/man3/CONF_modules_load_file.pod | 2 +- doc/man3/CTLOG_STORE_new.pod | 2 +- doc/man3/CTLOG_new.pod | 4 +- doc/man3/CT_POLICY_EVAL_CTX_new.pod | 2 +- doc/man3/EC_GROUP_new.pod | 12 +- doc/man3/EC_KEY_new.pod | 10 +- doc/man3/EVP_ASYM_CIPHER_free.pod | 6 +- doc/man3/EVP_DigestInit.pod | 6 +- doc/man3/EVP_DigestSignInit.pod | 4 +- doc/man3/EVP_DigestVerifyInit.pod | 4 +- doc/man3/EVP_EncryptInit.pod | 6 +- doc/man3/EVP_KDF.pod | 4 +- doc/man3/EVP_KEM_free.pod | 6 +- doc/man3/EVP_KEYEXCH_free.pod | 4 +- doc/man3/EVP_KEYMGMT.pod | 8 +- doc/man3/EVP_MAC.pod | 4 +- doc/man3/EVP_PKEY_CTX_get0_libctx.pod | 8 +- doc/man3/EVP_PKEY_CTX_new.pod | 8 +- doc/man3/EVP_PKEY_new.pod | 6 +- doc/man3/EVP_RAND.pod | 4 +- doc/man3/EVP_SIGNATURE_free.pod | 4 +- doc/man3/EVP_SignInit.pod | 2 +- doc/man3/EVP_VerifyInit.pod | 2 +- doc/man3/EVP_set_default_properties.pod | 6 +- doc/man3/NCONF_new_ex.pod | 2 +- doc/man3/OCSP_response_status.pod | 4 +- doc/man3/OPENSSL_init_crypto.pod | 18 +-- doc/man3/OSSL_CMP_CTX_new.pod | 2 +- doc/man3/OSSL_CMP_SRV_CTX_new.pod | 2 +- doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod | 4 +- doc/man3/OSSL_CRMF_MSG_set0_validity.pod | 4 +- doc/man3/OSSL_CRMF_pbmp_new.pod | 4 +- doc/man3/OSSL_DECODER.pod | 8 +- doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod | 2 +- doc/man3/OSSL_ENCODER.pod | 8 +- doc/man3/OSSL_ENCODER_CTX.pod | 2 +- doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod | 2 +- doc/man3/{OPENSSL_CTX.pod => OSSL_LIB_CTX.pod} | 36 +++--- doc/man3/OSSL_PROVIDER.pod | 16 +-- doc/man3/OSSL_SELF_TEST_set_callback.pod | 8 +- doc/man3/OSSL_STORE_LOADER.pod | 10 +- doc/man3/OSSL_STORE_attach.pod | 2 +- doc/man3/OSSL_STORE_open.pod | 2 +- doc/man3/PEM_X509_INFO_read_bio_ex.pod | 4 +- doc/man3/PEM_read_bio_PrivateKey.pod | 10 +- doc/man3/PKCS7_encrypt.pod | 2 +- doc/man3/PKCS7_sign.pod | 2 +- doc/man3/RAND_bytes.pod | 6 +- doc/man3/RAND_get0_primary.pod | 14 +-- doc/man3/SMIME_write_ASN1.pod | 2 +- doc/man3/SRP_Calc_B.pod | 8 +- doc/man3/SRP_create_verifier.pod | 4 +- doc/man3/SSL_CTX_new.pod | 4 +- doc/man3/SSL_load_client_CA_file.pod | 2 +- doc/man3/X509_LOOKUP.pod | 12 +- doc/man3/X509_LOOKUP_hash_dir.pod | 4 +- doc/man3/X509_PUBKEY_new.pod | 2 +- doc/man3/X509_STORE_CTX_new.pod | 2 +- doc/man3/X509_STORE_add_cert.pod | 8 +- doc/man3/X509_new.pod | 2 +- doc/man3/X509_verify.pod | 4 +- doc/man3/d2i_PrivateKey.pod | 8 +- doc/man7/provider-base.pod | 6 +- doc/man7/provider.pod | 4 +- engines/e_loader_attic.c | 22 ++-- include/crypto/asn1.h | 4 +- include/crypto/bn.h | 2 +- include/crypto/decoder.h | 4 +- include/crypto/dh.h | 6 +- include/crypto/dsa.h | 2 +- include/crypto/ec.h | 7 +- include/crypto/ecx.h | 16 +-- include/crypto/encoder.h | 2 +- include/crypto/evp.h | 18 +-- include/crypto/rsa.h | 10 +- include/crypto/siv.h | 4 +- include/crypto/x509.h | 16 +-- include/internal/core.h | 10 +- include/internal/cryptlib.h | 92 +++++++-------- include/internal/ffc.h | 14 +-- include/internal/namemap.h | 2 +- include/internal/property.h | 13 ++- include/internal/provider.h | 10 +- include/internal/thread_once.h | 2 +- include/openssl/asn1.h.in | 6 +- include/openssl/bn.h | 4 +- include/openssl/cmp.h.in | 4 +- include/openssl/cms.h.in | 18 +-- include/openssl/conf.h.in | 6 +- include/openssl/core_dispatch.h | 4 +- include/openssl/crmf.h.in | 10 +- include/openssl/crypto.h.in | 14 +-- include/openssl/ct.h.in | 8 +- include/openssl/decoder.h | 8 +- include/openssl/ec.h | 8 +- include/openssl/encoder.h | 8 +- include/openssl/evp.h | 67 +++++------ include/openssl/kdf.h | 4 +- include/openssl/ocsp.h.in | 4 +- include/openssl/pem.h | 14 +-- include/openssl/pkcs7.h.in | 8 +- include/openssl/provider.h | 12 +- include/openssl/rand.h | 14 +-- include/openssl/self_test.h | 4 +- include/openssl/srp.h.in | 12 +- include/openssl/ssl.h.in | 4 +- include/openssl/store.h | 12 +- include/openssl/types.h | 2 +- include/openssl/x509.h.in | 12 +- include/openssl/x509_vfy.h.in | 22 ++-- providers/baseprov.c | 10 +- providers/common/include/prov/provider_ctx.h | 10 +- providers/common/include/prov/provider_util.h | 8 +- providers/common/include/prov/providercommon.h | 2 +- providers/common/provider_ctx.c | 4 +- providers/common/provider_util.c | 8 +- providers/defltprov.c | 10 +- providers/fips/fipsprov.c | 51 ++++----- providers/fips/self_test.c | 6 +- providers/fips/self_test.h | 4 +- providers/fips/self_test_kats.c | 30 ++--- providers/implementations/asymciphers/rsa_enc.c | 4 +- providers/implementations/asymciphers/sm2_enc.c | 4 +- providers/implementations/ciphers/cipher_aes_siv.c | 2 +- providers/implementations/ciphers/cipher_aes_siv.h | 2 +- .../implementations/ciphers/cipher_aes_siv_hw.c | 2 +- providers/implementations/ciphers/ciphercommon.c | 2 +- .../implementations/ciphers/ciphercommon_block.c | 6 +- .../implementations/ciphers/ciphercommon_gcm.c | 2 +- .../implementations/ciphers/ciphercommon_local.h | 2 +- .../implementations/encode_decode/decode_der2key.c | 2 +- .../implementations/encode_decode/encode_key2any.c | 2 +- .../encode_decode/encode_key2text.c | 4 +- providers/implementations/exchange/dh_exch.c | 4 +- providers/implementations/exchange/ecdh_exch.c | 4 +- providers/implementations/exchange/kdf_exch.c | 4 +- .../implementations/include/prov/ciphercommon.h | 2 +- .../include/prov/ciphercommon_gcm.h | 2 +- .../implementations/include/prov/kdfexchange.h | 2 +- .../implementations/include/prov/macsignature.h | 4 +- providers/implementations/kdfs/hkdf.c | 2 +- providers/implementations/kdfs/kbkdf.c | 2 +- providers/implementations/kdfs/krb5kdf.c | 2 +- providers/implementations/kdfs/pbkdf2.c | 4 +- providers/implementations/kdfs/pkcs12kdf.c | 2 +- providers/implementations/kdfs/scrypt.c | 8 +- providers/implementations/kdfs/sshkdf.c | 2 +- providers/implementations/kdfs/sskdf.c | 2 +- providers/implementations/kdfs/tls1_prf.c | 2 +- providers/implementations/kdfs/x942kdf.c | 4 +- providers/implementations/kem/rsa_kem.c | 4 +- providers/implementations/keymgmt/dh_kmgmt.c | 8 +- providers/implementations/keymgmt/dsa_kmgmt.c | 6 +- providers/implementations/keymgmt/ec_kmgmt.c | 8 +- providers/implementations/keymgmt/ecx_kmgmt.c | 12 +- .../implementations/keymgmt/kdf_legacy_kmgmt.c | 2 +- .../implementations/keymgmt/mac_legacy_kmgmt.c | 10 +- providers/implementations/keymgmt/rsa_kmgmt.c | 10 +- providers/implementations/macs/cmac_prov.c | 2 +- providers/implementations/macs/gmac_prov.c | 2 +- providers/implementations/macs/hmac_prov.c | 2 +- providers/implementations/macs/kmac_prov.c | 2 +- providers/implementations/rands/crngt.c | 12 +- providers/implementations/rands/drbg.c | 12 +- providers/implementations/rands/drbg_ctr.c | 2 +- providers/implementations/rands/drbg_hash.c | 2 +- providers/implementations/rands/drbg_hmac.c | 2 +- providers/implementations/signature/dsa.c | 4 +- providers/implementations/signature/ecdsa.c | 4 +- providers/implementations/signature/eddsa.c | 4 +- providers/implementations/signature/mac_legacy.c | 6 +- providers/implementations/signature/rsa.c | 4 +- providers/implementations/signature/sm2sig.c | 4 +- providers/implementations/storemgmt/file_store.c | 2 +- providers/legacyprov.c | 16 +-- ssl/record/record_local.h | 4 +- ssl/record/tls_pad.c | 12 +- ssl/ssl_cert.c | 8 +- ssl/ssl_conf.c | 2 +- ssl/ssl_lib.c | 6 +- ssl/ssl_local.h | 6 +- ssl/ssl_mcnf.c | 8 +- test/acvp_test.c | 8 +- test/asynctest.c | 32 +++--- test/cmp_client_test.c | 4 +- test/cmp_msg_test.c | 4 +- test/cmp_protect_test.c | 4 +- test/cmp_server_test.c | 4 +- test/cmp_testlib.c | 4 +- test/cmp_testlib.h | 4 +- test/cmp_vfy_test.c | 4 +- test/context_internal_test.c | 16 +-- test/evp_extra_test.c | 16 +-- test/evp_extra_test2.c | 14 +-- test/evp_fetch_prov_test.c | 18 +-- test/evp_libctx_test.c | 8 +- test/evp_test.c | 14 +-- test/filterprov.c | 10 +- test/keymgmt_internal_test.c | 12 +- test/property_test.c | 6 +- test/provider_fallback_test.c | 8 +- test/provider_status_test.c | 6 +- test/ssl_test.c | 4 +- test/ssl_test_ctx.c | 7 +- test/ssl_test_ctx.h | 6 +- test/sslapitest.c | 18 +-- test/ssltest_old.c | 8 +- test/ssltestlib.c | 2 +- test/ssltestlib.h | 2 +- test/testutil.h | 2 +- test/testutil/provider.c | 6 +- test/tls-provider.c | 12 +- util/libcrypto.num | 8 +- util/other.syms | 2 +- 388 files changed, 1487 insertions(+), 1466 deletions(-) rename doc/internal/man3/{openssl_ctx_get_data.pod => ossl_lib_ctx_get_data.pod} (62%) rename doc/man3/{OPENSSL_CTX.pod => OSSL_LIB_CTX.pod} (60%) diff --git a/CHANGES.md b/CHANGES.md index d9fa56f4d6..4114ce96cf 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -112,9 +112,9 @@ OpenSSL 3.0 *Rich Salz and Richard Levitte* - * Added a library context that applications as well as other - libraries can use to form a separate context within which libcrypto - operations are performed. + * Added a library context `OSSL_LIB_CTX` that applications as well as + other libraries can use to form a separate context within which + libcrypto operations are performed. There are two ways this can be used: @@ -122,16 +122,19 @@ OpenSSL 3.0 such an argument, such as `EVP_CIPHER_fetch` and similar algorithm fetching functions. - Indirectly, by creating a new library context and then assigning - it as the new default, with `OPENSSL_CTX_set0_default`. + it as the new default, with `OSSL_LIB_CTX_set0_default`. - All public OpenSSL functions that take an `OPENSSL_CTX` pointer, - apart from the functions directly related to `OPENSSL_CTX`, accept + All public OpenSSL functions that take an `OSSL_LIB_CTX` pointer, + apart from the functions directly related to `OSSL_LIB_CTX`, accept NULL to indicate that the default library context should be used. Library code that changes the default library context using - `OPENSSL_CTX_set0_default` should take care to restore it with a + `OSSL_LIB_CTX_set0_default` should take care to restore it with a second call before returning to the caller. + _(Note: the library context was initially called `OPENSSL_CTX` and + renamed to `OSSL_LIB_CTX` in version 3.0.0 alpha7.)_ + *Richard Levitte* * Handshake now fails if Extended Master Secret extension is dropped diff --git a/NEWS.md b/NEWS.md index eca309f58c..2ba338c745 100644 --- a/NEWS.md +++ b/NEWS.md @@ -22,7 +22,7 @@ OpenSSL 3.0 * Remove the `RAND_DRBG` API. * Deprecated the `ENGINE` API. - * Added `OPENSSL_CTX`, a libcrypto library context. + * Added `OSSL_LIB_CTX`, a libcrypto library context. * Interactive mode is removed from the 'openssl' program. * The X25519, X448, Ed25519, Ed448 and SHAKE256 algorithms are included in the FIPS provider. None have the "fips=yes" property set and, as such, diff --git a/apps/cmp_mock_srv.c b/apps/cmp_mock_srv.c index 057f9d9a5e..78d6a98e15 100644 --- a/apps/cmp_mock_srv.c +++ b/apps/cmp_mock_srv.c @@ -384,7 +384,7 @@ static int process_pollReq(OSSL_CMP_SRV_CTX *srv_ctx, return 1; } -OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq) +OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, const char *propq) { OSSL_CMP_SRV_CTX *srv_ctx = OSSL_CMP_SRV_CTX_new(libctx, propq); mock_srv_ctx *ctx = mock_srv_ctx_new(); diff --git a/apps/cmp_mock_srv.h b/apps/cmp_mock_srv.h index b4f82d1b81..7c844a5391 100644 --- a/apps/cmp_mock_srv.h +++ b/apps/cmp_mock_srv.h @@ -16,7 +16,8 @@ # include -OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq); +OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, + const char *propq); void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx); int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert); diff --git a/apps/cms.c b/apps/cms.c index 37b1e96a14..4589a24f06 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -28,7 +28,7 @@ static int cms_cb(int ok, X509_STORE_CTX *ctx); static void receipt_request_print(CMS_ContentInfo *cms); static CMS_ReceiptRequest *make_receipt_request( STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst, - STACK_OF(OPENSSL_STRING) *rr_from, OPENSSL_CTX *libctx, const char *propq); + STACK_OF(OPENSSL_STRING) *rr_from, OSSL_LIB_CTX *libctx, const char *propq); static int cms_set_pkey_param(EVP_PKEY_CTX *pctx, STACK_OF(OPENSSL_STRING) *param); @@ -233,7 +233,8 @@ const OPTIONS cms_options[] = { static CMS_ContentInfo *load_content_info(int informat, BIO *in, BIO **indata, const char *name, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, + const char *propq) { CMS_ContentInfo *ret, *ci; @@ -301,7 +302,7 @@ int cms_main(int argc, char **argv) long ltmp; const char *mime_eol = "\n"; OPTION_CHOICE o; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); if ((vpm = X509_VERIFY_PARAM_new()) == NULL) @@ -1389,7 +1390,7 @@ static STACK_OF(GENERAL_NAMES) *make_names_stack(STACK_OF(OPENSSL_STRING) *ns) static CMS_ReceiptRequest *make_receipt_request( STACK_OF(OPENSSL_STRING) *rr_to, int rr_allorfirst, STACK_OF(OPENSSL_STRING) *rr_from, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { STACK_OF(GENERAL_NAMES) *rct_to = NULL, *rct_from = NULL; CMS_ReceiptRequest *rr; diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c index 7b206106f3..cb78489eef 100644 --- a/apps/fipsinstall.c +++ b/apps/fipsinstall.c @@ -220,7 +220,7 @@ static void free_config_and_unload(CONF *conf) static int verify_module_load(const char *parent_config_file) { - return OPENSSL_CTX_load_config(NULL, parent_config_file); + return OSSL_LIB_CTX_load_config(NULL, parent_config_file); } /* diff --git a/apps/genpkey.c b/apps/genpkey.c index 94453af15c..1682c661c6 100644 --- a/apps/genpkey.c +++ b/apps/genpkey.c @@ -22,7 +22,7 @@ #endif static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); static int genpkey_cb(EVP_PKEY_CTX *ctx); typedef enum OPTION_choice { @@ -73,7 +73,7 @@ int genpkey_main(int argc, char **argv) OPTION_CHOICE o; int outformat = FORMAT_PEM, text = 0, ret = 1, rv, do_param = 0; int private = 0; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); prog = opt_init(argc, argv, genpkey_options); @@ -240,7 +240,7 @@ int genpkey_main(int argc, char **argv) } static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { BIO *pbio; EVP_PKEY *pkey = NULL; @@ -287,7 +287,7 @@ static int init_keygen_file(EVP_PKEY_CTX **pctx, const char *file, ENGINE *e, int init_gen_str(EVP_PKEY_CTX **pctx, const char *algname, ENGINE *e, int do_param, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_PKEY_CTX *ctx = NULL; const EVP_PKEY_ASN1_METHOD *ameth; diff --git a/apps/include/apps.h b/apps/include/apps.h index ac008e9572..195f226910 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -225,7 +225,7 @@ int x509_ctrl_string(X509 *x, const char *value); int x509_req_ctrl_string(X509_REQ *x, const char *value); int init_gen_str(EVP_PKEY_CTX **pctx, const char *algname, ENGINE *e, int do_param, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int do_X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md, STACK_OF(OPENSSL_STRING) *sigopts); int do_X509_verify(X509 *x, EVP_PKEY *pkey, STACK_OF(OPENSSL_STRING) *vfyopts); @@ -308,15 +308,15 @@ typedef struct verify_options_st { extern VERIFY_CB_ARGS verify_args; -OPENSSL_CTX *app_create_libctx(void); -OPENSSL_CTX *app_get0_libctx(void); +OSSL_LIB_CTX *app_create_libctx(void); +OSSL_LIB_CTX *app_get0_libctx(void); OSSL_PARAM *app_params_new_from_opts(STACK_OF(OPENSSL_STRING) *opts, const OSSL_PARAM *paramdefs); void app_params_free(OSSL_PARAM *params); -int app_provider_load(OPENSSL_CTX *libctx, const char *provider_name); +int app_provider_load(OSSL_LIB_CTX *libctx, const char *provider_name); void app_providers_cleanup(void); -OPENSSL_CTX *app_get0_libctx(void); +OSSL_LIB_CTX *app_get0_libctx(void); const char *app_get0_propq(void); #endif diff --git a/apps/lib/app_provider.c b/apps/lib/app_provider.c index 60645e21d7..490960521c 100644 --- a/apps/lib/app_provider.c +++ b/apps/lib/app_provider.c @@ -27,7 +27,7 @@ static void provider_free(OSSL_PROVIDER *prov) OSSL_PROVIDER_unload(prov); } -int app_provider_load(OPENSSL_CTX *libctx, const char *provider_name) +int app_provider_load(OSSL_LIB_CTX *libctx, const char *provider_name) { OSSL_PROVIDER *prov; diff --git a/apps/lib/apps.c b/apps/lib/apps.c index 14b8cc8b3c..d90ef6a192 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -63,7 +63,7 @@ typedef struct { unsigned long mask; } NAME_EX_TBL; -static OPENSSL_CTX *app_libctx = NULL; +static OSSL_LIB_CTX *app_libctx = NULL; static int set_table_opts(unsigned long *flags, const char *arg, const NAME_EX_TBL * in_tbl); @@ -322,7 +322,7 @@ static char *app_get_pass(const char *arg, int keepbio) return OPENSSL_strdup(tpass); } -OPENSSL_CTX *app_get0_libctx(void) +OSSL_LIB_CTX *app_get0_libctx(void) { return app_libctx; } @@ -333,7 +333,7 @@ const char *app_get0_propq(void) return NULL; } -OPENSSL_CTX *app_create_libctx(void) +OSSL_LIB_CTX *app_create_libctx(void) { /* * Load the NULL provider into the default library context and create a @@ -345,7 +345,7 @@ OPENSSL_CTX *app_create_libctx(void) BIO_puts(bio_err, "Failed to create null provider\n"); return NULL; } - app_libctx = OPENSSL_CTX_new(); + app_libctx = OSSL_LIB_CTX_new(); } if (app_libctx == NULL) BIO_puts(bio_err, "Failed to create library context\n"); @@ -676,7 +676,7 @@ int load_key_certs_crls(const char *uri, int maybe_stdin, { PW_CB_DATA uidata; OSSL_STORE_CTX *ctx = NULL; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); int ncerts = 0; int ncrls = 0; @@ -1077,7 +1077,7 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile, { X509_STORE *store = X509_STORE_new(); X509_LOOKUP *lookup; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); if (store == NULL) diff --git a/apps/openssl.c b/apps/openssl.c index c0cad3a54f..307303b257 100644 --- a/apps/openssl.c +++ b/apps/openssl.c @@ -88,7 +88,7 @@ static int apps_startup(void) static void apps_shutdown(void) { app_providers_cleanup(); - OPENSSL_CTX_free(app_get0_libctx()); + OSSL_LIB_CTX_free(app_get0_libctx()); destroy_ui_method(); } diff --git a/apps/pkcs7.c b/apps/pkcs7.c index 9efe3aa108..f09994df6d 100644 --- a/apps/pkcs7.c +++ b/apps/pkcs7.c @@ -60,7 +60,7 @@ int pkcs7_main(int argc, char **argv) char *infile = NULL, *outfile = NULL, *prog; int i, print_certs = 0, text = 0, noout = 0, p7_print = 0, ret = 1; OPTION_CHOICE o; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); prog = opt_init(argc, argv, pkcs7_options); diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 61f9130175..f7449503b9 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -24,7 +24,7 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, const char *keyfile, int keyform, int key_type, char *passinarg, int pkey_op, ENGINE *e, const int impl, int rawin, EVP_PKEY **ppkey, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); static int setup_peer(EVP_PKEY_CTX *ctx, int peerform, const char *file, ENGINE *e); @@ -124,7 +124,7 @@ int pkeyutl_main(int argc, char **argv) int rawin = 0; const EVP_MD *md = NULL; int filesize = -1; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = NULL; prog = opt_init(argc, argv, pkeyutl_options); @@ -512,7 +512,7 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, char *passinarg, int pkey_op, ENGINE *e, const int engine_impl, int rawin, EVP_PKEY **ppkey, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; diff --git a/apps/smime.c b/apps/smime.c index 57b323cfa2..89dc0eac96 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -154,7 +154,7 @@ int smime_main(int argc, char **argv) int vpmtouched = 0, rv = 0; ENGINE *e = NULL; const char *mime_eol = "\n"; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); if ((vpm = X509_VERIFY_PARAM_new()) == NULL) diff --git a/apps/storeutl.c b/apps/storeutl.c index b28c345fd3..fcd874ea5d 100644 --- a/apps/storeutl.c +++ b/apps/storeutl.c @@ -19,7 +19,7 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata, int expected, int criterion, OSSL_STORE_SEARCH *search, int text, int noout, int recursive, int indent, BIO *out, - const char *prog, OPENSSL_CTX *libctx, const char *propq); + const char *prog, OSSL_LIB_CTX *libctx, const char *propq); typedef enum OPTION_choice { OPT_ERR = -1, OPT_EOF = 0, OPT_HELP, OPT_ENGINE, OPT_OUT, OPT_PASSIN, @@ -84,7 +84,7 @@ int storeutl_main(int argc, char *argv[]) char *alias = NULL; OSSL_STORE_SEARCH *search = NULL; const EVP_MD *digest = NULL; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); while ((o = opt_next()) != OPT_EOF) { @@ -351,7 +351,7 @@ static int indent_printf(int indent, BIO *bio, const char *format, ...) static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata, int expected, int criterion, OSSL_STORE_SEARCH *search, int text, int noout, int recursive, int indent, BIO *out, - const char *prog, OPENSSL_CTX *libctx, const char *propq) + const char *prog, OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_CTX *store_ctx = NULL; int ret = 1, items = 0; diff --git a/apps/ts.c b/apps/ts.c index 50dd263399..23e16d8008 100644 --- a/apps/ts.c +++ b/apps/ts.c @@ -957,7 +957,7 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, { X509_STORE *cert_ctx = NULL; X509_LOOKUP *lookup = NULL; - OPENSSL_CTX *libctx = app_get0_libctx(); + OSSL_LIB_CTX *libctx = app_get0_libctx(); const char *propq = app_get0_propq(); cert_ctx = X509_STORE_new(); diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 66c99862e5..a9709e9bc1 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -55,7 +55,7 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, int asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *md, void *asn, unsigned char *data, unsigned int *len, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int i, ret = 0; unsigned char *str = NULL; diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 4242e9a70e..c4b7b63dd5 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -126,7 +126,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, const void *data, const ASN1_OCTET_STRING *id, - EVP_PKEY *pkey, const EVP_MD *md, OPENSSL_CTX *libctx, + EVP_PKEY *pkey, const EVP_MD *md, OSSL_LIB_CTX *libctx, const char *propq) { int rv = 0; diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index d8cea688d5..834c3ab198 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -95,7 +95,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg, int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg, const ASN1_BIT_STRING *signature, const void *data, const ASN1_OCTET_STRING *id, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_MD_CTX *ctx; int rv = -1; diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index adf368f72f..ba9b1f30a4 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -232,7 +232,7 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { char bound[33], c; int i; diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index b478112349..9da8d8e4c0 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -22,7 +22,8 @@ #include "crypto/evp.h" EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp, - long length, OPENSSL_CTX *libctx, const char *propq) + long length, OSSL_LIB_CTX *libctx, + const char *propq) { EVP_PKEY *ret; const unsigned char *p = *pp; @@ -98,7 +99,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, */ EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp, - long length, OPENSSL_CTX *libctx, + long length, OSSL_LIB_CTX *libctx, const char *propq) { STACK_OF(ASN1_TYPE) *inkey; diff --git a/crypto/async/async.c b/crypto/async/async.c index b30f516d05..8eedad97ea 100644 --- a/crypto/async/async.c +++ b/crypto/async/async.c @@ -170,7 +170,7 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret, int (*func)(void *), void *args, size_t size) { async_ctx *ctx; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; if (!OPENSSL_init_crypto(OPENSSL_INIT_ASYNC, NULL)) return ASYNC_ERR; @@ -208,7 +208,7 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret, * Restore the default libctx to what it was the last time the * fibre ran */ - libctx = OPENSSL_CTX_set0_default(ctx->currjob->libctx); + libctx = OSSL_LIB_CTX_set0_default(ctx->currjob->libctx); /* Resume previous job */ if (!async_fibre_swapcontext(&ctx->dispatcher, &ctx->currjob->fibrectx, 1)) { @@ -221,7 +221,7 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret, * again to what it was originally, and remember what it had * been changed to. */ - ctx->currjob->libctx = OPENSSL_CTX_set0_default(libctx); + ctx->currjob->libctx = OSSL_LIB_CTX_set0_default(libctx); continue; } @@ -252,7 +252,7 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret, ctx->currjob->func = func; ctx->currjob->waitctx = wctx; - libctx = openssl_ctx_get_concrete(NULL); + libctx = ossl_lib_ctx_get_concrete(NULL); if (!async_fibre_swapcontext(&ctx->dispatcher, &ctx->currjob->fibrectx, 1)) { ASYNCerr(ASYNC_F_ASYNC_START_JOB, ASYNC_R_FAILED_TO_SWAP_CONTEXT); @@ -262,7 +262,7 @@ int ASYNC_start_job(ASYNC_JOB **job, ASYNC_WAIT_CTX *wctx, int *ret, * In case the fibre changed the default libctx we set it back again * to what it was, and remember what it had been changed to. */ - ctx->currjob->libctx = OPENSSL_CTX_set0_default(libctx); + ctx->currjob->libctx = OSSL_LIB_CTX_set0_default(libctx); } err: diff --git a/crypto/async/async_local.h b/crypto/async/async_local.h index 8caa71cef4..c06f413cf6 100644 --- a/crypto/async/async_local.h +++ b/crypto/async/async_local.h @@ -43,7 +43,7 @@ struct async_job_st { int ret; int status; ASYNC_WAIT_CTX *waitctx; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; }; struct fd_lookup_st { diff --git a/crypto/bn/bn_ctx.c b/crypto/bn/bn_ctx.c index d6c55cb16c..05b266b090 100644 --- a/crypto/bn/bn_ctx.c +++ b/crypto/bn/bn_ctx.c @@ -87,7 +87,7 @@ struct bignum_ctx { /* Flags. */ int flags; /* The library context */ - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; }; #ifndef FIPS_MODULE @@ -128,7 +128,7 @@ static void ctxdbg(BIO *channel, const char *text, BN_CTX *ctx) # define CTXDBG(str, ctx) do {} while(0) #endif /* FIPS_MODULE */ -BN_CTX *BN_CTX_new_ex(OPENSSL_CTX *ctx) +BN_CTX *BN_CTX_new_ex(OSSL_LIB_CTX *ctx) { BN_CTX *ret; @@ -150,7 +150,7 @@ BN_CTX *BN_CTX_new(void) } #endif -BN_CTX *BN_CTX_secure_new_ex(OPENSSL_CTX *ctx) +BN_CTX *BN_CTX_secure_new_ex(OSSL_LIB_CTX *ctx) { BN_CTX *ret = BN_CTX_new_ex(ctx); @@ -249,7 +249,7 @@ BIGNUM *BN_CTX_get(BN_CTX *ctx) return ret; } -OPENSSL_CTX *bn_get_lib_ctx(BN_CTX *ctx) +OSSL_LIB_CTX *bn_get_libctx(BN_CTX *ctx) { if (ctx == NULL) return NULL; diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c index e603bb7030..cf0d802679 100644 --- a/crypto/bn/bn_rand.c +++ b/crypto/bn/bn_rand.c @@ -25,7 +25,7 @@ static int bnrand(BNRAND_FLAG flag, BIGNUM *rnd, int bits, int top, int bottom, { unsigned char *buf = NULL; int b, ret = 0, bit, bytes, mask; - OPENSSL_CTX *libctx = bn_get_lib_ctx(ctx); + OSSL_LIB_CTX *libctx = bn_get_libctx(ctx); if (bits == 0) { if (top != BN_RAND_TOP_ANY || bottom != BN_RAND_BOTTOM_ANY) @@ -254,7 +254,7 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range, unsigned char *k_bytes = NULL; int ret = 0; EVP_MD *md = NULL; - OPENSSL_CTX *libctx = bn_get_lib_ctx(ctx); + OSSL_LIB_CTX *libctx = bn_get_libctx(ctx); if (mdctx == NULL) goto err; diff --git a/crypto/cmp/cmp_ctx.c b/crypto/cmp/cmp_ctx.c index d960167bc0..97d76f0223 100644 --- a/crypto/cmp/cmp_ctx.c +++ b/crypto/cmp/cmp_ctx.c @@ -101,7 +101,7 @@ static int cmp_ctx_set_md(OSSL_CMP_CTX *ctx, EVP_MD **pmd, int nid) * Allocates and initializes OSSL_CMP_CTX context structure with default values. * Returns new context on success, NULL on error */ -OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq) +OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) { OSSL_CMP_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); diff --git a/crypto/cmp/cmp_local.h b/crypto/cmp/cmp_local.h index 434f9e093f..c615865864 100644 --- a/crypto/cmp/cmp_local.h +++ b/crypto/cmp/cmp_local.h @@ -28,7 +28,7 @@ * this structure is used to store the context for CMP sessions */ struct ossl_cmp_ctx_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const char *propq; OSSL_CMP_log_cb_t log_cb; /* log callback for error/debug/etc. output */ OSSL_CMP_severity log_verbosity; /* level of verbosity of log output */ @@ -747,7 +747,7 @@ int ossl_cmp_asn1_octet_string_set1(ASN1_OCTET_STRING **tgt, int ossl_cmp_asn1_octet_string_set1_bytes(ASN1_OCTET_STRING **tgt, const unsigned char *bytes, int len); STACK_OF(X509) - *ossl_cmp_build_cert_chain(OPENSSL_CTX *libctx, const char *propq, + *ossl_cmp_build_cert_chain(OSSL_LIB_CTX *libctx, const char *propq, X509_STORE *store, STACK_OF(X509) *certs, X509 *cert); diff --git a/crypto/cmp/cmp_server.c b/crypto/cmp/cmp_server.c index e9ddf496f2..102fe232f2 100644 --- a/crypto/cmp/cmp_server.c +++ b/crypto/cmp/cmp_server.c @@ -48,7 +48,7 @@ void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx) OPENSSL_free(srv_ctx); } -OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq) +OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) { OSSL_CMP_SRV_CTX *ctx = OPENSSL_zalloc(sizeof(OSSL_CMP_SRV_CTX)); diff --git a/crypto/cmp/cmp_util.c b/crypto/cmp/cmp_util.c index 2eb58da21c..9a2eecd998 100644 --- a/crypto/cmp/cmp_util.c +++ b/crypto/cmp/cmp_util.c @@ -217,7 +217,7 @@ int ossl_cmp_X509_STORE_add1_certs(X509_STORE *store, STACK_OF(X509) *certs, */ /* TODO this should be of more general interest and thus be exported. */ STACK_OF(X509) - *ossl_cmp_build_cert_chain(OPENSSL_CTX *libctx, const char *propq, + *ossl_cmp_build_cert_chain(OSSL_LIB_CTX *libctx, const char *propq, X509_STORE *store, STACK_OF(X509) *certs, X509 *cert) { diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c index 2abc867a59..717b0a6a41 100644 --- a/crypto/cms/cms_cd.c +++ b/crypto/cms/cms_cd.c @@ -21,7 +21,7 @@ /* CMS CompressedData Utilities */ -CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OPENSSL_CTX *libctx, +CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms; diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c index 6b3796e7c0..fd9ea7e342 100644 --- a/crypto/cms/cms_dd.c +++ b/crypto/cms/cms_dd.c @@ -18,7 +18,8 @@ /* CMS DigestedData Utilities */ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, + const char *propq) { CMS_ContentInfo *cms; CMS_DigestedData *dd; diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c index ca2294ebc3..79d603adcb 100644 --- a/crypto/cms/cms_ec.c +++ b/crypto/cms/cms_ec.c @@ -16,7 +16,7 @@ #ifndef OPENSSL_NO_EC static EVP_PKEY *pkey_type2param(int ptype, const void *pval, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_PKEY *pkey = NULL; EVP_PKEY_CTX *pctx = NULL; diff --git a/crypto/cms/cms_env.c b/crypto/cms/cms_env.c index 8f3e2db339..83826beb51 100644 --- a/crypto/cms/cms_env.c +++ b/crypto/cms/cms_env.c @@ -219,7 +219,7 @@ EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri) } CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms; @@ -248,7 +248,7 @@ CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher) } CMS_ContentInfo * -CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, +CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms; diff --git a/crypto/cms/cms_ess.c b/crypto/cms/cms_ess.c index 7a617c3419..287bcf86c0 100644 --- a/crypto/cms/cms_ess.c +++ b/crypto/cms/cms_ess.c @@ -117,7 +117,7 @@ int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain) CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { CMS_ReceiptRequest *rr; diff --git a/crypto/cms/cms_lib.c b/crypto/cms/cms_lib.c index f35e503308..6713c8674a 100644 --- a/crypto/cms/cms_lib.c +++ b/crypto/cms/cms_lib.c @@ -40,7 +40,7 @@ int i2d_CMS_ContentInfo(const CMS_ContentInfo *a, unsigned char **out) return ASN1_item_i2d((const ASN1_VALUE *)a, out, (CMS_ContentInfo_it())); } -CMS_ContentInfo *CMS_ContentInfo_new_ex(OPENSSL_CTX *libctx, const char *propq) +CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *ci; @@ -78,7 +78,7 @@ const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms) return cms != NULL ? &cms->ctx : NULL; } -OPENSSL_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx) +OSSL_LIB_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx) { return ctx->libctx; } @@ -117,7 +117,7 @@ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms) return cms->contentType; } -CMS_ContentInfo *cms_Data_create(OPENSSL_CTX *libctx, const char *propq) +CMS_ContentInfo *cms_Data_create(OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms = CMS_ContentInfo_new_ex(libctx, propq); diff --git a/crypto/cms/cms_local.h b/crypto/cms/cms_local.h index 0b663a9e88..3dfeb72689 100644 --- a/crypto/cms/cms_local.h +++ b/crypto/cms/cms_local.h @@ -47,7 +47,7 @@ typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom; typedef struct CMS_CTX_st CMS_CTX; struct CMS_CTX_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; }; @@ -390,16 +390,18 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber) BIO *cms_content_bio(CMS_ContentInfo *cms); const CMS_CTX *cms_get0_cmsctx(const CMS_ContentInfo *cms); -OPENSSL_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx); +OSSL_LIB_CTX *cms_ctx_get0_libctx(const CMS_CTX *ctx); const char *cms_ctx_get0_propq(const CMS_CTX *ctx); void cms_resolve_libctx(CMS_ContentInfo *ci); -CMS_ContentInfo *cms_Data_create(OPENSSL_CTX *ctx, const char *propq); +CMS_ContentInfo *cms_Data_create(OSSL_LIB_CTX *ctx, const char *propq); CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, + const char *propq); BIO *cms_DigestedData_init_bio(const CMS_ContentInfo *cms); -int cms_DigestedData_do_final(const CMS_ContentInfo *cms, BIO *chain, int verify); +int cms_DigestedData_do_final(const CMS_ContentInfo *cms, + BIO *chain, int verify); BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms); int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain); @@ -411,7 +413,7 @@ int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid, ASN1_INTEGER **sno); int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert); -CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OPENSSL_CTX *libctx, +CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OSSL_LIB_CTX *libctx, const char *propq); BIO *cms_CompressedData_init_bio(const CMS_ContentInfo *cms); diff --git a/crypto/cms/cms_smime.c b/crypto/cms/cms_smime.c index c8bec75cdd..f8ae342551 100644 --- a/crypto/cms/cms_smime.c +++ b/crypto/cms/cms_smime.c @@ -119,7 +119,7 @@ int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags) } CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms = cms_Data_create(libctx, propq); @@ -164,7 +164,7 @@ int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, } CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, - unsigned int flags, OPENSSL_CTX *ctx, + unsigned int flags, OSSL_LIB_CTX *ctx, const char *propq) { CMS_ContentInfo *cms; @@ -220,7 +220,7 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, unsigned int flags, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms; @@ -500,7 +500,7 @@ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, - unsigned int flags, OPENSSL_CTX *libctx, + unsigned int flags, OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms; @@ -619,7 +619,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *data, const EVP_CIPHER *cipher, unsigned int flags, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { CMS_ContentInfo *cms; int i; diff --git a/crypto/conf/conf_lib.c b/crypto/conf/conf_lib.c index 54ba692462..7a3ab72247 100644 --- a/crypto/conf/conf_lib.c +++ b/crypto/conf/conf_lib.c @@ -178,7 +178,7 @@ int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out) * the "CONF classic" functions, for consistency. */ -CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth) +CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth) { CONF *ret; diff --git a/crypto/conf/conf_mod.c b/crypto/conf/conf_mod.c index a1cb4c5f7b..bd945766b8 100644 --- a/crypto/conf/conf_mod.c +++ b/crypto/conf/conf_mod.c @@ -148,7 +148,7 @@ int CONF_modules_load(const CONF *cnf, const char *appname, } -int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, +int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename, const char *appname, unsigned long flags) { char *file = NULL; diff --git a/crypto/context.c b/crypto/context.c index 1bc4bee290..4dbfb723e1 100644 --- a/crypto/context.c +++ b/crypto/context.c @@ -12,34 +12,34 @@ #include "internal/thread_once.h" #include "internal/property.h" -struct openssl_ctx_onfree_list_st { - openssl_ctx_onfree_fn *fn; - struct openssl_ctx_onfree_list_st *next; +struct ossl_lib_ctx_onfree_list_st { + ossl_lib_ctx_onfree_fn *fn; + struct ossl_lib_ctx_onfree_list_st *next; }; -struct openssl_ctx_st { +struct ossl_lib_ctx_st { CRYPTO_RWLOCK *lock; CRYPTO_EX_DATA data; /* - * For most data in the OPENSSL_CTX we just use ex_data to store it. But + * For most data in the OSSL_LIB_CTX we just use ex_data to store it. But * that doesn't work for ex_data itself - so we store that directly. */ OSSL_EX_DATA_GLOBAL global; /* Map internal static indexes to dynamically created indexes */ - int dyn_indexes[OPENSSL_CTX_MAX_INDEXES]; + int dyn_indexes[OSSL_LIB_CTX_MAX_INDEXES]; /* Keep a separate lock for each index */ - CRYPTO_RWLOCK *index_locks[OPENSSL_CTX_MAX_INDEXES]; + CRYPTO_RWLOCK *index_locks[OSSL_LIB_CTX_MAX_INDEXES]; CRYPTO_RWLOCK *oncelock; - int run_once_done[OPENSSL_CTX_MAX_RUN_ONCE]; - int run_once_ret[OPENSSL_CTX_MAX_RUN_ONCE]; - struct openssl_ctx_onfree_list_st *onfreelist; + int run_once_done[OSSL_LIB_CTX_MAX_RUN_ONCE]; + int run_once_ret[OSSL_LIB_CTX_MAX_RUN_ONCE]; + struct ossl_lib_ctx_onfree_list_st *onfreelist; }; -static int context_init(OPENSSL_CTX *ctx) +static int context_init(OSSL_LIB_CTX *ctx) { size_t i; int exdata_done = 0; @@ -52,19 +52,19 @@ static int context_init(OPENSSL_CTX *ctx) if (ctx->oncelock == NULL) goto err; - for (i = 0; i < OPENSSL_CTX_MAX_INDEXES; i++) { + for (i = 0; i < OSSL_LIB_CTX_MAX_INDEXES; i++) { ctx->index_locks[i] = CRYPTO_THREAD_lock_new(); ctx->dyn_indexes[i] = -1; if (ctx->index_locks[i] == NULL) goto err; } - /* OPENSSL_CTX is built on top of ex_data so we initialise that directly */ + /* OSSL_LIB_CTX is built on top of ex_data so we initialise that directly */ if (!do_ex_data_init(ctx)) goto err; exdata_done = 1; - if (!crypto_new_ex_data_ex(ctx, CRYPTO_EX_INDEX_OPENSSL_CTX, NULL, + if (!crypto_new_ex_data_ex(ctx, CRYPTO_EX_INDEX_OSSL_LIB_CTX, NULL, &ctx->data)) { crypto_cleanup_all_ex_data_int(ctx); goto err; @@ -84,9 +84,9 @@ static int context_init(OPENSSL_CTX *ctx) return 0; } -static int context_deinit(OPENSSL_CTX *ctx) +static int context_deinit(OSSL_LIB_CTX *ctx) { - struct openssl_ctx_onfree_list_st *tmp, *onfree; + struct ossl_lib_ctx_onfree_list_st *tmp, *onfree; int i; if (ctx == NULL) @@ -101,9 +101,9 @@ static int context_deinit(OPENSSL_CTX *ctx) onfree = onfree->next; OPENSSL_free(tmp); } - CRYPTO_free_ex_data(CRYPTO_EX_INDEX_OPENSSL_CTX, NULL, &ctx->data); + CRYPTO_free_ex_data(CRYPTO_EX_INDEX_OSSL_LIB_CTX, NULL, &ctx->data); crypto_cleanup_all_ex_data_int(ctx); - for (i = 0; i < OPENSSL_CTX_MAX_INDEXES; i++) + for (i = 0; i < OSSL_LIB_CTX_MAX_INDEXES; i++) CRYPTO_THREAD_lock_free(ctx->index_locks[i]); CRYPTO_THREAD_lock_free(ctx->oncelock); @@ -114,7 +114,7 @@ static int context_deinit(OPENSSL_CTX *ctx) #ifndef FIPS_MODULE /* The default default context */ -static OPENSSL_CTX default_context_int; +static OSSL_LIB_CTX default_context_int; static CRYPTO_ONCE default_context_init = CRYPTO_ONCE_STATIC_INIT; static CRYPTO_THREAD_LOCAL default_context_thread_local; @@ -125,12 +125,12 @@ DEFINE_RUN_ONCE_STATIC(default_context_do_init) && context_init(&default_context_int); } -void openssl_ctx_default_deinit(void) +void ossl_lib_ctx_default_deinit(void) { context_deinit(&default_context_int); } -static OPENSSL_CTX *get_thread_default_context(void) +static OSSL_LIB_CTX *get_thread_default_context(void) { if (!RUN_ONCE(&default_context_init, default_context_do_init)) return NULL; @@ -138,16 +138,16 @@ static OPENSSL_CTX *get_thread_default_context(void) return CRYPTO_THREAD_get_local(&default_context_thread_local); } -static OPENSSL_CTX *get_default_context(void) +static OSSL_LIB_CTX *get_default_context(void) { - OPENSSL_CTX *current_defctx = get_thread_default_context(); + OSSL_LIB_CTX *current_defctx = get_thread_default_context(); if (current_defctx == NULL) current_defctx = &default_context_int; return current_defctx; } -static int set_default_context(OPENSSL_CTX *defctx) +static int set_default_context(OSSL_LIB_CTX *defctx) { if (defctx == &default_context_int) defctx = NULL; @@ -156,37 +156,37 @@ static int set_default_context(OPENSSL_CTX *defctx) } #endif -OPENSSL_CTX *OPENSSL_CTX_new(void) +OSSL_LIB_CTX *OSSL_LIB_CTX_new(void) { - OPENSSL_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + OSSL_LIB_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); if (ctx != NULL && !context_init(ctx)) { - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); ctx = NULL; } return ctx; } #ifndef FIPS_MODULE -int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file) +int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file) { return CONF_modules_load_file_ex(ctx, config_file, NULL, 0) > 0; } #endif -void OPENSSL_CTX_free(OPENSSL_CTX *ctx) +void OSSL_LIB_CTX_free(OSSL_LIB_CTX *ctx) { - if (openssl_ctx_is_default(ctx)) + if (ossl_lib_ctx_is_default(ctx)) return; context_deinit(ctx); OPENSSL_free(ctx); } -OPENSSL_CTX *OPENSSL_CTX_set0_default(OPENSSL_CTX *libctx) +OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx) { #ifndef FIPS_MODULE - OPENSSL_CTX *current_defctx; + OSSL_LIB_CTX *current_defctx; if ((current_defctx = get_default_context()) != NULL && set_default_context(libctx)) @@ -196,7 +196,7 @@ OPENSSL_CTX *OPENSSL_CTX_set0_default(OPENSSL_CTX *libctx) return NULL; } -OPENSSL_CTX *openssl_ctx_get_concrete(OPENSSL_CTX *ctx) +OSSL_LIB_CTX *ossl_lib_ctx_get_concrete(OSSL_LIB_CTX *ctx) { #ifndef FIPS_MODULE if (ctx == NULL) @@ -205,7 +205,7 @@ OPENSSL_CTX *openssl_ctx_get_concrete(OPENSSL_CTX *ctx) return ctx; } -int openssl_ctx_is_default(OPENSSL_CTX *ctx) +int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx) { #ifndef FIPS_MODULE if (ctx == NULL || ctx == get_default_context()) @@ -214,48 +214,48 @@ int openssl_ctx_is_default(OPENSSL_CTX *ctx) return 0; } -int openssl_ctx_is_global_default(OPENSSL_CTX *ctx) +int ossl_lib_ctx_is_global_default(OSSL_LIB_CTX *ctx) { #ifndef FIPS_MODULE - if (openssl_ctx_get_concrete(ctx) == &default_context_int) + if (ossl_lib_ctx_get_concrete(ctx) == &default_context_int) return 1; #endif return 0; } -static void openssl_ctx_generic_new(void *parent_ign, void *ptr_ign, - CRYPTO_EX_DATA *ad, int index, - long argl_ign, void *argp) +static void ossl_lib_ctx_generic_new(void *parent_ign, void *ptr_ign, + CRYPTO_EX_DATA *ad, int index, + long argl_ign, void *argp) { - const OPENSSL_CTX_METHOD *meth = argp; - void *ptr = meth->new_func(crypto_ex_data_get_openssl_ctx(ad)); + const OSSL_LIB_CTX_METHOD *meth = argp; + void *ptr = meth->new_func(crypto_ex_data_get_ossl_lib_ctx(ad)); if (ptr != NULL) CRYPTO_set_ex_data(ad, index, ptr); } -static void openssl_ctx_generic_free(void *parent_ign, void *ptr, - CRYPTO_EX_DATA *ad, int index, - long argl_ign, void *argp) +static void ossl_lib_ctx_generic_free(void *parent_ign, void *ptr, + CRYPTO_EX_DATA *ad, int index, + long argl_ign, void *argp) { - const OPENSSL_CTX_METHOD *meth = argp; + const OSSL_LIB_CTX_METHOD *meth = argp; meth->free_func(ptr); } /* Non-static so we can use it in context_internal_test */ -static int openssl_ctx_init_index(OPENSSL_CTX *ctx, int static_index, - const OPENSSL_CTX_METHOD *meth) +static int ossl_lib_ctx_init_index(OSSL_LIB_CTX *ctx, int static_index, + const OSSL_LIB_CTX_METHOD *meth) { int idx; - ctx = openssl_ctx_get_concrete(ctx); + ctx = ossl_lib_ctx_get_concrete(ctx); if (ctx == NULL) return 0; - idx = crypto_get_ex_new_index_ex(ctx, CRYPTO_EX_INDEX_OPENSSL_CTX, 0, + idx = crypto_get_ex_new_index_ex(ctx, CRYPTO_EX_INDEX_OSSL_LIB_CTX, 0, (void *)meth, - openssl_ctx_generic_new, - NULL, openssl_ctx_generic_free); + ossl_lib_ctx_generic_new, + NULL, ossl_lib_ctx_generic_free); if (idx < 0) return 0; @@ -263,13 +263,13 @@ static int openssl_ctx_init_index(OPENSSL_CTX *ctx, int static_index, return 1; } -void *openssl_ctx_get_data(OPENSSL_CTX *ctx, int index, - const OPENSSL_CTX_METHOD *meth) +void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *ctx, int index, + const OSSL_LIB_CTX_METHOD *meth) { void *data = NULL; int dynidx; - ctx = openssl_ctx_get_concrete(ctx); + ctx = ossl_lib_ctx_get_concrete(ctx); if (ctx == NULL) return NULL; @@ -295,7 +295,7 @@ void *openssl_ctx_get_data(OPENSSL_CTX *ctx, int index, return data; } - if (!openssl_ctx_init_index(ctx, index, meth)) { + if (!ossl_lib_ctx_init_index(ctx, index, meth)) { CRYPTO_THREAD_unlock(ctx->lock); CRYPTO_THREAD_unlock(ctx->index_locks[index]); return NULL; @@ -304,7 +304,7 @@ void *openssl_ctx_get_data(OPENSSL_CTX *ctx, int index, CRYPTO_THREAD_unlock(ctx->lock); /* The alloc call ensures there's a value there */ - if (CRYPTO_alloc_ex_data(CRYPTO_EX_INDEX_OPENSSL_CTX, NULL, + if (CRYPTO_alloc_ex_data(CRYPTO_EX_INDEX_OSSL_LIB_CTX, NULL, &ctx->data, ctx->dyn_indexes[index])) data = CRYPTO_get_ex_data(&ctx->data, ctx->dyn_indexes[index]); @@ -313,20 +313,20 @@ void *openssl_ctx_get_data(OPENSSL_CTX *ctx, int index, return data; } -OSSL_EX_DATA_GLOBAL *openssl_ctx_get_ex_data_global(OPENSSL_CTX *ctx) +OSSL_EX_DATA_GLOBAL *ossl_lib_ctx_get_ex_data_global(OSSL_LIB_CTX *ctx) { - ctx = openssl_ctx_get_concrete(ctx); + ctx = ossl_lib_ctx_get_concrete(ctx); if (ctx == NULL) return NULL; return &ctx->global; } -int openssl_ctx_run_once(OPENSSL_CTX *ctx, unsigned int idx, - openssl_ctx_run_once_fn run_once_fn) +int ossl_lib_ctx_run_once(OSSL_LIB_CTX *ctx, unsigned int idx, + ossl_lib_ctx_run_once_fn run_once_fn) { int done = 0, ret = 0; - ctx = openssl_ctx_get_concrete(ctx); + ctx = ossl_lib_ctx_get_concrete(ctx); if (ctx == NULL) return 0; @@ -354,9 +354,9 @@ int openssl_ctx_run_once(OPENSSL_CTX *ctx, unsigned int idx, return ret; } -int openssl_ctx_onfree(OPENSSL_CTX *ctx, openssl_ctx_onfree_fn onfreefn) +int ossl_lib_ctx_onfree(OSSL_LIB_CTX *ctx, ossl_lib_ctx_onfree_fn onfreefn) { - struct openssl_ctx_onfree_list_st *newonfree + struct ossl_lib_ctx_onfree_list_st *newonfree = OPENSSL_malloc(sizeof(*newonfree)); if (newonfree == NULL) diff --git a/crypto/core_algorithm.c b/crypto/core_algorithm.c index 68d6129598..ddb9e5ae43 100644 --- a/crypto/core_algorithm.c +++ b/crypto/core_algorithm.c @@ -14,7 +14,7 @@ #include "internal/provider.h" struct algorithm_data_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; int operation_id; /* May be zero for finding them all */ int (*pre)(OSSL_PROVIDER *, int operation_id, void *data, int *result); void (*fn)(OSSL_PROVIDER *, const OSSL_ALGORITHM *, int no_store, @@ -85,7 +85,7 @@ static int algorithm_do_this(OSSL_PROVIDER *provider, void *cbdata) return ok; } -void ossl_algorithm_do_all(OPENSSL_CTX *libctx, int operation_id, +void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id, OSSL_PROVIDER *provider, int (*pre)(OSSL_PROVIDER *, int operation_id, void *data, int *result), diff --git a/crypto/core_fetch.c b/crypto/core_fetch.c index 89a44ddbe5..4fb432754b 100644 --- a/crypto/core_fetch.c +++ b/crypto/core_fetch.c @@ -16,7 +16,7 @@ #include "internal/provider.h" struct construct_data_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; OSSL_METHOD_STORE *store; int operation_id; int force_store; @@ -100,7 +100,7 @@ static void ossl_method_construct_this(OSSL_PROVIDER *provider, data->mcm->destruct(method, data->mcm_data); } -void *ossl_method_construct(OPENSSL_CTX *libctx, int operation_id, +void *ossl_method_construct(OSSL_LIB_CTX *libctx, int operation_id, int force_store, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data) { diff --git a/crypto/core_namemap.c b/crypto/core_namemap.c index b08fb84556..0cde909fc4 100644 --- a/crypto/core_namemap.c +++ b/crypto/core_namemap.c @@ -62,9 +62,9 @@ static void namenum_free(NAMENUM_ENTRY *n) OPENSSL_free(n); } -/* OPENSSL_CTX_METHOD functions for a namemap stored in a library context */ +/* OSSL_LIB_CTX_METHOD functions for a namemap stored in a library context */ -static void *stored_namemap_new(OPENSSL_CTX *libctx) +static void *stored_namemap_new(OSSL_LIB_CTX *libctx) { OSSL_NAMEMAP *namemap = ossl_namemap_new(); @@ -85,7 +85,7 @@ static void stored_namemap_free(void *vnamemap) } } -static const OPENSSL_CTX_METHOD stored_namemap_method = { +static const OSSL_LIB_CTX_METHOD stored_namemap_method = { stored_namemap_new, stored_namemap_free, }; @@ -390,11 +390,11 @@ static void get_legacy_md_names(const OBJ_NAME *on, void *arg) * ========================== */ -OSSL_NAMEMAP *ossl_namemap_stored(OPENSSL_CTX *libctx) +OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx) { OSSL_NAMEMAP *namemap = - openssl_ctx_get_data(libctx, OPENSSL_CTX_NAMEMAP_INDEX, - &stored_namemap_method); + ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_NAMEMAP_INDEX, + &stored_namemap_method); #ifndef FIPS_MODULE if (namemap != NULL && ossl_namemap_empty(namemap)) { diff --git a/crypto/crmf/crmf_lib.c b/crypto/crmf/crmf_lib.c index 3e971c7769..9b80c526b5 100644 --- a/crypto/crmf/crmf_lib.c +++ b/crypto/crmf/crmf_lib.c @@ -353,7 +353,7 @@ int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps, const OSSL_CRMF_CERTREQUEST *cr, EVP_PKEY *pkey, const EVP_MD *digest, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { if (ps == NULL || cr == NULL || pkey == NULL) { CRMFerr(0, CRMF_R_NULL_ARGUMENT); @@ -373,7 +373,7 @@ static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps, int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, const EVP_MD *digest, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_CRMF_POPO *pp = NULL; ASN1_INTEGER *tag = NULL; @@ -441,7 +441,7 @@ int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, /* verifies the Proof-of-Possession of the request with the given rid in reqs */ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, int rid, int acceptRAVerified, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_CRMF_MSG *req = NULL; X509_PUBKEY *pubkey = NULL; @@ -587,7 +587,7 @@ int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, */ X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, EVP_PKEY *pkey) { X509 *cert = NULL; /* decrypted certificate */ diff --git a/crypto/crmf/crmf_pbm.c b/crypto/crmf/crmf_pbm.c index 3aedf8b57f..9ad6ec149c 100644 --- a/crypto/crmf/crmf_pbm.c +++ b/crypto/crmf/crmf_pbm.c @@ -35,7 +35,7 @@ * |macnid| e.g., NID_hmac_sha1 * returns pointer to OSSL_CRMF_PBMPARAMETER on success, NULL on error */ -OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t slen, +OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen, int owfnid, size_t itercnt, int macnid) { @@ -123,7 +123,7 @@ OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t slen, * returns 1 on success, 0 on error */ /* TODO try to combine with other MAC calculations in the libray */ -int OSSL_CRMF_pbm_new(OPENSSL_CTX *libctx, const char *propq, +int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, const OSSL_CRMF_PBMPARAMETER *pbmp, const unsigned char *msg, size_t msglen, const unsigned char *sec, size_t seclen, diff --git a/crypto/ct/ct_b64.c b/crypto/ct/ct_b64.c index 575524e1db..5e80e4e44b 100644 --- a/crypto/ct/ct_b64.c +++ b/crypto/ct/ct_b64.c @@ -133,7 +133,7 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64, * -1 on internal (malloc) failure */ int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64, - const char *name, OPENSSL_CTX *libctx, + const char *name, OSSL_LIB_CTX *libctx, const char *propq) { unsigned char *pkey_der = NULL; diff --git a/crypto/ct/ct_local.h b/crypto/ct/ct_local.h index eef4c193de..a7573c97bb 100644 --- a/crypto/ct/ct_local.h +++ b/crypto/ct/ct_local.h @@ -101,7 +101,7 @@ struct sct_ctx_st { /* milliseconds since epoch (to check that the SCT isn't from the future) */ uint64_t epoch_time_in_ms; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; }; @@ -113,14 +113,14 @@ struct ct_policy_eval_ctx_st { /* milliseconds since epoch (to check that SCTs aren't from the future) */ uint64_t epoch_time_in_ms; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; }; /* * Creates a new context for verifying an SCT. */ -SCT_CTX *SCT_CTX_new(OPENSSL_CTX *ctx, const char *propq); +SCT_CTX *SCT_CTX_new(OSSL_LIB_CTX *ctx, const char *propq); /* * Deletes an SCT verification context. */ diff --git a/crypto/ct/ct_log.c b/crypto/ct/ct_log.c index 9a32054c41..11fc9d4367 100644 --- a/crypto/ct/ct_log.c +++ b/crypto/ct/ct_log.c @@ -22,7 +22,7 @@ * Information about a CT log server. */ struct ctlog_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; char *name; uint8_t log_id[CT_V1_HASHLEN]; @@ -34,7 +34,7 @@ struct ctlog_st { * It takes ownership of any CTLOG instances added to it. */ struct ctlog_store_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; STACK_OF(CTLOG) *logs; }; @@ -100,7 +100,7 @@ err: return ret; } -CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq) +CTLOG_STORE *CTLOG_STORE_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { CTLOG_STORE *ret = OPENSSL_zalloc(sizeof(*ret)); @@ -264,7 +264,7 @@ end: * Takes ownership of the public key. * Copies the name. */ -CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OPENSSL_CTX *libctx, +CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OSSL_LIB_CTX *libctx, const char *propq) { CTLOG *ret = OPENSSL_zalloc(sizeof(*ret)); diff --git a/crypto/ct/ct_policy.c b/crypto/ct/ct_policy.c index 268ef22b58..a33c618cf5 100644 --- a/crypto/ct/ct_policy.c +++ b/crypto/ct/ct_policy.c @@ -25,7 +25,7 @@ */ static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300; -CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx, +CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX)); diff --git a/crypto/ct/ct_sct_ctx.c b/crypto/ct/ct_sct_ctx.c index ad7b6e6f93..8e4dfd2377 100644 --- a/crypto/ct/ct_sct_ctx.c +++ b/crypto/ct/ct_sct_ctx.c @@ -20,7 +20,7 @@ #include "ct_local.h" -SCT_CTX *SCT_CTX_new(OPENSSL_CTX *libctx, const char *propq) +SCT_CTX *SCT_CTX_new(OSSL_LIB_CTX *libctx, const char *propq) { SCT_CTX *sctx = OPENSSL_zalloc(sizeof(*sctx)); diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 9ad75d2092..69b166362a 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -479,7 +479,7 @@ static size_t dh_pkey_dirty_cnt(const EVP_PKEY *pkey) } static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx, + EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, const char *propq) { DH *dh = from->pkey.dh; diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 1e84db9527..8ed7120653 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -91,7 +91,7 @@ int dh_get_named_group_uid_from_size(int pbits) #ifdef FIPS_MODULE -static int dh_gen_named_group(OPENSSL_CTX *libctx, DH *ret, int prime_len) +static int dh_gen_named_group(OSSL_LIB_CTX *libctx, DH *ret, int prime_len) { DH *dh; int ok = 0; diff --git a/crypto/dh/dh_group_params.c b/crypto/dh/dh_group_params.c index b91a76bd97..d0b53a2f8b 100644 --- a/crypto/dh/dh_group_params.c +++ b/crypto/dh/dh_group_params.c @@ -100,7 +100,7 @@ const char *ossl_ffc_named_group_from_uid(int uid) return NULL; } -static DH *dh_param_init(OPENSSL_CTX *libctx, int uid, const BIGNUM *p, +static DH *dh_param_init(OSSL_LIB_CTX *libctx, int uid, const BIGNUM *p, const BIGNUM *q, const BIGNUM *g) { DH *dh = dh_new_ex(libctx); @@ -117,7 +117,7 @@ static DH *dh_param_init(OPENSSL_CTX *libctx, int uid, const BIGNUM *p, return dh; } -static DH *dh_new_by_group_name(OPENSSL_CTX *libctx, const char *name) +static DH *dh_new_by_group_name(OSSL_LIB_CTX *libctx, const char *name) { int i; @@ -136,7 +136,7 @@ static DH *dh_new_by_group_name(OPENSSL_CTX *libctx, const char *name) return NULL; } -DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid) +DH *dh_new_by_nid_ex(OSSL_LIB_CTX *libctx, int nid) { const char *name = ossl_ffc_named_group_from_uid(nid); diff --git a/crypto/dh/dh_kdf.c b/crypto/dh/dh_kdf.c index 6f59d6ecc2..9737d4d712 100644 --- a/crypto/dh/dh_kdf.c +++ b/crypto/dh/dh_kdf.c @@ -29,7 +29,7 @@ int dh_KDF_X9_42_asn1(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, const char *cek_alg, const unsigned char *ukm, size_t ukmlen, const EVP_MD *md, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int ret = 0; EVP_KDF_CTX *kctx = NULL; @@ -69,7 +69,7 @@ int DH_KDF_X9_42(unsigned char *out, size_t outlen, int nid; const char *key_alg = NULL; const OSSL_PROVIDER *prov = EVP_MD_provider(md); - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); nid = OBJ_obj2nid(key_oid); if (nid == NID_undef) diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 793a5af2a0..94978a2cb2 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -24,7 +24,7 @@ #include "crypto/dh.h" #include "dh_local.h" -static DH *dh_new_intern(ENGINE *engine, OPENSSL_CTX *libctx); +static DH *dh_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx); #ifndef FIPS_MODULE int DH_set_method(DH *dh, const DH_METHOD *meth) @@ -63,12 +63,12 @@ DH *DH_new_method(ENGINE *engine) } #endif /* !FIPS_MODULE */ -DH *dh_new_ex(OPENSSL_CTX *libctx) +DH *dh_new_ex(OSSL_LIB_CTX *libctx) { return dh_new_intern(NULL, libctx); } -static DH *dh_new_intern(ENGINE *engine, OPENSSL_CTX *libctx) +static DH *dh_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx) { DH *ret = OPENSSL_zalloc(sizeof(*ret)); diff --git a/crypto/dh/dh_local.h b/crypto/dh/dh_local.h index 51c3f974e1..1ff075e3dc 100644 --- a/crypto/dh/dh_local.h +++ b/crypto/dh/dh_local.h @@ -32,7 +32,7 @@ struct dh_st { CRYPTO_EX_DATA ex_data; ENGINE *engine; #endif - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const DH_METHOD *meth; CRYPTO_RWLOCK *lock; diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 9d72fa0959..d0e1c55002 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -274,7 +274,7 @@ static int pkey_dh_ctrl_str(EVP_PKEY_CTX *ctx, return -2; } -static DH *ffc_params_generate(OPENSSL_CTX *libctx, DH_PKEY_CTX *dctx, +static DH *ffc_params_generate(OSSL_LIB_CTX *libctx, DH_PKEY_CTX *dctx, BN_GENCB *pcb) { DH *ret; diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 98b531ea24..208c4ec19f 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -498,7 +498,7 @@ static size_t dsa_pkey_dirty_cnt(const EVP_PKEY *pkey) } static int dsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx, + EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, const char *propq) { DSA *dsa = from->pkey.dsa; diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index b16fbb7023..9df2818ecd 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -25,7 +25,7 @@ #include "crypto/dsa.h" #include "crypto/dh.h" /* required by DSA_dup_DH() */ -static DSA *dsa_new_intern(ENGINE *engine, OPENSSL_CTX *libctx); +static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx); #ifndef FIPS_MODULE @@ -132,7 +132,7 @@ const DSA_METHOD *DSA_get_method(DSA *d) return d->meth; } -static DSA *dsa_new_intern(ENGINE *engine, OPENSSL_CTX *libctx) +static DSA *dsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx) { DSA *ret = OPENSSL_zalloc(sizeof(*ret)); @@ -194,7 +194,7 @@ DSA *DSA_new_method(ENGINE *engine) return dsa_new_intern(engine, NULL); } -DSA *dsa_new_with_ctx(OPENSSL_CTX *libctx) +DSA *dsa_new_with_ctx(OSSL_LIB_CTX *libctx) { return dsa_new_intern(NULL, libctx); } diff --git a/crypto/dsa/dsa_local.h b/crypto/dsa/dsa_local.h index 7b43ec6108..240e84f11e 100644 --- a/crypto/dsa/dsa_local.h +++ b/crypto/dsa/dsa_local.h @@ -32,7 +32,7 @@ struct dsa_st { /* functional reference if 'meth' is ENGINE-provided */ ENGINE *engine; CRYPTO_RWLOCK *lock; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; /* Provider data */ size_t dirty_cnt; /* If any key material changes, increment this */ diff --git a/crypto/ec/curve25519.c b/crypto/ec/curve25519.c index b945c35f29..d939003043 100644 --- a/crypto/ec/curve25519.c +++ b/crypto/ec/curve25519.c @@ -5439,7 +5439,7 @@ static void sc_muladd(uint8_t *s, const uint8_t *a, const uint8_t *b, int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, const uint8_t public_key[32], const uint8_t private_key[32], - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { uint8_t az[SHA512_DIGEST_LENGTH]; uint8_t nonce[SHA512_DIGEST_LENGTH]; @@ -5495,7 +5495,7 @@ static const char allzeroes[15]; int ED25519_verify(const uint8_t *message, size_t message_len, const uint8_t signature[64], const uint8_t public_key[32], - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int i; ge_p3 A; @@ -5577,7 +5577,7 @@ err: return res; } -int ED25519_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[32], +int ED25519_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[32], const uint8_t private_key[32], const char *propq) { uint8_t az[SHA512_DIGEST_LENGTH]; diff --git a/crypto/ec/curve448/curve448_local.h b/crypto/ec/curve448/curve448_local.h index 62a61fd979..c5ffa75f6b 100644 --- a/crypto/ec/curve448/curve448_local.h +++ b/crypto/ec/curve448/curve448_local.h @@ -10,11 +10,11 @@ # define OSSL_CRYPTO_EC_CURVE448_LOCAL_H # include "curve448utils.h" -int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64], +int ED448ph_sign(OSSL_LIB_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64], const uint8_t public_key[57], const uint8_t private_key[57], const uint8_t *context, size_t context_len, const char *propq); -int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64], +int ED448ph_verify(OSSL_LIB_CTX *ctx, const uint8_t hash[64], const uint8_t signature[114], const uint8_t public_key[57], const uint8_t *context, size_t context_len, const char *propq); diff --git a/crypto/ec/curve448/ed448.h b/crypto/ec/curve448/ed448.h index 16248b28cc..af9bbb39ac 100644 --- a/crypto/ec/curve448/ed448.h +++ b/crypto/ec/curve448/ed448.h @@ -38,7 +38,7 @@ * privkey (in): The private key. */ c448_error_t c448_ed448_derive_public_key( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t pubkey [EDDSA_448_PUBLIC_BYTES], const uint8_t privkey [EDDSA_448_PRIVATE_BYTES], const char *propq); @@ -61,7 +61,7 @@ c448_error_t c448_ed448_derive_public_key( * disambiguation. For Ed448 it is safe. */ c448_error_t c448_ed448_sign( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t privkey[EDDSA_448_PRIVATE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], @@ -87,7 +87,7 @@ c448_error_t c448_ed448_sign( * disambiguation. For Ed448 it is safe. */ c448_error_t c448_ed448_sign_prehash( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t privkey[EDDSA_448_PRIVATE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], @@ -114,7 +114,7 @@ c448_error_t c448_ed448_sign_prehash( * non-prehashed messages, at least without some very careful protocol-level * disambiguation. For Ed448 it is safe. */ -c448_error_t c448_ed448_verify(OPENSSL_CTX *ctx, +c448_error_t c448_ed448_verify(OSSL_LIB_CTX *ctx, const uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t @@ -142,7 +142,7 @@ c448_error_t c448_ed448_verify(OPENSSL_CTX *ctx, * disambiguation. For Ed448 it is safe. */ c448_error_t c448_ed448_verify_prehash( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, const uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t hash[64], @@ -199,7 +199,7 @@ c448_error_t curve448_point_decode_like_eddsa_and_mul_by_ratio( * ed (in): The EdDSA private key */ c448_error_t c448_ed448_convert_private_key_to_x448( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t x[X448_PRIVATE_BYTES], const uint8_t ed[EDDSA_448_PRIVATE_BYTES], const char *propq); diff --git a/crypto/ec/curve448/eddsa.c b/crypto/ec/curve448/eddsa.c index 51a14642dc..d4c7f1562a 100644 --- a/crypto/ec/curve448/eddsa.c +++ b/crypto/ec/curve448/eddsa.c @@ -20,7 +20,7 @@ #define COFACTOR 4 -static c448_error_t oneshot_hash(OPENSSL_CTX *ctx, uint8_t *out, size_t outlen, +static c448_error_t oneshot_hash(OSSL_LIB_CTX *ctx, uint8_t *out, size_t outlen, const uint8_t *in, size_t inlen, const char *propq) { @@ -54,7 +54,7 @@ static void clamp(uint8_t secret_scalar_ser[EDDSA_448_PRIVATE_BYTES]) secret_scalar_ser[EDDSA_448_PRIVATE_BYTES - 2] |= 0x80; } -static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx, +static c448_error_t hash_init_with_dom(OSSL_LIB_CTX *ctx, EVP_MD_CTX *hashctx, uint8_t prehashed, uint8_t for_prehash, const uint8_t *context, @@ -95,7 +95,7 @@ static c448_error_t hash_init_with_dom(OPENSSL_CTX *ctx, EVP_MD_CTX *hashctx, /* In this file because it uses the hash */ c448_error_t c448_ed448_convert_private_key_to_x448( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t x[X448_PRIVATE_BYTES], const uint8_t ed [EDDSA_448_PRIVATE_BYTES], const char *propq) @@ -107,7 +107,7 @@ c448_error_t c448_ed448_convert_private_key_to_x448( } c448_error_t c448_ed448_derive_public_key( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t privkey[EDDSA_448_PRIVATE_BYTES], const char *propq) @@ -153,7 +153,7 @@ c448_error_t c448_ed448_derive_public_key( } c448_error_t c448_ed448_sign( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t privkey[EDDSA_448_PRIVATE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], @@ -261,7 +261,7 @@ c448_error_t c448_ed448_sign( } c448_error_t c448_ed448_sign_prehash( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t privkey[EDDSA_448_PRIVATE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], @@ -273,7 +273,7 @@ c448_error_t c448_ed448_sign_prehash( } c448_error_t c448_ed448_verify( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, const uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t *message, size_t message_len, @@ -356,7 +356,7 @@ c448_error_t c448_ed448_verify( } c448_error_t c448_ed448_verify_prehash( - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, const uint8_t signature[EDDSA_448_SIGNATURE_BYTES], const uint8_t pubkey[EDDSA_448_PUBLIC_BYTES], const uint8_t hash[64], const uint8_t *context, @@ -366,7 +366,7 @@ c448_error_t c448_ed448_verify_prehash( context_len, propq); } -int ED448_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t *message, +int ED448_sign(OSSL_LIB_CTX *ctx, uint8_t *out_sig, const uint8_t *message, size_t message_len, const uint8_t public_key[57], const uint8_t private_key[57], const uint8_t *context, size_t context_len, const char *propq) @@ -376,7 +376,7 @@ int ED448_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t *message, == C448_SUCCESS; } -int ED448_verify(OPENSSL_CTX *ctx, const uint8_t *message, size_t message_len, +int ED448_verify(OSSL_LIB_CTX *ctx, const uint8_t *message, size_t message_len, const uint8_t signature[114], const uint8_t public_key[57], const uint8_t *context, size_t context_len, const char *propq) { @@ -385,7 +385,7 @@ int ED448_verify(OPENSSL_CTX *ctx, const uint8_t *message, size_t message_len, propq) == C448_SUCCESS; } -int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64], +int ED448ph_sign(OSSL_LIB_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64], const uint8_t public_key[57], const uint8_t private_key[57], const uint8_t *context, size_t context_len, const char *propq) { @@ -394,7 +394,7 @@ int ED448ph_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t hash[64], } -int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64], +int ED448ph_verify(OSSL_LIB_CTX *ctx, const uint8_t hash[64], const uint8_t signature[114], const uint8_t public_key[57], const uint8_t *context, size_t context_len, const char *propq) { @@ -402,7 +402,7 @@ int ED448ph_verify(OPENSSL_CTX *ctx, const uint8_t hash[64], (uint8_t)context_len, propq) == C448_SUCCESS; } -int ED448_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[57], +int ED448_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[57], const uint8_t private_key[57], const char *propq) { return c448_ed448_derive_public_key(ctx, out_public_key, private_key, propq) diff --git a/crypto/ec/ec_ameth.c b/crypto/ec/ec_ameth.c index caeb7f70cc..8857d3e388 100644 --- a/crypto/ec/ec_ameth.c +++ b/crypto/ec/ec_ameth.c @@ -101,7 +101,7 @@ static int eckey_pub_encode(X509_PUBKEY *pk, const EVP_PKEY *pkey) } static EC_KEY *eckey_type2param(int ptype, const void *pval, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EC_KEY *eckey = NULL; EC_GROUP *group = NULL; @@ -155,7 +155,7 @@ static int eckey_pub_decode(EVP_PKEY *pkey, const X509_PUBKEY *pubkey) int ptype, pklen; EC_KEY *eckey = NULL; X509_ALGOR *palg; - OPENSSL_CTX *libctx = NULL; + OSSL_LIB_CTX *libctx = NULL; const char *propq = NULL; if (!X509_PUBKEY_get0_libctx(&libctx, &propq, pubkey) @@ -200,7 +200,7 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) } static int eckey_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { const unsigned char *p = NULL; const void *pval; @@ -562,7 +562,7 @@ size_t ec_pkey_dirty_cnt(const EVP_PKEY *pkey) static int ec_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx, + EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, const char *propq) { const EC_KEY *eckey = NULL; diff --git a/crypto/ec/ec_backend.c b/crypto/ec/ec_backend.c index 8acbcebd6f..f4a6d976aa 100644 --- a/crypto/ec/ec_backend.c +++ b/crypto/ec/ec_backend.c @@ -50,7 +50,8 @@ static char *ec_param_encoding_id2name(int id) } int ec_group_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[], OPENSSL_CTX *libctx, const char *propq, + OSSL_PARAM params[], OSSL_LIB_CTX *libctx, + const char *propq, BN_CTX *bnctx, unsigned char **genbuf) { int ret = 0, curve_nid, encoding_flag; diff --git a/crypto/ec/ec_curve.c b/crypto/ec/ec_curve.c index d8f46f4849..687860ea92 100644 --- a/crypto/ec/ec_curve.c +++ b/crypto/ec/ec_curve.c @@ -3180,7 +3180,7 @@ int ec_curve_name2nid(const char *name) return NID_undef; } -static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, +static EC_GROUP *ec_group_new_from_data(OSSL_LIB_CTX *libctx, const char *propq, const ec_list_element curve) { @@ -3290,7 +3290,7 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx, return group; } -EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq, +EC_GROUP *EC_GROUP_new_by_curve_name_ex(OSSL_LIB_CTX *libctx, const char *propq, int nid) { EC_GROUP *ret = NULL; diff --git a/crypto/ec/ec_cvt.c b/crypto/ec/ec_cvt.c index 57e53d752e..c841ad741d 100644 --- a/crypto/ec/ec_cvt.c +++ b/crypto/ec/ec_cvt.c @@ -54,7 +54,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, meth = EC_GFp_mont_method(); #endif - ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth); + ret = ec_group_new_ex(bn_get_libctx(ctx), NULL, meth); if (ret == NULL) return NULL; @@ -75,7 +75,7 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, meth = EC_GF2m_simple_method(); - ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth); + ret = ec_group_new_ex(bn_get_libctx(ctx), NULL, meth); if (ret == NULL) return NULL; diff --git a/crypto/ec/ec_key.c b/crypto/ec/ec_key.c index 807b5e670a..63001203ae 100644 --- a/crypto/ec/ec_key.c +++ b/crypto/ec/ec_key.c @@ -34,12 +34,12 @@ EC_KEY *EC_KEY_new(void) } #endif -EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq) +EC_KEY *EC_KEY_new_ex(OSSL_LIB_CTX *ctx, const char *propq) { return ec_key_new_method_int(ctx, propq, NULL); } -EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq, +EC_KEY *EC_KEY_new_by_curve_name_ex(OSSL_LIB_CTX *ctx, const char *propq, int nid) { EC_KEY *ret = EC_KEY_new_ex(ctx, propq); @@ -651,7 +651,7 @@ int EC_KEY_set_public_key_affine_coordinates(EC_KEY *key, BIGNUM *x, } -OPENSSL_CTX *ec_key_get_libctx(const EC_KEY *key) +OSSL_LIB_CTX *ec_key_get_libctx(const EC_KEY *key) { return key->libctx; } diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c index 3fec8a4d81..d01b96f654 100644 --- a/crypto/ec/ec_kmeth.c +++ b/crypto/ec/ec_kmeth.c @@ -76,7 +76,7 @@ int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth) return 1; } -EC_KEY *ec_key_new_method_int(OPENSSL_CTX *libctx, const char *propq, +EC_KEY *ec_key_new_method_int(OSSL_LIB_CTX *libctx, const char *propq, ENGINE *engine) { EC_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c index 72ada1f723..d1d403e175 100644 --- a/crypto/ec/ec_lib.c +++ b/crypto/ec/ec_lib.c @@ -26,7 +26,7 @@ /* functions for EC_GROUP objects */ -EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq, +EC_GROUP *ec_group_new_ex(OSSL_LIB_CTX *libctx, const char *propq, const EC_METHOD *meth) { EC_GROUP *ret; @@ -1403,7 +1403,7 @@ int EC_GROUP_get_pentanomial_basis(const EC_GROUP *group, unsigned int *k1, * mathematically wrong anyway and should not be used. */ static EC_GROUP *ec_group_explicit_to_named(const EC_GROUP *group, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq, BN_CTX *ctx) { @@ -1499,7 +1499,7 @@ static int ec_encoding_param2id(const OSSL_PARAM *p, int *id) } static EC_GROUP *group_new_from_name(const OSSL_PARAM *p, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int ok = 0, nid; const char *curve_name = NULL; @@ -1528,7 +1528,7 @@ static EC_GROUP *group_new_from_name(const OSSL_PARAM *p, } EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { const OSSL_PARAM *ptmp, *pa, *pb; int ok = 0; diff --git a/crypto/ec/ec_local.h b/crypto/ec/ec_local.h index 33f40167aa..004cfbd8d4 100644 --- a/crypto/ec/ec_local.h +++ b/crypto/ec/ec_local.h @@ -275,7 +275,7 @@ struct ec_group_st { EC_PRE_COMP *ec; } pre_comp; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; }; @@ -299,7 +299,7 @@ struct ec_key_st { CRYPTO_EX_DATA ex_data; #endif CRYPTO_RWLOCK *lock; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; /* Provider data */ @@ -601,7 +601,7 @@ int ec_group_simple_order_bits(const EC_GROUP *group); * \param meth EC_METHOD to use * \return newly created EC_GROUP object or NULL in case of an error. */ -EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq, +EC_GROUP *ec_group_new_ex(OSSL_LIB_CTX *libctx, const char *propq, const EC_METHOD *meth); #ifdef ECP_NISTZ256_ASM @@ -657,7 +657,7 @@ struct ec_key_method_st { #define EC_KEY_METHOD_DYNAMIC 1 -EC_KEY *ec_key_new_method_int(OPENSSL_CTX *libctx, const char *propq, +EC_KEY *ec_key_new_method_int(OSSL_LIB_CTX *libctx, const char *propq, ENGINE *engine); int ossl_ec_key_gen(EC_KEY *eckey); diff --git a/crypto/ec/ecdh_kdf.c b/crypto/ec/ecdh_kdf.c index 7695e0be18..df0858a032 100644 --- a/crypto/ec/ecdh_kdf.c +++ b/crypto/ec/ecdh_kdf.c @@ -25,7 +25,7 @@ int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int ret = 0; EVP_KDF_CTX *kctx = NULL; diff --git a/crypto/ec/ecx_key.c b/crypto/ec/ecx_key.c index dd4b872ab0..1d2891928e 100644 --- a/crypto/ec/ecx_key.c +++ b/crypto/ec/ecx_key.c @@ -10,7 +10,7 @@ #include #include "crypto/ecx.h" -ECX_KEY *ecx_key_new(OPENSSL_CTX *libctx, ECX_KEY_TYPE type, int haspubkey, +ECX_KEY *ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey, const char *propq) { ECX_KEY *ret = OPENSSL_zalloc(sizeof(*ret)); diff --git a/crypto/ec/ecx_meth.c b/crypto/ec/ecx_meth.c index 9aab96a050..5405164783 100644 --- a/crypto/ec/ecx_meth.c +++ b/crypto/ec/ecx_meth.c @@ -36,7 +36,7 @@ typedef enum { /* Setup EVP_PKEY using public, private or generation */ static int ecx_key_op(EVP_PKEY *pkey, int id, const X509_ALGOR *palg, const unsigned char *p, int plen, ecx_key_op_t op, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { ECX_KEY *key = NULL; unsigned char *privkey, *pubkey; @@ -150,7 +150,7 @@ static int ecx_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) } static int ecx_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { const unsigned char *p; int plen; @@ -396,7 +396,7 @@ static size_t ecx_pkey_dirty_cnt(const EVP_PKEY *pkey) } static int ecx_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx, + EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, const char *propq) { const ECX_KEY *key = from->pkey.ecx; diff --git a/crypto/encode_decode/decoder_lib.c b/crypto/encode_decode/decoder_lib.c index 192d33089b..20350a8cd6 100644 --- a/crypto/encode_decode/decoder_lib.c +++ b/crypto/encode_decode/decoder_lib.c @@ -217,7 +217,7 @@ int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder) } int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { /* * This function goes through existing decoder methods in diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c index 37c6ab2b57..f27bb4c1e4 100644 --- a/crypto/encode_decode/decoder_meth.c +++ b/crypto/encode_decode/decoder_meth.c @@ -69,20 +69,20 @@ static void decoder_store_free(void *vstore) ossl_method_store_free(vstore); } -static void *decoder_store_new(OPENSSL_CTX *ctx) +static void *decoder_store_new(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } -static const OPENSSL_CTX_METHOD decoder_store_method = { +static const OSSL_LIB_CTX_METHOD decoder_store_method = { decoder_store_new, decoder_store_free, }; /* Data to be passed through ossl_method_construct() */ struct decoder_data_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; OSSL_METHOD_CONSTRUCT_METHOD *mcm; int id; /* For get_decoder_from_store() */ const char *names; /* For get_decoder_from_store() */ @@ -95,7 +95,7 @@ struct decoder_data_st { */ /* Temporary decoder method store, constructor and destructor */ -static void *alloc_tmp_decoder_store(OPENSSL_CTX *ctx) +static void *alloc_tmp_decoder_store(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } @@ -107,14 +107,14 @@ static void dealloc_tmp_decoder_store(void *store) } /* Get the permanent decoder store */ -static OSSL_METHOD_STORE *get_decoder_store(OPENSSL_CTX *libctx) +static OSSL_METHOD_STORE *get_decoder_store(OSSL_LIB_CTX *libctx) { - return openssl_ctx_get_data(libctx, OPENSSL_CTX_DECODER_STORE_INDEX, - &decoder_store_method); + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_DECODER_STORE_INDEX, + &decoder_store_method); } /* Get decoder methods from a store, or put one in */ -static void *get_decoder_from_store(OPENSSL_CTX *libctx, void *store, +static void *get_decoder_from_store(OSSL_LIB_CTX *libctx, void *store, void *data) { struct decoder_data_st *methdata = data; @@ -136,7 +136,7 @@ static void *get_decoder_from_store(OPENSSL_CTX *libctx, void *store, return method; } -static int put_decoder_in_store(OPENSSL_CTX *libctx, void *store, +static int put_decoder_in_store(OSSL_LIB_CTX *libctx, void *store, void *method, const OSSL_PROVIDER *prov, int operation_id, const char *names, const char *propdef, void *unused) @@ -245,7 +245,7 @@ static void *construct_decoder(const OSSL_ALGORITHM *algodef, * namemap entry, this is it. Should the name already exist there, we * know that ossl_namemap_add() will return its corresponding number. */ - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); const char *names = algodef->algorithm_names; int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR); @@ -274,7 +274,7 @@ static void free_decoder(void *method) } /* Fetching support. Can fetch by numeric identity or by name */ -static OSSL_DECODER *inner_ossl_decoder_fetch(OPENSSL_CTX *libctx, int id, +static OSSL_DECODER *inner_ossl_decoder_fetch(OSSL_LIB_CTX *libctx, int id, const char *name, const char *properties) { @@ -331,13 +331,13 @@ static OSSL_DECODER *inner_ossl_decoder_fetch(OPENSSL_CTX *libctx, int id, return method; } -OSSL_DECODER *OSSL_DECODER_fetch(OPENSSL_CTX *libctx, const char *name, +OSSL_DECODER *OSSL_DECODER_fetch(OSSL_LIB_CTX *libctx, const char *name, const char *properties) { return inner_ossl_decoder_fetch(libctx, 0, name, properties); } -OSSL_DECODER *ossl_decoder_fetch_by_number(OPENSSL_CTX *libctx, int id, +OSSL_DECODER *ossl_decoder_fetch_by_number(OSSL_LIB_CTX *libctx, int id, const char *properties) { return inner_ossl_decoder_fetch(libctx, id, NULL, properties); @@ -380,7 +380,7 @@ int OSSL_DECODER_number(const OSSL_DECODER *decoder) int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name) { if (decoder->base.prov != NULL) { - OPENSSL_CTX *libctx = ossl_provider_library_context(decoder->base.prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(decoder->base.prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); return ossl_namemap_name2num(namemap, name) == decoder->base.id; @@ -398,7 +398,7 @@ static void decoder_do_one(OSSL_PROVIDER *provider, int no_store, void *vdata) { struct decoder_do_all_data_st *data = vdata; - OPENSSL_CTX *libctx = ossl_provider_library_context(provider); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(provider); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); const char *names = algodef->algorithm_names; int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR); @@ -413,7 +413,7 @@ static void decoder_do_one(OSSL_PROVIDER *provider, } } -void OSSL_DECODER_do_all_provided(OPENSSL_CTX *libctx, +void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_DECODER *decoder, void *arg), void *arg) { @@ -434,7 +434,7 @@ void OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder, return; if (decoder->base.prov != NULL) { - OPENSSL_CTX *libctx = ossl_provider_library_context(decoder->base.prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(decoder->base.prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); ossl_namemap_doall_names(namemap, decoder->base.id, fn, data); diff --git a/crypto/encode_decode/decoder_pkey.c b/crypto/encode_decode/decoder_pkey.c index 75c491f4ac..e9c0141804 100644 --- a/crypto/encode_decode/decoder_pkey.c +++ b/crypto/encode_decode/decoder_pkey.c @@ -257,7 +257,7 @@ static void collect_decoder(OSSL_DECODER *decoder, void *arg) int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, EVP_PKEY **pkey, const char *keytype, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propquery) { struct collected_data_st *data = NULL; @@ -326,7 +326,7 @@ int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, OSSL_DECODER_CTX * OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, const char *input_type, const char *keytype, - OPENSSL_CTX *libctx, const char *propquery) + OSSL_LIB_CTX *libctx, const char *propquery) { OSSL_DECODER_CTX *ctx = NULL; diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c index 6d3aa279d7..11be9f7902 100644 --- a/crypto/encode_decode/encoder_lib.c +++ b/crypto/encode_decode/encoder_lib.c @@ -235,7 +235,7 @@ int OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER *encoder) } int OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX *ctx, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { return 1; } diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c index 93929b5360..bee54bf63a 100644 --- a/crypto/encode_decode/encoder_meth.c +++ b/crypto/encode_decode/encoder_meth.c @@ -69,20 +69,20 @@ static void encoder_store_free(void *vstore) ossl_method_store_free(vstore); } -static void *encoder_store_new(OPENSSL_CTX *ctx) +static void *encoder_store_new(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } -static const OPENSSL_CTX_METHOD encoder_store_method = { +static const OSSL_LIB_CTX_METHOD encoder_store_method = { encoder_store_new, encoder_store_free, }; /* Data to be passed through ossl_method_construct() */ struct encoder_data_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; OSSL_METHOD_CONSTRUCT_METHOD *mcm; int id; /* For get_encoder_from_store() */ const char *names; /* For get_encoder_from_store() */ @@ -95,7 +95,7 @@ struct encoder_data_st { */ /* Temporary encoder method store, constructor and destructor */ -static void *alloc_tmp_encoder_store(OPENSSL_CTX *ctx) +static void *alloc_tmp_encoder_store(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } @@ -107,14 +107,14 @@ static void dealloc_tmp_encoder_store(void *store) } /* Get the permanent encoder store */ -static OSSL_METHOD_STORE *get_encoder_store(OPENSSL_CTX *libctx) +static OSSL_METHOD_STORE *get_encoder_store(OSSL_LIB_CTX *libctx) { - return openssl_ctx_get_data(libctx, OPENSSL_CTX_ENCODER_STORE_INDEX, - &encoder_store_method); + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_ENCODER_STORE_INDEX, + &encoder_store_method); } /* Get encoder methods from a store, or put one in */ -static void *get_encoder_from_store(OPENSSL_CTX *libctx, void *store, +static void *get_encoder_from_store(OSSL_LIB_CTX *libctx, void *store, void *data) { struct encoder_data_st *methdata = data; @@ -136,7 +136,7 @@ static void *get_encoder_from_store(OPENSSL_CTX *libctx, void *store, return method; } -static int put_encoder_in_store(OPENSSL_CTX *libctx, void *store, +static int put_encoder_in_store(OSSL_LIB_CTX *libctx, void *store, void *method, const OSSL_PROVIDER *prov, int operation_id, const char *names, const char *propdef, void *unused) @@ -257,7 +257,7 @@ static void *construct_encoder(const OSSL_ALGORITHM *algodef, * namemap entry, this is it. Should the name already exist there, we * know that ossl_namemap_add() will return its corresponding number. */ - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); const char *names = algodef->algorithm_names; int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR); @@ -286,7 +286,7 @@ static void free_encoder(void *method) } /* Fetching support. Can fetch by numeric identity or by name */ -static OSSL_ENCODER *inner_ossl_encoder_fetch(OPENSSL_CTX *libctx, +static OSSL_ENCODER *inner_ossl_encoder_fetch(OSSL_LIB_CTX *libctx, int id, const char *name, const char *properties) { @@ -343,13 +343,13 @@ static OSSL_ENCODER *inner_ossl_encoder_fetch(OPENSSL_CTX *libctx, return method; } -OSSL_ENCODER *OSSL_ENCODER_fetch(OPENSSL_CTX *libctx, const char *name, +OSSL_ENCODER *OSSL_ENCODER_fetch(OSSL_LIB_CTX *libctx, const char *name, const char *properties) { return inner_ossl_encoder_fetch(libctx, 0, name, properties); } -OSSL_ENCODER *ossl_encoder_fetch_by_number(OPENSSL_CTX *libctx, int id, +OSSL_ENCODER *ossl_encoder_fetch_by_number(OSSL_LIB_CTX *libctx, int id, const char *properties) { return inner_ossl_encoder_fetch(libctx, id, NULL, properties); @@ -392,7 +392,7 @@ int OSSL_ENCODER_number(const OSSL_ENCODER *encoder) int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name) { if (encoder->base.prov != NULL) { - OPENSSL_CTX *libctx = ossl_provider_library_context(encoder->base.prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(encoder->base.prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); return ossl_namemap_name2num(namemap, name) == encoder->base.id; @@ -410,7 +410,7 @@ static void encoder_do_one(OSSL_PROVIDER *provider, int no_store, void *vdata) { struct encoder_do_all_data_st *data = vdata; - OPENSSL_CTX *libctx = ossl_provider_library_context(provider); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(provider); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); const char *names = algodef->algorithm_names; int id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR); @@ -426,7 +426,7 @@ static void encoder_do_one(OSSL_PROVIDER *provider, } } -void OSSL_ENCODER_do_all_provided(OPENSSL_CTX *libctx, +void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_ENCODER *encoder, void *arg), void *arg) { @@ -451,7 +451,7 @@ void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder, return; if (encoder->base.prov != NULL) { - OPENSSL_CTX *libctx = ossl_provider_library_context(encoder->base.prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(encoder->base.prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); ossl_namemap_doall_names(namemap, encoder->base.id, fn, data); diff --git a/crypto/encode_decode/encoder_pkey.c b/crypto/encode_decode/encoder_pkey.c index 6e1a80da9f..b6f4cf777a 100644 --- a/crypto/encode_decode/encoder_pkey.c +++ b/crypto/encode_decode/encoder_pkey.c @@ -206,7 +206,7 @@ static void encoder_destruct_EVP_PKEY(void *arg) static int ossl_encoder_ctx_setup_for_EVP_PKEY(OSSL_ENCODER_CTX *ctx, const EVP_PKEY *pkey, int selection, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propquery) { struct construct_data_st *data = NULL; @@ -337,7 +337,7 @@ static int ossl_encoder_ctx_setup_for_EVP_PKEY(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey, const char *output_type, int selection, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propquery) { OSSL_ENCODER_CTX *ctx = NULL; diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c index f28bfe6aef..0c767179e6 100644 --- a/crypto/evp/asymcipher.c +++ b/crypto/evp/asymcipher.c @@ -405,7 +405,7 @@ OSSL_PROVIDER *EVP_ASYM_CIPHER_provider(const EVP_ASYM_CIPHER *cipher) return cipher->prov; } -EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { return evp_generic_fetch(ctx, OSSL_OP_ASYM_CIPHER, algorithm, properties, @@ -424,7 +424,7 @@ int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher) return cipher->name_id; } -void EVP_ASYM_CIPHER_do_all_provided(OPENSSL_CTX *libctx, +void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_ASYM_CIPHER *cipher, void *arg), void *arg) diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c index 524d3ede8d..281749558d 100644 --- a/crypto/evp/digest.c +++ b/crypto/evp/digest.c @@ -83,7 +83,7 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx) #ifndef FIPS_MODULE EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_MD_CTX *ctx; EVP_PKEY_CTX *pctx = NULL; @@ -954,7 +954,7 @@ static void evp_md_free(void *md) EVP_MD_free(md); } -EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { EVP_MD *md = @@ -987,7 +987,7 @@ void EVP_MD_free(EVP_MD *md) OPENSSL_free(md); } -void EVP_MD_do_all_provided(OPENSSL_CTX *libctx, +void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_MD *mac, void *arg), void *arg) { diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c index 62c0966409..929c95eed8 100644 --- a/crypto/evp/evp_enc.c +++ b/crypto/evp/evp_enc.c @@ -1174,7 +1174,7 @@ const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher) } #ifndef FIPS_MODULE -static OPENSSL_CTX *EVP_CIPHER_CTX_get_libctx(EVP_CIPHER_CTX *ctx) +static OSSL_LIB_CTX *EVP_CIPHER_CTX_get_libctx(EVP_CIPHER_CTX *ctx) { const EVP_CIPHER *cipher = ctx->cipher; const OSSL_PROVIDER *prov; @@ -1183,7 +1183,7 @@ static OPENSSL_CTX *EVP_CIPHER_CTX_get_libctx(EVP_CIPHER_CTX *ctx) return NULL; prov = EVP_CIPHER_provider(cipher); - return ossl_provider_library_context(prov); + return ossl_provider_libctx(prov); } #endif @@ -1197,7 +1197,7 @@ int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key) #else { int kl; - OPENSSL_CTX *libctx = EVP_CIPHER_CTX_get_libctx(ctx); + OSSL_LIB_CTX *libctx = EVP_CIPHER_CTX_get_libctx(ctx); kl = EVP_CIPHER_CTX_key_length(ctx); if (kl <= 0 || RAND_priv_bytes_ex(libctx, key, kl) <= 0) @@ -1456,7 +1456,7 @@ static void evp_cipher_free(void *cipher) EVP_CIPHER_free(cipher); } -EVP_CIPHER *EVP_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { EVP_CIPHER *cipher = @@ -1494,7 +1494,7 @@ void EVP_CIPHER_free(EVP_CIPHER *cipher) OPENSSL_free(cipher); } -void EVP_CIPHER_do_all_provided(OPENSSL_CTX *libctx, +void EVP_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_CIPHER *mac, void *arg), void *arg) { diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c index 253b76a786..e8d1336aa3 100644 --- a/crypto/evp/evp_fetch.c +++ b/crypto/evp/evp_fetch.c @@ -28,20 +28,20 @@ static void evp_method_store_free(void *vstore) ossl_method_store_free(vstore); } -static void *evp_method_store_new(OPENSSL_CTX *ctx) +static void *evp_method_store_new(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } -static const OPENSSL_CTX_METHOD evp_method_store_method = { +static const OSSL_LIB_CTX_METHOD evp_method_store_method = { evp_method_store_new, evp_method_store_free, }; /* Data to be passed through ossl_method_construct() */ struct evp_method_data_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; OSSL_METHOD_CONSTRUCT_METHOD *mcm; int operation_id; /* For get_evp_method_from_store() */ int name_id; /* For get_evp_method_from_store() */ @@ -59,7 +59,7 @@ struct evp_method_data_st { /* * Generic routines to fetch / create EVP methods with ossl_method_construct() */ -static void *alloc_tmp_evp_method_store(OPENSSL_CTX *ctx) +static void *alloc_tmp_evp_method_store(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } @@ -70,10 +70,10 @@ static void *alloc_tmp_evp_method_store(OPENSSL_CTX *ctx) ossl_method_store_free(store); } -static OSSL_METHOD_STORE *get_evp_method_store(OPENSSL_CTX *libctx) +static OSSL_METHOD_STORE *get_evp_method_store(OSSL_LIB_CTX *libctx) { - return openssl_ctx_get_data(libctx, OPENSSL_CTX_EVP_METHOD_STORE_INDEX, - &evp_method_store_method); + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX, + &evp_method_store_method); } /* @@ -95,7 +95,7 @@ static uint32_t evp_method_id(int name_id, unsigned int operation_id) return ((name_id << 8) & 0xFFFFFF00) | (operation_id & 0x000000FF); } -static void *get_evp_method_from_store(OPENSSL_CTX *libctx, void *store, +static void *get_evp_method_from_store(OSSL_LIB_CTX *libctx, void *store, void *data) { struct evp_method_data_st *methdata = data; @@ -133,7 +133,7 @@ static void *get_evp_method_from_store(OPENSSL_CTX *libctx, void *store, return method; } -static int put_evp_method_in_store(OPENSSL_CTX *libctx, void *store, +static int put_evp_method_in_store(OSSL_LIB_CTX *libctx, void *store, void *method, const OSSL_PROVIDER *prov, int operation_id, const char *names, const char *propdef, void *data) @@ -185,7 +185,7 @@ static void *construct_evp_method(const OSSL_ALGORITHM *algodef, * number. */ struct evp_method_data_st *methdata = data; - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); const char *names = algodef->algorithm_names; int name_id = ossl_namemap_add_names(namemap, 0, names, NAME_SEPARATOR); @@ -215,21 +215,21 @@ static void destruct_evp_method(void *method, void *data) methdata->destruct_method(method); } -static const char *libctx_descriptor(OPENSSL_CTX *libctx) +static const char *libctx_descriptor(OSSL_LIB_CTX *libctx) { #ifdef FIPS_MODULE return "FIPS internal library context"; #else - if (openssl_ctx_is_global_default(libctx)) + if (ossl_lib_ctx_is_global_default(libctx)) return "Global default library context"; - if (openssl_ctx_is_default(libctx)) + if (ossl_lib_ctx_is_default(libctx)) return "Thread-local default library context"; return "Non-default library context"; #endif } static void * -inner_evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id, +inner_evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id, int name_id, const char *name, const char *properties, void *(*new_method)(int name_id, @@ -352,7 +352,7 @@ inner_evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id, return method; } -void *evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id, +void *evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id, const char *name, const char *properties, void *(*new_method)(int name_id, const OSSL_DISPATCH *fns, @@ -372,7 +372,7 @@ void *evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id, * This is meant to be used when one method needs to fetch an associated * other method. */ -void *evp_generic_fetch_by_number(OPENSSL_CTX *libctx, int operation_id, +void *evp_generic_fetch_by_number(OSSL_LIB_CTX *libctx, int operation_id, int name_id, const char *properties, void *(*new_method)(int name_id, const OSSL_DISPATCH *fns, @@ -386,7 +386,7 @@ void *evp_generic_fetch_by_number(OPENSSL_CTX *libctx, int operation_id, free_method); } -void evp_method_store_flush(OPENSSL_CTX *libctx) +void evp_method_store_flush(OSSL_LIB_CTX *libctx) { OSSL_METHOD_STORE *store = get_evp_method_store(libctx); @@ -394,7 +394,7 @@ void evp_method_store_flush(OPENSSL_CTX *libctx) ossl_method_store_flush_cache(store, 1); } -static int evp_set_parsed_default_properties(OPENSSL_CTX *libctx, +static int evp_set_parsed_default_properties(OSSL_LIB_CTX *libctx, OSSL_PROPERTY_LIST *def_prop, int loadconfig) { @@ -412,7 +412,7 @@ static int evp_set_parsed_default_properties(OPENSSL_CTX *libctx, return 0; } -int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq, +int evp_set_default_properties_int(OSSL_LIB_CTX *libctx, const char *propq, int loadconfig) { OSSL_PROPERTY_LIST *pl = NULL; @@ -424,12 +424,12 @@ int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq, return evp_set_parsed_default_properties(libctx, pl, loadconfig); } -int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq) +int EVP_set_default_properties(OSSL_LIB_CTX *libctx, const char *propq) { return evp_set_default_properties_int(libctx, propq, 1); } -static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq) +static int evp_default_properties_merge(OSSL_LIB_CTX *libctx, const char *propq) { OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1); OSSL_PROPERTY_LIST *pl1, *pl2; @@ -451,7 +451,7 @@ static int evp_default_properties_merge(OPENSSL_CTX *libctx, const char *propq) return evp_set_parsed_default_properties(libctx, pl2, 0); } -static int evp_default_property_is_enabled(OPENSSL_CTX *libctx, +static int evp_default_property_is_enabled(OSSL_LIB_CTX *libctx, const char *prop_name) { OSSL_PROPERTY_LIST **plp = ossl_ctx_global_properties(libctx, 1); @@ -459,12 +459,12 @@ static int evp_default_property_is_enabled(OPENSSL_CTX *libctx, return plp != NULL && ossl_property_is_enabled(libctx, prop_name, *plp); } -int EVP_default_properties_is_fips_enabled(OPENSSL_CTX *libctx) +int EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX *libctx) { return evp_default_property_is_enabled(libctx, "fips"); } -int EVP_default_properties_enable_fips(OPENSSL_CTX *libctx, int enable) +int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable) { const char *query = (enable != 0) ? "fips=yes" : "-fips"; @@ -484,7 +484,7 @@ static void do_one(OSSL_PROVIDER *provider, const OSSL_ALGORITHM *algo, int no_store, void *vdata) { struct do_all_data_st *data = vdata; - OPENSSL_CTX *libctx = ossl_provider_library_context(provider); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(provider); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); int name_id = ossl_namemap_add_names(namemap, 0, algo->algorithm_names, NAME_SEPARATOR); @@ -499,7 +499,7 @@ static void do_one(OSSL_PROVIDER *provider, const OSSL_ALGORITHM *algo, } } -void evp_generic_do_all(OPENSSL_CTX *libctx, int operation_id, +void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id, void (*user_fn)(void *method, void *arg), void *user_arg, void *(*new_method)(int name_id, @@ -524,7 +524,7 @@ void evp_generic_do_all(OPENSSL_CTX *libctx, int operation_id, const char *evp_first_name(const OSSL_PROVIDER *prov, int name_id) { - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); return ossl_namemap_num2name(namemap, name_id, 0); @@ -536,7 +536,7 @@ int evp_is_a(OSSL_PROVIDER *prov, int number, /* * For a |prov| that is NULL, the library context will be NULL */ - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); if (prov == NULL) @@ -548,7 +548,7 @@ void evp_names_do_all(OSSL_PROVIDER *prov, int number, void (*fn)(const char *name, void *data), void *data) { - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); ossl_namemap_doall_names(namemap, number, fn, data); diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h index 285c69103b..0112cdca02 100644 --- a/crypto/evp/evp_local.h +++ b/crypto/evp/evp_local.h @@ -232,21 +232,21 @@ int is_partially_overlapping(const void *ptr1, const void *ptr2, int len); #include #include -void *evp_generic_fetch(OPENSSL_CTX *ctx, int operation_id, +void *evp_generic_fetch(OSSL_LIB_CTX *ctx, int operation_id, const char *name, const char *properties, void *(*new_method)(int name_id, const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov), int (*up_ref_method)(void *), void (*free_method)(void *)); -void *evp_generic_fetch_by_number(OPENSSL_CTX *ctx, int operation_id, +void *evp_generic_fetch_by_number(OSSL_LIB_CTX *ctx, int operation_id, int name_id, const char *properties, void *(*new_method)(int name_id, const OSSL_DISPATCH *fns, OSSL_PROVIDER *prov), int (*up_ref_method)(void *), void (*free_method)(void *)); -void evp_generic_do_all(OPENSSL_CTX *libctx, int operation_id, +void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id, void (*user_fn)(void *method, void *arg), void *user_arg, void *(*new_method)(int name_id, @@ -255,7 +255,7 @@ void evp_generic_do_all(OPENSSL_CTX *libctx, int operation_id, void (*free_method)(void *)); /* Internal fetchers for method types that are to be combined with others */ -EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OPENSSL_CTX *ctx, int name_id, +EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OSSL_LIB_CTX *ctx, int name_id, const char *properties); /* Internal structure constructors for fetched methods */ diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index b9fabf29f0..9e7c978656 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -18,7 +18,7 @@ /* Extract a private key from a PKCS8 structure */ -EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx, +EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OSSL_LIB_CTX *libctx, const char *propq) { EVP_PKEY *pkey = NULL; diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c index c0729656cb..44b648705c 100644 --- a/crypto/evp/evp_rand.c +++ b/crypto/evp/evp_rand.c @@ -263,7 +263,7 @@ static void *evp_rand_from_dispatch(int name_id, return rand; } -EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm, +EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties) { return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties, @@ -447,7 +447,7 @@ const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand) ossl_provider_ctx(EVP_RAND_provider(rand))); } -void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx, +void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_RAND *rand, void *arg), void *arg) { diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c index ea1f771d6f..485ff28041 100644 --- a/crypto/evp/exchange.c +++ b/crypto/evp/exchange.c @@ -166,7 +166,7 @@ OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange) return exchange->prov; } -EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties, @@ -457,7 +457,7 @@ int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name) return evp_is_a(keyexch->prov, keyexch->name_id, NULL, name); } -void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYEXCH *keyexch, void *arg), void *arg) { diff --git a/crypto/evp/kdf_meth.c b/crypto/evp/kdf_meth.c index 1e0128b532..a89a8e9836 100644 --- a/crypto/evp/kdf_meth.c +++ b/crypto/evp/kdf_meth.c @@ -147,7 +147,7 @@ static void *evp_kdf_from_dispatch(int name_id, return kdf; } -EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm, +EVP_KDF *EVP_KDF_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties) { return evp_generic_fetch(libctx, OSSL_OP_KDF, algorithm, properties, @@ -186,7 +186,7 @@ const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf) return kdf->settable_ctx_params(ossl_provider_ctx(EVP_KDF_provider(kdf))); } -void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KDF *kdf, void *arg), void *arg) { diff --git a/crypto/evp/kem.c b/crypto/evp/kem.c index 5b13f0130a..2e61d2061e 100644 --- a/crypto/evp/kem.c +++ b/crypto/evp/kem.c @@ -321,7 +321,7 @@ OSSL_PROVIDER *EVP_KEM_provider(const EVP_KEM *kem) return kem->prov; } -EVP_KEM *EVP_KEM_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { return evp_generic_fetch(ctx, OSSL_OP_KEM, algorithm, properties, @@ -340,7 +340,7 @@ int EVP_KEM_number(const EVP_KEM *kem) return kem->name_id; } -void EVP_KEM_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEM *kem, void *arg), void *arg) { diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c index 5453ceadda..66cef52144 100644 --- a/crypto/evp/keymgmt_meth.c +++ b/crypto/evp/keymgmt_meth.c @@ -197,7 +197,7 @@ static void *keymgmt_from_dispatch(int name_id, return keymgmt; } -EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OPENSSL_CTX *ctx, int name_id, +EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OSSL_LIB_CTX *ctx, int name_id, const char *properties) { return evp_generic_fetch_by_number(ctx, @@ -207,7 +207,7 @@ EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OPENSSL_CTX *ctx, int name_id, (void (*)(void *))EVP_KEYMGMT_free); } -EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { return evp_generic_fetch(ctx, OSSL_OP_KEYMGMT, algorithm, properties, @@ -259,7 +259,7 @@ int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name) return evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name); } -void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), void *arg) { diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c index 783225b6f7..c1bddcb946 100644 --- a/crypto/evp/m_sigver.c +++ b/crypto/evp/m_sigver.c @@ -38,7 +38,7 @@ static const char *canon_mdname(const char *mdname) static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, const char *mdname, - OPENSSL_CTX *libctx, const char *props, + OSSL_LIB_CTX *libctx, const char *props, ENGINE *e, EVP_PKEY *pkey, int ver) { EVP_PKEY_CTX *locpctx = NULL; @@ -311,7 +311,7 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, OPENSSL_CTX *libctx, + const char *mdname, OSSL_LIB_CTX *libctx, const char *props, EVP_PKEY *pkey) { return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0); @@ -324,7 +324,7 @@ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, } int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, OPENSSL_CTX *libctx, + const char *mdname, OSSL_LIB_CTX *libctx, const char *props, EVP_PKEY *pkey) { return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1); diff --git a/crypto/evp/mac_meth.c b/crypto/evp/mac_meth.c index 7d02861c7c..c2b7c5c613 100644 --- a/crypto/evp/mac_meth.c +++ b/crypto/evp/mac_meth.c @@ -149,7 +149,7 @@ static void *evp_mac_from_dispatch(int name_id, return mac; } -EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, +EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties) { return evp_generic_fetch(libctx, OSSL_OP_MAC, algorithm, properties, @@ -193,7 +193,7 @@ const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac) return mac->settable_ctx_params(ossl_provider_ctx(EVP_MAC_provider(mac))); } -void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx, +void EVP_MAC_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_MAC *mac, void *arg), void *arg) { diff --git a/crypto/evp/names.c b/crypto/evp/names.c index 5eb7a39ae0..07fda004dc 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -72,7 +72,8 @@ const EVP_CIPHER *EVP_get_cipherbyname(const char *name) return evp_get_cipherbyname_ex(NULL, name); } -const EVP_CIPHER *evp_get_cipherbyname_ex(OPENSSL_CTX *libctx, const char *name) +const EVP_CIPHER *evp_get_cipherbyname_ex(OSSL_LIB_CTX *libctx, + const char *name) { const EVP_CIPHER *cp; OSSL_NAMEMAP *namemap; @@ -117,7 +118,7 @@ const EVP_MD *EVP_get_digestbyname(const char *name) return evp_get_digestbyname_ex(NULL, name); } -const EVP_MD *evp_get_digestbyname_ex(OPENSSL_CTX *libctx, const char *name) +const EVP_MD *evp_get_digestbyname_ex(OSSL_LIB_CTX *libctx, const char *name) { const EVP_MD *dp; OSSL_NAMEMAP *namemap; diff --git a/crypto/evp/p5_crpt2.c b/crypto/evp/p5_crpt2.c index b827899445..830a97dde2 100644 --- a/crypto/evp/p5_crpt2.c +++ b/crypto/evp/p5_crpt2.c @@ -22,7 +22,7 @@ int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { const char *empty = ""; int rv = 1, mode = 1; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index b394fcdebf..cc30bc3495 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -335,7 +335,7 @@ int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b) } -static EVP_PKEY *new_raw_key_int(OPENSSL_CTX *libctx, +static EVP_PKEY *new_raw_key_int(OSSL_LIB_CTX *libctx, const char *strtype, const char *propq, int nidtype, @@ -450,7 +450,7 @@ static EVP_PKEY *new_raw_key_int(OPENSSL_CTX *libctx, return pkey; } -EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx, +EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx, const char *keytype, const char *propq, const unsigned char *priv, size_t len) @@ -466,7 +466,7 @@ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, return new_raw_key_int(NULL, NULL, NULL, type, e, priv, len, 1); } -EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx, +EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OSSL_LIB_CTX *libctx, const char *keytype, const char *propq, const unsigned char *pub, size_t len) { @@ -576,7 +576,8 @@ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, const char *cipher_name, - const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + const EVP_CIPHER *cipher, + OSSL_LIB_CTX *libctx, const char *propq, ENGINE *e) { # ifndef OPENSSL_NO_CMAC @@ -634,7 +635,7 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len, } EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len, - const char *cipher_name, OPENSSL_CTX *libctx, + const char *cipher_name, OSSL_LIB_CTX *libctx, const char *propq) { return new_cmac_key_int(priv, len, cipher_name, NULL, libctx, propq, NULL); @@ -1069,7 +1070,7 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey) } } else { const OSSL_PROVIDER *prov = EVP_KEYMGMT_provider(pkey->keymgmt); - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); const char *supported_sig = pkey->keymgmt->query_operation_name != NULL ? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE) @@ -1171,7 +1172,7 @@ static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent, static int print_pkey(const EVP_PKEY *pkey, BIO *out, int indent, int selection /* For provided encoding */, - OPENSSL_CTX *libctx /* For provided encoding */, + OSSL_LIB_CTX *libctx /* For provided encoding */, const char *propquery /* For provided encoding */, int (*legacy_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx), @@ -1687,7 +1688,7 @@ int EVP_PKEY_size(const EVP_PKEY *pkey) return size; } -void *evp_pkey_export_to_provider(EVP_PKEY *pk, OPENSSL_CTX *libctx, +void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, EVP_KEYMGMT **keymgmt, const char *propquery) { @@ -1884,8 +1885,8 @@ int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src) * We perform the export in the same libctx as the keymgmt * that we are using. */ - OPENSSL_CTX *libctx = - ossl_provider_library_context(keymgmt->prov); + OSSL_LIB_CTX *libctx = + ossl_provider_libctx(keymgmt->prov); EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_from_pkey(libctx, *dest, NULL); diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index f530091a3e..33d23404a5 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -15,7 +15,7 @@ #include "crypto/evp.h" int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *sigret, - unsigned int *siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx, + unsigned int *siglen, EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index dc1ee84c15..31b04b309b 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -15,7 +15,7 @@ #include "crypto/evp.h" int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, - unsigned int siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx, + unsigned int siglen, EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, const char *propq) { unsigned char m[EVP_MAX_MD_SIZE]; diff --git a/crypto/evp/pbe_scrypt.c b/crypto/evp/pbe_scrypt.c index 97997377e1..450e085943 100644 --- a/crypto/evp/pbe_scrypt.c +++ b/crypto/evp/pbe_scrypt.c @@ -62,7 +62,7 @@ int EVP_PBE_scrypt(const char *pass, size_t passlen, if (maxmem == 0) maxmem = SCRYPT_MAX_MEM; - /* Use OPENSSL_CTX_set0_default() if you need a library context */ + /* Use OSSL_LIB_CTX_set0_default() if you need a library context */ kdf = EVP_KDF_fetch(NULL, OSSL_KDF_NAME_SCRYPT, NULL); kctx = EVP_KDF_CTX_new(kdf); EVP_KDF_free(kdf); diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 042035a75a..17a0a4704b 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -172,7 +172,7 @@ static int get_legacy_alg_type_from_keymgmt(const EVP_KEYMGMT *keymgmt) } #endif /* FIPS_MODULE */ -static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx, +static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, ENGINE *e, const char *keytype, const char *propquery, int id) @@ -338,14 +338,14 @@ static EVP_PKEY_CTX *int_ctx_new(OPENSSL_CTX *libctx, /*- All methods below can also be used in FIPS_MODULE */ -EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx, +EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OSSL_LIB_CTX *libctx, const char *name, const char *propquery) { return int_ctx_new(libctx, NULL, NULL, name, propquery, -1); } -EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx, EVP_PKEY *pkey, +EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, const char *propquery) { return int_ctx_new(libctx, pkey, NULL, NULL, propquery, -1); @@ -1762,7 +1762,7 @@ int evp_pkey_ctx_use_cached_data(EVP_PKEY_CTX *ctx) return ret; } -OPENSSL_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx) +OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx) { return ctx->libctx; } diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c index c0126501f8..0ea8934689 100644 --- a/crypto/evp/signature.c +++ b/crypto/evp/signature.c @@ -298,7 +298,7 @@ OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature) return signature->prov; } -EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties) { return evp_generic_fetch(ctx, OSSL_OP_SIGNATURE, algorithm, properties, @@ -317,7 +317,7 @@ int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature) return signature->name_id; } -void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, +void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_SIGNATURE *signature, void *arg), void *arg) diff --git a/crypto/ex_data.c b/crypto/ex_data.c index c1467a51dc..3b06c0b90e 100644 --- a/crypto/ex_data.c +++ b/crypto/ex_data.c @@ -10,9 +10,9 @@ #include "crypto/cryptlib.h" #include "internal/thread_once.h" -int do_ex_data_init(OPENSSL_CTX *ctx) +int do_ex_data_init(OSSL_LIB_CTX *ctx) { - OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx); + OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx); if (global == NULL) return 0; @@ -59,10 +59,10 @@ static void cleanup_cb(EX_CALLBACK *funcs) * called under potential race-conditions anyway (it's for program shutdown * after all). */ -void crypto_cleanup_all_ex_data_int(OPENSSL_CTX *ctx) +void crypto_cleanup_all_ex_data_int(OSSL_LIB_CTX *ctx) { int i; - OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx); + OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx); if (global == NULL) return; @@ -100,12 +100,12 @@ static int dummy_dup(CRYPTO_EX_DATA *to, const CRYPTO_EX_DATA *from, return 1; } -int crypto_free_ex_index_ex(OPENSSL_CTX *ctx, int class_index, int idx) +int crypto_free_ex_index_ex(OSSL_LIB_CTX *ctx, int class_index, int idx) { EX_CALLBACKS *ip; EX_CALLBACK *a; int toret = 0; - OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx); + OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx); if (global == NULL) return 0; @@ -136,7 +136,7 @@ int CRYPTO_free_ex_index(int class_index, int idx) /* * Register a new index. */ -int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl, +int crypto_get_ex_new_index_ex(OSSL_LIB_CTX *ctx, int class_index, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) @@ -144,7 +144,7 @@ int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, long argl, int toret = -1; EX_CALLBACK *a; EX_CALLBACKS *ip; - OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx); + OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx); if (global == NULL) return -1; @@ -203,7 +203,7 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp, * in the lock, then using them outside the lock. Note this only applies * to the global "ex_data" state (ie. class definitions), not 'ad' itself. */ -int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj, +int crypto_new_ex_data_ex(OSSL_LIB_CTX *ctx, int class_index, void *obj, CRYPTO_EX_DATA *ad) { int mx, i; @@ -211,7 +211,7 @@ int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj, EX_CALLBACK **storage = NULL; EX_CALLBACK *stack[10]; EX_CALLBACKS *ip; - OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ctx); + OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ctx); if (global == NULL) return 0; @@ -275,7 +275,7 @@ int CRYPTO_dup_ex_data(int class_index, CRYPTO_EX_DATA *to, /* Nothing to copy over */ return 1; - global = openssl_ctx_get_ex_data_global(from->ctx); + global = ossl_lib_ctx_get_ex_data_global(from->ctx); if (global == NULL) return 0; @@ -342,7 +342,7 @@ void CRYPTO_free_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad) EX_CALLBACK *f; EX_CALLBACK *stack[10]; EX_CALLBACK **storage = NULL; - OSSL_EX_DATA_GLOBAL *global = openssl_ctx_get_ex_data_global(ad->ctx); + OSSL_EX_DATA_GLOBAL *global = ossl_lib_ctx_get_ex_data_global(ad->ctx); if (global == NULL) goto err; @@ -402,7 +402,7 @@ int CRYPTO_alloc_ex_data(int class_index, void *obj, CRYPTO_EX_DATA *ad, if (curval != NULL) return 1; - global = openssl_ctx_get_ex_data_global(ad->ctx); + global = ossl_lib_ctx_get_ex_data_global(ad->ctx); if (global == NULL) return 0; @@ -464,7 +464,7 @@ void *CRYPTO_get_ex_data(const CRYPTO_EX_DATA *ad, int idx) return sk_void_value(ad->sk, idx); } -OPENSSL_CTX *crypto_ex_data_get_openssl_ctx(const CRYPTO_EX_DATA *ad) +OSSL_LIB_CTX *crypto_ex_data_get_ossl_lib_ctx(const CRYPTO_EX_DATA *ad) { return ad->ctx; } diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c index 0f955f5644..815b38efbf 100644 --- a/crypto/ffc/ffc_params_generate.c +++ b/crypto/ffc/ffc_params_generate.c @@ -320,7 +320,7 @@ static int generate_q_fips186_4(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd, unsigned char md[EVP_MAX_MD_SIZE]; int mdsize = EVP_MD_size(evpmd); unsigned char *pmd; - OPENSSL_CTX *libctx = bn_get_lib_ctx(ctx); + OSSL_LIB_CTX *libctx = bn_get_libctx(ctx); /* find q */ for (;;) { @@ -391,7 +391,7 @@ static int generate_q_fips186_2(BN_CTX *ctx, BIGNUM *q, const EVP_MD *evpmd, unsigned char buf2[EVP_MAX_MD_SIZE]; unsigned char md[EVP_MAX_MD_SIZE]; int i, r, ret = 0, m = *retm; - OPENSSL_CTX *libctx = bn_get_lib_ctx(ctx); + OSSL_LIB_CTX *libctx = bn_get_libctx(ctx); /* find q */ for (;;) { @@ -510,7 +510,7 @@ static const char *default_mdname(size_t N) * - FFC_PARAM_RET_STATUS_UNVERIFIABLE_G if the validation of G succeeded, * but G is unverifiable. */ -int ossl_ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_4_gen_verify(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int mode, int type, size_t L, size_t N, int *res, BN_GENCB *cb) @@ -803,7 +803,7 @@ err: } /* Note this function is only used for verification in fips mode */ -int ossl_ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int mode, int type, size_t L, size_t N, int *res, BN_GENCB *cb) @@ -1033,7 +1033,7 @@ err: return ok; } -int ossl_ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, +int ossl_ffc_params_FIPS186_4_generate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int type, size_t L, size_t N, int *res, BN_GENCB *cb) { @@ -1043,7 +1043,7 @@ int ossl_ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, } /* This should no longer be used in FIPS mode */ -int ossl_ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, +int ossl_ffc_params_FIPS186_2_generate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int type, size_t L, size_t N, int *res, BN_GENCB *cb) { diff --git a/crypto/ffc/ffc_params_validate.c b/crypto/ffc/ffc_params_validate.c index bdc59968b2..22983d62ef 100644 --- a/crypto/ffc/ffc_params_validate.c +++ b/crypto/ffc/ffc_params_validate.c @@ -45,7 +45,7 @@ int ossl_ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, return 1; } -int ossl_ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_4_validate(OSSL_LIB_CTX *libctx, const FFC_PARAMS *params, int type, int *res, BN_GENCB *cb) { @@ -63,7 +63,7 @@ int ossl_ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, } /* This may be used in FIPS mode to validate deprecated FIPS-186-2 Params */ -int ossl_ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_2_validate(OSSL_LIB_CTX *libctx, const FFC_PARAMS *params, int type, int *res, BN_GENCB *cb) { @@ -88,7 +88,7 @@ int ossl_ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, * extra parameters such as the digest and seed, which may not be available for * this test. */ -int ossl_ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, +int ossl_ffc_params_simple_validate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int type) { int ret, res = 0; diff --git a/crypto/init.c b/crypto/init.c index fec178c389..cfd4eab9ed 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -339,7 +339,7 @@ void OPENSSL_cleanup(void) /* * TODO(3.0): This function needs looking at with a view to moving most/all - * of this into onfree handlers in OPENSSL_CTX. + * of this into onfree handlers in OSSL_LIB_CTX. */ /* If we've not been inited then no need to deinit */ @@ -396,7 +396,7 @@ void OPENSSL_cleanup(void) * - rand_cleanup_int could call an ENGINE's RAND cleanup function so * must be called before engine_cleanup_int() * - ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up - * before the ex data handlers are wiped during default openssl_ctx deinit. + * before the ex data handlers are wiped during default ossl_lib_ctx deinit. * - conf_modules_free_int() can end up in ENGINE code so must be called * before engine_cleanup_int() * - ENGINEs and additional EVP algorithms might use added OIDs names so @@ -418,8 +418,8 @@ void OPENSSL_cleanup(void) ossl_store_cleanup_int(); #endif - OSSL_TRACE(INIT, "OPENSSL_cleanup: openssl_ctx_default_deinit()\n"); - openssl_ctx_default_deinit(); + OSSL_TRACE(INIT, "OPENSSL_cleanup: ossl_lib_ctx_default_deinit()\n"); + ossl_lib_ctx_default_deinit(); ossl_cleanup_thread(); @@ -458,7 +458,7 @@ int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings) { /* * TODO(3.0): This function needs looking at with a view to moving most/all - * of this into OPENSSL_CTX. + * of this into OSSL_LIB_CTX. */ if (stopped) { diff --git a/crypto/initthread.c b/crypto/initthread.c index 5ad38dfee2..f460252ff9 100644 --- a/crypto/initthread.c +++ b/crypto/initthread.c @@ -208,12 +208,12 @@ void ossl_cleanup_thread(void) destructor_key.sane = -1; } -void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx) +void OPENSSL_thread_stop_ex(OSSL_LIB_CTX *ctx) { - ctx = openssl_ctx_get_concrete(ctx); + ctx = ossl_lib_ctx_get_concrete(ctx); /* * TODO(3.0). It would be nice if we could figure out a way to do this on - * all threads that have used the OPENSSL_CTX when the OPENSSL_CTX is freed. + * all threads that have used the OSSL_LIB_CTX when the context is freed. * This is currently not possible due to the use of thread local variables. */ ossl_ctx_thread_stop(ctx); @@ -242,7 +242,7 @@ void ossl_ctx_thread_stop(void *arg) #else -static void *thread_event_ossl_ctx_new(OPENSSL_CTX *libctx) +static void *thread_event_ossl_ctx_new(OSSL_LIB_CTX *libctx) { THREAD_EVENT_HANDLER **hands = NULL; CRYPTO_THREAD_LOCAL *tlocal = OPENSSL_zalloc(sizeof(*tlocal)); @@ -273,7 +273,7 @@ static void thread_event_ossl_ctx_free(void *tlocal) OPENSSL_free(tlocal); } -static const OPENSSL_CTX_METHOD thread_event_ossl_ctx_method = { +static const OSSL_LIB_CTX_METHOD thread_event_ossl_ctx_method = { thread_event_ossl_ctx_new, thread_event_ossl_ctx_free, }; @@ -281,10 +281,10 @@ static const OPENSSL_CTX_METHOD thread_event_ossl_ctx_method = { void ossl_ctx_thread_stop(void *arg) { THREAD_EVENT_HANDLER **hands; - OPENSSL_CTX *ctx = arg; + OSSL_LIB_CTX *ctx = arg; CRYPTO_THREAD_LOCAL *local - = openssl_ctx_get_data(ctx, OPENSSL_CTX_THREAD_EVENT_HANDLER_INDEX, - &thread_event_ossl_ctx_method); + = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX, + &thread_event_ossl_ctx_method); if (local == NULL) return; @@ -329,22 +329,22 @@ int ossl_init_thread_start(const void *index, void *arg, THREAD_EVENT_HANDLER **hands; THREAD_EVENT_HANDLER *hand; #ifdef FIPS_MODULE - OPENSSL_CTX *ctx = arg; + OSSL_LIB_CTX *ctx = arg; /* * In FIPS mode the list of THREAD_EVENT_HANDLERs is unique per combination - * of OPENSSL_CTX and thread. This is because in FIPS mode each OPENSSL_CTX - * gets informed about thread stop events individually. + * of OSSL_LIB_CTX and thread. This is because in FIPS mode each + * OSSL_LIB_CTX gets informed about thread stop events individually. */ CRYPTO_THREAD_LOCAL *local - = openssl_ctx_get_data(ctx, OPENSSL_CTX_THREAD_EVENT_HANDLER_INDEX, - &thread_event_ossl_ctx_method); + = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX, + &thread_event_ossl_ctx_method); #else /* * Outside of FIPS mode the list of THREAD_EVENT_HANDLERs is unique per - * thread, but may hold multiple OPENSSL_CTXs. We only get told about + * thread, but may hold multiple OSSL_LIB_CTXs. We only get told about * thread stop events globally, so we have to ensure all affected - * OPENSSL_CTXs are informed. + * OSSL_LIB_CTXs are informed. */ CRYPTO_THREAD_LOCAL *local = &destructor_key.value; #endif diff --git a/crypto/modes/siv128.c b/crypto/modes/siv128.c index aa924efae7..c8bfdb0c51 100644 --- a/crypto/modes/siv128.c +++ b/crypto/modes/siv128.c @@ -142,7 +142,7 @@ __owur static ossl_inline int siv128_do_encrypt(EVP_CIPHER_CTX *ctx, unsigned ch */ SIV128_CONTEXT *CRYPTO_siv128_new(const unsigned char *key, int klen, EVP_CIPHER *cbc, EVP_CIPHER *ctr, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { SIV128_CONTEXT *ctx; int ret; @@ -162,7 +162,7 @@ SIV128_CONTEXT *CRYPTO_siv128_new(const unsigned char *key, int klen, */ int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen, const EVP_CIPHER *cbc, const EVP_CIPHER *ctr, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { static const unsigned char zero[SIV_LEN] = { 0 }; size_t out_len = SIV_LEN; diff --git a/crypto/ocsp/ocsp_srv.c b/crypto/ocsp/ocsp_srv.c index ee0e8a612c..22f637548d 100644 --- a/crypto/ocsp/ocsp_srv.c +++ b/crypto/ocsp/ocsp_srv.c @@ -253,7 +253,7 @@ int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert) } int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { ASN1_OCTET_STRING *byKey = NULL; unsigned char md[SHA_DIGEST_LENGTH]; @@ -290,7 +290,7 @@ int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert) return OCSP_RESPID_set_by_key_ex(respid, cert, NULL, NULL); } -int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OPENSSL_CTX *libctx, +int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OSSL_LIB_CTX *libctx, const char *propq) { EVP_MD *sha1 = NULL; diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c index 57e02e9db3..2284959e91 100644 --- a/crypto/pem/pem_info.c +++ b/crypto/pem/pem_info.c @@ -26,7 +26,7 @@ #ifndef OPENSSL_NO_STDIO STACK_OF(X509_INFO) *PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, - void *u, OPENSSL_CTX *libctx, const char *propq) + void *u, OSSL_LIB_CTX *libctx, const char *propq) { BIO *b; STACK_OF(X509_INFO) *ret; @@ -50,7 +50,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u, OPENSSL_CTX *libctx, + pem_password_cb *cb, void *u, OSSL_LIB_CTX *libctx, const char *propq) { X509_INFO *xi = NULL; diff --git a/crypto/pem/pem_pk8.c b/crypto/pem/pem_pk8.c index 05d6c4ae83..2abf687cbd 100644 --- a/crypto/pem/pem_pk8.c +++ b/crypto/pem/pem_pk8.c @@ -22,14 +22,14 @@ static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, const char *kstr, int klen, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); #ifndef OPENSSL_NO_STDIO static int do_pk8pkey_fp(FILE *bp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, const char *kstr, int klen, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); #endif /* * These functions write a private key in PKCS#8 format: it is a "drop in" @@ -69,7 +69,7 @@ int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, const EVP_PKEY *x, int nid, static int do_pk8pkey(BIO *bp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, const char *kstr, int klen, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int ret = 0; const char *outtype = isder ? "DER" : "PEM"; @@ -230,7 +230,7 @@ int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc static int do_pk8pkey_fp(FILE *fp, const EVP_PKEY *x, int isder, int nid, const EVP_CIPHER *enc, const char *kstr, int klen, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { BIO *bp; int ret; diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c index 462010d2ac..214fd1267c 100644 --- a/crypto/pem/pem_pkey.c +++ b/crypto/pem/pem_pkey.c @@ -31,7 +31,7 @@ int pem_check_suffix(const char *pem_str, const char *suffix); static EVP_PKEY *pem_read_bio_key(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, int expected_store_info_type, int try_secure) { @@ -101,7 +101,7 @@ static EVP_PKEY *pem_read_bio_key(BIO *bp, EVP_PKEY **x, EVP_PKEY *PEM_read_bio_PUBKEY_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { return pem_read_bio_key(bp, x, cb, u, libctx, propq, OSSL_STORE_INFO_PUBKEY, 0); @@ -116,7 +116,7 @@ EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, #ifndef OPENSSL_NO_STDIO EVP_PKEY *PEM_read_PUBKEY_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { BIO *b; EVP_PKEY *ret; @@ -139,7 +139,7 @@ EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u) EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { return pem_read_bio_key(bp, x, cb, u, libctx, propq, OSSL_STORE_INFO_PKEY, 1); @@ -198,7 +198,7 @@ int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x, } EVP_PKEY *PEM_read_bio_Parameters_ex(BIO *bp, EVP_PKEY **x, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { return pem_read_bio_key(bp, x, NULL, NULL, libctx, propq, OSSL_STORE_INFO_PARAMS, 0); @@ -227,7 +227,7 @@ PEM_write_fnsig(Parameters, EVP_PKEY, BIO, write_bio) #ifndef OPENSSL_NO_STDIO EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, - void *u, OPENSSL_CTX *libctx, + void *u, OSSL_LIB_CTX *libctx, const char *propq) { BIO *b; diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index bbe212d125..b22a75e20d 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -74,7 +74,7 @@ int PKCS12_key_gen_uni(unsigned char *pass, int passlen, unsigned char *salt, * The parameter query isn't available but the library context can be * extracted from the passed digest. */ - kdf = EVP_KDF_fetch(ossl_provider_library_context(EVP_MD_provider(md_type)), + kdf = EVP_KDF_fetch(ossl_provider_libctx(EVP_MD_provider(md_type)), "PKCS12KDF", NULL); if (kdf == NULL) return 0; diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c index b0027cec2d..21d8e8785d 100644 --- a/crypto/pkcs7/pk7_asn1.c +++ b/crypto/pkcs7/pk7_asn1.c @@ -83,7 +83,7 @@ PKCS7 *PKCS7_new(void) return (PKCS7 *)ASN1_item_new(ASN1_ITEM_rptr(PKCS7)); } -PKCS7 *PKCS7_new_ex(OPENSSL_CTX *libctx, const char *propq) +PKCS7 *PKCS7_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { PKCS7 *pkcs7 = PKCS7_new(); diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 8f92424ad7..da3336982e 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -432,7 +432,7 @@ const PKCS7_CTX *pkcs7_get0_ctx(const PKCS7 *p7) return p7 != NULL ? &p7->ctx : NULL; } -OPENSSL_CTX *pkcs7_ctx_get0_libctx(const PKCS7_CTX *ctx) +OSSL_LIB_CTX *pkcs7_ctx_get0_libctx(const PKCS7_CTX *ctx) { return ctx != NULL ? ctx->libctx : NULL; } diff --git a/crypto/pkcs7/pk7_local.h b/crypto/pkcs7/pk7_local.h index b9f9c35340..5db0127e1d 100644 --- a/crypto/pkcs7/pk7_local.h +++ b/crypto/pkcs7/pk7_local.h @@ -10,5 +10,5 @@ #include "crypto/pkcs7.h" const PKCS7_CTX *pkcs7_get0_ctx(const PKCS7 *p7); -OPENSSL_CTX *pkcs7_ctx_get0_libctx(const PKCS7_CTX *ctx); +OSSL_LIB_CTX *pkcs7_ctx_get0_libctx(const PKCS7_CTX *ctx); const char *pkcs7_ctx_get0_propq(const PKCS7_CTX *ctx); diff --git a/crypto/pkcs7/pk7_smime.c b/crypto/pkcs7/pk7_smime.c index e9ae4f3394..8e16e63971 100644 --- a/crypto/pkcs7/pk7_smime.c +++ b/crypto/pkcs7/pk7_smime.c @@ -21,7 +21,7 @@ static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si); PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, int flags, OPENSSL_CTX *libctx, + BIO *data, int flags, OSSL_LIB_CTX *libctx, const char *propq) { PKCS7 *p7; @@ -445,7 +445,7 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { PKCS7 *p7; BIO *p7bio = NULL; diff --git a/crypto/property/defn_cache.c b/crypto/property/defn_cache.c index 9bfbd13144..ea44476213 100644 --- a/crypto/property/defn_cache.c +++ b/crypto/property/defn_cache.c @@ -57,22 +57,23 @@ static void property_defns_free(void *vproperty_defns) } } -static void *property_defns_new(OPENSSL_CTX *ctx) { +static void *property_defns_new(OSSL_LIB_CTX *ctx) { return lh_PROPERTY_DEFN_ELEM_new(&property_defn_hash, &property_defn_cmp); } -static const OPENSSL_CTX_METHOD property_defns_method = { +static const OSSL_LIB_CTX_METHOD property_defns_method = { property_defns_new, property_defns_free, }; -OSSL_PROPERTY_LIST *ossl_prop_defn_get(OPENSSL_CTX *ctx, const char *prop) +OSSL_PROPERTY_LIST *ossl_prop_defn_get(OSSL_LIB_CTX *ctx, const char *prop) { PROPERTY_DEFN_ELEM elem, *r; LHASH_OF(PROPERTY_DEFN_ELEM) *property_defns; - property_defns = openssl_ctx_get_data(ctx, OPENSSL_CTX_PROPERTY_DEFN_INDEX, - &property_defns_method); + property_defns = ossl_lib_ctx_get_data(ctx, + OSSL_LIB_CTX_PROPERTY_DEFN_INDEX, + &property_defns_method); if (property_defns == NULL) return NULL; @@ -81,15 +82,16 @@ OSSL_PROPERTY_LIST *ossl_prop_defn_get(OPENSSL_CTX *ctx, const char *prop) return r != NULL ? r->defn : NULL; } -int ossl_prop_defn_set(OPENSSL_CTX *ctx, const char *prop, +int ossl_prop_defn_set(OSSL_LIB_CTX *ctx, const char *prop, OSSL_PROPERTY_LIST *pl) { PROPERTY_DEFN_ELEM elem, *old, *p = NULL; size_t len; LHASH_OF(PROPERTY_DEFN_ELEM) *property_defns; - property_defns = openssl_ctx_get_data(ctx, OPENSSL_CTX_PROPERTY_DEFN_INDEX, - &property_defns_method); + property_defns = ossl_lib_ctx_get_data(ctx, + OSSL_LIB_CTX_PROPERTY_DEFN_INDEX, + &property_defns_method); if (property_defns == NULL) return 0; diff --git a/crypto/property/property.c b/crypto/property/property.c index c2238ac63d..9cfca81190 100644 --- a/crypto/property/property.c +++ b/crypto/property/property.c @@ -57,7 +57,7 @@ typedef struct { } ALGORITHM; struct ossl_method_store_st { - OPENSSL_CTX *ctx; + OSSL_LIB_CTX *ctx; size_t nelem; SPARSE_ARRAY_OF(ALGORITHM) *algs; int need_flush; @@ -85,26 +85,26 @@ static void ossl_ctx_global_properties_free(void *vstore) } } -static void *ossl_ctx_global_properties_new(OPENSSL_CTX *ctx) +static void *ossl_ctx_global_properties_new(OSSL_LIB_CTX *ctx) { return OPENSSL_zalloc(sizeof(OSSL_PROPERTY_LIST **)); } -static const OPENSSL_CTX_METHOD ossl_ctx_global_properties_method = { +static const OSSL_LIB_CTX_METHOD ossl_ctx_global_properties_method = { ossl_ctx_global_properties_new, ossl_ctx_global_properties_free, }; -OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *libctx, +OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OSSL_LIB_CTX *libctx, int loadconfig) { #ifndef FIPS_MODULE if (loadconfig && !OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, NULL)) return NULL; #endif - return openssl_ctx_get_data(libctx, OPENSSL_CTX_GLOBAL_PROPERTIES, - &ossl_ctx_global_properties_method); + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_GLOBAL_PROPERTIES, + &ossl_ctx_global_properties_method); } static int ossl_method_up_ref(METHOD *method) @@ -169,10 +169,10 @@ static void alg_cleanup(ossl_uintmax_t idx, ALGORITHM *a) } /* - * The OPENSSL_CTX param here allows access to underlying property data needed + * The OSSL_LIB_CTX param here allows access to underlying property data needed * for computation */ -OSSL_METHOD_STORE *ossl_method_store_new(OPENSSL_CTX *ctx) +OSSL_METHOD_STORE *ossl_method_store_new(OSSL_LIB_CTX *ctx) { OSSL_METHOD_STORE *res; diff --git a/crypto/property/property_local.h b/crypto/property/property_local.h index 639af5591d..89020e606e 100644 --- a/crypto/property/property_local.h +++ b/crypto/property/property_local.h @@ -14,9 +14,9 @@ typedef int OSSL_PROPERTY_IDX; /* Property string functions */ -OSSL_PROPERTY_IDX ossl_property_name(OPENSSL_CTX *ctx, const char *s, +OSSL_PROPERTY_IDX ossl_property_name(OSSL_LIB_CTX *ctx, const char *s, int create); -OSSL_PROPERTY_IDX ossl_property_value(OPENSSL_CTX *ctx, const char *s, +OSSL_PROPERTY_IDX ossl_property_value(OSSL_LIB_CTX *ctx, const char *s, int create); /* Property list functions */ @@ -24,8 +24,8 @@ void ossl_property_free(OSSL_PROPERTY_LIST *p); int ossl_property_has_optional(const OSSL_PROPERTY_LIST *query); /* Property definition cache functions */ -OSSL_PROPERTY_LIST *ossl_prop_defn_get(OPENSSL_CTX *ctx, const char *prop); -int ossl_prop_defn_set(OPENSSL_CTX *ctx, const char *prop, +OSSL_PROPERTY_LIST *ossl_prop_defn_get(OSSL_LIB_CTX *ctx, const char *prop); +int ossl_prop_defn_set(OSSL_LIB_CTX *ctx, const char *prop, OSSL_PROPERTY_LIST *pl); /* Property cache lock / unlock */ diff --git a/crypto/property/property_parse.c b/crypto/property/property_parse.c index d53961daea..9bc89f4d42 100644 --- a/crypto/property/property_parse.c +++ b/crypto/property/property_parse.c @@ -80,7 +80,7 @@ static int match(const char *t[], const char m[], size_t m_len) return 0; } -static int parse_name(OPENSSL_CTX *ctx, const char *t[], int create, +static int parse_name(OSSL_LIB_CTX *ctx, const char *t[], int create, OSSL_PROPERTY_IDX *idx) { char name[100]; @@ -187,7 +187,7 @@ static int parse_oct(const char *t[], PROPERTY_DEFINITION *res) return 1; } -static int parse_string(OPENSSL_CTX *ctx, const char *t[], char delim, +static int parse_string(OSSL_LIB_CTX *ctx, const char *t[], char delim, PROPERTY_DEFINITION *res, const int create) { char v[1000]; @@ -218,7 +218,7 @@ static int parse_string(OPENSSL_CTX *ctx, const char *t[], char delim, return !err; } -static int parse_unquoted(OPENSSL_CTX *ctx, const char *t[], +static int parse_unquoted(OSSL_LIB_CTX *ctx, const char *t[], PROPERTY_DEFINITION *res, const int create) { char v[1000]; @@ -251,7 +251,7 @@ static int parse_unquoted(OPENSSL_CTX *ctx, const char *t[], return !err; } -static int parse_value(OPENSSL_CTX *ctx, const char *t[], +static int parse_value(OSSL_LIB_CTX *ctx, const char *t[], PROPERTY_DEFINITION *res, int create) { const char *s = *t; @@ -326,7 +326,7 @@ static OSSL_PROPERTY_LIST *stack_to_property_list(STACK_OF(PROPERTY_DEFINITION) return r; } -OSSL_PROPERTY_LIST *ossl_parse_property(OPENSSL_CTX *ctx, const char *defn) +OSSL_PROPERTY_LIST *ossl_parse_property(OSSL_LIB_CTX *ctx, const char *defn) { PROPERTY_DEFINITION *prop = NULL; OSSL_PROPERTY_LIST *res = NULL; @@ -385,7 +385,7 @@ err: return res; } -OSSL_PROPERTY_LIST *ossl_parse_query(OPENSSL_CTX *ctx, const char *s) +OSSL_PROPERTY_LIST *ossl_parse_query(OSSL_LIB_CTX *ctx, const char *s) { STACK_OF(PROPERTY_DEFINITION) *sk; OSSL_PROPERTY_LIST *res = NULL; @@ -453,7 +453,7 @@ int ossl_property_has_optional(const OSSL_PROPERTY_LIST *query) return query->has_optional ? 1 : 0; } -int ossl_property_is_enabled(OPENSSL_CTX *ctx, const char *property_name, +int ossl_property_is_enabled(OSSL_LIB_CTX *ctx, const char *property_name, const OSSL_PROPERTY_LIST *prop_list) { int i; @@ -590,7 +590,7 @@ OSSL_PROPERTY_LIST *ossl_property_merge(const OSSL_PROPERTY_LIST *a, return r; } -int ossl_property_parse_init(OPENSSL_CTX *ctx) +int ossl_property_parse_init(OSSL_LIB_CTX *ctx) { static const char *const predefined_names[] = { "provider", /* Name of provider (default, legacy, fips) */ diff --git a/crypto/property/property_string.c b/crypto/property/property_string.c index 55d34688db..17b930b439 100644 --- a/crypto/property/property_string.c +++ b/crypto/property/property_string.c @@ -81,7 +81,7 @@ static void property_string_data_free(void *vpropdata) OPENSSL_free(propdata); } -static void *property_string_data_new(OPENSSL_CTX *ctx) { +static void *property_string_data_new(OSSL_LIB_CTX *ctx) { PROPERTY_STRING_DATA *propdata = OPENSSL_zalloc(sizeof(*propdata)); if (propdata == NULL) @@ -104,7 +104,7 @@ err: return NULL; } -static const OPENSSL_CTX_METHOD property_string_data_method = { +static const OSSL_LIB_CTX_METHOD property_string_data_method = { property_string_data_new, property_string_data_free, }; @@ -147,12 +147,12 @@ static OSSL_PROPERTY_IDX ossl_property_string(PROP_TABLE *t, return ps != NULL ? ps->idx : 0; } -OSSL_PROPERTY_IDX ossl_property_name(OPENSSL_CTX *ctx, const char *s, +OSSL_PROPERTY_IDX ossl_property_name(OSSL_LIB_CTX *ctx, const char *s, int create) { PROPERTY_STRING_DATA *propdata - = openssl_ctx_get_data(ctx, OPENSSL_CTX_PROPERTY_STRING_INDEX, - &property_string_data_method); + = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_PROPERTY_STRING_INDEX, + &property_string_data_method); if (propdata == NULL) return 0; @@ -161,12 +161,12 @@ OSSL_PROPERTY_IDX ossl_property_name(OPENSSL_CTX *ctx, const char *s, s); } -OSSL_PROPERTY_IDX ossl_property_value(OPENSSL_CTX *ctx, const char *s, +OSSL_PROPERTY_IDX ossl_property_value(OSSL_LIB_CTX *ctx, const char *s, int create) { PROPERTY_STRING_DATA *propdata - = openssl_ctx_get_data(ctx, OPENSSL_CTX_PROPERTY_STRING_INDEX, - &property_string_data_method); + = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_PROPERTY_STRING_INDEX, + &property_string_data_method); if (propdata == NULL) return 0; diff --git a/crypto/provider.c b/crypto/provider.c index e05279b89d..53db7a6229 100644 --- a/crypto/provider.c +++ b/crypto/provider.c @@ -13,7 +13,7 @@ #include #include "internal/provider.h" -OSSL_PROVIDER *OSSL_PROVIDER_try_load(OPENSSL_CTX *libctx, const char *name) +OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name) { OSSL_PROVIDER *prov = NULL; @@ -30,7 +30,7 @@ OSSL_PROVIDER *OSSL_PROVIDER_try_load(OPENSSL_CTX *libctx, const char *name) return prov; } -OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name) +OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name) { /* Any attempt to load a provider disables auto-loading of defaults */ if (ossl_provider_disable_fallback_loading(libctx)) @@ -44,7 +44,7 @@ int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov) return 1; } -int OSSL_PROVIDER_available(OPENSSL_CTX *libctx, const char *name) +int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name) { OSSL_PROVIDER *prov = NULL; int available = 0; @@ -91,7 +91,7 @@ int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov, return ossl_provider_get_capabilities(prov, capability, cb, arg); } -int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *libctx, const char *name, +int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name, OSSL_provider_init_fn *init_fn) { OSSL_PROVIDER *prov = NULL; @@ -120,7 +120,7 @@ const char *OSSL_PROVIDER_name(const OSSL_PROVIDER *prov) return ossl_provider_name(prov); } -int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx, +int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, int (*cb)(OSSL_PROVIDER *provider, void *cbdata), void *cbdata) diff --git a/crypto/provider_conf.c b/crypto/provider_conf.c index a8fd7b278a..f4f88e7100 100644 --- a/crypto/provider_conf.c +++ b/crypto/provider_conf.c @@ -70,7 +70,7 @@ static int provider_conf_params(OSSL_PROVIDER *prov, return ok; } -static int provider_conf_load(OPENSSL_CTX *libctx, const char *name, +static int provider_conf_load(OSSL_LIB_CTX *libctx, const char *name, const char *value, const CONF *cnf) { int i; diff --git a/crypto/provider_core.c b/crypto/provider_core.c index 742d3e2b50..52e68641ae 100644 --- a/crypto/provider_core.c +++ b/crypto/provider_core.c @@ -54,7 +54,7 @@ struct ossl_provider_st { DSO *module; OSSL_provider_init_fn *init_function; STACK_OF(INFOPAIR) *parameters; - OPENSSL_CTX *libctx; /* The library context this instance is in */ + OSSL_LIB_CTX *libctx; /* The library context this instance is in */ struct provider_store_st *store; /* The store this instance belongs to */ #ifndef FIPS_MODULE /* @@ -138,7 +138,7 @@ static void provider_store_free(void *vstore) OPENSSL_free(store); } -static void *provider_store_new(OPENSSL_CTX *ctx) +static void *provider_store_new(OSSL_LIB_CTX *ctx) { struct provider_store_st *store = OPENSSL_zalloc(sizeof(*store)); const struct predefined_providers_st *p = NULL; @@ -179,23 +179,23 @@ static void *provider_store_new(OPENSSL_CTX *ctx) return store; } -static const OPENSSL_CTX_METHOD provider_store_method = { +static const OSSL_LIB_CTX_METHOD provider_store_method = { provider_store_new, provider_store_free, }; -static struct provider_store_st *get_provider_store(OPENSSL_CTX *libctx) +static struct provider_store_st *get_provider_store(OSSL_LIB_CTX *libctx) { struct provider_store_st *store = NULL; - store = openssl_ctx_get_data(libctx, OPENSSL_CTX_PROVIDER_STORE_INDEX, - &provider_store_method); + store = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_PROVIDER_STORE_INDEX, + &provider_store_method); if (store == NULL) CRYPTOerr(CRYPTO_F_GET_PROVIDER_STORE, ERR_R_INTERNAL_ERROR); return store; } -int ossl_provider_disable_fallback_loading(OPENSSL_CTX *libctx) +int ossl_provider_disable_fallback_loading(OSSL_LIB_CTX *libctx) { struct provider_store_st *store; @@ -206,7 +206,7 @@ int ossl_provider_disable_fallback_loading(OPENSSL_CTX *libctx) return 0; } -OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name, +OSSL_PROVIDER *ossl_provider_find(OSSL_LIB_CTX *libctx, const char *name, int noconfig) { struct provider_store_st *store = NULL; @@ -271,7 +271,7 @@ int ossl_provider_up_ref(OSSL_PROVIDER *prov) return ref; } -OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, +OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name, OSSL_provider_init_fn *init_function, int noconfig) { @@ -430,7 +430,8 @@ int ossl_provider_add_parameter(OSSL_PROVIDER *prov, */ static const OSSL_DISPATCH *core_dispatch; /* Define further down */ -int OSSL_PROVIDER_set_default_search_path(OPENSSL_CTX *libctx, const char *path) +int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, + const char *path) { struct provider_store_st *store; char *p = NULL; @@ -724,7 +725,7 @@ static void provider_activate_fallbacks(struct provider_store_st *store) } } -int ossl_provider_forall_loaded(OPENSSL_CTX *ctx, +int ossl_provider_forall_loaded(OSSL_LIB_CTX *ctx, int (*cb)(OSSL_PROVIDER *provider, void *cbdata), void *cbdata) @@ -816,7 +817,7 @@ void *ossl_provider_prov_ctx(const OSSL_PROVIDER *prov) return NULL; } -OPENSSL_CTX *ossl_provider_library_context(const OSSL_PROVIDER *prov) +OSSL_LIB_CTX *ossl_provider_libctx(const OSSL_PROVIDER *prov) { /* TODO(3.0) just: return prov->libctx; */ return prov != NULL ? prov->libctx : NULL; @@ -849,7 +850,7 @@ int ossl_provider_self_test(const OSSL_PROVIDER *prov) return 1; ret = prov->self_test(prov->provctx); if (ret == 0) - evp_method_store_flush(ossl_provider_library_context(prov)); + evp_method_store_flush(ossl_provider_libctx(prov)); return ret; } @@ -940,7 +941,7 @@ static const OSSL_PARAM param_types[] = { static OSSL_FUNC_core_gettable_params_fn core_gettable_params; static OSSL_FUNC_core_get_params_fn core_get_params; static OSSL_FUNC_core_thread_start_fn core_thread_start; -static OSSL_FUNC_core_get_library_context_fn core_get_libctx; +static OSSL_FUNC_core_get_libctx_fn core_get_libctx; #ifndef FIPS_MODULE static OSSL_FUNC_core_new_error_fn core_new_error; static OSSL_FUNC_core_set_error_debug_fn core_set_error_debug; @@ -996,7 +997,7 @@ static OPENSSL_CORE_CTX *core_get_libctx(const OSSL_CORE_HANDLE *handle) */ OSSL_PROVIDER *prov = (OSSL_PROVIDER *)handle; - return (OPENSSL_CORE_CTX *)ossl_provider_library_context(prov); + return (OPENSSL_CORE_CTX *)ossl_provider_libctx(prov); } static int core_thread_start(const OSSL_CORE_HANDLE *handle, @@ -1079,7 +1080,7 @@ static int core_pop_error_to_mark(const OSSL_CORE_HANDLE *handle) static const OSSL_DISPATCH core_dispatch_[] = { { OSSL_FUNC_CORE_GETTABLE_PARAMS, (void (*)(void))core_gettable_params }, { OSSL_FUNC_CORE_GET_PARAMS, (void (*)(void))core_get_params }, - { OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT, (void (*)(void))core_get_libctx }, + { OSSL_FUNC_CORE_GET_LIBCTX, (void (*)(void))core_get_libctx }, { OSSL_FUNC_CORE_THREAD_START, (void (*)(void))core_thread_start }, #ifndef FIPS_MODULE { OSSL_FUNC_CORE_NEW_ERROR, (void (*)(void))core_new_error }, diff --git a/crypto/rand/rand_lib.c b/crypto/rand/rand_lib.c index 6b2eaab68d..d388d8908a 100644 --- a/crypto/rand/rand_lib.c +++ b/crypto/rand/rand_lib.c @@ -266,7 +266,7 @@ const RAND_METHOD *RAND_get_rand_method(void) * the default method, then just call RAND_bytes(). Otherwise make * sure we're instantiated and use the private DRBG. */ -int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) +int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num) { EVP_RAND_CTX *rand; const RAND_METHOD *meth = RAND_get_rand_method(); @@ -290,7 +290,7 @@ int RAND_priv_bytes(unsigned char *buf, int num) return RAND_priv_bytes_ex(NULL, buf, num); } -int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num) +int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num) { EVP_RAND_CTX *rand; const RAND_METHOD *meth = RAND_get_rand_method(); @@ -366,10 +366,10 @@ typedef struct rand_global_st { } RAND_GLOBAL; /* - * Initialize the OPENSSL_CTX global DRBGs on first use. + * Initialize the OSSL_LIB_CTX global DRBGs on first use. * Returns the allocated global data on success or NULL on failure. */ -static void *rand_ossl_ctx_new(OPENSSL_CTX *libctx) +static void *rand_ossl_ctx_new(OSSL_LIB_CTX *libctx) { RAND_GLOBAL *dgbl = OPENSSL_zalloc(sizeof(*dgbl)); @@ -423,20 +423,20 @@ static void rand_ossl_ctx_free(void *vdgbl) OPENSSL_free(dgbl); } -static const OPENSSL_CTX_METHOD rand_drbg_ossl_ctx_method = { +static const OSSL_LIB_CTX_METHOD rand_drbg_ossl_ctx_method = { rand_ossl_ctx_new, rand_ossl_ctx_free, }; -static RAND_GLOBAL *rand_get_global(OPENSSL_CTX *libctx) +static RAND_GLOBAL *rand_get_global(OSSL_LIB_CTX *libctx) { - return openssl_ctx_get_data(libctx, OPENSSL_CTX_DRBG_INDEX, - &rand_drbg_ossl_ctx_method); + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_DRBG_INDEX, + &rand_drbg_ossl_ctx_method); } static void rand_delete_thread_state(void *arg) { - OPENSSL_CTX *ctx = arg; + OSSL_LIB_CTX *ctx = arg; RAND_GLOBAL *dgbl = rand_get_global(ctx); EVP_RAND_CTX *rand; @@ -452,7 +452,7 @@ static void rand_delete_thread_state(void *arg) EVP_RAND_CTX_free(rand); } -static EVP_RAND_CTX *rand_new_drbg(OPENSSL_CTX *libctx, EVP_RAND_CTX *parent, +static EVP_RAND_CTX *rand_new_drbg(OSSL_LIB_CTX *libctx, EVP_RAND_CTX *parent, unsigned int reseed_interval, time_t reseed_time_interval) { @@ -512,7 +512,7 @@ static EVP_RAND_CTX *rand_new_drbg(OPENSSL_CTX *libctx, EVP_RAND_CTX *parent, * Returns pointer to its EVP_RAND_CTX on success, NULL on failure. * */ -EVP_RAND_CTX *RAND_get0_primary(OPENSSL_CTX *ctx) +EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx) { RAND_GLOBAL *dgbl = rand_get_global(ctx); @@ -534,7 +534,7 @@ EVP_RAND_CTX *RAND_get0_primary(OPENSSL_CTX *ctx) * Get the public random generator. * Returns pointer to its EVP_RAND_CTX on success, NULL on failure. */ -EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx) +EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx) { RAND_GLOBAL *dgbl = rand_get_global(ctx); EVP_RAND_CTX *rand, *primary; @@ -548,7 +548,7 @@ EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx) if (primary == NULL) return NULL; - ctx = openssl_ctx_get_concrete(ctx); + ctx = ossl_lib_ctx_get_concrete(ctx); /* * If the private is also NULL then this is the first time we've * used this thread. @@ -567,7 +567,7 @@ EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx) * Get the private random generator. * Returns pointer to its EVP_RAND_CTX on success, NULL on failure. */ -EVP_RAND_CTX *RAND_get0_private(OPENSSL_CTX *ctx) +EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx) { RAND_GLOBAL *dgbl = rand_get_global(ctx); EVP_RAND_CTX *rand, *primary; @@ -581,7 +581,7 @@ EVP_RAND_CTX *RAND_get0_private(OPENSSL_CTX *ctx) if (primary == NULL) return NULL; - ctx = openssl_ctx_get_concrete(ctx); + ctx = ossl_lib_ctx_get_concrete(ctx); /* * If the public is also NULL then this is the first time we've * used this thread. diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index c693ca7e21..d767e4a9f0 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -889,7 +889,7 @@ static size_t rsa_pkey_dirty_cnt(const EVP_PKEY *pkey) */ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, void *to_keydata, EVP_KEYMGMT *to_keymgmt, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { RSA *rsa = from->pkey.rsa; OSSL_PARAM_BLD *tmpl = OSSL_PARAM_BLD_new(); @@ -1019,7 +1019,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, } static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx, + EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, const char *propq) { return rsa_int_export_to(from, RSA_FLAG_TYPE_RSA, to_keydata, @@ -1027,7 +1027,7 @@ static int rsa_pkey_export_to(const EVP_PKEY *from, void *to_keydata, } static int rsa_pss_pkey_export_to(const EVP_PKEY *from, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx, + EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, const char *propq) { return rsa_int_export_to(from, RSA_FLAG_TYPE_RSASSAPSS, to_keydata, diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index 9279e71857..f64fb34d52 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -212,7 +212,7 @@ int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, const OSSL_PARAM params[], - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { const OSSL_PARAM *param_md, *param_mgf, *param_mgf1md, *param_saltlen; const OSSL_PARAM *param_propq; diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index 58c7806ffd..9ee5998829 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -28,7 +28,7 @@ #include "rsa_local.h" static int rsa_keygen_pairwise_test(RSA *rsa, OSSL_CALLBACK *cb, void *cbarg); -static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes, +static int rsa_keygen(OSSL_LIB_CTX *libctx, RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_GENCB *cb, int pairwise_test); /* @@ -419,7 +419,7 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes, } #endif /* FIPS_MODULE */ -static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes, +static int rsa_keygen(OSSL_LIB_CTX *libctx, RSA *rsa, int bits, int primes, BIGNUM *e_value, BN_GENCB *cb, int pairwise_test) { int ok = 0; diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index a73df12dc6..e4315f06cd 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -27,7 +27,7 @@ #include "crypto/security_bits.h" #include "rsa_local.h" -static RSA *rsa_new_intern(ENGINE *engine, OPENSSL_CTX *libctx); +static RSA *rsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx); #ifndef FIPS_MODULE RSA *RSA_new(void) @@ -66,12 +66,12 @@ RSA *RSA_new_method(ENGINE *engine) } #endif -RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx) +RSA *ossl_rsa_new_with_ctx(OSSL_LIB_CTX *libctx) { return rsa_new_intern(NULL, libctx); } -static RSA *rsa_new_intern(ENGINE *engine, OPENSSL_CTX *libctx) +static RSA *rsa_new_intern(ENGINE *engine, OSSL_LIB_CTX *libctx) { RSA *ret = OPENSSL_zalloc(sizeof(*ret)); @@ -189,7 +189,7 @@ int RSA_up_ref(RSA *r) return i > 1 ? 1 : 0; } -OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r) +OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r) { return r->libctx; } diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index f5c6be31a9..60e590998b 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -56,7 +56,7 @@ struct rsa_st { */ int dummy_zero; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; int32_t version; const RSA_METHOD *meth; /* functional reference if 'meth' is ENGINE-provided */ @@ -196,10 +196,10 @@ int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); -int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, +int ossl_rsa_padding_add_SSLv23_ex(OSSL_LIB_CTX *libctx, unsigned char *to, int tlen, const unsigned char *from, int flen); -int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, +int ossl_rsa_padding_add_PKCS1_type_2_ex(OSSL_LIB_CTX *libctx, unsigned char *to, int tlen, const unsigned char *from, int flen); diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index 17200e787a..809e752bee 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -51,7 +51,7 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, * Step numbers are included here but not in the constant time inverse below * to avoid complicating an already difficult enough function. */ -int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx, unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 64f6864740..daa8297300 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -124,7 +124,7 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, return j; } -int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, +int ossl_rsa_padding_add_PKCS1_type_2_ex(OSSL_LIB_CTX *libctx, unsigned char *to, int tlen, const unsigned char *from, int flen) { @@ -298,7 +298,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * decrypted data will be randomly generated (as per * https://tools.ietf.org/html/rfc5246#section-7.4.7.1). */ -int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, +int ossl_rsa_padding_check_PKCS1_type_2_TLS(OSSL_LIB_CTX *libctx, unsigned char *to, size_t tlen, const unsigned char *from, size_t flen, int client_version, diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index e2cf98d884..7e688aa9bc 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -21,7 +21,7 @@ #include "internal/constant_time.h" #include "rsa_local.h" -int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, +int ossl_rsa_padding_add_SSLv23_ex(OSSL_LIB_CTX *libctx, unsigned char *to, int tlen, const unsigned char *from, int flen) { diff --git a/crypto/self_test_core.c b/crypto/self_test_core.c index 7aa8490ddf..a4f6c9ab2a 100644 --- a/crypto/self_test_core.c +++ b/crypto/self_test_core.c @@ -32,7 +32,7 @@ struct ossl_self_test_st }; #ifndef FIPS_MODULE -static void *self_test_set_callback_new(OPENSSL_CTX *ctx) +static void *self_test_set_callback_new(OSSL_LIB_CTX *ctx) { SELF_TEST_CB *stcb; @@ -45,18 +45,18 @@ static void self_test_set_callback_free(void *stcb) OPENSSL_free(stcb); } -static const OPENSSL_CTX_METHOD self_test_set_callback_method = { +static const OSSL_LIB_CTX_METHOD self_test_set_callback_method = { self_test_set_callback_new, self_test_set_callback_free, }; -static SELF_TEST_CB *get_self_test_callback(OPENSSL_CTX *libctx) +static SELF_TEST_CB *get_self_test_callback(OSSL_LIB_CTX *libctx) { - return openssl_ctx_get_data(libctx, OPENSSL_CTX_SELF_TEST_CB_INDEX, - &self_test_set_callback_method); + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_SELF_TEST_CB_INDEX, + &self_test_set_callback_method); } -void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK *cb, +void OSSL_SELF_TEST_set_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK *cb, void *cbarg) { SELF_TEST_CB *stcb = get_self_test_callback(libctx); @@ -67,7 +67,7 @@ void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK *cb, } } -void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK **cb, +void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK **cb, void **cbarg) { SELF_TEST_CB *stcb = get_self_test_callback(libctx); diff --git a/crypto/sm2/sm2_crypt.c b/crypto/sm2/sm2_crypt.c index 0ae67fb22b..6db87f6845 100644 --- a/crypto/sm2/sm2_crypt.c +++ b/crypto/sm2/sm2_crypt.c @@ -139,7 +139,7 @@ int sm2_encrypt(const EC_KEY *key, size_t field_size; const int C3_size = EVP_MD_size(digest); EVP_MD *fetched_digest = NULL; - OPENSSL_CTX *libctx = ec_key_get_libctx(key); + OSSL_LIB_CTX *libctx = ec_key_get_libctx(key); const char *propq = ec_key_get0_propq(key); /* NULL these before any "goto done" */ @@ -297,7 +297,7 @@ int sm2_decrypt(const EC_KEY *key, const uint8_t *C3 = NULL; int msg_len = 0; EVP_MD_CTX *hash = NULL; - OPENSSL_CTX *libctx = ec_key_get_libctx(key); + OSSL_LIB_CTX *libctx = ec_key_get_libctx(key); const char *propq = ec_key_get0_propq(key); if (field_size == 0 || hash_size <= 0) diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c index 39b6e11cf2..ddc19a2de8 100644 --- a/crypto/sm2/sm2_sign.c +++ b/crypto/sm2/sm2_sign.c @@ -147,7 +147,7 @@ static BIGNUM *sm2_compute_msg_hash(const EVP_MD *digest, uint8_t *z = NULL; BIGNUM *e = NULL; EVP_MD *fetched_digest = NULL; - OPENSSL_CTX *libctx = ec_key_get_libctx(key); + OSSL_LIB_CTX *libctx = ec_key_get_libctx(key); const char *propq = ec_key_get0_propq(key); if (md_size < 0) { @@ -206,7 +206,7 @@ static ECDSA_SIG *sm2_sig_gen(const EC_KEY *key, const BIGNUM *e) BIGNUM *s = NULL; BIGNUM *x1 = NULL; BIGNUM *tmp = NULL; - OPENSSL_CTX *libctx = ec_key_get_libctx(key); + OSSL_LIB_CTX *libctx = ec_key_get_libctx(key); kG = EC_POINT_new(group); ctx = BN_CTX_new_ex(libctx); @@ -306,7 +306,7 @@ static int sm2_sig_verify(const EC_KEY *key, const ECDSA_SIG *sig, BIGNUM *x1 = NULL; const BIGNUM *r = NULL; const BIGNUM *s = NULL; - OPENSSL_CTX *libctx = ec_key_get_libctx(key); + OSSL_LIB_CTX *libctx = ec_key_get_libctx(key); ctx = BN_CTX_new_ex(libctx); pt = EC_POINT_new(group); diff --git a/crypto/srp/srp_lib.c b/crypto/srp/srp_lib.c index 253aaf9a57..092cc159aa 100644 --- a/crypto/srp/srp_lib.c +++ b/crypto/srp/srp_lib.c @@ -21,7 +21,7 @@ /* calculate = SHA1(PAD(x) || PAD(y)) */ static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { unsigned char digest[SHA_DIGEST_LENGTH]; unsigned char *tmp = NULL; @@ -49,7 +49,8 @@ static BIGNUM *srp_Calc_xy(const BIGNUM *x, const BIGNUM *y, const BIGNUM *N, return res; } -static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g, OPENSSL_CTX *libctx, +static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g, + OSSL_LIB_CTX *libctx, const char *propq) { /* k = SHA1(N | PAD(g)) -- tls-srp RFC 5054 */ @@ -57,7 +58,7 @@ static BIGNUM *srp_Calc_k(const BIGNUM *N, const BIGNUM *g, OPENSSL_CTX *libctx, } BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { /* u = SHA1(PAD(A) || PAD(B) ) -- tls-srp RFC 5054 */ return srp_Calc_xy(A, B, N, libctx, propq); @@ -100,7 +101,7 @@ BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u, } BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g, - const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq) + const BIGNUM *v, OSSL_LIB_CTX *libctx, const char *propq) { BIGNUM *kv = NULL, *gb = NULL; BIGNUM *B = NULL, *k = NULL; @@ -138,7 +139,7 @@ BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g, } BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { unsigned char dig[SHA_DIGEST_LENGTH]; EVP_MD_CTX *ctxt; @@ -207,7 +208,7 @@ BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g) BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g, const BIGNUM *x, const BIGNUM *a, const BIGNUM *u, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { BIGNUM *tmp = NULL, *tmp2 = NULL, *tmp3 = NULL, *k = NULL, *K = NULL; BN_CTX *bn_ctx; diff --git a/crypto/srp/srp_vfy.c b/crypto/srp/srp_vfy.c index 6c50d06457..b166e5fb8b 100644 --- a/crypto/srp/srp_vfy.c +++ b/crypto/srp/srp_vfy.c @@ -596,7 +596,7 @@ SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username) */ char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt, char **verifier, const char *N, const char *g, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int len; char *result = NULL, *vf = NULL; @@ -702,7 +702,7 @@ char *SRP_create_verifier(const char *user, const char *pass, char **salt, */ int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, const BIGNUM *N, - const BIGNUM *g, OPENSSL_CTX *libctx, + const BIGNUM *g, OSSL_LIB_CTX *libctx, const char *propq) { int result = 0; diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 94f47d0394..1ce61ea9da 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -32,7 +32,7 @@ static int ossl_store_close_it(OSSL_STORE_CTX *ctx); OSSL_STORE_CTX * -OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq, +OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data) @@ -916,7 +916,7 @@ const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH *criterion) } OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bp, const char *scheme, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data) diff --git a/crypto/store/store_local.h b/crypto/store/store_local.h index e5488606e4..56a90a125b 100644 --- a/crypto/store/store_local.h +++ b/crypto/store/store_local.h @@ -171,10 +171,10 @@ int ossl_store_file_detach_pem_bio_int(OSSL_STORE_LOADER_CTX *ctx); * Provider stuff * ------------------- */ -OSSL_STORE_LOADER *ossl_store_loader_fetch(OPENSSL_CTX *libctx, +OSSL_STORE_LOADER *ossl_store_loader_fetch(OSSL_LIB_CTX *libctx, const char *scheme, const char *properties); -OSSL_STORE_LOADER *ossl_store_loader_fetch_by_number(OPENSSL_CTX *libctx, +OSSL_STORE_LOADER *ossl_store_loader_fetch_by_number(OSSL_LIB_CTX *libctx, int scheme_id, const char *properties); diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c index 6af5ec14f2..166b885806 100644 --- a/crypto/store/store_meth.c +++ b/crypto/store/store_meth.c @@ -74,20 +74,20 @@ static void loader_store_free(void *vstore) ossl_method_store_free(vstore); } -static void *loader_store_new(OPENSSL_CTX *ctx) +static void *loader_store_new(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } -static const OPENSSL_CTX_METHOD loader_store_method = { +static const OSSL_LIB_CTX_METHOD loader_store_method = { loader_store_new, loader_store_free, }; /* Data to be passed through ossl_method_construct() */ struct loader_data_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; OSSL_METHOD_CONSTRUCT_METHOD *mcm; int scheme_id; /* For get_loader_from_store() */ const char *scheme; /* For get_loader_from_store() */ @@ -100,7 +100,7 @@ struct loader_data_st { */ /* Temporary loader method store, constructor and destructor */ -static void *alloc_tmp_loader_store(OPENSSL_CTX *ctx) +static void *alloc_tmp_loader_store(OSSL_LIB_CTX *ctx) { return ossl_method_store_new(ctx); } @@ -112,14 +112,14 @@ static void *alloc_tmp_loader_store(OPENSSL_CTX *ctx) } /* Get the permanent loader store */ -static OSSL_METHOD_STORE *get_loader_store(OPENSSL_CTX *libctx) +static OSSL_METHOD_STORE *get_loader_store(OSSL_LIB_CTX *libctx) { - return openssl_ctx_get_data(libctx, OPENSSL_CTX_STORE_LOADER_STORE_INDEX, + return ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX, &loader_store_method); } /* Get loader methods from a store, or put one in */ -static void *get_loader_from_store(OPENSSL_CTX *libctx, void *store, +static void *get_loader_from_store(OSSL_LIB_CTX *libctx, void *store, void *data) { struct loader_data_st *methdata = data; @@ -141,7 +141,7 @@ static void *get_loader_from_store(OPENSSL_CTX *libctx, void *store, return method; } -static int put_loader_in_store(OPENSSL_CTX *libctx, void *store, +static int put_loader_in_store(OSSL_LIB_CTX *libctx, void *store, void *method, const OSSL_PROVIDER *prov, int operation_id, const char *scheme, const char *propdef, void *unused) @@ -235,7 +235,7 @@ static void *construct_loader(const OSSL_ALGORITHM *algodef, * namemap entry, this is it. Should the scheme already exist there, we * know that ossl_namemap_add() will return its corresponding number. */ - OPENSSL_CTX *libctx = ossl_provider_library_context(prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); const char *scheme = algodef->algorithm_names; int id = ossl_namemap_add_name(namemap, 0, scheme); @@ -254,7 +254,7 @@ static void destruct_loader(void *method, void *data) } /* Fetching support. Can fetch by numeric identity or by scheme */ -static OSSL_STORE_LOADER *inner_loader_fetch(OPENSSL_CTX *libctx, +static OSSL_STORE_LOADER *inner_loader_fetch(OSSL_LIB_CTX *libctx, int id, const char *scheme, const char *properties) { @@ -311,13 +311,13 @@ static OSSL_STORE_LOADER *inner_loader_fetch(OPENSSL_CTX *libctx, } OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(const char *scheme, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *properties) { return inner_loader_fetch(libctx, 0, scheme, properties); } -OSSL_STORE_LOADER *ossl_store_loader_fetch_by_number(OPENSSL_CTX *libctx, +OSSL_STORE_LOADER *ossl_store_loader_fetch_by_number(OSSL_LIB_CTX *libctx, int scheme_id, const char *properties) { @@ -361,7 +361,7 @@ int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader) int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name) { if (loader->prov != NULL) { - OPENSSL_CTX *libctx = ossl_provider_library_context(loader->prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(loader->prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); return ossl_namemap_name2num(namemap, name) == loader->scheme_id; @@ -379,7 +379,7 @@ static void loader_do_one(OSSL_PROVIDER *provider, int no_store, void *vdata) { struct loader_do_all_data_st *data = vdata; - OPENSSL_CTX *libctx = ossl_provider_library_context(provider); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(provider); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); const char *name = algodef->algorithm_names; int id = ossl_namemap_add_name(namemap, 0, name); @@ -395,7 +395,7 @@ static void loader_do_one(OSSL_PROVIDER *provider, } } -void OSSL_STORE_LOADER_do_all_provided(OPENSSL_CTX *libctx, +void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_STORE_LOADER *loader, void *arg), void *arg) @@ -417,7 +417,7 @@ void OSSL_STORE_LOADER_names_do_all(const OSSL_STORE_LOADER *loader, return; if (loader->prov != NULL) { - OPENSSL_CTX *libctx = ossl_provider_library_context(loader->prov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(loader->prov); OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx); ossl_namemap_doall_names(namemap, loader->scheme_id, fn, data); diff --git a/crypto/store/store_result.c b/crypto/store/store_result.c index 200544d72d..5848761a5e 100644 --- a/crypto/store/store_result.c +++ b/crypto/store/store_result.c @@ -73,13 +73,13 @@ struct extracted_param_data_st { static int try_name(struct extracted_param_data_st *, OSSL_STORE_INFO **); static int try_key(struct extracted_param_data_st *, OSSL_STORE_INFO **, OSSL_STORE_CTX *, const OSSL_PROVIDER *, - OPENSSL_CTX *, const char *); + OSSL_LIB_CTX *, const char *); static int try_cert(struct extracted_param_data_st *, OSSL_STORE_INFO **, - OPENSSL_CTX *, const char *); + OSSL_LIB_CTX *, const char *); static int try_crl(struct extracted_param_data_st *, OSSL_STORE_INFO **, - OPENSSL_CTX *, const char *); + OSSL_LIB_CTX *, const char *); static int try_pkcs12(struct extracted_param_data_st *, OSSL_STORE_INFO **, - OSSL_STORE_CTX *, OPENSSL_CTX *, const char *); + OSSL_STORE_CTX *, OSSL_LIB_CTX *, const char *); #define SET_ERR_MARK() ERR_set_mark() #define CLEAR_ERR_MARK() \ @@ -107,7 +107,7 @@ int ossl_store_handle_load_result(const OSSL_PARAM params[], void *arg) OSSL_STORE_CTX *ctx = cbdata->ctx; const OSSL_PROVIDER *provider = OSSL_STORE_LOADER_provider(ctx->fetched_loader); - OPENSSL_CTX *libctx = ossl_provider_library_context(provider); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(provider); const char *propq = ctx->properties; const OSSL_PARAM *p; struct extracted_param_data_st helper_data; @@ -192,7 +192,7 @@ static int try_name(struct extracted_param_data_st *data, OSSL_STORE_INFO **v) static EVP_PKEY *try_key_ref(struct extracted_param_data_st *data, OSSL_STORE_CTX *ctx, const OSSL_PROVIDER *provider, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_PKEY *pk = NULL; EVP_KEYMGMT *keymgmt = NULL; @@ -247,7 +247,7 @@ static EVP_PKEY *try_key_ref(struct extracted_param_data_st *data, static EVP_PKEY *try_key_value(struct extracted_param_data_st *data, OSSL_STORE_CTX *ctx, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_PKEY *pk = NULL; OSSL_DECODER_CTX *decoderctx = NULL; @@ -272,7 +272,7 @@ static EVP_PKEY *try_key_value_legacy(struct extracted_param_data_st *data, store_info_new_fn **store_info_new, OSSL_STORE_CTX *ctx, OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { EVP_PKEY *pk = NULL; const unsigned char *der = data->octet_data, *derp; @@ -351,7 +351,7 @@ static EVP_PKEY *try_key_value_legacy(struct extracted_param_data_st *data, static int try_key(struct extracted_param_data_st *data, OSSL_STORE_INFO **v, OSSL_STORE_CTX *ctx, const OSSL_PROVIDER *provider, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { store_info_new_fn *store_info_new = NULL; @@ -422,7 +422,7 @@ static int try_key(struct extracted_param_data_st *data, OSSL_STORE_INFO **v, } static int try_cert(struct extracted_param_data_st *data, OSSL_STORE_INFO **v, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { if (data->object_type == OSSL_OBJECT_UNKNOWN || data->object_type == OSSL_OBJECT_CERT) { @@ -469,7 +469,7 @@ static int try_cert(struct extracted_param_data_st *data, OSSL_STORE_INFO **v, } static int try_crl(struct extracted_param_data_st *data, OSSL_STORE_INFO **v, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { if (data->object_type == OSSL_OBJECT_UNKNOWN || data->object_type == OSSL_OBJECT_CRL) { @@ -497,7 +497,7 @@ static int try_crl(struct extracted_param_data_st *data, OSSL_STORE_INFO **v, static int try_pkcs12(struct extracted_param_data_st *data, OSSL_STORE_INFO **v, OSSL_STORE_CTX *ctx, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { /* There is no specific object type for PKCS12 */ if (data->object_type == OSSL_OBJECT_UNKNOWN) { diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c index f182764899..b67b6c5648 100644 --- a/crypto/x509/by_dir.c +++ b/crypto/x509/by_dir.c @@ -49,7 +49,7 @@ static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret); static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); static X509_LOOKUP_METHOD x509_dir_lookup = { "Load certs from files in a directory", new_dir, /* new_item */ @@ -216,7 +216,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { BY_DIR *ctx; union { diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c index c5010c4e7e..16d2971731 100644 --- a/crypto/x509/by_file.c +++ b/crypto/x509/by_file.c @@ -20,7 +20,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, - long argl, char **ret, OPENSSL_CTX *libctx, + long argl, char **ret, OSSL_LIB_CTX *libctx, const char *propq); @@ -45,7 +45,7 @@ X509_LOOKUP_METHOD *X509_LOOKUP_file(void) } static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, - long argl, char **ret, OPENSSL_CTX *libctx, + long argl, char **ret, OSSL_LIB_CTX *libctx, const char *propq) { int ok = 0; @@ -87,7 +87,7 @@ static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, } int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int ret = 0; BIO *in = NULL; @@ -212,7 +212,7 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) } int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { STACK_OF(X509_INFO) *inf; X509_INFO *itmp; diff --git a/crypto/x509/by_store.c b/crypto/x509/by_store.c index e29e74f917..29d9700ab1 100644 --- a/crypto/x509/by_store.c +++ b/crypto/x509/by_store.c @@ -15,7 +15,7 @@ /* Generic object loader, given expected type and criterion */ static int cache_objects(X509_LOOKUP *lctx, const char *uri, const OSSL_STORE_SEARCH *criterion, - int depth, OPENSSL_CTX *libctx, const char *propq) + int depth, OSSL_LIB_CTX *libctx, const char *propq) { int ok = 0; OSSL_STORE_CTX *ctx = NULL; @@ -105,7 +105,7 @@ static void by_store_free(X509_LOOKUP *ctx) } static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp, - long argl, char **retp, OPENSSL_CTX *libctx, + long argl, char **retp, OSSL_LIB_CTX *libctx, const char *propq) { switch (cmd) { @@ -141,7 +141,7 @@ static int by_store_ctrl(X509_LOOKUP *ctx, int cmd, static int by_store(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const OSSL_STORE_SEARCH *criterion, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { STACK_OF(OPENSSL_STRING) *uris = X509_LOOKUP_get_method_data(ctx); int i; @@ -159,7 +159,7 @@ static int by_store(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, static int by_store_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_SEARCH *criterion = OSSL_STORE_SEARCH_by_name((X509_NAME *)name); /* won't modify it */ diff --git a/crypto/x509/x509_d2.c b/crypto/x509/x509_d2.c index 40f751cde6..4c2bc4defa 100644 --- a/crypto/x509/x509_d2.c +++ b/crypto/x509/x509_d2.c @@ -12,7 +12,7 @@ #include #include -int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx, +int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OSSL_LIB_CTX *libctx, const char *propq) { X509_LOOKUP *lookup; @@ -43,7 +43,7 @@ int X509_STORE_set_default_paths(X509_STORE *ctx) } int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { X509_LOOKUP *lookup; @@ -74,7 +74,7 @@ int X509_STORE_load_path(X509_STORE *ctx, const char *path) } int X509_STORE_load_store_ex(X509_STORE *ctx, const char *uri, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { X509_LOOKUP *lookup; @@ -92,7 +92,7 @@ int X509_STORE_load_store(X509_STORE *ctx, const char *uri) } int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file, - const char *path, OPENSSL_CTX *libctx, + const char *path, OSSL_LIB_CTX *libctx, const char *propq) { if (file == NULL && path == NULL) diff --git a/crypto/x509/x509_local.h b/crypto/x509/x509_local.h index 5d1f984aea..1467aca1ff 100644 --- a/crypto/x509/x509_local.h +++ b/crypto/x509/x509_local.h @@ -92,9 +92,9 @@ struct x509_lookup_method_st { const char *str, int len, X509_OBJECT *ret); int (*get_by_subject_ex) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int (*ctrl_ex) (X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret, OPENSSL_CTX *libctx, const char *propq); + char **ret, OSSL_LIB_CTX *libctx, const char *propq); }; /* This is the functions plus an instance of the local variables. */ diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c index 69517e0b5e..e591f16938 100644 --- a/crypto/x509/x509_lu.c +++ b/crypto/x509/x509_lu.c @@ -72,7 +72,7 @@ int X509_LOOKUP_shutdown(X509_LOOKUP *ctx) } int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret, OPENSSL_CTX *libctx, const char *propq) + char **ret, OSSL_LIB_CTX *libctx, const char *propq) { if (ctx->method == NULL) return -1; @@ -91,7 +91,7 @@ int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { if (ctx->skip || ctx->method == NULL diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 710939b619..1b24e0156a 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -2322,7 +2322,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, return 1; } -X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq) +X509_STORE_CTX *X509_STORE_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { X509_STORE_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c index a7cf13f7b8..20b048c4a3 100644 --- a/crypto/x509/x_all.c +++ b/crypto/x509/x_all.c @@ -37,7 +37,7 @@ int X509_verify(X509 *a, EVP_PKEY *r) a->distinguishing_id, r, a->libctx, a->propq); } -int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx, +int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OSSL_LIB_CTX *libctx, const char *propq) { return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg, @@ -555,7 +555,7 @@ EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) return ASN1_d2i_fp_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, fp, a); } -EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx, +EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, const char *propq) { BIO *b; @@ -619,7 +619,7 @@ EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) return ASN1_d2i_bio_of(EVP_PKEY, EVP_PKEY_new, d2i_AutoPrivateKey, bp, a); } -EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx, +EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, const char *propq) { BUF_MEM *b = NULL; diff --git a/crypto/x509/x_crl.c b/crypto/x509/x_crl.c index c915615acb..17c9305f5c 100644 --- a/crypto/x509/x_crl.c +++ b/crypto/x509/x_crl.c @@ -490,7 +490,7 @@ void *X509_CRL_get_meth_data(X509_CRL *crl) return crl->meth_data; } -int x509_crl_set0_libctx(X509_CRL *x, OPENSSL_CTX *libctx, const char *propq) +int x509_crl_set0_libctx(X509_CRL *x, OSSL_LIB_CTX *libctx, const char *propq) { if (x != NULL) { x->libctx = libctx; diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index bd6a65e1c5..7d39254685 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -31,7 +31,7 @@ struct X509_pubkey_st { EVP_PKEY *pkey; /* extra data for the callback, used by d2i_PUBKEY_ex */ - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const char *propq; }; @@ -100,7 +100,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) } } else if (evp_pkey_is_provided(pkey)) { const OSSL_PROVIDER *pkprov = EVP_KEYMGMT_provider(pkey->keymgmt); - OPENSSL_CTX *libctx = ossl_provider_library_context(pkprov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkprov); unsigned char *der = NULL; size_t derlen = 0; int selection = (OSSL_KEYMGMT_SELECT_PUBLIC_KEY @@ -242,7 +242,7 @@ EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key) */ EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { X509_PUBKEY *xpk, *xpk2 = NULL, **pxpk = NULL; EVP_PKEY *pktmp = NULL; @@ -309,7 +309,7 @@ int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp) X509_PUBKEY_free(xpk); } else if (a->keymgmt != NULL) { const OSSL_PROVIDER *pkprov = EVP_KEYMGMT_provider(a->keymgmt); - OPENSSL_CTX *libctx = ossl_provider_library_context(pkprov); + OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkprov); int selection = (OSSL_KEYMGMT_SELECT_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS); OSSL_ENCODER_CTX *ctx = @@ -530,7 +530,7 @@ int X509_PUBKEY_eq(const X509_PUBKEY *a, const X509_PUBKEY *b) return EVP_PKEY_eq(pA, pB); } -int X509_PUBKEY_get0_libctx(OPENSSL_CTX **plibctx, const char **ppropq, +int X509_PUBKEY_get0_libctx(OSSL_LIB_CTX **plibctx, const char **ppropq, const X509_PUBKEY *key) { if (plibctx) diff --git a/crypto/x509/x_x509.c b/crypto/x509/x_x509.c index e556eebdae..13b816fcde 100644 --- a/crypto/x509/x_x509.c +++ b/crypto/x509/x_x509.c @@ -134,7 +134,7 @@ int i2d_X509(const X509 *a, unsigned char **out) * asn1 object and it needs a libctx to operate. * Use X509_new_ex() instead if possible. */ -int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq) +int x509_set0_libctx(X509 *x, OSSL_LIB_CTX *libctx, const char *propq) { if (x != NULL) { x->libctx = libctx; @@ -143,7 +143,7 @@ int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq) return 1; } -X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq) +X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq) { X509 *cert = NULL; diff --git a/doc/internal/man3/OSSL_METHOD_STORE.pod b/doc/internal/man3/OSSL_METHOD_STORE.pod index 8419193898..7fbd899754 100644 --- a/doc/internal/man3/OSSL_METHOD_STORE.pod +++ b/doc/internal/man3/OSSL_METHOD_STORE.pod @@ -15,10 +15,10 @@ ossl_method_store_flush_cache typedef struct ossl_method_store_st OSSL_METHOD_STORE; - OSSL_METHOD_STORE *ossl_method_store_new(OPENSSL_CTX *ctx); + OSSL_METHOD_STORE *ossl_method_store_new(OSSL_LIB_CTX *ctx); void ossl_method_store_free(OSSL_METHOD_STORE *store); - int ossl_method_store_init(OPENSSL_CTX *ctx); - void ossl_method_store_cleanup(OPENSSL_CTX *ctx); + int ossl_method_store_init(OSSL_LIB_CTX *ctx); + void ossl_method_store_cleanup(OSSL_LIB_CTX *ctx); int ossl_method_store_add(OSSL_METHOD_STORE *store, const OSSL_PROVIDER *prov, int nid, const char *properties, void *method, int (*method_up_ref)(void *), diff --git a/doc/internal/man3/evp_generic_fetch.pod b/doc/internal/man3/evp_generic_fetch.pod index ca4f108060..d7c73fb114 100644 --- a/doc/internal/man3/evp_generic_fetch.pod +++ b/doc/internal/man3/evp_generic_fetch.pod @@ -10,7 +10,7 @@ evp_generic_fetch, evp_generic_fetch_by_number /* Only for EVP source */ #include "evp_local.h" - void *evp_generic_fetch(OPENSSL_CTX *libctx, int operation_id, + void *evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id, const char *name, const char *properties, void *(*new_method)(int name_id, const OSSL_DISPATCH *fns, @@ -20,7 +20,7 @@ evp_generic_fetch, evp_generic_fetch_by_number int (*up_ref_method)(void *), void (*free_method)(void *)); - void *evp_generic_fetch_by_number(OPENSSL_CTX *ctx, int operation_id, + void *evp_generic_fetch_by_number(OSSL_LIB_CTX *ctx, int operation_id, int name_id, const char *properties, void *(*new_method)(int name_id, const OSSL_DISPATCH *fns, @@ -182,7 +182,7 @@ And here's the implementation of the FOO method fetcher: EVP_FOO_meth_free(vfoo); } - EVP_FOO *EVP_FOO_fetch(OPENSSL_CTX *ctx, + EVP_FOO *EVP_FOO_fetch(OSSL_LIB_CTX *ctx, const char *name, const char *properties) { diff --git a/doc/internal/man3/evp_pkey_export_to_provider.pod b/doc/internal/man3/evp_pkey_export_to_provider.pod index b34cf86619..6cea8a9aab 100644 --- a/doc/internal/man3/evp_pkey_export_to_provider.pod +++ b/doc/internal/man3/evp_pkey_export_to_provider.pod @@ -10,7 +10,7 @@ evp_pkey_export_to_provider, evp_pkey_copy_downgraded, evp_pkey_downgrade /* Only for EVP source */ #include "evp_local.h" - void *evp_pkey_export_to_provider(EVP_PKEY *pk, OPENSSL_CTX *libctx, + void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, EVP_KEYMGMT **keymgmt, const char *propquery); int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src); @@ -60,7 +60,7 @@ allocated, this is OK. =head1 SEE ALSO -L, L +L, L =head1 HISTORY diff --git a/doc/internal/man3/ossl_algorithm_do_all.pod b/doc/internal/man3/ossl_algorithm_do_all.pod index f5d89d80e5..7a321d492a 100644 --- a/doc/internal/man3/ossl_algorithm_do_all.pod +++ b/doc/internal/man3/ossl_algorithm_do_all.pod @@ -6,7 +6,7 @@ ossl_algorithm_do_all - generic algorithm implementation iterator =head1 SYNOPSIS - void ossl_algorithm_do_all(OPENSSL_CTX *libctx, int operation_id, + void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id, OSSL_PROVIDER *provider, void (*fn)(OSSL_PROVIDER *provider, const OSSL_ALGORITHM *algo, diff --git a/doc/internal/man3/ossl_cmp_mock_srv_new.pod b/doc/internal/man3/ossl_cmp_mock_srv_new.pod index 3a90edfa4a..837ca06bb3 100644 --- a/doc/internal/man3/ossl_cmp_mock_srv_new.pod +++ b/doc/internal/man3/ossl_cmp_mock_srv_new.pod @@ -17,7 +17,7 @@ ossl_cmp_mock_srv_set_checkAfterTime #include "apps/cmp_mock_srv.h" - OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OPENSSL_CTX *libctx, const char *propq); + OSSL_CMP_SRV_CTX *ossl_cmp_mock_srv_new(OSSL_LIB_CTX *libctx, const char *propq); void ossl_cmp_mock_srv_free(OSSL_CMP_SRV_CTX *srv_ctx); int ossl_cmp_mock_srv_set1_certOut(OSSL_CMP_SRV_CTX *srv_ctx, X509 *cert); diff --git a/doc/internal/man3/ossl_cmp_msg_protect.pod b/doc/internal/man3/ossl_cmp_msg_protect.pod index 0a6b70fe9d..681d572af5 100644 --- a/doc/internal/man3/ossl_cmp_msg_protect.pod +++ b/doc/internal/man3/ossl_cmp_msg_protect.pod @@ -13,7 +13,7 @@ ossl_cmp_msg_add_extraCerts #include "cmp_local.h" STACK_OF(X509) - *ossl_cmp_build_cert_chain(OPENSSL_CTX *libctx, const char *propq, + *ossl_cmp_build_cert_chain(OSSL_LIB_CTX *libctx, const char *propq, X509_STORE *store, STACK_OF(X509) *certs, X509 *cert); ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx, diff --git a/doc/internal/man3/openssl_ctx_get_data.pod b/doc/internal/man3/ossl_lib_ctx_get_data.pod similarity index 62% rename from doc/internal/man3/openssl_ctx_get_data.pod rename to doc/internal/man3/ossl_lib_ctx_get_data.pod index 6fd7c6336e..a6684635c6 100644 --- a/doc/internal/man3/openssl_ctx_get_data.pod +++ b/doc/internal/man3/ossl_lib_ctx_get_data.pod @@ -2,29 +2,29 @@ =head1 NAME -openssl_ctx_get_data, openssl_ctx_run_once, openssl_ctx_onfree -- internal OPENSSL_CTX routines +ossl_lib_ctx_get_data, ossl_lib_ctx_run_once, ossl_lib_ctx_onfree +- internal OSSL_LIB_CTX routines =head1 SYNOPSIS #include #include "internal/cryptlib.h" - typedef struct openssl_ctx_method { - void *(*new_func)(OPENSSL_CTX *ctx); + typedef struct ossl_lib_ctx_method { + void *(*new_func)(OSSL_LIB_CTX *ctx); void (*free_func)(void *); - } OPENSSL_CTX_METHOD; + } OSSL_LIB_CTX_METHOD; - void *openssl_ctx_get_data(OPENSSL_CTX *ctx, int index, - const OPENSSL_CTX_METHOD *meth); + void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *ctx, int index, + const OSSL_LIB_CTX_METHOD *meth); - int openssl_ctx_run_once(OPENSSL_CTX *ctx, unsigned int idx, - openssl_ctx_run_once_fn run_once_fn); - int openssl_ctx_onfree(OPENSSL_CTX *ctx, openssl_ctx_onfree_fn onfreefn); + int ossl_lib_ctx_run_once(OSSL_LIB_CTX *ctx, unsigned int idx, + ossl_lib_ctx_run_once_fn run_once_fn); + int ossl_lib_ctx_onfree(OSSL_LIB_CTX *ctx, ossl_lib_ctx_onfree_fn onfreefn); =head1 DESCRIPTION -Internally, the OpenSSL library context B is implemented +Internally, the OpenSSL library context B is implemented as a B, which allows data from diverse parts of the library to be added and removed dynamically. Each such data item must have a corresponding CRYPTO_EX_DATA index @@ -33,9 +33,9 @@ to identify data items. These are mapped transparently to CRYPTO_EX_DATA dynamic indexes internally to the implementation. See the example further down to see how that's done. -openssl_ctx_get_data() is used to retrieve a pointer to the data in +ossl_lib_ctx_get_data() is used to retrieve a pointer to the data in the library context I associated with the given I. An -OPENSSL_CTX_METHOD must be defined and given in the I parameter. The index +OSSL_LIB_CTX_METHOD must be defined and given in the I parameter. The index for it should be defined in cryptlib.h. The functions through the method are used to create or free items that are stored at that index whenever a library context is created or freed, meaning that the code that use a data item of that @@ -44,18 +44,18 @@ index doesn't have to worry about that, just use the data available. Deallocation of an index happens automatically when the library context is freed. -openssl_ctx_run_once is used to run some initialisation routine I +ossl_lib_ctx_run_once is used to run some initialisation routine I exactly once per library context I object. Each initialisation routine should be allocate a unique run once index in cryptlib.h. Any resources allocated via a run once initialisation routine can be cleaned up -using openssl_ctx_onfree. This associates an "on free" routine I with +using ossl_lib_ctx_onfree. This associates an "on free" routine I with the library context I. When I is freed all associated "on free" routines are called. =head1 RETURN VALUES -openssl_ctx_get_data() returns a pointer on success, or NULL on +ossl_lib_ctx_get_data() returns a pointer on success, or NULL on failure. =head1 EXAMPLES @@ -71,7 +71,7 @@ and a destructor to an index. void *data; } FOO; - static void *foo_new(OPENSSL_CTX *ctx) + static void *foo_new(OSSL_LIB_CTX *ctx) { FOO *ptr = OPENSSL_zalloc(sizeof(*foo)); if (ptr != NULL) @@ -85,9 +85,9 @@ and a destructor to an index. /* * Include a reference to this in the methods table in context.c - * OPENSSL_CTX_FOO_INDEX should be added to internal/cryptlib.h + * OSSL_LIB_CTX_FOO_INDEX should be added to internal/cryptlib.h */ - const OPENSSL_CTX_METHOD foo_method = { + const OSSL_LIB_CTX_METHOD foo_method = { foo_new, foo_free }; @@ -99,27 +99,27 @@ To get and use the data stored in the library context, simply do this: /* * ctx is received from a caller, */ - FOO *data = openssl_ctx_get_data(ctx, OPENSSL_CTX_FOO_INDEX, &foo_method); + FOO *data = ossl_lib_ctx_get_data(ctx, OSSL_LIB_CTX_FOO_INDEX, &foo_method); =head2 Run Once - void foo_cleanup(OPENSSL_CTX *ctx) + void foo_cleanup(OSSL_LIB_CTX *ctx) { /* Free foo resources associated with ctx */ } - static openssl_ctx_run_once_fn do_foo_init; - static int do_foo_init(OPENSSL_CTX *ctx) + static ossl_lib_ctx_run_once_fn do_foo_init; + static int do_foo_init(OSSL_LIB_CTX *ctx) { /* Allocate and initialise some foo resources and associated with ctx */ - return openssl_ctx_onfree(ctx, &foo_cleanup) + return ossl_lib_ctx_onfree(ctx, &foo_cleanup) } - int foo_some_function(OPENSSL_CTX *ctx) + int foo_some_function(OSSL_LIB_CTX *ctx) { - if (!openssl_ctx_run_once(ctx, - OPENSSL_CTX_FOO_RUN_ONCE_INDEX, - do_foo_init)) + if (!ossl_lib_ctx_run_once(ctx, + OSSL_LIB_CTX_FOO_RUN_ONCE_INDEX, + do_foo_init)) return 0; /* Do some work using foo resources in ctx */ @@ -128,7 +128,7 @@ To get and use the data stored in the library context, simply do this: =head1 SEE ALSO -L +L =head1 COPYRIGHT diff --git a/doc/internal/man3/ossl_method_construct.pod b/doc/internal/man3/ossl_method_construct.pod index 707cce6f83..d2202bccfa 100644 --- a/doc/internal/man3/ossl_method_construct.pod +++ b/doc/internal/man3/ossl_method_construct.pod @@ -11,13 +11,13 @@ OSSL_METHOD_CONSTRUCT_METHOD, ossl_method_construct struct ossl_method_construct_method_st { /* Create store */ - void *(*alloc_tmp_store)(OPENSSL_CTX *ctx); + void *(*alloc_tmp_store)(OSSL_LIB_CTX *ctx); /* Remove a store */ void (*dealloc_tmp_store)(void *store); /* Get an already existing method from a store */ - void *(*get)(OPENSSL_CTX *libctx, void *store, void *data); + void *(*get)(OSSL_LIB_CTX *libctx, void *store, void *data); /* Store a method in a store */ - int (*put)(OPENSSL_CTX *libctx, void *store, void *method, + int (*put)(OSSL_LIB_CTX *libctx, void *store, void *method, const OSSL_PROVIDER *prov, int operation_id, const char *name, const char *propdef, void *data); /* Construct a new method */ @@ -28,7 +28,7 @@ OSSL_METHOD_CONSTRUCT_METHOD, ossl_method_construct }; typedef struct ossl_method_construct_method OSSL_METHOD_CONSTRUCT_METHOD; - void *ossl_method_construct(OPENSSL_CTX *ctx, int operation_id, + void *ossl_method_construct(OSSL_LIB_CTX *ctx, int operation_id, int force_cache, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); diff --git a/doc/internal/man3/ossl_namemap_new.pod b/doc/internal/man3/ossl_namemap_new.pod index e041510c4a..2c6f901b1e 100644 --- a/doc/internal/man3/ossl_namemap_new.pod +++ b/doc/internal/man3/ossl_namemap_new.pod @@ -12,7 +12,7 @@ ossl_namemap_doall_names #include "internal/cryptlib.h" - OSSL_NAMEMAP *ossl_namemap_stored(OPENSSL_CTX *libctx); + OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx); OSSL_NAMEMAP *ossl_namemap_new(void); void ossl_namemap_free(OSSL_NAMEMAP *namemap); diff --git a/doc/internal/man3/ossl_provider_new.pod b/doc/internal/man3/ossl_provider_new.pod index 6a43c68bea..dc7717062c 100644 --- a/doc/internal/man3/ossl_provider_new.pod +++ b/doc/internal/man3/ossl_provider_new.pod @@ -11,7 +11,7 @@ ossl_provider_ctx, ossl_provider_forall_loaded, ossl_provider_name, ossl_provider_dso, ossl_provider_module_name, ossl_provider_module_path, -ossl_provider_library_context, +ossl_provider_libctx, ossl_provider_teardown, ossl_provider_gettable_params, ossl_provider_get_params, ossl_provider_query_operation, ossl_provider_set_operation_bit, ossl_provider_test_operation_bit, @@ -22,9 +22,9 @@ ossl_provider_get_capabilities #include "internal/provider.h" - OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name, + OSSL_PROVIDER *ossl_provider_find(OSSL_LIB_CTX *libctx, const char *name, int noconfig); - OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, + OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name, ossl_provider_init_fn *init_function int noconfig); int ossl_provider_up_ref(OSSL_PROVIDER *prov); @@ -45,7 +45,7 @@ ossl_provider_get_capabilities void *ossl_provider_ctx(const OSSL_PROVIDER *prov); /* Iterate over all loaded providers */ - int ossl_provider_forall_loaded(OPENSSL_CTX *, + int ossl_provider_forall_loaded(OSSL_LIB_CTX *, int (*cb)(OSSL_PROVIDER *provider, void *cbdata), void *cbdata); @@ -55,7 +55,7 @@ ossl_provider_get_capabilities const DSO *ossl_provider_dso(OSSL_PROVIDER *prov); const char *ossl_provider_module_name(OSSL_PROVIDER *prov); const char *ossl_provider_module_path(OSSL_PROVIDER *prov); - OPENSSL_CTX *ossl_provider_library_context(const OSSL_PROVIDER *prov); + OSSL_LIB_CTX *ossl_provider_libctx(const OSSL_PROVIDER *prov); /* Thin wrappers around calls to the provider */ void ossl_provider_teardown(const OSSL_PROVIDER *prov); @@ -144,7 +144,7 @@ This will be used in preference to automatically trying to figure out the path from the provider name and the default module directory (more on this in L). -ossl_provider_library_context() returns the library context the given +ossl_provider_libctx() returns the library context the given provider I is registered in. ossl_provider_add_parameter() adds a global parameter for the provider @@ -280,7 +280,7 @@ ossl_provider_module_name(), and ossl_provider_module_path() return a pointer to their respective data if it's available, otherwise NULL is returned. -ossl_provider_library_context() return a pointer to the library context. +ossl_provider_libctx() return a pointer to the library context. This may be NULL, and is perfectly valid, as it denotes the default global library context. diff --git a/doc/internal/man3/x509v3_cache_extensions.pod b/doc/internal/man3/x509v3_cache_extensions.pod index 3fb7609daa..418a19738c 100644 --- a/doc/internal/man3/x509v3_cache_extensions.pod +++ b/doc/internal/man3/x509v3_cache_extensions.pod @@ -9,7 +9,7 @@ x509v3_cache_extensions #include - int x509v3_cache_extensions(X509 *x, OPENSSL_CTX *libctx, const char *propq); + int x509v3_cache_extensions(X509 *x, OSSL_LIB_CTX *libctx, const char *propq); =head1 DESCRIPTION diff --git a/doc/man3/BN_CTX_new.pod b/doc/man3/BN_CTX_new.pod index 17c53ec79d..e53bc62169 100644 --- a/doc/man3/BN_CTX_new.pod +++ b/doc/man3/BN_CTX_new.pod @@ -9,10 +9,10 @@ BN_CTX_new_ex, BN_CTX_new, BN_CTX_secure_new_ex, BN_CTX_secure_new, BN_CTX_free #include - BN_CTX *BN_CTX_new_ex(OPENSSL_CTX *ctx); + BN_CTX *BN_CTX_new_ex(OSSL_LIB_CTX *ctx); BN_CTX *BN_CTX_new(void); - BN_CTX *BN_CTX_secure_new_ex(OPENSSL_CTX *ctx); + BN_CTX *BN_CTX_secure_new_ex(OSSL_LIB_CTX *ctx); BN_CTX *BN_CTX_secure_new(void); void BN_CTX_free(BN_CTX *c); diff --git a/doc/man3/BN_generate_prime.pod b/doc/man3/BN_generate_prime.pod index 97632ac64b..6b2ca3baab 100644 --- a/doc/man3/BN_generate_prime.pod +++ b/doc/man3/BN_generate_prime.pod @@ -113,12 +113,12 @@ It is recommended that B is a multiple of 4. The random generator must be seeded prior to calling BN_generate_prime_ex(). If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to external circumstances (see L), the operation will fail. -The random number generator configured for the OPENSSL_CTX associated with +The random number generator configured for the OSSL_LIB_CTX associated with B will be used. BN_generate_prime_ex() is the same as BN_generate_prime_ex2() except that no B parameter is passed. -In this case the random number generator associated with the default OPENSSL_CTX +In this case the random number generator associated with the default OSSL_LIB_CTX will be used. BN_check_prime(), BN_is_prime_ex(), BN_is_prime_fasttest_ex(), BN_is_prime() diff --git a/doc/man3/CMS_EncryptedData_encrypt.pod b/doc/man3/CMS_EncryptedData_encrypt.pod index 63d5d2a1ff..b3a2c75720 100644 --- a/doc/man3/CMS_EncryptedData_encrypt.pod +++ b/doc/man3/CMS_EncryptedData_encrypt.pod @@ -14,7 +14,7 @@ CMS_EncryptedData_encrypt_ex, CMS_EncryptedData_encrypt const unsigned char *key, size_t keylen, unsigned int flags, - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, const char *propq); CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, diff --git a/doc/man3/CMS_EnvelopedData_create.pod b/doc/man3/CMS_EnvelopedData_create.pod index 97ece28f54..8044583256 100644 --- a/doc/man3/CMS_EnvelopedData_create.pod +++ b/doc/man3/CMS_EnvelopedData_create.pod @@ -11,12 +11,12 @@ CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_ex #include CMS_ContentInfo * - CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); CMS_ContentInfo * - CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx, + CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher); diff --git a/doc/man3/CMS_data_create.pod b/doc/man3/CMS_data_create.pod index 2d361af6cc..15c718d808 100644 --- a/doc/man3/CMS_data_create.pod +++ b/doc/man3/CMS_data_create.pod @@ -10,7 +10,7 @@ CMS_data_create_ex, CMS_data_create #include CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); =head1 DESCRIPTION diff --git a/doc/man3/CMS_digest_create.pod b/doc/man3/CMS_digest_create.pod index 74bd1fdea2..41992499ea 100644 --- a/doc/man3/CMS_digest_create.pod +++ b/doc/man3/CMS_digest_create.pod @@ -10,7 +10,7 @@ CMS_digest_create_ex, CMS_digest_create #include CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, - unsigned int flags, OPENSSL_CTX *ctx, + unsigned int flags, OSSL_LIB_CTX *ctx, const char *propq); CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, diff --git a/doc/man3/CMS_encrypt.pod b/doc/man3/CMS_encrypt.pod index e78c096c78..cddd89447b 100644 --- a/doc/man3/CMS_encrypt.pod +++ b/doc/man3/CMS_encrypt.pod @@ -10,7 +10,7 @@ CMS_encrypt_ex, CMS_encrypt - create a CMS envelopedData structure CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags); diff --git a/doc/man3/CMS_get1_ReceiptRequest.pod b/doc/man3/CMS_get1_ReceiptRequest.pod index 6e1d1c1fd2..94ecfa6acb 100644 --- a/doc/man3/CMS_get1_ReceiptRequest.pod +++ b/doc/man3/CMS_get1_ReceiptRequest.pod @@ -13,7 +13,7 @@ CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); CMS_ReceiptRequest *CMS_ReceiptRequest_create0( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo); diff --git a/doc/man3/CMS_sign.pod b/doc/man3/CMS_sign.pod index b5af7e0448..81cc981414 100644 --- a/doc/man3/CMS_sign.pod +++ b/doc/man3/CMS_sign.pod @@ -10,7 +10,7 @@ CMS_sign, CMS_sign_ex - create a CMS SignedData structure CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, - unsigned int flags, OPENSSL_CTX *ctx, + unsigned int flags, OSSL_LIB_CTX *ctx, const char *propq); CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, unsigned int flags); diff --git a/doc/man3/CONF_modules_load_file.pod b/doc/man3/CONF_modules_load_file.pod index 07834a6ba5..fff60c192e 100644 --- a/doc/man3/CONF_modules_load_file.pod +++ b/doc/man3/CONF_modules_load_file.pod @@ -9,7 +9,7 @@ CONF_modules_load_file_ex, CONF_modules_load_file, CONF_modules_load #include - int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, + int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename, const char *appname, unsigned long flags); int CONF_modules_load_file(const char *filename, const char *appname, unsigned long flags); diff --git a/doc/man3/CTLOG_STORE_new.pod b/doc/man3/CTLOG_STORE_new.pod index 25f3952be3..801b1447e1 100644 --- a/doc/man3/CTLOG_STORE_new.pod +++ b/doc/man3/CTLOG_STORE_new.pod @@ -11,7 +11,7 @@ Create and populate a Certificate Transparency log list #include - CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq); + CTLOG_STORE *CTLOG_STORE_new_ex(OSSL_LIB_CTX *libctx, const char *propq); CTLOG_STORE *CTLOG_STORE_new(void); void CTLOG_STORE_free(CTLOG_STORE *store); diff --git a/doc/man3/CTLOG_new.pod b/doc/man3/CTLOG_new.pod index edc4f7d6c3..30b8068249 100644 --- a/doc/man3/CTLOG_new.pod +++ b/doc/man3/CTLOG_new.pod @@ -12,11 +12,11 @@ encapsulates information about a Certificate Transparency log #include CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64, - const char *name, OPENSSL_CTX *libctx, + const char *name, OSSL_LIB_CTX *libctx, const char *propq); int CTLOG_new_from_base64(CTLOG ** ct_log, const char *pkey_base64, const char *name); diff --git a/doc/man3/CT_POLICY_EVAL_CTX_new.pod b/doc/man3/CT_POLICY_EVAL_CTX_new.pod index 7b20e5f770..bba6778d2d 100644 --- a/doc/man3/CT_POLICY_EVAL_CTX_new.pod +++ b/doc/man3/CT_POLICY_EVAL_CTX_new.pod @@ -14,7 +14,7 @@ Encapsulates the data required to evaluate whether SCTs meet a Certificate Trans #include - CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx, + CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq); CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void); void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx); diff --git a/doc/man3/EC_GROUP_new.pod b/doc/man3/EC_GROUP_new.pod index 775a27936a..0937b438a3 100644 --- a/doc/man3/EC_GROUP_new.pod +++ b/doc/man3/EC_GROUP_new.pod @@ -28,7 +28,7 @@ objects #include EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); EC_GROUP *EC_GROUP_new_from_ecparameters(const ECPARAMETERS *params); EC_GROUP *EC_GROUP_new_from_ecpkparameters(const ECPKPARAMETERS *params); void EC_GROUP_free(EC_GROUP *group); @@ -37,7 +37,7 @@ objects const BIGNUM *b, BN_CTX *ctx); EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, BN_CTX *ctx); - EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq, + EC_GROUP *EC_GROUP_new_by_curve_name_ex(OSSL_LIB_CTX *libctx, const char *propq, int nid); EC_GROUP *EC_GROUP_new_by_curve_name(int nid); @@ -90,14 +90,14 @@ pentanomial for this parameter. Although deprecated since OpenSSL 3.0 and should no longer be used, a new curve can be constructed by calling EC_GROUP_new(), using the implementation provided by I (see L) and -associated with the library context I (see L). +associated with the library context I (see L). The I parameter may be NULL in which case the default library context is used. It is then necessary to call EC_GROUP_set_curve() to set the curve parameters. Applications should instead use one of the other EC_GROUP_new_* constructors. EC_GROUP_new_from_params() creates a group with parameters specified by I. -The library context I (see L) and property query string +The library context I (see L) and property query string I are used to fetch algorithms from providers. I may be either a list of explicit params or a named group, The values for I and I may be NULL. @@ -155,7 +155,7 @@ readable comment string describing the curve. In order to construct a built-in curve use the function EC_GROUP_new_by_curve_name_ex() and provide the I of the curve to be constructed, the associated library context to be used in I (see -L) and any property query string in I. The I value +L) and any property query string in I. The I value may be NULL in which case the default library context is used. The I value may also be NULL. @@ -188,7 +188,7 @@ EC_GROUP_get_curve_GF2m() return 1 on success or 0 on error. L, L, L, L, L, L, L, -L, L +L, L =head1 HISTORY diff --git a/doc/man3/EC_KEY_new.pod b/doc/man3/EC_KEY_new.pod index 2af07227ea..653d255e8e 100644 --- a/doc/man3/EC_KEY_new.pod +++ b/doc/man3/EC_KEY_new.pod @@ -20,12 +20,12 @@ EC_KEY objects #include - EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq); + EC_KEY *EC_KEY_new_ex(OSSL_LIB_CTX *ctx, const char *propq); EC_KEY *EC_KEY_new(void); int EC_KEY_get_flags(const EC_KEY *key); void EC_KEY_set_flags(EC_KEY *key, int flags); void EC_KEY_clear_flags(EC_KEY *key, int flags); - EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq, + EC_KEY *EC_KEY_new_by_curve_name_ex(OSSL_LIB_CTX *ctx, const char *propq, int nid); EC_KEY *EC_KEY_new_by_curve_name(int nid); void EC_KEY_free(EC_KEY *key); @@ -68,7 +68,7 @@ An EC_KEY represents a public key and, optionally, the associated private key. A new EC_KEY with no associated curve can be constructed by calling EC_KEY_new_ex() and specifying the associated library context in I -(see L) and property query string I. +(see L) and property query string I. The I parameter may be NULL in which case the default library context is used. The reference count for the newly created EC_KEY is initially @@ -81,7 +81,7 @@ context is always used. Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name_ex() and supplying the nid of the associated -curve, the library context to be used I (see L) and any +curve, the library context to be used I (see L) and any property query string I. The I parameter may be NULL in which case the default library context is used. The I value may also be NULL. @@ -209,7 +209,7 @@ L, L, L, L, L, -L +L =head1 HISTORY diff --git a/doc/man3/EVP_ASYM_CIPHER_free.pod b/doc/man3/EVP_ASYM_CIPHER_free.pod index 5aef5aad0d..036d62fe36 100644 --- a/doc/man3/EVP_ASYM_CIPHER_free.pod +++ b/doc/man3/EVP_ASYM_CIPHER_free.pod @@ -12,14 +12,14 @@ EVP_ASYM_CIPHER_gettable_ctx_params, EVP_ASYM_CIPHER_settable_ctx_params #include - EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm, + EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher); int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher); int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher); int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name); OSSL_PROVIDER *EVP_ASYM_CIPHER_provider(const EVP_ASYM_CIPHER *cipher); - void EVP_ASYM_CIPHER_do_all_provided(OPENSSL_CTX *libctx, + void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_ASYM_CIPHER *cipher, void *arg), void *arg); @@ -34,7 +34,7 @@ EVP_ASYM_CIPHER_gettable_ctx_params, EVP_ASYM_CIPHER_settable_ctx_params EVP_ASYM_CIPHER_fetch() fetches the implementation for the given B from any provider offering it, within the criteria given by the B and in the scope of the given library context B (see -L). The algorithm will be one offering functions for performing +L). The algorithm will be one offering functions for performing asymmetric cipher related tasks such as asymmetric encryption and decryption. See L for further information. diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod index 3308ebe500..0af06869aa 100644 --- a/doc/man3/EVP_DigestInit.pod +++ b/doc/man3/EVP_DigestInit.pod @@ -27,7 +27,7 @@ EVP_MD_do_all_provided #include - EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm, + EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_MD_up_ref(EVP_MD *md); void EVP_MD_free(EVP_MD *md); @@ -95,7 +95,7 @@ EVP_MD_do_all_provided EVP_PKEY_CTX *EVP_MD_CTX_pkey_ctx(const EVP_MD_CTX *ctx); void EVP_MD_CTX_set_pkey_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pctx); - void EVP_MD_do_all_provided(OPENSSL_CTX *libctx, + void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_MD *mac, void *arg), void *arg); @@ -259,7 +259,7 @@ identifiable with I, otherwise 0. If I is a legacy digest (it's the return value from the likes of EVP_sha256() rather than the result of an EVP_MD_fetch()), only cipher names registered with the default library context (see -L) will be considered. +L) will be considered. =item EVP_MD_number() diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index 26f516fb35..d61f20bed3 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -10,7 +10,7 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions #include int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, OPENSSL_CTX *libctx, + const char *mdname, OSSL_LIB_CTX *libctx, const char *props, EVP_PKEY *pkey); int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -53,7 +53,7 @@ EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex() (which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex() and it will be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_ex then it -will use the B specified in I and the property query string +will use the B specified in I and the property query string specified in I. The digest I may be NULL if the signing algorithm supports it. The diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod index b48f98e0db..3f332c1801 100644 --- a/doc/man3/EVP_DigestVerifyInit.pod +++ b/doc/man3/EVP_DigestVerifyInit.pod @@ -10,7 +10,7 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions #include int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, OPENSSL_CTX *libctx, + const char *mdname, OSSL_LIB_CTX *libctx, const char *props, EVP_PKEY *pkey); int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey); @@ -52,7 +52,7 @@ an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex() (which means the EVP_PKEY_CTX is created inside EVP_DigestVerifyInit_ex() and it will be freed automatically when the EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by -EVP_DigestVerifyInit_ex then it will use the B specified +EVP_DigestVerifyInit_ex then it will use the B specified in I and the property query string specified in I. No B will be created by EVP_DigestSignInit_ex() if the diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index 6edd8dc154..9bac8a2b78 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -72,7 +72,7 @@ EVP_CIPHER_do_all_provided #include - EVP_CIPHER *EVP_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm, + EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_CIPHER_up_ref(EVP_CIPHER *cipher); void EVP_CIPHER_free(EVP_CIPHER *cipher); @@ -159,7 +159,7 @@ EVP_CIPHER_do_all_provided int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); - void EVP_CIPHER_do_all_provided(OPENSSL_CTX *libctx, + void EVP_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_CIPHER *cipher, void *arg), void *arg); @@ -346,7 +346,7 @@ algorithm that's identifiable with I, otherwise 0. If I is a legacy cipher (it's the return value from the likes of EVP_aes128() rather than the result of an EVP_CIPHER_fetch()), only cipher names registered with the default library context (see -L) will be considered. +L) will be considered. EVP_CIPHER_number() returns the internal dynamic number assigned to the I. This is only useful with fetched Bs. diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod index b041ccd4d9..3dba50cdb6 100644 --- a/doc/man3/EVP_KDF.pod +++ b/doc/man3/EVP_KDF.pod @@ -27,13 +27,13 @@ EVP_KDF_gettable_params - EVP KDF routines int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); int EVP_KDF_up_ref(EVP_KDF *kdf); void EVP_KDF_free(EVP_KDF *kdf); - EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm, + EVP_KDF *EVP_KDF_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties); int EVP_KDF_number(const EVP_KDF *kdf); int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name); const char *EVP_KDF_name(const EVP_KDF *kdf); const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf); - void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx, + void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KDF *kdf, void *arg), void *arg); void EVP_KDF_names_do_all(const EVP_KDF *kdf, diff --git a/doc/man3/EVP_KEM_free.pod b/doc/man3/EVP_KEM_free.pod index de3bee951d..714a86e7ff 100644 --- a/doc/man3/EVP_KEM_free.pod +++ b/doc/man3/EVP_KEM_free.pod @@ -12,14 +12,14 @@ EVP_KEM_gettable_ctx_params, EVP_KEM_settable_ctx_params #include - EVP_KEM *EVP_KEM_fetch(OPENSSL_CTX *ctx, const char *algorithm, + EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); void EVP_KEM_free(EVP_KEM *kem); int EVP_KEM_up_ref(EVP_KEM *kem); int EVP_KEM_number(const EVP_KEM *kem); int EVP_KEM_is_a(const EVP_KEM *kem, const char *name); OSSL_PROVIDER *EVP_KEM_provider(const EVP_KEM *kem); - void EVP_KEM_do_all_provided(OPENSSL_CTX *libctx, + void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEM *kem, void *arg), void *arg); void EVP_KEM_names_do_all(const EVP_KEM *kem, void (*fn)(const char *name, void *data), void *data); @@ -30,7 +30,7 @@ EVP_KEM_gettable_ctx_params, EVP_KEM_settable_ctx_params EVP_KEM_fetch() fetches the implementation for the given B from any provider offering it, within the criteria given by the B and in the -scope of the given library context B (see L). The algorithm +scope of the given library context B (see L). The algorithm will be one offering functions for performing asymmetric kem related tasks such as key encapsulation and decapsulation. See L for further information. diff --git a/doc/man3/EVP_KEYEXCH_free.pod b/doc/man3/EVP_KEYEXCH_free.pod index 1f5356b97a..9b133e03f0 100644 --- a/doc/man3/EVP_KEYEXCH_free.pod +++ b/doc/man3/EVP_KEYEXCH_free.pod @@ -12,14 +12,14 @@ EVP_KEYEXCH_gettable_ctx_params, EVP_KEYEXCH_settable_ctx_params #include - EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm, + EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange); int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange); OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange); int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *exchange, const char *name); int EVP_KEYEXCH_number(const EVP_KEYEXCH *exchange); - void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx, + void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYEXCH *exchange, void *arg), void *arg); void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *exchange, diff --git a/doc/man3/EVP_KEYMGMT.pod b/doc/man3/EVP_KEYMGMT.pod index d06b9ba369..e47591b217 100644 --- a/doc/man3/EVP_KEYMGMT.pod +++ b/doc/man3/EVP_KEYMGMT.pod @@ -23,7 +23,7 @@ EVP_KEYMGMT_gen_settable_params typedef struct evp_keymgmt_st EVP_KEYMGMT; - EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm, + EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); @@ -32,7 +32,7 @@ EVP_KEYMGMT_gen_settable_params int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt); const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt); - void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx, + void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), void *arg); void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt, @@ -54,7 +54,7 @@ public interface, this object is simply passed into other functions when needed. EVP_KEYMGMT_fetch() looks for an algorithm within the provider that -has been loaded into the B given by I, having the +has been loaded into the B given by I, having the name given by I and the properties given by I. EVP_KEYMGMT_up_ref() increments the reference count for the given @@ -128,7 +128,7 @@ NULL on error. =head1 SEE ALSO -L, L +L, L =head1 HISTORY diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod index 8ce9f67d45..87f2518754 100644 --- a/doc/man3/EVP_MAC.pod +++ b/doc/man3/EVP_MAC.pod @@ -18,7 +18,7 @@ EVP_MAC_do_all_provided - EVP MAC routines typedef struct evp_mac_st EVP_MAC; typedef struct evp_mac_ctx_st EVP_MAC_CTX; - EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, + EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties); int EVP_MAC_up_ref(EVP_MAC *mac); void EVP_MAC_free(EVP_MAC *mac); @@ -48,7 +48,7 @@ EVP_MAC_do_all_provided - EVP MAC routines const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac); const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac); - void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx, + void EVP_MAC_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_MAC *mac, void *arg), void *arg); diff --git a/doc/man3/EVP_PKEY_CTX_get0_libctx.pod b/doc/man3/EVP_PKEY_CTX_get0_libctx.pod index 2536ae820e..33aa418462 100644 --- a/doc/man3/EVP_PKEY_CTX_get0_libctx.pod +++ b/doc/man3/EVP_PKEY_CTX_get0_libctx.pod @@ -4,25 +4,25 @@ EVP_PKEY_CTX_get0_libctx, EVP_PKEY_CTX_get0_propq -- functions for getting OPENSSL_CTX and property query data from an EVP_PKEY_CTX +- functions for getting OSSL_LIB_CTX and property query data from an EVP_PKEY_CTX =head1 SYNOPSIS #include - OPENSSL_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx); + OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx); const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx); =head1 DESCRIPTION The EVP_PKEY_CTX_get0_libctx() and EVP_PKEY_CTX_get0_propq() functions obtain -the OPENSSL_CTX and property query string values respectively that were +the OSSL_LIB_CTX and property query string values respectively that were associated with the EVP_PKEY_CTX when it was constructed. =head1 RETURN VALUES EVP_PKEY_CTX_get0_libctx() and EVP_PKEY_CTX_get0_propq() functions return the -OPENSSL_CTX and property query string associated with the EVP_PKEY_CTX or NULL +OSSL_LIB_CTX and property query string associated with the EVP_PKEY_CTX or NULL if they are not set. The returned values should not be freed by the caller. =head1 SEE ALSO diff --git a/doc/man3/EVP_PKEY_CTX_new.pod b/doc/man3/EVP_PKEY_CTX_new.pod index 2634ee4a20..1b23c2a403 100644 --- a/doc/man3/EVP_PKEY_CTX_new.pod +++ b/doc/man3/EVP_PKEY_CTX_new.pod @@ -12,10 +12,10 @@ EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); - EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx, + EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OSSL_LIB_CTX *libctx, const char *name, const char *propquery); - EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx, + EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, const char *propquery); EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); @@ -30,14 +30,14 @@ The EVP_PKEY_CTX_new_id() function allocates public key algorithm context using the key type specified by I and ENGINE I. The EVP_PKEY_CTX_new_from_name() function allocates a public key algorithm -context using the library context I (see L), the +context using the library context I (see L), the key type specified by I and the property query I. None of the arguments are duplicated, so they must remain unchanged for the lifetime of the returned B or of any of its duplicates. Read further about the possible names in L below. The EVP_PKEY_CTX_new_from_pkey() function allocates a public key algorithm -context using the library context I (see L) and the +context using the library context I (see L) and the algorithm specified by I and the property query I. None of the arguments are duplicated, so they must remain unchanged for the lifetime of the returned B or any of its duplicates. diff --git a/doc/man3/EVP_PKEY_new.pod b/doc/man3/EVP_PKEY_new.pod index 0c941a6006..b33b2aa8c6 100644 --- a/doc/man3/EVP_PKEY_new.pod +++ b/doc/man3/EVP_PKEY_new.pod @@ -24,14 +24,14 @@ EVP_PKEY_get_raw_public_key int EVP_PKEY_up_ref(EVP_PKEY *key); void EVP_PKEY_free(EVP_PKEY *key); - EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx, + EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx, const char *keytype, const char *propq, const unsigned char *key, size_t keylen); EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, const unsigned char *key, size_t keylen); - EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx, + EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OSSL_LIB_CTX *libctx, const char *keytype, const char *propq, const unsigned char *key, @@ -40,7 +40,7 @@ EVP_PKEY_get_raw_public_key const unsigned char *key, size_t keylen); EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len, const char *cipher_name, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, const EVP_CIPHER *cipher); EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, diff --git a/doc/man3/EVP_RAND.pod b/doc/man3/EVP_RAND.pod index 25dbf80375..e53cddff2f 100644 --- a/doc/man3/EVP_RAND.pod +++ b/doc/man3/EVP_RAND.pod @@ -21,7 +21,7 @@ EVP_RAND_STATE_ERROR - EVP RAND routines typedef struct evp_rand_st EVP_RAND; typedef struct evp_rand_ctx_st EVP_RAND_CTX; - EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm, + EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties); int EVP_RAND_up_ref(EVP_RAND *rand); void EVP_RAND_free(EVP_RAND *rand); @@ -38,7 +38,7 @@ EVP_RAND_STATE_ERROR - EVP RAND routines const char *EVP_RAND_name(const EVP_RAND *rand); int EVP_RAND_is_a(const EVP_RAND *rand, const char *name); const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand); - void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx, + void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_RAND *rand, void *arg), void *arg); void EVP_RAND_names_do_all(const EVP_RAND *rand, diff --git a/doc/man3/EVP_SIGNATURE_free.pod b/doc/man3/EVP_SIGNATURE_free.pod index 6c5724bf54..5e745747e9 100644 --- a/doc/man3/EVP_SIGNATURE_free.pod +++ b/doc/man3/EVP_SIGNATURE_free.pod @@ -12,14 +12,14 @@ EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params #include - EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm, + EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); void EVP_SIGNATURE_free(EVP_SIGNATURE *signature); int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature); int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature); - void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, + void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_SIGNATURE *signature, void *arg), void *arg); diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod index d2959fabac..e98d1faf46 100644 --- a/doc/man3/EVP_SignInit.pod +++ b/doc/man3/EVP_SignInit.pod @@ -13,7 +13,7 @@ EVP_SignFinal_ex, EVP_SignFinal int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, - EVP_PKEY *pkey, OPENSSL_CTX *libctx, const char *propq); + EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, const char *propq); int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey); diff --git a/doc/man3/EVP_VerifyInit.pod b/doc/man3/EVP_VerifyInit.pod index d98054bedb..6cba8c6a5e 100644 --- a/doc/man3/EVP_VerifyInit.pod +++ b/doc/man3/EVP_VerifyInit.pod @@ -14,7 +14,7 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_ex, EVP_VerifyFinal int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); diff --git a/doc/man3/EVP_set_default_properties.pod b/doc/man3/EVP_set_default_properties.pod index e22f5c3e99..00404bd999 100644 --- a/doc/man3/EVP_set_default_properties.pod +++ b/doc/man3/EVP_set_default_properties.pod @@ -10,9 +10,9 @@ EVP_default_properties_is_fips_enabled #include - int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq); - int EVP_default_properties_enable_fips(OPENSSL_CTX *libctx, int enable); - int EVP_default_properties_is_fips_enabled(OPENSSL_CTX *libctx); + int EVP_set_default_properties(OSSL_LIB_CTX *libctx, const char *propq); + int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable); + int EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX *libctx); =head1 DESCRIPTION diff --git a/doc/man3/NCONF_new_ex.pod b/doc/man3/NCONF_new_ex.pod index 2de14b4f4e..46c2e8c466 100644 --- a/doc/man3/NCONF_new_ex.pod +++ b/doc/man3/NCONF_new_ex.pod @@ -9,7 +9,7 @@ NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load #include - CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth); + CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth); CONF *NCONF_new(CONF_METHOD *meth); void NCONF_free(CONF *conf); CONF_METHOD *NCONF_default(void); diff --git a/doc/man3/OCSP_response_status.pod b/doc/man3/OCSP_response_status.pod index a7eb6e3173..c97f22c4ed 100644 --- a/doc/man3/OCSP_response_status.pod +++ b/doc/man3/OCSP_response_status.pod @@ -19,9 +19,9 @@ OCSP_RESPID_match, OCSP_basic_sign, OCSP_basic_sign_ctx int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert); int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert); - int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OPENSSL_CTX *libctx, + int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OSSL_LIB_CTX *libctx, const char *propq); int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert); diff --git a/doc/man3/OPENSSL_init_crypto.pod b/doc/man3/OPENSSL_init_crypto.pod index bed722abf2..92a9d9b95a 100644 --- a/doc/man3/OPENSSL_init_crypto.pod +++ b/doc/man3/OPENSSL_init_crypto.pod @@ -15,7 +15,7 @@ and deinitialisation functions void OPENSSL_cleanup(void); int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings); int OPENSSL_atexit(void (*handler)(void)); - void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx); + void OPENSSL_thread_stop_ex(OSSL_LIB_CTX *ctx); void OPENSSL_thread_stop(void); OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void); @@ -214,24 +214,24 @@ process wide resources are freed. In the event that multiple stop handlers are registered, no guarantees are made about the order of execution. The OPENSSL_thread_stop_ex() function deallocates resources associated -with the current thread for the given OPENSSL_CTX B. The B parameter -can be NULL in which case the default OPENSSL_CTX is used. +with the current thread for the given OSSL_LIB_CTX B. The B parameter +can be NULL in which case the default OSSL_LIB_CTX is used. Typically, this function will be called automatically by the library when -the thread exits as long as the OPENSSL_CTX has not been freed before the thread -exits. If OPENSSL_CTX_free() is called OPENSSL_thread_stop_ex will be called +the thread exits as long as the OSSL_LIB_CTX has not been freed before the thread +exits. If OSSL_LIB_CTX_free() is called OPENSSL_thread_stop_ex will be called automatically for the current thread (but not any other threads that may have -used this OPENSSL_CTX). +used this OSSL_LIB_CTX). OPENSSL_thread_stop_ex should be called on all threads that will exit after the -OPENSSL_CTX is freed. -Typically this is not necessary for the default OPENSSL_CTX (because all +OSSL_LIB_CTX is freed. +Typically this is not necessary for the default OSSL_LIB_CTX (because all resources are cleaned up on library exit) except if thread local resources should be freed before library exit, or under the circumstances described in the NOTES section below. OPENSSL_thread_stop() is the same as OPENSSL_thread_stop_ex() except that the -default OPENSSL_CTX is always used. +default OSSL_LIB_CTX is always used. The B flag will load a configuration file, as with L with NULL filename and application name and the diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod index 3d9860114b..95226cf38a 100644 --- a/doc/man3/OSSL_CMP_CTX_new.pod +++ b/doc/man3/OSSL_CMP_CTX_new.pod @@ -67,7 +67,7 @@ OSSL_CMP_CTX_set1_senderNonce #include - OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq); + OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx); int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx); int OSSL_CMP_CTX_set_option(OSSL_CMP_CTX *ctx, int opt, int val); diff --git a/doc/man3/OSSL_CMP_SRV_CTX_new.pod b/doc/man3/OSSL_CMP_SRV_CTX_new.pod index 7d87d7df2c..a69df1b47d 100644 --- a/doc/man3/OSSL_CMP_SRV_CTX_new.pod +++ b/doc/man3/OSSL_CMP_SRV_CTX_new.pod @@ -29,7 +29,7 @@ OSSL_CMP_SRV_CTX_set_grant_implicit_confirm const OSSL_CMP_MSG *req); OSSL_CMP_MSG *OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx, const OSSL_CMP_MSG *req); - OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq); + OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx); typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t)( diff --git a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod index e71cc52422..f59abb4f11 100644 --- a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod +++ b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod @@ -26,7 +26,7 @@ OSSL_CRMF_MSG_get_certReqId X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, EVP_PKEY *pkey); int OSSL_CRMF_MSG_get_certReqId(const OSSL_CRMF_MSG *crm); @@ -50,7 +50,7 @@ of the given CertId I, which must be of ASN.1 type GEN_DIRNAME. OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert() decrypts the certificate in the given encryptedValue I, using the private key I, library context -I and property query string I (see L). +I and property query string I (see L). This is needed for the indirect POPO method as in RFC 4210 section 5.2.8.2. The function returns the decrypted certificate as a copy, leaving its ownership with the caller, who is responsible for freeing it. diff --git a/doc/man3/OSSL_CRMF_MSG_set0_validity.pod b/doc/man3/OSSL_CRMF_MSG_set0_validity.pod index 8612049d73..70a4120e86 100644 --- a/doc/man3/OSSL_CRMF_MSG_set0_validity.pod +++ b/doc/man3/OSSL_CRMF_MSG_set0_validity.pod @@ -32,11 +32,11 @@ OSSL_CRMF_MSGS_verify_popo int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, const EVP_MD *digest, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, int rid, int acceptRAVerified, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); =head1 DESCRIPTION diff --git a/doc/man3/OSSL_CRMF_pbmp_new.pod b/doc/man3/OSSL_CRMF_pbmp_new.pod index b4fd62a296..76ef43b149 100644 --- a/doc/man3/OSSL_CRMF_pbmp_new.pod +++ b/doc/man3/OSSL_CRMF_pbmp_new.pod @@ -10,13 +10,13 @@ OSSL_CRMF_pbmp_new #include - int OSSL_CRMF_pbm_new(OPENSSL_CTX *libctx, const char *propq, + int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, const OSSL_CRMF_PBMPARAMETER *pbmp, const unsigned char *msg, size_t msglen, const unsigned char *sec, size_t seclen, unsigned char **mac, size_t *maclen); - OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t saltlen, + OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t saltlen, int owfnid, size_t itercnt, int macnid); diff --git a/doc/man3/OSSL_DECODER.pod b/doc/man3/OSSL_DECODER.pod index 96d0a51ca5..b951d8d0b9 100644 --- a/doc/man3/OSSL_DECODER.pod +++ b/doc/man3/OSSL_DECODER.pod @@ -22,7 +22,7 @@ OSSL_DECODER_get_params typedef struct ossl_decoder_st OSSL_DECODER; - OSSL_DECODER *OSSL_DECODER_fetch(OPENSSL_CTX *ctx, const char *name, + OSSL_DECODER *OSSL_DECODER_fetch(OSSL_LIB_CTX *ctx, const char *name, const char *properties); int OSSL_DECODER_up_ref(OSSL_DECODER *decoder); void OSSL_DECODER_free(OSSL_DECODER *decoder); @@ -30,7 +30,7 @@ OSSL_DECODER_get_params const char *OSSL_DECODER_properties(const OSSL_DECODER *decoder); int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name); int OSSL_DECODER_number(const OSSL_DECODER *decoder); - void OSSL_DECODER_do_all_provided(OPENSSL_CTX *libctx, + void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_DECODER *decoder, void *arg), void *arg); void OSSL_DECODER_names_do_all(const OSSL_DECODER *decoder, @@ -46,7 +46,7 @@ decode encoded data into an object of some type that the rest of OpenSSL knows how to handle. OSSL_DECODER_fetch() looks for an algorithm within the provider that -has been loaded into the B given by I, having the +has been loaded into the B given by I, having the name given by I and the properties given by I. The I determines what type of object the fetched decoder method is expected to be able to decode, and the properties are @@ -124,7 +124,7 @@ Text, because pod2xxx doesn't like empty sections =head1 SEE ALSO L, L, L, -L, L +L, L =head1 HISTORY diff --git a/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod index c57438072b..965f19b2e2 100644 --- a/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod +++ b/doc/man3/OSSL_DECODER_CTX_new_by_EVP_PKEY.pod @@ -16,7 +16,7 @@ OSSL_DECODER_CTX_set_passphrase_cb OSSL_DECODER_CTX * OSSL_DECODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey, const char *input_type, const char *keytype, - OPENSSL_CTX *libctx, const char *propquery); + OSSL_LIB_CTX *libctx, const char *propquery); int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx, const unsigned char *kstr, diff --git a/doc/man3/OSSL_ENCODER.pod b/doc/man3/OSSL_ENCODER.pod index a1b7c4b76c..c418148dc4 100644 --- a/doc/man3/OSSL_ENCODER.pod +++ b/doc/man3/OSSL_ENCODER.pod @@ -22,7 +22,7 @@ OSSL_ENCODER_get_params typedef struct ossl_encoder_st OSSL_ENCODER; - OSSL_ENCODER *OSSL_ENCODER_fetch(OPENSSL_CTX *ctx, const char *name, + OSSL_ENCODER *OSSL_ENCODER_fetch(OSSL_LIB_CTX *ctx, const char *name, const char *properties); int OSSL_ENCODER_up_ref(OSSL_ENCODER *encoder); void OSSL_ENCODER_free(OSSL_ENCODER *encoder); @@ -30,7 +30,7 @@ OSSL_ENCODER_get_params const char *OSSL_ENCODER_properties(const OSSL_ENCODER *encoder); int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name); int OSSL_ENCODER_number(const OSSL_ENCODER *encoder); - void OSSL_ENCODER_do_all_provided(OPENSSL_CTX *libctx, + void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_ENCODER *encoder, void *arg), void *arg); void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder, @@ -46,7 +46,7 @@ encode an object of some kind to a encoded form, such as PEM, DER, or even human readable text. OSSL_ENCODER_fetch() looks for an algorithm within the provider that -has been loaded into the B given by I, having the +has been loaded into the B given by I, having the name given by I and the properties given by I. The I determines what type of object the fetched encoder method is expected to be able to encode, and the properties are @@ -117,7 +117,7 @@ OSSL_ENCODER_number() returns an integer. =head1 SEE ALSO L, L, L, -L, L +L, L =head1 HISTORY diff --git a/doc/man3/OSSL_ENCODER_CTX.pod b/doc/man3/OSSL_ENCODER_CTX.pod index ccf847db47..01587ff7cb 100644 --- a/doc/man3/OSSL_ENCODER_CTX.pod +++ b/doc/man3/OSSL_ENCODER_CTX.pod @@ -42,7 +42,7 @@ OSSL_ENCODER_CTX_set_cleanup int OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER *encoder); int OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX *ctx, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int OSSL_ENCODER_CTX_get_num_encoders(OSSL_ENCODER_CTX *ctx); typedef struct ossl_encoder_instance_st OSSL_ENCODER_INSTANCE; diff --git a/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod index a97208cbe3..b47dc453f8 100644 --- a/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod +++ b/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod @@ -17,7 +17,7 @@ OSSL_ENCODER_CTX_set_passphrase_ui OSSL_ENCODER_CTX * OSSL_ENCODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey, const char *output_type, int selection, - OPENSSL_CTX *libctx, const char *propquery); + OSSL_LIB_CTX *libctx, const char *propquery); int OSSL_ENCODER_CTX_set_cipher(OSSL_ENCODER_CTX *ctx, const char *cipher_name, diff --git a/doc/man3/OPENSSL_CTX.pod b/doc/man3/OSSL_LIB_CTX.pod similarity index 60% rename from doc/man3/OPENSSL_CTX.pod rename to doc/man3/OSSL_LIB_CTX.pod index 01737de2ef..01b6a47b48 100644 --- a/doc/man3/OPENSSL_CTX.pod +++ b/doc/man3/OSSL_LIB_CTX.pod @@ -2,43 +2,43 @@ =head1 NAME -OPENSSL_CTX, OPENSSL_CTX_new, OPENSSL_CTX_free, OPENSSL_CTX_load_config, -OPENSSL_CTX_set0_default +OSSL_LIB_CTX, OSSL_LIB_CTX_new, OSSL_LIB_CTX_free, OSSL_LIB_CTX_load_config, +OSSL_LIB_CTX_set0_default - OpenSSL library context =head1 SYNOPSIS #include - typedef struct openssl_ctx_st OPENSSL_CTX; + typedef struct ossl_lib_ctx_st OSSL_LIB_CTX; - OPENSSL_CTX *OPENSSL_CTX_new(void); - int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file); - void OPENSSL_CTX_free(OPENSSL_CTX *ctx); - OPENSSL_CTX *OPENSSL_CTX_set0_default(OPENSSL_CTX *ctx); + OSSL_LIB_CTX *OSSL_LIB_CTX_new(void); + int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file); + void OSSL_LIB_CTX_free(OSSL_LIB_CTX *ctx); + OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *ctx); =head1 DESCRIPTION -B is an internal OpenSSL library context type. +B is an internal OpenSSL library context type. Applications may allocate their own, but may also use NULL to use -a default context with functions that take an B +a default context with functions that take an B argument. When a non default library context is in use care should be taken with multi-threaded applications to properly clean up thread local resources before -the OPENSSL_CTX is freed. +the OSSL_LIB_CTX is freed. See L for more information. -OPENSSL_CTX_new() creates a new OpenSSL library context. +OSSL_LIB_CTX_new() creates a new OpenSSL library context. -OPENSSL_CTX_load_config() loads a configuration file using the given C. +OSSL_LIB_CTX_load_config() loads a configuration file using the given C. This can be used to associate a library context with providers that are loaded from a configuration. -OPENSSL_CTX_free() frees the given I, unless it happens to be the +OSSL_LIB_CTX_free() frees the given I, unless it happens to be the default OpenSSL library context. -OPENSSL_CTX_set0_default() sets the default OpenSSL library context to be +OSSL_LIB_CTX_set0_default() sets the default OpenSSL library context to be I in the current thread. The previous default library context is returned. Care should be taken by the caller to restore the previous default library context with a subsequent call of this function. @@ -53,15 +53,15 @@ that job has finished. =head1 RETURN VALUES -OPENSSL_CTX_new() and OPENSSL_CTX_set0_default() return a library context +OSSL_LIB_CTX_new() and OSSL_LIB_CTX_set0_default() return a library context pointer on success, or NULL on error. -OPENSSL_CTX_free() doesn't return any value. +OSSL_LIB_CTX_free() doesn't return any value. =head1 HISTORY -OPENSSL_CTX, OPENSSL_CTX_new(), OPENSSL_CTX_load_config(), OPENSSL_CTX_free() -and OPENSSL_CTX_set0_default() were added in OpenSSL 3.0. +OSSL_LIB_CTX, OSSL_LIB_CTX_new(), OSSL_LIB_CTX_load_config(), OSSL_LIB_CTX_free() +and OSSL_LIB_CTX_set0_default() were added in OpenSSL 3.0. =head1 COPYRIGHT diff --git a/doc/man3/OSSL_PROVIDER.pod b/doc/man3/OSSL_PROVIDER.pod index 7fe8feb9dd..fa9d45b11d 100644 --- a/doc/man3/OSSL_PROVIDER.pod +++ b/doc/man3/OSSL_PROVIDER.pod @@ -17,14 +17,14 @@ OSSL_PROVIDER_get_capabilities, OSSL_PROVIDER_self_test typedef struct ossl_provider_st OSSL_PROVIDER; - void OSSL_PROVIDER_set_default_search_path(OPENSSL_CTX *libctx, + void OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, const char *path); - OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name); - OSSL_PROVIDER *OSSL_PROVIDER_try_load(OPENSSL_CTX *libctx, const char *name); + OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name); + OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name); int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov); - int OSSL_PROVIDER_available(OPENSSL_CTX *libctx, const char *name); - int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx, + int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name); + int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, int (*cb)(OSSL_PROVIDER *provider, void *cbdata), void *cbdata); @@ -36,7 +36,7 @@ OSSL_PROVIDER_get_capabilities, OSSL_PROVIDER_self_test int *no_cache); void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov); - int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *libctx, const char *name, + int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name, ossl_provider_init_fn *init_fn); const char *OSSL_PROVIDER_name(const OSSL_PROVIDER *prov); @@ -57,7 +57,7 @@ libraries, or can be a loadable module. The functions described here handle both forms. Some of these functions operate within a library context, please see -L for further details. +L for further details. =head2 Functions @@ -174,7 +174,7 @@ its build number. =head1 SEE ALSO -L, L, L +L, L, L =head1 HISTORY diff --git a/doc/man3/OSSL_SELF_TEST_set_callback.pod b/doc/man3/OSSL_SELF_TEST_set_callback.pod index be65eca0fe..beea50ff33 100644 --- a/doc/man3/OSSL_SELF_TEST_set_callback.pod +++ b/doc/man3/OSSL_SELF_TEST_set_callback.pod @@ -9,14 +9,14 @@ OSSL_SELF_TEST_get_callback - specify a callback for processing self tests #include - void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *ctx, OSSL_CALLBACK *cb, void *cbarg); - void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *ctx, OSSL_CALLBACK **cb, void **cbarg); + void OSSL_SELF_TEST_set_callback(OSSL_LIB_CTX *ctx, OSSL_CALLBACK *cb, void *cbarg); + void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *ctx, OSSL_CALLBACK **cb, void **cbarg); =head1 DESCRIPTION Set or gets the optional application callback (and the callback argument) that is called during self testing. -The application callback B is associated with a B. +The application callback B is associated with a B. The application callback function receives information about a running self test, and may return a result to the calling self test. See L for further information on the callback. @@ -33,7 +33,7 @@ not been called. L, L L -L +L =head1 HISTORY diff --git a/doc/man3/OSSL_STORE_LOADER.pod b/doc/man3/OSSL_STORE_LOADER.pod index e8da59392e..ad1a40a0a4 100644 --- a/doc/man3/OSSL_STORE_LOADER.pod +++ b/doc/man3/OSSL_STORE_LOADER.pod @@ -34,7 +34,7 @@ unregister STORE loaders for different URI schemes typedef struct ossl_store_loader_st OSSL_STORE_LOADER; OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(const char *scheme, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *properties); int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader); void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader); @@ -44,7 +44,7 @@ unregister STORE loaders for different URI schemes int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader); int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *scheme); - void OSSL_STORE_LOADER_do_all_provided(OPENSSL_CTX *libctx, + void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_STORE_LOADER *loader, void *arg), void *arg); @@ -76,7 +76,7 @@ L: OSSL_STORE_open_ex_fn store_open_ex_function); typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn) (const OSSL_STORE_LOADER *loader, BIO *bio, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data); int OSSL_STORE_LOADER_set_attach(OSSL_STORE_LOADER *loader, OSSL_STORE_attach_fn attach_function); @@ -118,7 +118,7 @@ OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for specific storage schemes. OSSL_STORE_LOADER_fetch() looks for an implementation for a storage -I within the providers that has been loaded into the B +I within the providers that has been loaded into the B given by I, and with the properties given by I. OSSL_STORE_LOADER_up_ref() increments the reference count for the given @@ -347,7 +347,7 @@ or NULL on failure. =head1 SEE ALSO -L, L, L, +L, L, L, L =head1 HISTORY diff --git a/doc/man3/OSSL_STORE_attach.pod b/doc/man3/OSSL_STORE_attach.pod index ae31202141..87910e434e 100644 --- a/doc/man3/OSSL_STORE_attach.pod +++ b/doc/man3/OSSL_STORE_attach.pod @@ -9,7 +9,7 @@ OSSL_STORE_attach - Functions to read objects from a BIO #include OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, const char *scheme, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); diff --git a/doc/man3/OSSL_STORE_open.pod b/doc/man3/OSSL_STORE_open.pod index cd6f7cac74..61571be490 100644 --- a/doc/man3/OSSL_STORE_open.pod +++ b/doc/man3/OSSL_STORE_open.pod @@ -22,7 +22,7 @@ OSSL_STORE_error, OSSL_STORE_close OSSL_STORE_post_process_info_fn post_process, void *post_process_data); OSSL_STORE_CTX * - OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq, + OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); diff --git a/doc/man3/PEM_X509_INFO_read_bio_ex.pod b/doc/man3/PEM_X509_INFO_read_bio_ex.pod index e8eb00aad0..ceab8dbd68 100644 --- a/doc/man3/PEM_X509_INFO_read_bio_ex.pod +++ b/doc/man3/PEM_X509_INFO_read_bio_ex.pod @@ -12,13 +12,13 @@ object's STACK_OF(X509_INFO) *PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq); STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bio, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq); =head1 DESCRIPTION diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod index ddfde85988..b00a18c8a1 100644 --- a/doc/man3/PEM_read_bio_PrivateKey.pod +++ b/doc/man3/PEM_read_bio_PrivateKey.pod @@ -36,12 +36,12 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines typedef int pem_password_cb(char *buf, int size, int rwflag, void *u); EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, - void *u, OPENSSL_CTX *libctx, + void *u, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u); EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, - void *u, OPENSSL_CTX *libctx, + void *u, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *PEM_read_PrivateKey(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u); @@ -70,12 +70,12 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines EVP_PKEY *PEM_read_bio_PUBKEY_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *PEM_read_bio_PUBKEY(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u); EVP_PKEY *PEM_read_PUBKEY_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *PEM_read_PUBKEY(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u); int PEM_write_bio_PUBKEY(BIO *bp, EVP_PKEY *x); @@ -125,7 +125,7 @@ PEM_write_bio_PKCS7, PEM_write_PKCS7 - PEM routines int PEM_write_DSA_PUBKEY(FILE *fp, DSA *x); EVP_PKEY *PEM_read_bio_Parameters_ex(BIO *bp, EVP_PKEY **x, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); int PEM_write_bio_Parameters(BIO *bp, const EVP_PKEY *x); diff --git a/doc/man3/PKCS7_encrypt.pod b/doc/man3/PKCS7_encrypt.pod index ff23d1b554..79c769a776 100644 --- a/doc/man3/PKCS7_encrypt.pod +++ b/doc/man3/PKCS7_encrypt.pod @@ -11,7 +11,7 @@ PKCS7_encrypt_ex, PKCS7_encrypt PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); diff --git a/doc/man3/PKCS7_sign.pod b/doc/man3/PKCS7_sign.pod index 43a76e7e59..62427581f7 100644 --- a/doc/man3/PKCS7_sign.pod +++ b/doc/man3/PKCS7_sign.pod @@ -10,7 +10,7 @@ PKCS7_sign_ex, PKCS7_sign #include PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, int flags, OPENSSL_CTX *libctx, + BIO *data, int flags, OSSL_LIB_CTX *libctx, const char *propq); PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); diff --git a/doc/man3/RAND_bytes.pod b/doc/man3/RAND_bytes.pod index 0673f1b839..aeec94dd8b 100644 --- a/doc/man3/RAND_bytes.pod +++ b/doc/man3/RAND_bytes.pod @@ -12,8 +12,8 @@ RAND_pseudo_bytes - generate random data int RAND_bytes(unsigned char *buf, int num); int RAND_priv_bytes(unsigned char *buf, int num); - int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); - int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); + int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num); + int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num); Deprecated since OpenSSL 1.1.0, can be hidden entirely by defining B with a suitable version value, see @@ -37,7 +37,7 @@ RAND_bytes_ex() and RAND_priv_bytes_ex() are the same as RAND_bytes() and RAND_priv_bytes() except that they both take an additional I parameter. The DRBG used for the operation is the public or private DRBG associated with the specified I. The parameter can be NULL, in which case -the default library context is used (see L. +the default library context is used (see L. If the default RAND_METHOD has been changed then for compatibility reasons the RAND_METHOD will be used in preference and the DRBG of the library context ignored. diff --git a/doc/man3/RAND_get0_primary.pod b/doc/man3/RAND_get0_primary.pod index 16bb223d4a..5d84b330ab 100644 --- a/doc/man3/RAND_get0_primary.pod +++ b/doc/man3/RAND_get0_primary.pod @@ -11,9 +11,9 @@ RAND_get0_private #include - EVP_RAND_CTX *RAND_get0_primary(OPENSSL_CTX *ctx); - EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx); - EVP_RAND_CTX *RAND_get0_private(OPENSSL_CTX *ctx); + EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx); + EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx); + EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx); =head1 DESCRIPTION @@ -31,16 +31,16 @@ These functions here provide access to the shared DRBG instances. =head1 RETURN VALUES RAND_get0_primary() returns a pointer to the I DRBG instance -for the given OPENSSL_CTX B. +for the given OSSL_LIB_CTX B. RAND_get0_public() returns a pointer to the I DRBG instance -for the given OPENSSL_CTX B. +for the given OSSL_LIB_CTX B. RAND_get0_private() returns a pointer to the I DRBG instance -for the given OPENSSL_CTX B. +for the given OSSL_LIB_CTX B. In all the above cases the B parameter can -be NULL in which case the default OPENSSL_CTX is used. +be NULL in which case the default OSSL_LIB_CTX is used. =head1 NOTES diff --git a/doc/man3/SMIME_write_ASN1.pod b/doc/man3/SMIME_write_ASN1.pod index 41e2e557b6..4217d24225 100644 --- a/doc/man3/SMIME_write_ASN1.pod +++ b/doc/man3/SMIME_write_ASN1.pod @@ -12,7 +12,7 @@ SMIME_write_ASN1_ex, SMIME_write_ASN1 int SMIME_write_ASN1_ex(BIO *out, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int SMIME_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, diff --git a/doc/man3/SRP_Calc_B.pod b/doc/man3/SRP_Calc_B.pod index 1353311f50..b0dde086f3 100644 --- a/doc/man3/SRP_Calc_B.pod +++ b/doc/man3/SRP_Calc_B.pod @@ -22,22 +22,22 @@ SRP_Calc_client_key BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u, const BIGNUM *b, const BIGNUM *N); BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g, - const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq); + const BIGNUM *v, OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g, const BIGNUM *v); BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N); /* client side .... */ BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g, const BIGNUM *x, const BIGNUM *a, const BIGNUM *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g, const BIGNUM *x, const BIGNUM *a, const BIGNUM *u); BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass); BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g); diff --git a/doc/man3/SRP_create_verifier.pod b/doc/man3/SRP_create_verifier.pod index 18c7308533..884cf0d660 100644 --- a/doc/man3/SRP_create_verifier.pod +++ b/doc/man3/SRP_create_verifier.pod @@ -16,13 +16,13 @@ SRP_get_default_gN int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, const BIGNUM *N, - const BIGNUM *g, OPENSSL_CTX *libctx, + const BIGNUM *g, OSSL_LIB_CTX *libctx, const char *propq); char *SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, const BIGNUM *N, const BIGNUM *g); char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt, char **verifier, const char *N, const char *g, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); char *SRP_create_verifier(const char *user, const char *pass, char **salt, char **verifier, const char *N, const char *g); diff --git a/doc/man3/SSL_CTX_new.pod b/doc/man3/SSL_CTX_new.pod index e15f3e1da2..b71cda9be0 100644 --- a/doc/man3/SSL_CTX_new.pod +++ b/doc/man3/SSL_CTX_new.pod @@ -18,7 +18,7 @@ functions #include - SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq, + SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, const SSL_METHOD *method); SSL_CTX *SSL_CTX_new(const SSL_METHOD *method); int SSL_CTX_up_ref(SSL_CTX *ctx); @@ -75,7 +75,7 @@ functions SSL_CTX_new_ex() creates a new B object as a framework to establish TLS/SSL or DTLS enabled connections using the library context -I (see L). Any cryptographic algorithms that are used +I (see L). Any cryptographic algorithms that are used by any B objects created from this B will be fetched from the I using the property query string I (see L. Either or both the I or I diff --git a/doc/man3/SSL_load_client_CA_file.pod b/doc/man3/SSL_load_client_CA_file.pod index c3b20d9b6b..9fc385a18a 100644 --- a/doc/man3/SSL_load_client_CA_file.pod +++ b/doc/man3/SSL_load_client_CA_file.pod @@ -13,7 +13,7 @@ SSL_add_store_cert_subjects_to_stack #include STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq); STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); diff --git a/doc/man3/X509_LOOKUP.pod b/doc/man3/X509_LOOKUP.pod index 69d6315ffe..89dbb6a201 100644 --- a/doc/man3/X509_LOOKUP.pod +++ b/doc/man3/X509_LOOKUP.pod @@ -34,19 +34,19 @@ X509_LOOKUP_by_alias void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx); int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret, OPENSSL_CTX *libctx, const char *propq); + char **ret, OSSL_LIB_CTX *libctx, const char *propq); int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); int X509_LOOKUP_load_file_ex(X509_LOOKUP *ctx, char *name, long type, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_LOOKUP_load_file(X509_LOOKUP *ctx, char *name, long type); int X509_LOOKUP_load_file_ex(X509_LOOKUP *ctx, char *name, long type, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_LOOKUP_add_dir(X509_LOOKUP *ctx, char *name, long type); - int X509_LOOKUP_add_store_ex(X509_LOOKUP *ctx, char *uri, OPENSSL_CTX *libctx, + int X509_LOOKUP_add_store_ex(X509_LOOKUP *ctx, char *uri, OSSL_LIB_CTX *libctx, const char *propq); int X509_LOOKUP_add_store(X509_LOOKUP *ctx, char *uri); - int X509_LOOKUP_load_store_ex(X509_LOOKUP *ctx, char *uri, OPENSSL_CTX *libctx, + int X509_LOOKUP_load_store_ex(X509_LOOKUP *ctx, char *uri, OSSL_LIB_CTX *libctx, const char *propq); int X509_LOOKUP_load_store(X509_LOOKUP *ctx, char *uri); @@ -54,7 +54,7 @@ X509_LOOKUP_by_alias int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret); int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, diff --git a/doc/man3/X509_LOOKUP_hash_dir.pod b/doc/man3/X509_LOOKUP_hash_dir.pod index 788045fb4b..5a660f100d 100644 --- a/doc/man3/X509_LOOKUP_hash_dir.pod +++ b/doc/man3/X509_LOOKUP_hash_dir.pod @@ -17,11 +17,11 @@ X509_load_cert_crl_file_ex, X509_load_cert_crl_file X509_LOOKUP_METHOD *X509_LOOKUP_store(void); int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); =head1 DESCRIPTION diff --git a/doc/man3/X509_PUBKEY_new.pod b/doc/man3/X509_PUBKEY_new.pod index e6acb89213..fa6141d682 100644 --- a/doc/man3/X509_PUBKEY_new.pod +++ b/doc/man3/X509_PUBKEY_new.pod @@ -21,7 +21,7 @@ X509_PUBKEY_eq - SubjectPublicKeyInfo public key functions EVP_PKEY *X509_PUBKEY_get(const X509_PUBKEY *key); EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length); int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp); diff --git a/doc/man3/X509_STORE_CTX_new.pod b/doc/man3/X509_STORE_CTX_new.pod index 96060fcc7e..b5ef577310 100644 --- a/doc/man3/X509_STORE_CTX_new.pod +++ b/doc/man3/X509_STORE_CTX_new.pod @@ -18,7 +18,7 @@ X509_STORE_CTX_verify_fn #include - X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq); + X509_STORE_CTX *X509_STORE_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq); X509_STORE_CTX *X509_STORE_CTX_new(void); void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); void X509_STORE_CTX_free(X509_STORE_CTX *ctx); diff --git a/doc/man3/X509_STORE_add_cert.pod b/doc/man3/X509_STORE_add_cert.pod index 5f16ee09b9..db7f0cfd8c 100644 --- a/doc/man3/X509_STORE_add_cert.pod +++ b/doc/man3/X509_STORE_add_cert.pod @@ -28,18 +28,18 @@ X509_STORE_load_locations_ex, X509_STORE_load_locations X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *store, X509_LOOKUP_METHOD *meth); - int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx, + int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OSSL_LIB_CTX *libctx, const char *propq); int X509_STORE_set_default_paths(X509_STORE *ctx); int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_STORE_load_file(X509_STORE *ctx, const char *file); int X509_STORE_load_path(X509_STORE *ctx, const char *dir); int X509_STORE_load_store_ex(X509_STORE *ctx, const char *uri, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_STORE_load_store(X509_STORE *ctx, const char *uri); int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file, - const char *dir, OPENSSL_CTX *libctx, + const char *dir, OSSL_LIB_CTX *libctx, const char *propq); int X509_STORE_load_locations(X509_STORE *ctx, const char *file, const char *dir); diff --git a/doc/man3/X509_new.pod b/doc/man3/X509_new.pod index 38a101a5bc..b40715bddf 100644 --- a/doc/man3/X509_new.pod +++ b/doc/man3/X509_new.pod @@ -11,7 +11,7 @@ X509_free, X509_up_ref - X509 certificate ASN1 allocation functions #include X509 *X509_new(void); - X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq); + X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq); void X509_free(X509 *a); int X509_up_ref(X509 *a); STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x); diff --git a/doc/man3/X509_verify.pod b/doc/man3/X509_verify.pod index 15719090bb..65e41977bd 100644 --- a/doc/man3/X509_verify.pod +++ b/doc/man3/X509_verify.pod @@ -14,7 +14,7 @@ verify certificate, certificate request, or CRL signature int X509_verify(X509 *x, EVP_PKEY *pkey); int X509_self_signed(X509 *cert, int verify_signature); - int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *pkey, OPENSSL_CTX *libctx, + int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, const char *propq); int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); @@ -61,7 +61,7 @@ L, L, L, L, -L +L =head1 HISTORY diff --git a/doc/man3/d2i_PrivateKey.pod b/doc/man3/d2i_PrivateKey.pod index 689e8ba209..4e918f14c6 100644 --- a/doc/man3/d2i_PrivateKey.pod +++ b/doc/man3/d2i_PrivateKey.pod @@ -14,7 +14,7 @@ i2d_PrivateKey_fp #include EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp, - long length, OPENSSL_CTX *libctx, + long length, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length); @@ -23,7 +23,7 @@ i2d_PrivateKey_fp EVP_PKEY *d2i_KeyParams(int type, EVP_PKEY **a, const unsigned char **pp, long length); EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp, - long length, OPENSSL_CTX *libctx, + long length, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length); @@ -37,10 +37,10 @@ i2d_PrivateKey_fp #include - EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx, + EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); - EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx, + EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); diff --git a/doc/man7/provider-base.pod b/doc/man7/provider-base.pod index b92f117d86..536c5ed430 100644 --- a/doc/man7/provider-base.pod +++ b/doc/man7/provider-base.pod @@ -20,7 +20,7 @@ provider-base int core_get_params(const OSSL_CORE_HANDLE *handle, OSSL_PARAM params[]); int core_thread_start(const OSSL_CORE_HANDLE *handle, OSSL_thread_stop_handler_fn handfn); - OPENSSL_CORE_CTX *core_get_library_context(const OSSL_CORE_HANDLE *handle); + OPENSSL_CORE_CTX *core_get_libctx(const OSSL_CORE_HANDLE *handle); void core_new_error(const OSSL_CORE_HANDLE *handle); void core_set_error_debug(const OSSL_CORE_HANDLE *handle, const char *file, int line, const char *func); @@ -104,7 +104,7 @@ provider): core_gettable_params OSSL_FUNC_CORE_GETTABLE_PARAMS core_get_params OSSL_FUNC_CORE_GET_PARAMS core_thread_start OSSL_FUNC_CORE_THREAD_START - core_get_library_context OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT + core_get_libctx OSSL_FUNC_CORE_GET_LIBCTX core_new_error OSSL_FUNC_CORE_NEW_ERROR core_set_error_debug OSSL_FUNC_CORE_SET_ERROR_DEBUG core_set_error OSSL_FUNC_CORE_SET_ERROR @@ -152,7 +152,7 @@ parameters. =for comment core_thread_start() TBA -core_get_library_context() retrieves the library context in which the library +core_get_libctx() retrieves the library context in which the library object for the current provider is stored, accessible through the I. This may sometimes be useful if the provider wishes to store a reference to its context in the same library context. diff --git a/doc/man7/provider.pod b/doc/man7/provider.pod index ead37b5769..2eb396fad3 100644 --- a/doc/man7/provider.pod +++ b/doc/man7/provider.pod @@ -191,7 +191,7 @@ arguments are passed: =item The library context -See L for a more detailed description. +See L for a more detailed description. This may be NULL to signify the default (global) library context, or a context created by the user. Only providers loaded in this library context (see @@ -383,7 +383,7 @@ other providers: =head1 SEE ALSO L, L, -L, +L, L, L, L, diff --git a/engines/e_loader_attic.c b/engines/e_loader_attic.c index 97789f7293..72ceb38a33 100644 --- a/engines/e_loader_attic.c +++ b/engines/e_loader_attic.c @@ -262,7 +262,7 @@ typedef OSSL_STORE_INFO *(*file_try_decode_fn)(const char *pem_name, int *matchcount, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq); /* * The eof function should return 1 if there's no more data to be found @@ -299,7 +299,7 @@ static OSSL_STORE_INFO *try_decode_PKCS12(const char *pem_name, int *matchcount, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_INFO *store_info = NULL; @@ -434,7 +434,7 @@ static OSSL_STORE_INFO *try_decode_PKCS8Encrypted(const char *pem_name, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { X509_SIG *p8 = NULL; @@ -509,7 +509,7 @@ static OSSL_STORE_INFO *try_decode_PrivateKey(const char *pem_name, int *matchcount, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_INFO *store_info = NULL; @@ -638,7 +638,7 @@ static OSSL_STORE_INFO *try_decode_PUBKEY(const char *pem_name, int *matchcount, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_INFO *store_info = NULL; @@ -674,7 +674,7 @@ static OSSL_STORE_INFO *try_decode_params(const char *pem_name, int *matchcount, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_INFO *store_info = NULL; @@ -752,7 +752,7 @@ static OSSL_STORE_INFO *try_decode_X509Certificate(const char *pem_name, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_INFO *store_info = NULL; @@ -808,7 +808,7 @@ static OSSL_STORE_INFO *try_decode_X509CRL(const char *pem_name, int *matchcount, const UI_METHOD *ui_method, void *ui_data, const char *uri, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { OSSL_STORE_INFO *store_info = NULL; @@ -902,7 +902,7 @@ struct ossl_store_loader_ctx_st { /* Expected object type. May be unspecified */ int expected_type; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; }; @@ -942,7 +942,7 @@ static int file_find_type(OSSL_STORE_LOADER_CTX *ctx) static OSSL_STORE_LOADER_CTX *file_open_ex (const OSSL_STORE_LOADER *loader, const char *uri, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data) { OSSL_STORE_LOADER_CTX *ctx = NULL; @@ -1074,7 +1074,7 @@ static OSSL_STORE_LOADER_CTX *file_open static OSSL_STORE_LOADER_CTX *file_attach (const OSSL_STORE_LOADER *loader, BIO *bp, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data) { OSSL_STORE_LOADER_CTX *ctx = NULL; diff --git a/include/crypto/asn1.h b/include/crypto/asn1.h index 08018e4cf1..0d5d2116de 100644 --- a/include/crypto/asn1.h +++ b/include/crypto/asn1.h @@ -76,13 +76,13 @@ struct evp_pkey_asn1_method_st { /* Exports and imports to / from providers */ size_t (*dirty_cnt) (const EVP_PKEY *pk); int (*export_to) (const EVP_PKEY *pk, void *to_keydata, - EVP_KEYMGMT *to_keymgmt, OPENSSL_CTX *libctx, + EVP_KEYMGMT *to_keymgmt, OSSL_LIB_CTX *libctx, const char *propq); OSSL_CALLBACK *import_from; int (*priv_decode_ex) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq); } /* EVP_PKEY_ASN1_METHOD */ ; diff --git a/include/crypto/bn.h b/include/crypto/bn.h index f2cb30de0a..c1d5b2b3ec 100644 --- a/include/crypto/bn.h +++ b/include/crypto/bn.h @@ -110,7 +110,7 @@ int bn_rsa_fips186_4_derive_prime(BIGNUM *Y, BIGNUM *X, const BIGNUM *Xin, const BIGNUM *r1, const BIGNUM *r2, int nlen, const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb); -OPENSSL_CTX *bn_get_lib_ctx(BN_CTX *ctx); +OSSL_LIB_CTX *bn_get_libctx(BN_CTX *ctx); extern const BIGNUM bn_inv_sqrt_2; diff --git a/include/crypto/decoder.h b/include/crypto/decoder.h index f025b3ec37..f19e8bf841 100644 --- a/include/crypto/decoder.h +++ b/include/crypto/decoder.h @@ -12,7 +12,7 @@ # include -OSSL_DECODER *ossl_decoder_fetch_by_number(OPENSSL_CTX *libctx, +OSSL_DECODER *ossl_decoder_fetch_by_number(OSSL_LIB_CTX *libctx, int id, const char *properties); @@ -33,7 +33,7 @@ int ossl_decoder_ctx_add_decoder_inst(OSSL_DECODER_CTX *ctx, int ossl_decoder_ctx_setup_for_EVP_PKEY(OSSL_DECODER_CTX *ctx, EVP_PKEY **pkey, const char *keytype, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propquery); #endif diff --git a/include/crypto/dh.h b/include/crypto/dh.h index e419993cfe..cd7e1e4a89 100644 --- a/include/crypto/dh.h +++ b/include/crypto/dh.h @@ -11,8 +11,8 @@ #include #include "internal/ffc.h" -DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid); -DH *dh_new_ex(OPENSSL_CTX *libctx); +DH *dh_new_by_nid_ex(OSSL_LIB_CTX *libctx, int nid); +DH *dh_new_ex(OSSL_LIB_CTX *libctx); int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits, BN_GENCB *cb); @@ -40,4 +40,4 @@ int dh_KDF_X9_42_asn1(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, const char *cek_alg, const unsigned char *ukm, size_t ukmlen, const EVP_MD *md, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); diff --git a/include/crypto/dsa.h b/include/crypto/dsa.h index 7fe9f3ad9b..759fa4cce4 100644 --- a/include/crypto/dsa.h +++ b/include/crypto/dsa.h @@ -14,7 +14,7 @@ #define DSA_PARAMGEN_TYPE_FIPS_186_4 0 /* Use FIPS186-4 standard */ #define DSA_PARAMGEN_TYPE_FIPS_186_2 1 /* Use legacy FIPS186-2 standard */ -DSA *dsa_new_with_ctx(OPENSSL_CTX *libctx); +DSA *dsa_new_with_ctx(OSSL_LIB_CTX *libctx); int dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits, BN_GENCB *cb); diff --git a/include/crypto/ec.h b/include/crypto/ec.h index 8e8fa3d825..ffd5f19071 100644 --- a/include/crypto/ec.h +++ b/include/crypto/ec.h @@ -47,19 +47,20 @@ __owur int ec_group_do_inverse_ord(const EC_GROUP *group, BIGNUM *res, int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, const unsigned char *sinfo, size_t sinfolen, - const EVP_MD *md, OPENSSL_CTX *libctx, const char *propq); + const EVP_MD *md, OSSL_LIB_CTX *libctx, const char *propq); int ec_key_public_check(const EC_KEY *eckey, BN_CTX *ctx); int ec_key_private_check(const EC_KEY *eckey); int ec_key_pairwise_check(const EC_KEY *eckey, BN_CTX *ctx); -OPENSSL_CTX *ec_key_get_libctx(const EC_KEY *eckey); +OSSL_LIB_CTX *ec_key_get_libctx(const EC_KEY *eckey); const char *ec_key_get0_propq(const EC_KEY *eckey); const char *ec_curve_nid2name(int nid); int ec_curve_name2nid(const char *name); /* Backend support */ int ec_group_todata(const EC_GROUP *group, OSSL_PARAM_BLD *tmpl, - OSSL_PARAM params[], OPENSSL_CTX *libctx, const char *propq, + OSSL_PARAM params[], OSSL_LIB_CTX *libctx, + const char *propq, BN_CTX *bnctx, unsigned char **genbuf); int ec_group_fromdata(EC_KEY *ec, const OSSL_PARAM params[]); int ec_key_fromdata(EC_KEY *ecx, const OSSL_PARAM params[], int include_private); diff --git a/include/crypto/ecx.h b/include/crypto/ecx.h index 8730f93872..4771df5fb6 100644 --- a/include/crypto/ecx.h +++ b/include/crypto/ecx.h @@ -61,7 +61,7 @@ typedef enum { : EVP_PKEY_ED448))) struct ecx_key_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; unsigned int haspubkey:1; unsigned char pubkey[MAX_KEYLEN]; @@ -75,7 +75,7 @@ struct ecx_key_st { typedef struct ecx_key_st ECX_KEY; size_t ecx_key_length(ECX_KEY_TYPE type); -ECX_KEY *ecx_key_new(OPENSSL_CTX *libctx, ECX_KEY_TYPE type, int haspubkey, +ECX_KEY *ecx_key_new(OSSL_LIB_CTX *libctx, ECX_KEY_TYPE type, int haspubkey, const char *propq); unsigned char *ecx_key_allocate_privkey(ECX_KEY *key); void ecx_key_free(ECX_KEY *key); @@ -86,23 +86,23 @@ int X25519(uint8_t out_shared_key[32], const uint8_t private_key[32], void X25519_public_from_private(uint8_t out_public_value[32], const uint8_t private_key[32]); -int ED25519_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[32], +int ED25519_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[32], const uint8_t private_key[32], const char *propq); int ED25519_sign(uint8_t *out_sig, const uint8_t *message, size_t message_len, const uint8_t public_key[32], const uint8_t private_key[32], - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int ED25519_verify(const uint8_t *message, size_t message_len, const uint8_t signature[64], const uint8_t public_key[32], - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); -int ED448_public_from_private(OPENSSL_CTX *ctx, uint8_t out_public_key[57], +int ED448_public_from_private(OSSL_LIB_CTX *ctx, uint8_t out_public_key[57], const uint8_t private_key[57], const char *propq); -int ED448_sign(OPENSSL_CTX *ctx, uint8_t *out_sig, const uint8_t *message, +int ED448_sign(OSSL_LIB_CTX *ctx, uint8_t *out_sig, const uint8_t *message, size_t message_len, const uint8_t public_key[57], const uint8_t private_key[57], const uint8_t *context, size_t context_len, const char *propq); -int ED448_verify(OPENSSL_CTX *ctx, const uint8_t *message, size_t message_len, +int ED448_verify(OSSL_LIB_CTX *ctx, const uint8_t *message, size_t message_len, const uint8_t signature[114], const uint8_t public_key[57], const uint8_t *context, size_t context_len, const char *propq); diff --git a/include/crypto/encoder.h b/include/crypto/encoder.h index 2f036456a2..a04ba93d54 100644 --- a/include/crypto/encoder.h +++ b/include/crypto/encoder.h @@ -9,5 +9,5 @@ #include -OSSL_ENCODER *ossl_encoder_fetch_by_number(OPENSSL_CTX *libctx, int id, +OSSL_ENCODER *ossl_encoder_fetch_by_number(OSSL_LIB_CTX *libctx, int id, const char *properties); diff --git a/include/crypto/evp.h b/include/crypto/evp.h index ac20b5b512..6eac2a0b63 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -42,7 +42,7 @@ struct evp_pkey_ctx_st { * Library context, property query, keytype and keymgmt associated with * this context */ - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const char *propquery; const char *keytype; EVP_KEYMGMT *keymgmt; @@ -699,7 +699,7 @@ void openssl_add_all_ciphers_int(void); void openssl_add_all_digests_int(void); void evp_cleanup_int(void); void evp_app_cleanup_int(void); -void *evp_pkey_export_to_provider(EVP_PKEY *pk, OPENSSL_CTX *libctx, +void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx, EVP_KEYMGMT **keymgmt, const char *propquery); #ifndef FIPS_MODULE @@ -801,13 +801,15 @@ void evp_encode_ctx_set_flags(EVP_ENCODE_CTX *ctx, unsigned int flags); /* Use the SRP base64 alphabet instead of the standard one */ #define EVP_ENCODE_CTX_USE_SRP_ALPHABET 2 -const EVP_CIPHER *evp_get_cipherbyname_ex(OPENSSL_CTX *libctx, const char *name); -const EVP_MD *evp_get_digestbyname_ex(OPENSSL_CTX *libctx, const char *name); +const EVP_CIPHER *evp_get_cipherbyname_ex(OSSL_LIB_CTX *libctx, + const char *name); +const EVP_MD *evp_get_digestbyname_ex(OSSL_LIB_CTX *libctx, + const char *name); int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen, const unsigned char *salt, int saltlen, int iter, const EVP_MD *digest, int keylen, unsigned char *out, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); #ifndef FIPS_MODULE /* @@ -826,7 +828,7 @@ int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params); int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params); EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int evp_pkey_name2type(const char *name); int evp_pkey_ctx_set1_id_prov(EVP_PKEY_CTX *ctx, const void *id, int len); @@ -835,8 +837,8 @@ int evp_pkey_ctx_get1_id_len_prov(EVP_PKEY_CTX *ctx, size_t *id_len); int evp_pkey_ctx_use_cached_data(EVP_PKEY_CTX *ctx); #endif /* !defined(FIPS_MODULE) */ -void evp_method_store_flush(OPENSSL_CTX *libctx); -int evp_set_default_properties_int(OPENSSL_CTX *libctx, const char *propq, +void evp_method_store_flush(OSSL_LIB_CTX *libctx); +int evp_set_default_properties_int(OSSL_LIB_CTX *libctx, const char *propq, int loadconfig); void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force); diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index 7ec745766f..1ee1991f57 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -48,8 +48,8 @@ const char *ossl_rsa_mgf_nid2name(int mgf); int ossl_rsa_oaeppss_md2nid(const EVP_MD *md); const char *ossl_rsa_oaeppss_nid2name(int md); -RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx); -OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r); +RSA *ossl_rsa_new_with_ctx(OSSL_LIB_CTX *libctx); +OSSL_LIB_CTX *ossl_rsa_get0_libctx(RSA *r); int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, const STACK_OF(BIGNUM) *exps, @@ -64,14 +64,14 @@ int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, const OSSL_PARAM params[], - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); -int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to, +int ossl_rsa_padding_check_PKCS1_type_2_TLS(OSSL_LIB_CTX *ctx, unsigned char *to, size_t tlen, const unsigned char *from, size_t flen, int client_version, int alt_version); -int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OSSL_LIB_CTX *libctx, unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, diff --git a/include/crypto/siv.h b/include/crypto/siv.h index fd39be00db..52560e704e 100644 --- a/include/crypto/siv.h +++ b/include/crypto/siv.h @@ -13,10 +13,10 @@ typedef struct siv128_context SIV128_CONTEXT; SIV128_CONTEXT *CRYPTO_siv128_new(const unsigned char *key, int klen, EVP_CIPHER *cbc, EVP_CIPHER *ctr, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int CRYPTO_siv128_init(SIV128_CONTEXT *ctx, const unsigned char *key, int klen, const EVP_CIPHER *cbc, const EVP_CIPHER *ctr, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int CRYPTO_siv128_copy_ctx(SIV128_CONTEXT *dest, SIV128_CONTEXT *src); int CRYPTO_siv128_aad(SIV128_CONTEXT *ctx, const unsigned char *aad, size_t len); diff --git a/include/crypto/x509.h b/include/crypto/x509.h index 3457d69609..6fa5d22dc6 100644 --- a/include/crypto/x509.h +++ b/include/crypto/x509.h @@ -115,7 +115,7 @@ struct X509_crl_st { void *meth_data; CRYPTO_RWLOCK *lock; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const char *propq; }; @@ -195,7 +195,7 @@ struct x509_st { /* Set on live certificates for authentication purposes */ ASN1_OCTET_STRING *distinguishing_id; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const char *propq; } /* X509 */ ; @@ -271,7 +271,7 @@ struct x509_store_ctx_st { /* X509_STORE_CTX */ /* signed via bare TA public key, rather than CA certificate */ int bare_ta_signed; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; }; @@ -305,16 +305,16 @@ int x509_set1_time(ASN1_TIME **ptm, const ASN1_TIME *tm); int x509_print_ex_brief(BIO *bio, X509 *cert, unsigned long neg_cflags); int x509v3_cache_extensions(X509 *x); int x509_init_sig_info(X509 *x); -int x509_check_issued_int(X509 *issuer, X509 *subject, OPENSSL_CTX *libctx, +int x509_check_issued_int(X509 *issuer, X509 *subject, OSSL_LIB_CTX *libctx, const char *propq); -int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq); -int x509_crl_set0_libctx(X509_CRL *x, OPENSSL_CTX *libctx, const char *propq); +int x509_set0_libctx(X509 *x, OSSL_LIB_CTX *libctx, const char *propq); +int x509_crl_set0_libctx(X509_CRL *x, OSSL_LIB_CTX *libctx, const char *propq); int x509_init_sig_info(X509 *x); int asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *type, void *data, unsigned char *md, unsigned int *len, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags); -int X509_PUBKEY_get0_libctx(OPENSSL_CTX **plibctx, const char **ppropq, +int X509_PUBKEY_get0_libctx(OSSL_LIB_CTX **plibctx, const char **ppropq, const X509_PUBKEY *key); diff --git a/include/internal/core.h b/include/internal/core.h index 8823b3c744..8499f35794 100644 --- a/include/internal/core.h +++ b/include/internal/core.h @@ -28,13 +28,13 @@ */ typedef struct ossl_method_construct_method_st { /* Create store */ - void *(*alloc_tmp_store)(OPENSSL_CTX *ctx); + void *(*alloc_tmp_store)(OSSL_LIB_CTX *ctx); /* Remove a store */ void (*dealloc_tmp_store)(void *store); /* Get an already existing method from a store */ - void *(*get)(OPENSSL_CTX *libctx, void *store, void *data); + void *(*get)(OSSL_LIB_CTX *libctx, void *store, void *data); /* Store a method in a store */ - int (*put)(OPENSSL_CTX *libctx, void *store, void *method, + int (*put)(OSSL_LIB_CTX *libctx, void *store, void *method, const OSSL_PROVIDER *prov, int operation_id, const char *name, const char *propdef, void *data); /* Construct a new method */ @@ -44,11 +44,11 @@ typedef struct ossl_method_construct_method_st { void (*destruct)(void *method, void *data); } OSSL_METHOD_CONSTRUCT_METHOD; -void *ossl_method_construct(OPENSSL_CTX *ctx, int operation_id, +void *ossl_method_construct(OSSL_LIB_CTX *ctx, int operation_id, int force_cache, OSSL_METHOD_CONSTRUCT_METHOD *mcm, void *mcm_data); -void ossl_algorithm_do_all(OPENSSL_CTX *libctx, int operation_id, +void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id, OSSL_PROVIDER *provider, int (*pre)(OSSL_PROVIDER *, int operation_id, void *data, int *result), diff --git a/include/internal/cryptlib.h b/include/internal/cryptlib.h index a01b1f15d5..e070618547 100644 --- a/include/internal/cryptlib.h +++ b/include/internal/cryptlib.h @@ -91,8 +91,8 @@ void OPENSSL_cpuid_setup(void); extern unsigned int OPENSSL_ia32cap_P[]; #endif void OPENSSL_showfatal(const char *fmta, ...); -int do_ex_data_init(OPENSSL_CTX *ctx); -void crypto_cleanup_all_ex_data_int(OPENSSL_CTX *ctx); +int do_ex_data_init(OSSL_LIB_CTX *ctx); +void crypto_cleanup_all_ex_data_int(OSSL_LIB_CTX *ctx); int openssl_init_fork_handlers(void); int openssl_get_fork_id(void); @@ -138,62 +138,62 @@ typedef struct ossl_ex_data_global_st { } OSSL_EX_DATA_GLOBAL; -/* OPENSSL_CTX */ - -# define OPENSSL_CTX_PROVIDER_STORE_RUN_ONCE_INDEX 0 -# define OPENSSL_CTX_DEFAULT_METHOD_STORE_RUN_ONCE_INDEX 1 -# define OPENSSL_CTX_METHOD_STORE_RUN_ONCE_INDEX 2 -# define OPENSSL_CTX_MAX_RUN_ONCE 3 - -# define OPENSSL_CTX_EVP_METHOD_STORE_INDEX 0 -# define OPENSSL_CTX_PROVIDER_STORE_INDEX 1 -# define OPENSSL_CTX_PROPERTY_DEFN_INDEX 2 -# define OPENSSL_CTX_PROPERTY_STRING_INDEX 3 -# define OPENSSL_CTX_NAMEMAP_INDEX 4 -# define OPENSSL_CTX_DRBG_INDEX 5 -# define OPENSSL_CTX_DRBG_NONCE_INDEX 6 -# define OPENSSL_CTX_RAND_CRNGT_INDEX 7 -# define OPENSSL_CTX_THREAD_EVENT_HANDLER_INDEX 8 -# define OPENSSL_CTX_FIPS_PROV_INDEX 9 -# define OPENSSL_CTX_ENCODER_STORE_INDEX 10 -# define OPENSSL_CTX_DECODER_STORE_INDEX 11 -# define OPENSSL_CTX_SELF_TEST_CB_INDEX 12 -# define OPENSSL_CTX_BIO_PROV_INDEX 13 -# define OPENSSL_CTX_GLOBAL_PROPERTIES 14 -# define OPENSSL_CTX_STORE_LOADER_STORE_INDEX 15 -# define OPENSSL_CTX_MAX_INDEXES 16 - -typedef struct openssl_ctx_method { - void *(*new_func)(OPENSSL_CTX *ctx); +/* OSSL_LIB_CTX */ + +# define OSSL_LIB_CTX_PROVIDER_STORE_RUN_ONCE_INDEX 0 +# define OSSL_LIB_CTX_DEFAULT_METHOD_STORE_RUN_ONCE_INDEX 1 +# define OSSL_LIB_CTX_METHOD_STORE_RUN_ONCE_INDEX 2 +# define OSSL_LIB_CTX_MAX_RUN_ONCE 3 + +# define OSSL_LIB_CTX_EVP_METHOD_STORE_INDEX 0 +# define OSSL_LIB_CTX_PROVIDER_STORE_INDEX 1 +# define OSSL_LIB_CTX_PROPERTY_DEFN_INDEX 2 +# define OSSL_LIB_CTX_PROPERTY_STRING_INDEX 3 +# define OSSL_LIB_CTX_NAMEMAP_INDEX 4 +# define OSSL_LIB_CTX_DRBG_INDEX 5 +# define OSSL_LIB_CTX_DRBG_NONCE_INDEX 6 +# define OSSL_LIB_CTX_RAND_CRNGT_INDEX 7 +# define OSSL_LIB_CTX_THREAD_EVENT_HANDLER_INDEX 8 +# define OSSL_LIB_CTX_FIPS_PROV_INDEX 9 +# define OSSL_LIB_CTX_ENCODER_STORE_INDEX 10 +# define OSSL_LIB_CTX_DECODER_STORE_INDEX 11 +# define OSSL_LIB_CTX_SELF_TEST_CB_INDEX 12 +# define OSSL_LIB_CTX_BIO_PROV_INDEX 13 +# define OSSL_LIB_CTX_GLOBAL_PROPERTIES 14 +# define OSSL_LIB_CTX_STORE_LOADER_STORE_INDEX 15 +# define OSSL_LIB_CTX_MAX_INDEXES 16 + +typedef struct ossl_lib_ctx_method { + void *(*new_func)(OSSL_LIB_CTX *ctx); void (*free_func)(void *); -} OPENSSL_CTX_METHOD; +} OSSL_LIB_CTX_METHOD; -OPENSSL_CTX *openssl_ctx_get_concrete(OPENSSL_CTX *ctx); -int openssl_ctx_is_default(OPENSSL_CTX *ctx); -int openssl_ctx_is_global_default(OPENSSL_CTX *ctx); +OSSL_LIB_CTX *ossl_lib_ctx_get_concrete(OSSL_LIB_CTX *ctx); +int ossl_lib_ctx_is_default(OSSL_LIB_CTX *ctx); +int ossl_lib_ctx_is_global_default(OSSL_LIB_CTX *ctx); /* Functions to retrieve pointers to data by index */ -void *openssl_ctx_get_data(OPENSSL_CTX *, int /* index */, - const OPENSSL_CTX_METHOD * ctx); +void *ossl_lib_ctx_get_data(OSSL_LIB_CTX *, int /* index */, + const OSSL_LIB_CTX_METHOD * ctx); -void openssl_ctx_default_deinit(void); -OSSL_EX_DATA_GLOBAL *openssl_ctx_get_ex_data_global(OPENSSL_CTX *ctx); -typedef int (openssl_ctx_run_once_fn)(OPENSSL_CTX *ctx); -typedef void (openssl_ctx_onfree_fn)(OPENSSL_CTX *ctx); +void ossl_lib_ctx_default_deinit(void); +OSSL_EX_DATA_GLOBAL *ossl_lib_ctx_get_ex_data_global(OSSL_LIB_CTX *ctx); +typedef int (ossl_lib_ctx_run_once_fn)(OSSL_LIB_CTX *ctx); +typedef void (ossl_lib_ctx_onfree_fn)(OSSL_LIB_CTX *ctx); -int openssl_ctx_run_once(OPENSSL_CTX *ctx, unsigned int idx, - openssl_ctx_run_once_fn run_once_fn); -int openssl_ctx_onfree(OPENSSL_CTX *ctx, openssl_ctx_onfree_fn onfreefn); +int ossl_lib_ctx_run_once(OSSL_LIB_CTX *ctx, unsigned int idx, + ossl_lib_ctx_run_once_fn run_once_fn); +int ossl_lib_ctx_onfree(OSSL_LIB_CTX *ctx, ossl_lib_ctx_onfree_fn onfreefn); -OPENSSL_CTX *crypto_ex_data_get_openssl_ctx(const CRYPTO_EX_DATA *ad); -int crypto_new_ex_data_ex(OPENSSL_CTX *ctx, int class_index, void *obj, +OSSL_LIB_CTX *crypto_ex_data_get_ossl_lib_ctx(const CRYPTO_EX_DATA *ad); +int crypto_new_ex_data_ex(OSSL_LIB_CTX *ctx, int class_index, void *obj, CRYPTO_EX_DATA *ad); -int crypto_get_ex_new_index_ex(OPENSSL_CTX *ctx, int class_index, +int crypto_get_ex_new_index_ex(OSSL_LIB_CTX *ctx, int class_index, long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); -int crypto_free_ex_index_ex(OPENSSL_CTX *ctx, int class_index, int idx); +int crypto_free_ex_index_ex(OSSL_LIB_CTX *ctx, int class_index, int idx); /* Function for simple binary search */ diff --git a/include/internal/ffc.h b/include/internal/ffc.h index 37ebbb5c8e..3e5d98f8e1 100644 --- a/include/internal/ffc.h +++ b/include/internal/ffc.h @@ -145,28 +145,28 @@ int ossl_ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent); #endif /* FIPS_MODULE */ -int ossl_ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, +int ossl_ffc_params_FIPS186_4_generate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int type, size_t L, size_t N, int *res, BN_GENCB *cb); -int ossl_ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, +int ossl_ffc_params_FIPS186_2_generate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int type, size_t L, size_t N, int *res, BN_GENCB *cb); -int ossl_ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_4_gen_verify(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int mode, int type, size_t L, size_t N, int *res, BN_GENCB *cb); -int ossl_ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_2_gen_verify(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int mode, int type, size_t L, size_t N, int *res, BN_GENCB *cb); -int ossl_ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, +int ossl_ffc_params_simple_validate(OSSL_LIB_CTX *libctx, FFC_PARAMS *params, int type); -int ossl_ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_4_validate(OSSL_LIB_CTX *libctx, const FFC_PARAMS *params, int type, int *res, BN_GENCB *cb); -int ossl_ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, +int ossl_ffc_params_FIPS186_2_validate(OSSL_LIB_CTX *libctx, const FFC_PARAMS *params, int type, int *res, BN_GENCB *cb); diff --git a/include/internal/namemap.h b/include/internal/namemap.h index d33f4b0d4e..a6c2597e79 100644 --- a/include/internal/namemap.h +++ b/include/internal/namemap.h @@ -11,7 +11,7 @@ typedef struct ossl_namemap_st OSSL_NAMEMAP; -OSSL_NAMEMAP *ossl_namemap_stored(OPENSSL_CTX *libctx); +OSSL_NAMEMAP *ossl_namemap_stored(OSSL_LIB_CTX *libctx); OSSL_NAMEMAP *ossl_namemap_new(void); void ossl_namemap_free(OSSL_NAMEMAP *namemap); diff --git a/include/internal/property.h b/include/internal/property.h index cd3982549d..f2682a1fed 100644 --- a/include/internal/property.h +++ b/include/internal/property.h @@ -17,23 +17,23 @@ typedef struct ossl_method_store_st OSSL_METHOD_STORE; typedef struct ossl_property_list_st OSSL_PROPERTY_LIST; /* Initialisation */ -int ossl_property_parse_init(OPENSSL_CTX *ctx); +int ossl_property_parse_init(OSSL_LIB_CTX *ctx); /* Property definition parser */ -OSSL_PROPERTY_LIST *ossl_parse_property(OPENSSL_CTX *ctx, const char *defn); +OSSL_PROPERTY_LIST *ossl_parse_property(OSSL_LIB_CTX *ctx, const char *defn); /* Property query parser */ -OSSL_PROPERTY_LIST *ossl_parse_query(OPENSSL_CTX *ctx, const char *s); +OSSL_PROPERTY_LIST *ossl_parse_query(OSSL_LIB_CTX *ctx, const char *s); /* Property checker of query vs definition */ int ossl_property_match_count(const OSSL_PROPERTY_LIST *query, const OSSL_PROPERTY_LIST *defn); -int ossl_property_is_enabled(OPENSSL_CTX *ctx, const char *property_name, +int ossl_property_is_enabled(OSSL_LIB_CTX *ctx, const char *property_name, const OSSL_PROPERTY_LIST *prop_list); /* Free a parsed property list */ void ossl_property_free(OSSL_PROPERTY_LIST *p); /* Implementation store functions */ -OSSL_METHOD_STORE *ossl_method_store_new(OPENSSL_CTX *ctx); +OSSL_METHOD_STORE *ossl_method_store_new(OSSL_LIB_CTX *ctx); void ossl_method_store_free(OSSL_METHOD_STORE *store); int ossl_method_store_add(OSSL_METHOD_STORE *store, const OSSL_PROVIDER *prov, int nid, const char *properties, void *method, @@ -45,7 +45,8 @@ int ossl_method_store_fetch(OSSL_METHOD_STORE *store, int nid, const char *prop_query, void **method); /* Get the global properties associate with the specified library context */ -OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OPENSSL_CTX *ctx, int loadconfig); +OSSL_PROPERTY_LIST **ossl_ctx_global_properties(OSSL_LIB_CTX *ctx, + int loadconfig); /* property query cache functions */ int ossl_method_store_cache_get(OSSL_METHOD_STORE *store, int nid, diff --git a/include/internal/provider.h b/include/internal/provider.h index 0930e56744..ab36c93b32 100644 --- a/include/internal/provider.h +++ b/include/internal/provider.h @@ -27,9 +27,9 @@ extern "C" { */ /* Provider Object finder, constructor and destructor */ -OSSL_PROVIDER *ossl_provider_find(OPENSSL_CTX *libctx, const char *name, +OSSL_PROVIDER *ossl_provider_find(OSSL_LIB_CTX *libctx, const char *name, int noconfig); -OSSL_PROVIDER *ossl_provider_new(OPENSSL_CTX *libctx, const char *name, +OSSL_PROVIDER *ossl_provider_new(OSSL_LIB_CTX *libctx, const char *name, OSSL_provider_init_fn *init_function, int noconfig); int ossl_provider_up_ref(OSSL_PROVIDER *prov); @@ -42,7 +42,7 @@ int ossl_provider_add_parameter(OSSL_PROVIDER *prov, const char *name, const char *value); /* Disable fallback loading */ -int ossl_provider_disable_fallback_loading(OPENSSL_CTX *libctx); +int ossl_provider_disable_fallback_loading(OSSL_LIB_CTX *libctx); /* * Activate the Provider @@ -57,7 +57,7 @@ int ossl_provider_available(OSSL_PROVIDER *prov); void *ossl_provider_ctx(const OSSL_PROVIDER *prov); /* Iterate over all loaded providers */ -int ossl_provider_forall_loaded(OPENSSL_CTX *, +int ossl_provider_forall_loaded(OSSL_LIB_CTX *, int (*cb)(OSSL_PROVIDER *provider, void *cbdata), void *cbdata); @@ -68,7 +68,7 @@ const DSO *ossl_provider_dso(const OSSL_PROVIDER *prov); const char *ossl_provider_module_name(const OSSL_PROVIDER *prov); const char *ossl_provider_module_path(const OSSL_PROVIDER *prov); void *ossl_provider_prov_ctx(const OSSL_PROVIDER *prov); -OPENSSL_CTX *ossl_provider_library_context(const OSSL_PROVIDER *prov); +OSSL_LIB_CTX *ossl_provider_libctx(const OSSL_PROVIDER *prov); /* Thin wrappers around calls to the provider */ void ossl_provider_teardown(const OSSL_PROVIDER *prov); diff --git a/include/internal/thread_once.h b/include/internal/thread_once.h index cbc9cc1e6d..d16c924998 100644 --- a/include/internal/thread_once.h +++ b/include/internal/thread_once.h @@ -12,7 +12,7 @@ /* * Initialisation of global data should never happen via "RUN_ONCE" inside the * FIPS module. Global data should instead always be associated with a specific - * OPENSSL_CTX object. In this way data will get cleaned up correctly when the + * OSSL_LIB_CTX object. In this way data will get cleaned up correctly when the * module gets unloaded. */ #if !defined(FIPS_MODULE) || defined(ALLOW_RUN_ONCE_IN_FIPS) diff --git a/include/openssl/asn1.h.in b/include/openssl/asn1.h.in index 878c7e43f2..27476a215f 100644 --- a/include/openssl/asn1.h.in +++ b/include/openssl/asn1.h.in @@ -736,12 +736,12 @@ void *ASN1_item_dup(const ASN1_ITEM *it, const void *x); int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, const void *data, const ASN1_OCTET_STRING *id, - EVP_PKEY *pkey, const EVP_MD *md, OPENSSL_CTX *libctx, + EVP_PKEY *pkey, const EVP_MD *md, OSSL_LIB_CTX *libctx, const char *propq); int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg, const ASN1_BIT_STRING *signature, const void *data, const ASN1_OCTET_STRING *id, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); /* ASN1 alloc/free macros for when a type is only used internally */ @@ -912,7 +912,7 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); ASN1_VALUE *SMIME_read_ASN1_ex(BIO *bio, BIO **bcont, const ASN1_ITEM *it, ASN1_VALUE **x); diff --git a/include/openssl/bn.h b/include/openssl/bn.h index cafb66e905..f3c8ab956b 100644 --- a/include/openssl/bn.h +++ b/include/openssl/bn.h @@ -206,9 +206,9 @@ void BN_zero_ex(BIGNUM *a); const BIGNUM *BN_value_one(void); char *BN_options(void); -BN_CTX *BN_CTX_new_ex(OPENSSL_CTX *ctx); +BN_CTX *BN_CTX_new_ex(OSSL_LIB_CTX *ctx); BN_CTX *BN_CTX_new(void); -BN_CTX *BN_CTX_secure_new_ex(OPENSSL_CTX *ctx); +BN_CTX *BN_CTX_secure_new_ex(OSSL_LIB_CTX *ctx); BN_CTX *BN_CTX_secure_new(void); void BN_CTX_free(BN_CTX *c); void BN_CTX_start(BN_CTX *ctx); diff --git a/include/openssl/cmp.h.in b/include/openssl/cmp.h.in index 0df3777e3c..94c8ccf978 100644 --- a/include/openssl/cmp.h.in +++ b/include/openssl/cmp.h.in @@ -259,7 +259,7 @@ void OSSL_CMP_ITAV_free(OSSL_CMP_ITAV *itav); void OSSL_CMP_MSG_free(OSSL_CMP_MSG *msg); /* from cmp_ctx.c */ -OSSL_CMP_CTX *OSSL_CMP_CTX_new(OPENSSL_CTX *libctx, const char *propq); +OSSL_CMP_CTX *OSSL_CMP_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); void OSSL_CMP_CTX_free(OSSL_CMP_CTX *ctx); int OSSL_CMP_CTX_reinit(OSSL_CMP_CTX *ctx); /* various CMP options: */ @@ -396,7 +396,7 @@ OSSL_CMP_MSG *OSSL_CMP_SRV_process_request(OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req); OSSL_CMP_MSG * OSSL_CMP_CTX_server_perform(OSSL_CMP_CTX *client_ctx, const OSSL_CMP_MSG *req); -OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OPENSSL_CTX *libctx, const char *propq); +OSSL_CMP_SRV_CTX *OSSL_CMP_SRV_CTX_new(OSSL_LIB_CTX *libctx, const char *propq); void OSSL_CMP_SRV_CTX_free(OSSL_CMP_SRV_CTX *srv_ctx); typedef OSSL_CMP_PKISI *(*OSSL_CMP_SRV_cert_request_cb_t) (OSSL_CMP_SRV_CTX *srv_ctx, const OSSL_CMP_MSG *req, int certReqId, diff --git a/include/openssl/cms.h.in b/include/openssl/cms.h.in index 1f301aa40f..5ffd3b4405 100644 --- a/include/openssl/cms.h.in +++ b/include/openssl/cms.h.in @@ -53,7 +53,7 @@ DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo) DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest) DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo) -CMS_ContentInfo *CMS_ContentInfo_new_ex(OPENSSL_CTX *libctx, const char *propq); +CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq); # define CMS_SIGNERINFO_ISSUER_SERIAL 0 # define CMS_SIGNERINFO_KEYIDENTIFIER 1 @@ -125,7 +125,7 @@ CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, unsigned int flags); CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, - unsigned int flags, OPENSSL_CTX *ctx, + unsigned int flags, OSSL_LIB_CTX *ctx, const char *propq); CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, @@ -135,14 +135,14 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags); CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); + OSSL_LIB_CTX *ctx, const char *propq); int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, unsigned int flags); CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, unsigned int flags); CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, - unsigned int flags, OPENSSL_CTX *ctx, + unsigned int flags, OSSL_LIB_CTX *ctx, const char *propq); int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, @@ -155,7 +155,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen, unsigned int flags, - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, const char *propq); int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, @@ -174,7 +174,7 @@ CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags); CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, unsigned int flags, - OPENSSL_CTX *ctx, const char *propq); + OSSL_LIB_CTX *ctx, const char *propq); int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont, BIO *out, unsigned int flags); @@ -193,11 +193,11 @@ int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher); CMS_ContentInfo * -CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *ctx, +CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *ctx, const char *propq); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, - OPENSSL_CTX *ctx, + OSSL_LIB_CTX *ctx, const char *propq); CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, @@ -342,7 +342,7 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( unsigned char *id, int idlen, int allorfirst, STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo, - OPENSSL_CTX *ctx, const char *propq); + OSSL_LIB_CTX *ctx, const char *propq); int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr); void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, diff --git a/include/openssl/conf.h.in b/include/openssl/conf.h.in index f436bd834a..c57c50a77f 100644 --- a/include/openssl/conf.h.in +++ b/include/openssl/conf.h.in @@ -119,10 +119,10 @@ struct conf_st { void *meth_data; LHASH_OF(CONF_VALUE) *data; unsigned int flag_dollarid:1; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; }; -CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth); +CONF *NCONF_new_ex(OSSL_LIB_CTX *libctx, CONF_METHOD *meth); CONF *NCONF_new(CONF_METHOD *meth); CONF_METHOD *NCONF_default(void); DEPRECATEDIN_3_0(CONF_METHOD *NCONF_WIN32(void)) @@ -150,7 +150,7 @@ int NCONF_dump_bio(const CONF *conf, BIO *out); int CONF_modules_load(const CONF *cnf, const char *appname, unsigned long flags); -int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename, +int CONF_modules_load_file_ex(OSSL_LIB_CTX *libctx, const char *filename, const char *appname, unsigned long flags); int CONF_modules_load_file(const char *filename, const char *appname, unsigned long flags); diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 63105d6629..249d5e2506 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -66,8 +66,8 @@ OSSL_CORE_MAKE_FUNC(int,core_get_params,(const OSSL_CORE_HANDLE *prov, # define OSSL_FUNC_CORE_THREAD_START 3 OSSL_CORE_MAKE_FUNC(int,core_thread_start,(const OSSL_CORE_HANDLE *prov, OSSL_thread_stop_handler_fn handfn)) -# define OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT 4 -OSSL_CORE_MAKE_FUNC(OPENSSL_CORE_CTX *,core_get_library_context, +# define OSSL_FUNC_CORE_GET_LIBCTX 4 +OSSL_CORE_MAKE_FUNC(OPENSSL_CORE_CTX *,core_get_libctx, (const OSSL_CORE_HANDLE *prov)) # define OSSL_FUNC_CORE_NEW_ERROR 5 OSSL_CORE_MAKE_FUNC(void,core_new_error,(const OSSL_CORE_HANDLE *prov)) diff --git a/include/openssl/crmf.h.in b/include/openssl/crmf.h.in index bc81bf591a..73d4a0f1f0 100644 --- a/include/openssl/crmf.h.in +++ b/include/openssl/crmf.h.in @@ -77,10 +77,10 @@ DECLARE_ASN1_FUNCTIONS(OSSL_CRMF_MSGS) typedef struct ossl_crmf_optionalvalidity_st OSSL_CRMF_OPTIONALVALIDITY; /* crmf_pbm.c */ -OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OPENSSL_CTX *libctx, size_t slen, +OSSL_CRMF_PBMPARAMETER *OSSL_CRMF_pbmp_new(OSSL_LIB_CTX *libctx, size_t slen, int owfnid, size_t itercnt, int macnid); -int OSSL_CRMF_pbm_new(OPENSSL_CTX *libctx, const char *propq, +int OSSL_CRMF_pbm_new(OSSL_LIB_CTX *libctx, const char *propq, const OSSL_CRMF_PBMPARAMETER *pbmp, const unsigned char *msg, size_t msglen, const unsigned char *sec, size_t seclen, @@ -132,10 +132,10 @@ int OSSL_CRMF_MSG_push0_extension(OSSL_CRMF_MSG *crm, X509_EXTENSION *ext); # define OSSL_CRMF_POPO_KEYAGREE 3 int OSSL_CRMF_MSG_create_popo(int meth, OSSL_CRMF_MSG *crm, EVP_PKEY *pkey, const EVP_MD *digest, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs, int rid, int acceptRAVerified, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); OSSL_CRMF_CERTTEMPLATE *OSSL_CRMF_MSG_get0_tmpl(const OSSL_CRMF_MSG *crm); ASN1_INTEGER *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl); @@ -151,7 +151,7 @@ int OSSL_CRMF_CERTTEMPLATE_fill(OSSL_CRMF_CERTTEMPLATE *tmpl, const ASN1_INTEGER *serial); X509 *OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert(const OSSL_CRMF_ENCRYPTEDVALUE *ecert, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, EVP_PKEY *pkey); # ifdef __cplusplus diff --git a/include/openssl/crypto.h.in b/include/openssl/crypto.h.in index 51f1977274..b84712f227 100644 --- a/include/openssl/crypto.h.in +++ b/include/openssl/crypto.h.in @@ -173,7 +173,7 @@ const char *OPENSSL_info(int type); int OPENSSL_issetugid(void); struct crypto_ex_data_st { - OPENSSL_CTX *ctx; + OSSL_LIB_CTX *ctx; STACK_OF(void) *sk; }; @@ -202,7 +202,7 @@ struct crypto_ex_data_st { # define CRYPTO_EX_INDEX_UI_METHOD 14 # define CRYPTO_EX_INDEX_RAND_DRBG 15 # define CRYPTO_EX_INDEX_DRBG CRYPTO_EX_INDEX_RAND_DRBG -# define CRYPTO_EX_INDEX_OPENSSL_CTX 16 +# define CRYPTO_EX_INDEX_OSSL_LIB_CTX 16 # define CRYPTO_EX_INDEX_EVP_PKEY 17 # define CRYPTO_EX_INDEX__COUNT 18 @@ -449,7 +449,7 @@ void OPENSSL_cleanup(void); int OPENSSL_init_crypto(uint64_t opts, const OPENSSL_INIT_SETTINGS *settings); int OPENSSL_atexit(void (*handler)(void)); void OPENSSL_thread_stop(void); -void OPENSSL_thread_stop_ex(OPENSSL_CTX *ctx); +void OPENSSL_thread_stop_ex(OSSL_LIB_CTX *ctx); /* Low-level control of initialization */ OPENSSL_INIT_SETTINGS *OPENSSL_INIT_new(void); @@ -506,10 +506,10 @@ int CRYPTO_THREAD_cleanup_local(CRYPTO_THREAD_LOCAL *key); CRYPTO_THREAD_ID CRYPTO_THREAD_get_current_id(void); int CRYPTO_THREAD_compare_id(CRYPTO_THREAD_ID a, CRYPTO_THREAD_ID b); -OPENSSL_CTX *OPENSSL_CTX_new(void); -int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file); -void OPENSSL_CTX_free(OPENSSL_CTX *); -OPENSSL_CTX *OPENSSL_CTX_set0_default(OPENSSL_CTX *libctx); +OSSL_LIB_CTX *OSSL_LIB_CTX_new(void); +int OSSL_LIB_CTX_load_config(OSSL_LIB_CTX *ctx, const char *config_file); +void OSSL_LIB_CTX_free(OSSL_LIB_CTX *); +OSSL_LIB_CTX *OSSL_LIB_CTX_set0_default(OSSL_LIB_CTX *libctx); # ifdef __cplusplus } diff --git a/include/openssl/ct.h.in b/include/openssl/ct.h.in index 1b056a880a..16086b33bd 100644 --- a/include/openssl/ct.h.in +++ b/include/openssl/ct.h.in @@ -83,7 +83,7 @@ typedef enum { * The caller is responsible for calling CT_POLICY_EVAL_CTX_free when finished * with the CT_POLICY_EVAL_CTX. */ -CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx, +CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq); /* @@ -433,7 +433,7 @@ SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len); * Returns NULL if malloc fails or if |public_key| cannot be converted to DER. * Should be deleted by the caller using CTLOG_free when no longer needed. */ -CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OPENSSL_CTX *libctx, +CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OSSL_LIB_CTX *libctx, const char *propq); /* @@ -451,7 +451,7 @@ CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name); * Should be deleted by the caller using CTLOG_free when no longer needed. */ int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64, - const char *name, OPENSSL_CTX *libctx, + const char *name, OSSL_LIB_CTX *libctx, const char *propq); /* @@ -484,7 +484,7 @@ EVP_PKEY *CTLOG_get0_public_key(const CTLOG *log); * property query string. * Should be deleted by the caller using CTLOG_STORE_free when no longer needed. */ -CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq); +CTLOG_STORE *CTLOG_STORE_new_ex(OSSL_LIB_CTX *libctx, const char *propq); /* * Same as CTLOG_STORE_new_ex except that the default libctx and diff --git a/include/openssl/decoder.h b/include/openssl/decoder.h index 1eb1cbe543..1c6bc8e498 100644 --- a/include/openssl/decoder.h +++ b/include/openssl/decoder.h @@ -26,7 +26,7 @@ extern "C" { # endif -OSSL_DECODER *OSSL_DECODER_fetch(OPENSSL_CTX *libctx, const char *name, +OSSL_DECODER *OSSL_DECODER_fetch(OSSL_LIB_CTX *libctx, const char *name, const char *properties); int OSSL_DECODER_up_ref(OSSL_DECODER *encoder); void OSSL_DECODER_free(OSSL_DECODER *encoder); @@ -36,7 +36,7 @@ const char *OSSL_DECODER_properties(const OSSL_DECODER *encoder); int OSSL_DECODER_number(const OSSL_DECODER *encoder); int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name); -void OSSL_DECODER_do_all_provided(OPENSSL_CTX *libctx, +void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_DECODER *encoder, void *arg), void *arg); void OSSL_DECODER_names_do_all(const OSSL_DECODER *encoder, @@ -72,7 +72,7 @@ int OSSL_DECODER_CTX_set_input_type(OSSL_DECODER_CTX *ctx, const char *input_type); int OSSL_DECODER_CTX_add_decoder(OSSL_DECODER_CTX *ctx, OSSL_DECODER *decoder); int OSSL_DECODER_CTX_add_extra(OSSL_DECODER_CTX *ctx, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int OSSL_DECODER_CTX_get_num_decoders(OSSL_DECODER_CTX *ctx); typedef struct ossl_decoder_instance_st OSSL_DECODER_INSTANCE; @@ -116,7 +116,7 @@ int OSSL_DECODER_from_data(OSSL_DECODER_CTX *ctx, const unsigned char **pdata, OSSL_DECODER_CTX * OSSL_DECODER_CTX_new_by_EVP_PKEY(EVP_PKEY **pkey, const char *input_type, const char *keytype, - OPENSSL_CTX *libctx, const char *propquery); + OSSL_LIB_CTX *libctx, const char *propquery); # ifdef __cplusplus } diff --git a/include/openssl/ec.h b/include/openssl/ec.h index 5876b2a31c..0d41ef8297 100644 --- a/include/openssl/ec.h +++ b/include/openssl/ec.h @@ -391,7 +391,7 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a, * if an error occurred */ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); /** * Creates a EC_GROUP object with a curve specified by a NID @@ -402,7 +402,7 @@ EC_GROUP *EC_GROUP_new_from_params(const OSSL_PARAM params[], * \return newly created EC_GROUP object with specified curve or NULL * if an error occurred */ -EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq, +EC_GROUP *EC_GROUP_new_by_curve_name_ex(OSSL_LIB_CTX *libctx, const char *propq, int nid); /** @@ -882,7 +882,7 @@ int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off); * which case the default library context is used. * \return EC_KEY object or NULL if an error occurred. */ -EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq); +EC_KEY *EC_KEY_new_ex(OSSL_LIB_CTX *ctx, const char *propq); /** * Creates a new EC_KEY object. Same as calling EC_KEY_new_ex with a @@ -908,7 +908,7 @@ int EC_KEY_decoded_from_explicit_params(const EC_KEY *key); * \param nid NID of the named curve. * \return EC_KEY object or NULL if an error occurred. */ -EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq, +EC_KEY *EC_KEY_new_by_curve_name_ex(OSSL_LIB_CTX *ctx, const char *propq, int nid); /** diff --git a/include/openssl/encoder.h b/include/openssl/encoder.h index 2d8871df12..669f688b2d 100644 --- a/include/openssl/encoder.h +++ b/include/openssl/encoder.h @@ -26,7 +26,7 @@ extern "C" { # endif -OSSL_ENCODER *OSSL_ENCODER_fetch(OPENSSL_CTX *libctx, const char *name, +OSSL_ENCODER *OSSL_ENCODER_fetch(OSSL_LIB_CTX *libctx, const char *name, const char *properties); int OSSL_ENCODER_up_ref(OSSL_ENCODER *encoder); void OSSL_ENCODER_free(OSSL_ENCODER *encoder); @@ -36,7 +36,7 @@ const char *OSSL_ENCODER_properties(const OSSL_ENCODER *encoder); int OSSL_ENCODER_number(const OSSL_ENCODER *encoder); int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name); -void OSSL_ENCODER_do_all_provided(OPENSSL_CTX *libctx, +void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_ENCODER *encoder, void *arg), void *arg); void OSSL_ENCODER_names_do_all(const OSSL_ENCODER *encoder, @@ -72,7 +72,7 @@ int OSSL_ENCODER_CTX_set_selection(OSSL_ENCODER_CTX *ctx, int selection); /* Utilities to add encoders */ int OSSL_ENCODER_CTX_add_encoder(OSSL_ENCODER_CTX *ctx, OSSL_ENCODER *encoder); int OSSL_ENCODER_CTX_add_extra(OSSL_ENCODER_CTX *ctx, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int OSSL_ENCODER_CTX_get_num_encoders(OSSL_ENCODER_CTX *ctx); typedef struct ossl_encoder_instance_st OSSL_ENCODER_INSTANCE; @@ -112,7 +112,7 @@ int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata, OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey, const char *output_type, int selection, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propquery); # ifdef __cplusplus diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 5527709be0..326289a1dd 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -79,9 +79,9 @@ extern "C" { #endif -int EVP_set_default_properties(OPENSSL_CTX *libctx, const char *propq); -int EVP_default_properties_is_fips_enabled(OPENSSL_CTX *libctx); -int EVP_default_properties_enable_fips(OPENSSL_CTX *libctx, int enable); +int EVP_set_default_properties(OSSL_LIB_CTX *libctx, const char *propq); +int EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX *libctx); +int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable); # define EVP_PKEY_MO_SIGN 0x0001 # define EVP_PKEY_MO_VERIFY 0x0002 @@ -524,7 +524,7 @@ int EVP_CIPHER_key_length(const EVP_CIPHER *cipher); int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher); unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher); int EVP_CIPHER_mode(const EVP_CIPHER *cipher); -EVP_CIPHER *EVP_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_CIPHER_up_ref(EVP_CIPHER *cipher); void EVP_CIPHER_free(EVP_CIPHER *cipher); @@ -628,7 +628,7 @@ __owur int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, __owur int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t len); -__owur EVP_MD *EVP_MD_fetch(OPENSSL_CTX *ctx, const char *algorithm, +__owur EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_MD_up_ref(EVP_MD *md); @@ -692,7 +692,7 @@ __owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, __owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, EVP_PKEY *pkey); __owur int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s, - EVP_PKEY *pkey, OPENSSL_CTX *libctx, + EVP_PKEY *pkey, OSSL_LIB_CTX *libctx, const char *propq); __owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, @@ -703,14 +703,14 @@ __owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); __owur int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); __owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret, size_t siglen, const unsigned char *tbs, size_t tbslen); int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, OPENSSL_CTX *libctx, + const char *mdname, OSSL_LIB_CTX *libctx, const char *props, EVP_PKEY *pkey); /*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, @@ -720,7 +720,7 @@ __owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen); int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, - const char *mdname, OPENSSL_CTX *libctx, + const char *mdname, OSSL_LIB_CTX *libctx, const char *props, EVP_PKEY *pkey); __owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, const EVP_MD *type, ENGINE *e, @@ -1072,7 +1072,7 @@ void EVP_CIPHER_do_all(void (*fn) (const EVP_CIPHER *ciph, void EVP_CIPHER_do_all_sorted(void (*fn) (const EVP_CIPHER *ciph, const char *from, const char *to, void *x), void *arg); -void EVP_CIPHER_do_all_provided(OPENSSL_CTX *libctx, +void EVP_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_CIPHER *cipher, void *arg), void *arg); @@ -1082,13 +1082,13 @@ void EVP_MD_do_all(void (*fn) (const EVP_MD *ciph, void EVP_MD_do_all_sorted(void (*fn) (const EVP_MD *ciph, const char *from, const char *to, void *x), void *arg); -void EVP_MD_do_all_provided(OPENSSL_CTX *libctx, +void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_MD *md, void *arg), void *arg); /* MAC stuff */ -EVP_MAC *EVP_MAC_fetch(OPENSSL_CTX *libctx, const char *algorithm, +EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties); int EVP_MAC_up_ref(EVP_MAC *mac); void EVP_MAC_free(EVP_MAC *mac); @@ -1114,7 +1114,7 @@ const OSSL_PARAM *EVP_MAC_gettable_params(const EVP_MAC *mac); const OSSL_PARAM *EVP_MAC_gettable_ctx_params(const EVP_MAC *mac); const OSSL_PARAM *EVP_MAC_settable_ctx_params(const EVP_MAC *mac); -void EVP_MAC_do_all_provided(OPENSSL_CTX *libctx, +void EVP_MAC_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_MAC *mac, void *arg), void *arg); void EVP_MAC_names_do_all(const EVP_MAC *mac, @@ -1122,7 +1122,7 @@ void EVP_MAC_names_do_all(const EVP_MAC *mac, void *data); /* RAND stuff */ -EVP_RAND *EVP_RAND_fetch(OPENSSL_CTX *libctx, const char *algorithm, +EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties); int EVP_RAND_up_ref(EVP_RAND *rand); void EVP_RAND_free(EVP_RAND *rand); @@ -1141,7 +1141,7 @@ const OSSL_PARAM *EVP_RAND_gettable_params(const EVP_RAND *rand); const OSSL_PARAM *EVP_RAND_gettable_ctx_params(const EVP_RAND *rand); const OSSL_PARAM *EVP_RAND_settable_ctx_params(const EVP_RAND *rand); -void EVP_RAND_do_all_provided(OPENSSL_CTX *libctx, +void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_RAND *rand, void *arg), void *arg); void EVP_RAND_names_do_all(const EVP_RAND *rand, @@ -1242,11 +1242,12 @@ int i2d_PublicKey(const EVP_PKEY *a, unsigned char **pp); EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp, - long length, OPENSSL_CTX *libctx, const char *propq); + long length, OSSL_LIB_CTX *libctx, + const char *propq); EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length); EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp, - long length, OPENSSL_CTX *libctx, + long length, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length); @@ -1554,7 +1555,7 @@ DEPRECATEDIN_3_0(int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth)) DEPRECATEDIN_3_0(size_t EVP_PKEY_meth_get_count(void)) DEPRECATEDIN_3_0(const EVP_PKEY_METHOD *EVP_PKEY_meth_get0(size_t idx)) -EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt); void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt); @@ -1562,7 +1563,7 @@ const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt); const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt); int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt); int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name); -void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYMGMT *keymgmt, void *arg), void *arg); void EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt, @@ -1574,10 +1575,10 @@ const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt); EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); -EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx, +EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OSSL_LIB_CTX *libctx, const char *name, const char *propquery); -EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx, +EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey, const char *propquery); EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); @@ -1603,14 +1604,14 @@ void EVP_PKEY_CTX_set0_keygen_info(EVP_PKEY_CTX *ctx, int *dat, int datlen); EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key, int keylen); -EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx, +EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx, const char *keytype, const char *propq, const unsigned char *priv, size_t len); EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e, const unsigned char *priv, size_t len); -EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx, +EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OSSL_LIB_CTX *libctx, const char *keytype, const char *propq, const unsigned char *pub, size_t len); EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e, @@ -1622,7 +1623,7 @@ int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub, size_t *len); EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len, - const char *cipher_name, OPENSSL_CTX *libctx, + const char *cipher_name, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv, size_t len, const EVP_CIPHER *cipher); @@ -1639,11 +1640,11 @@ void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx); void EVP_SIGNATURE_free(EVP_SIGNATURE *signature); int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature); OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature); -EVP_SIGNATURE *EVP_SIGNATURE_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name); int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature); -void EVP_SIGNATURE_do_all_provided(OPENSSL_CTX *libctx, +void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_SIGNATURE *signature, void *data), void *data); @@ -1656,11 +1657,11 @@ const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig); void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher); int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher); OSSL_PROVIDER *EVP_ASYM_CIPHER_provider(const EVP_ASYM_CIPHER *cipher); -EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name); int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher); -void EVP_ASYM_CIPHER_do_all_provided(OPENSSL_CTX *libctx, +void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_ASYM_CIPHER *cipher, void *arg), void *arg); @@ -1673,11 +1674,11 @@ const OSSL_PARAM *EVP_ASYM_CIPHER_settable_ctx_params(const EVP_ASYM_CIPHER *cip void EVP_KEM_free(EVP_KEM *wrap); int EVP_KEM_up_ref(EVP_KEM *wrap); OSSL_PROVIDER *EVP_KEM_provider(const EVP_KEM *wrap); -EVP_KEM *EVP_KEM_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name); int EVP_KEM_number(const EVP_KEM *wrap); -void EVP_KEM_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEM *wrap, void *arg), void *arg); void EVP_KEM_names_do_all(const EVP_KEM *wrap, void (*fn)(const char *name, void *data), void *data); @@ -1938,12 +1939,12 @@ DEPRECATEDIN_3_0(void EVP_PKEY_meth_get_digest_custom void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange); int EVP_KEYEXCH_up_ref(EVP_KEYEXCH *exchange); -EVP_KEYEXCH *EVP_KEYEXCH_fetch(OPENSSL_CTX *ctx, const char *algorithm, +EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm, const char *properties); OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange); int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name); int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch); -void EVP_KEYEXCH_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KEYEXCH *keyexch, void *data), void *data); void EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *keyexch, @@ -1966,7 +1967,7 @@ int EVP_hex2ctrl(int (*cb)(void *ctx, int cmd, void *buf, size_t buflen), int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name); int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen); -OPENSSL_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx); +OSSL_LIB_CTX *EVP_PKEY_CTX_get0_libctx(EVP_PKEY_CTX *ctx); const char *EVP_PKEY_CTX_get0_propq(EVP_PKEY_CTX *ctx); # ifdef __cplusplus diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h index 5bef72da52..96521922ed 100644 --- a/include/openssl/kdf.h +++ b/include/openssl/kdf.h @@ -27,7 +27,7 @@ extern "C" { int EVP_KDF_up_ref(EVP_KDF *kdf); void EVP_KDF_free(EVP_KDF *kdf); -EVP_KDF *EVP_KDF_fetch(OPENSSL_CTX *libctx, const char *algorithm, +EVP_KDF *EVP_KDF_fetch(OSSL_LIB_CTX *libctx, const char *algorithm, const char *properties); EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf); @@ -49,7 +49,7 @@ const OSSL_PARAM *EVP_KDF_gettable_params(const EVP_KDF *kdf); const OSSL_PARAM *EVP_KDF_gettable_ctx_params(const EVP_KDF *kdf); const OSSL_PARAM *EVP_KDF_settable_ctx_params(const EVP_KDF *kdf); -void EVP_KDF_do_all_provided(OPENSSL_CTX *libctx, +void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(EVP_KDF *kdf, void *arg), void *arg); void EVP_KDF_names_do_all(const EVP_KDF *kdf, diff --git a/include/openssl/ocsp.h.in b/include/openssl/ocsp.h.in index 1a2fb93c4f..b702f607be 100644 --- a/include/openssl/ocsp.h.in +++ b/include/openssl/ocsp.h.in @@ -290,9 +290,9 @@ int OCSP_basic_sign_ctx(OCSP_BASICRESP *brsp, STACK_OF(X509) *certs, unsigned long flags); int OCSP_RESPID_set_by_name(OCSP_RESPID *respid, X509 *cert); int OCSP_RESPID_set_by_key_ex(OCSP_RESPID *respid, X509 *cert, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int OCSP_RESPID_set_by_key(OCSP_RESPID *respid, X509 *cert); -int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OPENSSL_CTX *libctx, +int OCSP_RESPID_match_ex(OCSP_RESPID *respid, X509 *cert, OSSL_LIB_CTX *libctx, const char *propq); int OCSP_RESPID_match(OCSP_RESPID *respid, X509 *cert); diff --git a/include/openssl/pem.h b/include/openssl/pem.h index a5e0077715..3066918b27 100644 --- a/include/openssl/pem.h +++ b/include/openssl/pem.h @@ -326,7 +326,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk, - pem_password_cb *cb, void *u, OPENSSL_CTX *libctx, + pem_password_cb *cb, void *u, OSSL_LIB_CTX *libctx, const char *propq); int PEM_X509_INFO_write_bio(BIO *bp, const X509_INFO *xi, EVP_CIPHER *enc, @@ -348,7 +348,7 @@ STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, void *u); STACK_OF(X509_INFO) *PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb, - void *u, OPENSSL_CTX *libctx, const char *propq); + void *u, OSSL_LIB_CTX *libctx, const char *propq); #endif int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type); @@ -395,20 +395,20 @@ DECLARE_PEM_write(DHxparams, DH) DECLARE_PEM_rw_cb(PrivateKey, EVP_PKEY) EVP_PKEY *PEM_read_bio_PrivateKey_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); # ifndef OPENSSL_NO_STDIO EVP_PKEY *PEM_read_PrivateKey_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); # endif DECLARE_PEM_rw(PUBKEY, EVP_PKEY) EVP_PKEY *PEM_read_bio_PUBKEY_ex(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); # ifndef OPENSSL_NO_STDIO EVP_PKEY *PEM_read_PUBKEY_ex(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); # endif int PEM_write_bio_PrivateKey_traditional(BIO *bp, const EVP_PKEY *x, @@ -451,7 +451,7 @@ int PEM_write_PKCS8PrivateKey(FILE *fp, const EVP_PKEY *x, const EVP_CIPHER *enc pem_password_cb *cd, void *u); # endif EVP_PKEY *PEM_read_bio_Parameters_ex(BIO *bp, EVP_PKEY **x, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *PEM_read_bio_Parameters(BIO *bp, EVP_PKEY **x); int PEM_write_bio_Parameters(BIO *bp, const EVP_PKEY *x); diff --git a/include/openssl/pkcs7.h.in b/include/openssl/pkcs7.h.in index f612e363ad..df53acc2a1 100644 --- a/include/openssl/pkcs7.h.in +++ b/include/openssl/pkcs7.h.in @@ -43,7 +43,7 @@ Key_Encryption_ID rsaEncryption */ typedef struct PKCS7_CTX_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; } PKCS7_CTX; @@ -252,7 +252,7 @@ DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST) DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT) DECLARE_ASN1_FUNCTIONS(PKCS7) -PKCS7 *PKCS7_new_ex(OPENSSL_CTX *libctx, const char *propq); +PKCS7 *PKCS7_new_ex(OSSL_LIB_CTX *libctx, const char *propq); DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN) DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY) @@ -314,7 +314,7 @@ int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, BIO *data, int flags); PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, - BIO *data, int flags, OPENSSL_CTX *libctx, + BIO *data, int flags, OSSL_LIB_CTX *libctx, const char *propq); PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, @@ -330,7 +330,7 @@ PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags); PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, int flags, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, int flags); diff --git a/include/openssl/provider.h b/include/openssl/provider.h index ad9d8e6569..80a1b412ed 100644 --- a/include/openssl/provider.h +++ b/include/openssl/provider.h @@ -17,14 +17,14 @@ extern "C" { # endif /* Set the default provider search path */ -int OSSL_PROVIDER_set_default_search_path(OPENSSL_CTX *, const char *path); +int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *, const char *path); /* Load and unload a provider */ -OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *, const char *name); -OSSL_PROVIDER *OSSL_PROVIDER_try_load(OPENSSL_CTX *, const char *name); +OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *, const char *name); +OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *, const char *name); int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov); -int OSSL_PROVIDER_available(OPENSSL_CTX *, const char *name); -int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx, +int OSSL_PROVIDER_available(OSSL_LIB_CTX *, const char *name); +int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, int (*cb)(OSSL_PROVIDER *provider, void *cbdata), void *cbdata); @@ -42,7 +42,7 @@ const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov, void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov); /* Add a built in providers */ -int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *, const char *name, +int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *, const char *name, OSSL_provider_init_fn *init_fn); /* Information */ diff --git a/include/openssl/rand.h b/include/openssl/rand.h index e641675fa6..73eefd5c14 100644 --- a/include/openssl/rand.h +++ b/include/openssl/rand.h @@ -59,17 +59,17 @@ RAND_METHOD *RAND_OpenSSL(void); int RAND_bytes(unsigned char *buf, int num); int RAND_priv_bytes(unsigned char *buf, int num); -/* Equivalent of RAND_priv_bytes() but additionally taking an OPENSSL_CTX */ -int RAND_priv_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); +/* Equivalent of RAND_priv_bytes() but additionally taking an OSSL_LIB_CTX */ +int RAND_priv_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num); -/* Equivalent of RAND_bytes() but additionally taking an OPENSSL_CTX */ -int RAND_bytes_ex(OPENSSL_CTX *ctx, unsigned char *buf, int num); +/* Equivalent of RAND_bytes() but additionally taking an OSSL_LIB_CTX */ +int RAND_bytes_ex(OSSL_LIB_CTX *ctx, unsigned char *buf, int num); DEPRECATEDIN_1_1_0(int RAND_pseudo_bytes(unsigned char *buf, int num)) -EVP_RAND_CTX *RAND_get0_primary(OPENSSL_CTX *ctx); -EVP_RAND_CTX *RAND_get0_public(OPENSSL_CTX *ctx); -EVP_RAND_CTX *RAND_get0_private(OPENSSL_CTX *ctx); +EVP_RAND_CTX *RAND_get0_primary(OSSL_LIB_CTX *ctx); +EVP_RAND_CTX *RAND_get0_public(OSSL_LIB_CTX *ctx); +EVP_RAND_CTX *RAND_get0_private(OSSL_LIB_CTX *ctx); void RAND_seed(const void *buf, int num); void RAND_keep_random_devices_open(int keep); diff --git a/include/openssl/self_test.h b/include/openssl/self_test.h index be375c9469..9aff14e82b 100644 --- a/include/openssl/self_test.h +++ b/include/openssl/self_test.h @@ -66,9 +66,9 @@ extern "C" { } # endif -void OSSL_SELF_TEST_set_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK *cb, +void OSSL_SELF_TEST_set_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK *cb, void *cbarg); -void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK **cb, +void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK **cb, void **cbarg); OSSL_SELF_TEST *OSSL_SELF_TEST_new(OSSL_CALLBACK *cb, void *cbarg); diff --git a/include/openssl/srp.h.in b/include/openssl/srp.h.in index 7ea855d9a0..619816c65f 100644 --- a/include/openssl/srp.h.in +++ b/include/openssl/srp.h.in @@ -104,12 +104,12 @@ SRP_user_pwd *SRP_VBASE_get1_by_user(SRP_VBASE *vb, char *username); char *SRP_create_verifier_ex(const char *user, const char *pass, char **salt, char **verifier, const char *N, const char *g, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); char *SRP_create_verifier(const char *user, const char *pass, char **salt, char **verifier, const char *N, const char *g); int SRP_create_verifier_BN_ex(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, const BIGNUM *N, - const BIGNUM *g, OPENSSL_CTX *libctx, + const BIGNUM *g, OSSL_LIB_CTX *libctx, const char *propq); int SRP_create_verifier_BN(const char *user, const char *pass, BIGNUM **salt, BIGNUM **verifier, const BIGNUM *N, @@ -143,22 +143,22 @@ SRP_gN *SRP_get_default_gN(const char *id); BIGNUM *SRP_Calc_server_key(const BIGNUM *A, const BIGNUM *v, const BIGNUM *u, const BIGNUM *b, const BIGNUM *N); BIGNUM *SRP_Calc_B_ex(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g, - const BIGNUM *v, OPENSSL_CTX *libctx, const char *propq); + const BIGNUM *v, OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_B(const BIGNUM *b, const BIGNUM *N, const BIGNUM *g, const BIGNUM *v); int SRP_Verify_A_mod_N(const BIGNUM *A, const BIGNUM *N); BIGNUM *SRP_Calc_u_ex(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_u(const BIGNUM *A, const BIGNUM *B, const BIGNUM *N); /* client side .... */ BIGNUM *SRP_Calc_x_ex(const BIGNUM *s, const char *user, const char *pass, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_x(const BIGNUM *s, const char *user, const char *pass); BIGNUM *SRP_Calc_A(const BIGNUM *a, const BIGNUM *N, const BIGNUM *g); BIGNUM *SRP_Calc_client_key_ex(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g, const BIGNUM *x, const BIGNUM *a, const BIGNUM *u, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); BIGNUM *SRP_Calc_client_key(const BIGNUM *N, const BIGNUM *B, const BIGNUM *g, const BIGNUM *x, const BIGNUM *a, const BIGNUM *u); int SRP_Verify_B_mod_N(const BIGNUM *B, const BIGNUM *N); diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index 61042148c2..edcd9819fa 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -1538,7 +1538,7 @@ void BIO_ssl_shutdown(BIO *ssl_bio); __owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str); __owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth); -__owur SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq, +__owur SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, const SSL_METHOD *meth); int SSL_CTX_up_ref(SSL_CTX *ctx); void SSL_CTX_free(SSL_CTX *); @@ -1640,7 +1640,7 @@ __owur int SSL_CTX_use_certificate_chain_file(SSL_CTX *ctx, const char *file); __owur int SSL_use_certificate_chain_file(SSL *ssl, const char *file); __owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); __owur STACK_OF(X509_NAME) -*SSL_load_client_CA_file_ex(const char *file, OPENSSL_CTX *libctx, +*SSL_load_client_CA_file_ex(const char *file, OSSL_LIB_CTX *libctx, const char *propq); __owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs, const char *file); diff --git a/include/openssl/store.h b/include/openssl/store.h index edbf4a8fbd..8be9f71bf3 100644 --- a/include/openssl/store.h +++ b/include/openssl/store.h @@ -57,7 +57,7 @@ OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); OSSL_STORE_CTX * -OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq, +OSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); @@ -127,7 +127,7 @@ int OSSL_STORE_close(OSSL_STORE_CTX *ctx); * BIO actually reads. */ OSSL_STORE_CTX *OSSL_STORE_attach(BIO *bio, const char *scheme, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); @@ -250,7 +250,7 @@ int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search); typedef struct ossl_store_loader_st OSSL_STORE_LOADER; OSSL_STORE_LOADER *OSSL_STORE_LOADER_fetch(const char *scheme, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *properties); int OSSL_STORE_LOADER_up_ref(OSSL_STORE_LOADER *loader); void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader); @@ -260,7 +260,7 @@ const char *OSSL_STORE_LOADER_properties(const OSSL_STORE_LOADER *loader); int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader); int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *scheme); -void OSSL_STORE_LOADER_do_all_provided(OPENSSL_CTX *libctx, +void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx, void (*fn)(OSSL_STORE_LOADER *loader, void *arg), void *arg); @@ -285,12 +285,12 @@ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn) const UI_METHOD *ui_method, void *ui_data); typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn) (const OSSL_STORE_LOADER *loader, - const char *uri, OPENSSL_CTX *libctx, const char *propq, + const char *uri, OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data); typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn) (const OSSL_STORE_LOADER *loader, BIO *bio, - OPENSSL_CTX *libctx, const char *propq, + OSSL_LIB_CTX *libctx, const char *propq, const UI_METHOD *ui_method, void *ui_data); typedef int (*OSSL_STORE_ctrl_fn) (OSSL_STORE_LOADER_CTX *ctx, int cmd, va_list args); diff --git a/include/openssl/types.h b/include/openssl/types.h index ee024cef29..8ca2d144c7 100644 --- a/include/openssl/types.h +++ b/include/openssl/types.h @@ -204,7 +204,7 @@ typedef struct ct_policy_eval_ctx_st CT_POLICY_EVAL_CTX; typedef struct ossl_store_info_st OSSL_STORE_INFO; typedef struct ossl_store_search_st OSSL_STORE_SEARCH; -typedef struct openssl_ctx_st OPENSSL_CTX; +typedef struct ossl_lib_ctx_st OSSL_LIB_CTX; typedef struct ossl_dispatch_st OSSL_DISPATCH; typedef struct ossl_item_st OSSL_ITEM; diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in index a88398d5e5..1c4a13aa42 100644 --- a/include/openssl/x509.h.in +++ b/include/openssl/x509.h.in @@ -365,7 +365,7 @@ const char *X509_verify_cert_error_string(long n); int X509_verify(X509 *a, EVP_PKEY *r); int X509_self_signed(X509 *cert, int verify_signature); -int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx, +int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OSSL_LIB_CTX *libctx, const char *propq); int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); @@ -443,7 +443,7 @@ PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, const PKCS8_PRIV_KEY_INFO *p8inf); int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, const EVP_PKEY *key); int i2d_PrivateKey_fp(FILE *fp, const EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OPENSSL_CTX *libctx, +EVP_PKEY *d2i_PrivateKey_ex_fp(FILE *fp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a); int i2d_PUBKEY_fp(FILE *fp, const EVP_PKEY *pkey); @@ -485,7 +485,7 @@ PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, const PKCS8_PRIV_KEY_INFO *p8inf); int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, const EVP_PKEY *key); int i2d_PrivateKey_bio(BIO *bp, const EVP_PKEY *pkey); -EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OPENSSL_CTX *libctx, +EVP_PKEY *d2i_PrivateKey_ex_bio(BIO *bp, EVP_PKEY **a, OSSL_LIB_CTX *libctx, const char *propq); EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a); int i2d_PUBKEY_bio(BIO *bp, const EVP_PKEY *pkey); @@ -542,7 +542,7 @@ int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain); long X509_get_pathlen(X509 *x); DECLARE_ASN1_ENCODE_FUNCTIONS_only(EVP_PKEY, PUBKEY) EVP_PKEY *d2i_PUBKEY_ex(EVP_PKEY **a, const unsigned char **pp, long length, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); # ifndef OPENSSL_NO_RSA DECLARE_ASN1_ENCODE_FUNCTIONS_only(RSA, RSA_PUBKEY) # endif @@ -576,7 +576,7 @@ int X509_NAME_set(X509_NAME **xn, const X509_NAME *name); DECLARE_ASN1_FUNCTIONS(X509_CINF) DECLARE_ASN1_FUNCTIONS(X509) -X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq); +X509 *X509_new_ex(OSSL_LIB_CTX *libctx, const char *propq); DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) #define X509_get_ex_new_index(l, p, newf, dupf, freef) \ @@ -1054,7 +1054,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8); -EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx, +EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OSSL_LIB_CTX *libctx, const char *propq); PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey); diff --git a/include/openssl/x509_vfy.h.in b/include/openssl/x509_vfy.h.in index b7da1b0c5c..f4ab746f75 100644 --- a/include/openssl/x509_vfy.h.in +++ b/include/openssl/x509_vfy.h.in @@ -389,7 +389,7 @@ X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(const X509_STORE *ctx); int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data); void *X509_STORE_get_ex_data(const X509_STORE *ctx, int idx); -X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq); +X509_STORE_CTX *X509_STORE_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq); X509_STORE_CTX *X509_STORE_CTX_new(void); int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x); @@ -441,7 +441,7 @@ typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); typedef int (*X509_LOOKUP_ctrl_ex_fn)( X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, @@ -451,7 +451,7 @@ typedef int (*X509_LOOKUP_get_by_subject_ex_fn)(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq); typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, @@ -530,15 +530,15 @@ X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs, int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret); int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, - char **ret, OPENSSL_CTX *libctx, const char *propq); + char **ret, OSSL_LIB_CTX *libctx, const char *propq); int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type); int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); void X509_LOOKUP_free(X509_LOOKUP *ctx); @@ -547,7 +547,7 @@ int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret); int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, X509_OBJECT *ret, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, const X509_NAME *name, const ASN1_INTEGER *serial, @@ -571,13 +571,13 @@ int X509_STORE_load_locations(X509_STORE *ctx, int X509_STORE_set_default_paths(X509_STORE *ctx); int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_STORE_load_store_ex(X509_STORE *ctx, const char *store, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file, - const char *dir, OPENSSL_CTX *libctx, + const char *dir, OSSL_LIB_CTX *libctx, const char *propq); -int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx, +int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OSSL_LIB_CTX *libctx, const char *propq); #define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \ diff --git a/providers/baseprov.c b/providers/baseprov.c index 41dc65655e..019caf10d6 100644 --- a/providers/baseprov.c +++ b/providers/baseprov.c @@ -136,7 +136,7 @@ int ossl_base_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH *in, const OSSL_DISPATCH **out, void **provctx) { - OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL; + OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL; BIO_METHOD *corebiometh; if (!ossl_prov_bio_from_dispatch(in)) @@ -149,8 +149,8 @@ int ossl_base_provider_init(const OSSL_CORE_HANDLE *handle, case OSSL_FUNC_CORE_GET_PARAMS: c_get_params = OSSL_FUNC_core_get_params(in); break; - case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT: - c_get_libctx = OSSL_FUNC_core_get_library_context(in); + case OSSL_FUNC_CORE_GET_LIBCTX: + c_get_libctx = OSSL_FUNC_core_get_libctx(in); break; default: /* Just ignore anything we don't understand */ @@ -175,8 +175,8 @@ int ossl_base_provider_init(const OSSL_CORE_HANDLE *handle, *provctx = NULL; return 0; } - ossl_prov_ctx_set0_library_context(*provctx, - (OPENSSL_CTX *)c_get_libctx(handle)); + ossl_prov_ctx_set0_libctx(*provctx, + (OSSL_LIB_CTX *)c_get_libctx(handle)); ossl_prov_ctx_set0_handle(*provctx, handle); ossl_prov_ctx_set0_core_bio_method(*provctx, corebiometh); diff --git a/providers/common/include/prov/provider_ctx.h b/providers/common/include/prov/provider_ctx.h index c650777280..c8126e1761 100644 --- a/providers/common/include/prov/provider_ctx.h +++ b/providers/common/include/prov/provider_ctx.h @@ -17,7 +17,7 @@ typedef struct prov_ctx_st { const OSSL_CORE_HANDLE *handle; - OPENSSL_CTX *libctx; /* For all provider modules */ + OSSL_LIB_CTX *libctx; /* For all provider modules */ BIO_METHOD *corebiometh; } PROV_CTX; @@ -25,15 +25,15 @@ typedef struct prov_ctx_st { * To be used anywhere the library context needs to be passed, such as to * fetching functions. */ -# define PROV_LIBRARY_CONTEXT_OF(provctx) \ - ossl_prov_ctx_get0_library_context((provctx)) +# define PROV_LIBCTX_OF(provctx) \ + ossl_prov_ctx_get0_libctx((provctx)) PROV_CTX *ossl_prov_ctx_new(void); void ossl_prov_ctx_free(PROV_CTX *ctx); -void ossl_prov_ctx_set0_library_context(PROV_CTX *ctx, OPENSSL_CTX *libctx); +void ossl_prov_ctx_set0_libctx(PROV_CTX *ctx, OSSL_LIB_CTX *libctx); void ossl_prov_ctx_set0_handle(PROV_CTX *ctx, const OSSL_CORE_HANDLE *handle); void ossl_prov_ctx_set0_core_bio_method(PROV_CTX *ctx, BIO_METHOD *corebiometh); -OPENSSL_CTX *ossl_prov_ctx_get0_library_context(PROV_CTX *ctx); +OSSL_LIB_CTX *ossl_prov_ctx_get0_libctx(PROV_CTX *ctx); const OSSL_CORE_HANDLE *ossl_prov_ctx_get0_handle(PROV_CTX *ctx); BIO_METHOD *ossl_prov_ctx_get0_core_bio_method(PROV_CTX *ctx); diff --git a/providers/common/include/prov/provider_util.h b/providers/common/include/prov/provider_util.h index 83f6d63ed7..1f6f4687ad 100644 --- a/providers/common/include/prov/provider_util.h +++ b/providers/common/include/prov/provider_util.h @@ -45,7 +45,7 @@ typedef struct { */ int ossl_prov_cipher_load_from_params(PROV_CIPHER *pc, const OSSL_PARAM params[], - OPENSSL_CTX *ctx); + OSSL_LIB_CTX *ctx); /* Reset the PROV_CIPHER fields and free any allocated cipher reference */ void ossl_prov_cipher_reset(PROV_CIPHER *pc); @@ -63,7 +63,7 @@ ENGINE *ossl_prov_cipher_engine(const PROV_CIPHER *pc); * Fetch a digest from the specified libctx using the provided mdname and * propquery. Store the result in the PROV_DIGEST and return the fetched md. */ -const EVP_MD *ossl_prov_digest_fetch(PROV_DIGEST *pd, OPENSSL_CTX *libctx, +const EVP_MD *ossl_prov_digest_fetch(PROV_DIGEST *pd, OSSL_LIB_CTX *libctx, const char *mdname, const char *propquery); /* @@ -74,7 +74,7 @@ const EVP_MD *ossl_prov_digest_fetch(PROV_DIGEST *pd, OPENSSL_CTX *libctx, */ int ossl_prov_digest_load_from_params(PROV_DIGEST *pd, const OSSL_PARAM params[], - OPENSSL_CTX *ctx); + OSSL_LIB_CTX *ctx); /* Reset the PROV_DIGEST fields and free any allocated digest reference */ void ossl_prov_digest_reset(PROV_DIGEST *pd); @@ -123,7 +123,7 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx, const char *macname, const char *ciphername, const char *mdname, - OPENSSL_CTX *ctx); + OSSL_LIB_CTX *ctx); typedef struct ag_capable_st { OSSL_ALGORITHM alg; diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h index d90492c723..622fe1977e 100644 --- a/providers/common/include/prov/providercommon.h +++ b/providers/common/include/prov/providercommon.h @@ -10,7 +10,7 @@ #include #include -const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *ctx); +const OSSL_CORE_HANDLE *FIPS_get_core_handle(OSSL_LIB_CTX *ctx); const char *ossl_prov_util_nid_to_name(int nid); diff --git a/providers/common/provider_ctx.c b/providers/common/provider_ctx.c index 6d81c20981..9690abfd57 100644 --- a/providers/common/provider_ctx.c +++ b/providers/common/provider_ctx.c @@ -21,7 +21,7 @@ void ossl_prov_ctx_free(PROV_CTX *ctx) OPENSSL_free(ctx); } -void ossl_prov_ctx_set0_library_context(PROV_CTX *ctx, OPENSSL_CTX *libctx) +void ossl_prov_ctx_set0_libctx(PROV_CTX *ctx, OSSL_LIB_CTX *libctx) { if (ctx != NULL) ctx->libctx = libctx; @@ -39,7 +39,7 @@ void ossl_prov_ctx_set0_core_bio_method(PROV_CTX *ctx, BIO_METHOD *corebiometh) ctx->corebiometh = corebiometh; } -OPENSSL_CTX *ossl_prov_ctx_get0_library_context(PROV_CTX *ctx) +OSSL_LIB_CTX *ossl_prov_ctx_get0_libctx(PROV_CTX *ctx) { if (ctx == NULL) return NULL; diff --git a/providers/common/provider_util.c b/providers/common/provider_util.c index 2e9fe8d5da..2499d1534e 100644 --- a/providers/common/provider_util.c +++ b/providers/common/provider_util.c @@ -67,7 +67,7 @@ static int load_common(const OSSL_PARAM params[], const char **propquery, int ossl_prov_cipher_load_from_params(PROV_CIPHER *pc, const OSSL_PARAM params[], - OPENSSL_CTX *ctx) + OSSL_LIB_CTX *ctx) { const OSSL_PARAM *p; const char *propquery; @@ -124,7 +124,7 @@ int ossl_prov_digest_copy(PROV_DIGEST *dst, const PROV_DIGEST *src) return 1; } -const EVP_MD *ossl_prov_digest_fetch(PROV_DIGEST *pd, OPENSSL_CTX *libctx, +const EVP_MD *ossl_prov_digest_fetch(PROV_DIGEST *pd, OSSL_LIB_CTX *libctx, const char *mdname, const char *propquery) { EVP_MD_free(pd->alloc_md); @@ -135,7 +135,7 @@ const EVP_MD *ossl_prov_digest_fetch(PROV_DIGEST *pd, OPENSSL_CTX *libctx, int ossl_prov_digest_load_from_params(PROV_DIGEST *pd, const OSSL_PARAM params[], - OPENSSL_CTX *ctx) + OSSL_LIB_CTX *ctx) { const OSSL_PARAM *p; const char *propquery; @@ -245,7 +245,7 @@ int ossl_prov_macctx_load_from_params(EVP_MAC_CTX **macctx, const char *macname, const char *ciphername, const char *mdname, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { const OSSL_PARAM *p; const char *properties = NULL; diff --git a/providers/defltprov.c b/providers/defltprov.c index 48f0c88098..959c48d1db 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -523,7 +523,7 @@ int ossl_default_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH **out, void **provctx) { - OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL; + OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL; BIO_METHOD *corebiometh; if (!ossl_prov_bio_from_dispatch(in)) @@ -536,8 +536,8 @@ int ossl_default_provider_init(const OSSL_CORE_HANDLE *handle, case OSSL_FUNC_CORE_GET_PARAMS: c_get_params = OSSL_FUNC_core_get_params(in); break; - case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT: - c_get_libctx = OSSL_FUNC_core_get_library_context(in); + case OSSL_FUNC_CORE_GET_LIBCTX: + c_get_libctx = OSSL_FUNC_core_get_libctx(in); break; default: /* Just ignore anything we don't understand */ @@ -562,8 +562,8 @@ int ossl_default_provider_init(const OSSL_CORE_HANDLE *handle, *provctx = NULL; return 0; } - ossl_prov_ctx_set0_library_context(*provctx, - (OPENSSL_CTX *)c_get_libctx(handle)); + ossl_prov_ctx_set0_libctx(*provctx, + (OSSL_LIB_CTX *)c_get_libctx(handle)); ossl_prov_ctx_set0_handle(*provctx, handle); ossl_prov_ctx_set0_core_bio_method(*provctx, corebiometh); diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 005ad2bb54..93b5dede67 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -43,7 +43,7 @@ int FIPS_security_check_enabled(void); * TODO(3.0): Should these be stored in the provider side provctx? Could they * ever be different from one init to the next? Unfortunately we can't do this * at the moment because c_put_error/c_add_error_vdata do not provide - * us with the OPENSSL_CTX as a parameter. + * us with the OSSL_LIB_CTX as a parameter. */ static SELF_TEST_POST_PARAMS selftest_params; @@ -73,13 +73,13 @@ static OSSL_FUNC_CRYPTO_secure_clear_free_fn *c_CRYPTO_secure_clear_free; static OSSL_FUNC_CRYPTO_secure_allocated_fn *c_CRYPTO_secure_allocated; static OSSL_FUNC_BIO_vsnprintf_fn *c_BIO_vsnprintf; static OSSL_FUNC_self_test_cb_fn *c_stcbfn = NULL; -static OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL; +static OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL; typedef struct fips_global_st { const OSSL_CORE_HANDLE *handle; } FIPS_GLOBAL; -static void *fips_prov_ossl_ctx_new(OPENSSL_CTX *libctx) +static void *fips_prov_ossl_ctx_new(OSSL_LIB_CTX *libctx) { FIPS_GLOBAL *fgbl = OPENSSL_zalloc(sizeof(*fgbl)); @@ -91,7 +91,7 @@ static void fips_prov_ossl_ctx_free(void *fgbl) OPENSSL_free(fgbl); } -static const OPENSSL_CTX_METHOD fips_prov_ossl_ctx_method = { +static const OSSL_LIB_CTX_METHOD fips_prov_ossl_ctx_method = { fips_prov_ossl_ctx_new, fips_prov_ossl_ctx_free, }; @@ -544,7 +544,7 @@ static const OSSL_ALGORITHM *fips_query(void *provctx, int operation_id, static void fips_teardown(void *provctx) { - OPENSSL_CTX_free(PROV_LIBRARY_CONTEXT_OF(provctx)); + OSSL_LIB_CTX_free(PROV_LIBCTX_OF(provctx)); ossl_prov_ctx_free(provctx); } @@ -582,12 +582,12 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, void **provctx) { FIPS_GLOBAL *fgbl; - OPENSSL_CTX *libctx = NULL; + OSSL_LIB_CTX *libctx = NULL; for (; in->function_id != 0; in++) { switch (in->function_id) { - case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT: - c_get_libctx = OSSL_FUNC_core_get_library_context(in); + case OSSL_FUNC_CORE_GET_LIBCTX: + c_get_libctx = OSSL_FUNC_core_get_libctx(in); break; case OSSL_FUNC_CORE_GETTABLE_PARAMS: c_gettable_params = OSSL_FUNC_core_gettable_params(in); @@ -692,20 +692,20 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, /* Create a context. */ if ((*provctx = ossl_prov_ctx_new()) == NULL - || (libctx = OPENSSL_CTX_new()) == NULL) { + || (libctx = OSSL_LIB_CTX_new()) == NULL) { /* * We free libctx separately here and only here because it hasn't * been attached to *provctx. All other error paths below rely * solely on fips_teardown. */ - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); goto err; } - ossl_prov_ctx_set0_library_context(*provctx, libctx); + ossl_prov_ctx_set0_libctx(*provctx, libctx); ossl_prov_ctx_set0_handle(*provctx, handle); - if ((fgbl = openssl_ctx_get_data(libctx, OPENSSL_CTX_FIPS_PROV_INDEX, - &fips_prov_ossl_ctx_method)) == NULL) + if ((fgbl = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_FIPS_PROV_INDEX, + &fips_prov_ossl_ctx_method)) == NULL) goto err; fgbl->handle = handle; @@ -740,12 +740,12 @@ int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH **out, void **provctx) { - OSSL_FUNC_core_get_library_context_fn *c_internal_get_libctx = NULL; + OSSL_FUNC_core_get_libctx_fn *c_internal_get_libctx = NULL; for (; in->function_id != 0; in++) { switch (in->function_id) { - case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT: - c_internal_get_libctx = OSSL_FUNC_core_get_library_context(in); + case OSSL_FUNC_CORE_GET_LIBCTX: + c_internal_get_libctx = OSSL_FUNC_core_get_libctx(in); break; default: break; @@ -763,9 +763,8 @@ int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle, * internal provider. This is not something that most providers would be * able to do. */ - ossl_prov_ctx_set0_library_context( - *provctx, (OPENSSL_CTX *)c_internal_get_libctx(handle) - ); + ossl_prov_ctx_set0_libctx(*provctx, + (OSSL_LIB_CTX *)c_internal_get_libctx(handle)); ossl_prov_ctx_set0_handle(*provctx, handle); *out = intern_dispatch_table; @@ -814,15 +813,15 @@ int ERR_pop_to_mark(void) /* * This must take a library context, since it's called from the depths * of crypto/initthread.c code, where it's (correctly) assumed that the - * passed caller argument is an OPENSSL_CTX pointer (since the same routine + * passed caller argument is an OSSL_LIB_CTX pointer (since the same routine * is also called from other parts of libcrypto, which all pass around a - * OPENSSL_CTX pointer) + * OSSL_LIB_CTX pointer) */ -const OSSL_CORE_HANDLE *FIPS_get_core_handle(OPENSSL_CTX *libctx) +const OSSL_CORE_HANDLE *FIPS_get_core_handle(OSSL_LIB_CTX *libctx) { - FIPS_GLOBAL *fgbl = openssl_ctx_get_data(libctx, - OPENSSL_CTX_FIPS_PROV_INDEX, - &fips_prov_ossl_ctx_method); + FIPS_GLOBAL *fgbl = ossl_lib_ctx_get_data(libctx, + OSSL_LIB_CTX_FIPS_PROV_INDEX, + &fips_prov_ossl_ctx_method); if (fgbl == NULL) return NULL; @@ -902,7 +901,7 @@ int FIPS_security_check_enabled(void) return fips_security_checks; } -void OSSL_SELF_TEST_get_callback(OPENSSL_CTX *libctx, OSSL_CALLBACK **cb, +void OSSL_SELF_TEST_get_callback(OSSL_LIB_CTX *libctx, OSSL_CALLBACK **cb, void **cbarg) { if (libctx == NULL) diff --git a/providers/fips/self_test.c b/providers/fips/self_test.c index 4bc562f822..4d8e640c38 100644 --- a/providers/fips/self_test.c +++ b/providers/fips/self_test.c @@ -20,8 +20,8 @@ /* * We're cheating here. Normally we don't allow RUN_ONCE usage inside the FIPS * module because all such initialisation should be associated with an - * individual OPENSSL_CTX. That doesn't work with the self test though because - * it should be run once regardless of the number of OPENSSL_CTXs we have. + * individual OSSL_LIB_CTX. That doesn't work with the self test though because + * it should be run once regardless of the number of OSSL_LIB_CTXs we have. */ #define ALLOW_RUN_ONCE_IN_FIPS #include @@ -160,7 +160,7 @@ DEP_FINI_ATTRIBUTE void cleanup(void) */ static int verify_integrity(OSSL_CORE_BIO *bio, OSSL_FUNC_BIO_read_ex_fn read_ex_cb, unsigned char *expected, size_t expected_len, - OPENSSL_CTX *libctx, OSSL_SELF_TEST *ev, + OSSL_LIB_CTX *libctx, OSSL_SELF_TEST *ev, const char *event_type) { int ret = 0, status; diff --git a/providers/fips/self_test.h b/providers/fips/self_test.h index 205623cc3d..ff5928eeb4 100644 --- a/providers/fips/self_test.h +++ b/providers/fips/self_test.h @@ -31,11 +31,11 @@ typedef struct self_test_post_params_st { OSSL_FUNC_BIO_free_fn *bio_free_cb; OSSL_CALLBACK *cb; void *cb_arg; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; } SELF_TEST_POST_PARAMS; int SELF_TEST_post(SELF_TEST_POST_PARAMS *st, int on_demand_test); -int SELF_TEST_kats(OSSL_SELF_TEST *event, OPENSSL_CTX *libctx); +int SELF_TEST_kats(OSSL_SELF_TEST *event, OSSL_LIB_CTX *libctx); void SELF_TEST_disable_conditional_error_state(void); diff --git a/providers/fips/self_test_kats.c b/providers/fips/self_test_kats.c index 5e76a1c84d..c61646aafe 100644 --- a/providers/fips/self_test_kats.c +++ b/providers/fips/self_test_kats.c @@ -18,7 +18,7 @@ #include "self_test_data.inc" static int self_test_digest(const ST_KAT_DIGEST *t, OSSL_SELF_TEST *st, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { int ok = 0; unsigned char out[EVP_MAX_MD_SIZE]; @@ -83,7 +83,7 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher, /* Test a single KAT for encrypt/decrypt */ static int self_test_cipher(const ST_KAT_CIPHER *t, OSSL_SELF_TEST *st, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { int ret = 0, encrypt = 1, len, ct_len = 0, pt_len = 0; EVP_CIPHER_CTX *ctx = NULL; @@ -179,7 +179,7 @@ err: } static int self_test_kdf(const ST_KAT_KDF *t, OSSL_SELF_TEST *st, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { int ret = 0; unsigned char out[64]; @@ -236,7 +236,7 @@ err: } static int self_test_drbg(const ST_KAT_DRBG *t, OSSL_SELF_TEST *st, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { int ret = 0; unsigned char out[256]; @@ -347,7 +347,7 @@ err: } static int self_test_ka(const ST_KAT_KAS *t, - OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) + OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int ret = 0; EVP_PKEY_CTX *kactx = NULL, *dctx = NULL; @@ -423,7 +423,7 @@ err: } static int self_test_sign(const ST_KAT_SIGN *t, - OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) + OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int ret = 0; OSSL_PARAM *params = NULL, *params_sig = NULL; @@ -513,7 +513,7 @@ err: * and decrypt.. */ static int self_test_asym_cipher(const ST_KAT_ASYM_CIPHER *t, OSSL_SELF_TEST *st, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { int ret = 0; OSSL_PARAM *keyparams = NULL, *initparams = NULL; @@ -598,7 +598,7 @@ err: * All tests are run regardless of if they fail or not. * Return 0 if any test fails. */ -static int self_test_digests(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +static int self_test_digests(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int i, ret = 1; @@ -609,7 +609,7 @@ static int self_test_digests(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) return ret; } -static int self_test_ciphers(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +static int self_test_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int i, ret = 1; @@ -620,7 +620,7 @@ static int self_test_ciphers(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) return ret; } -static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int i, ret = 1; @@ -631,7 +631,7 @@ static int self_test_asym_ciphers(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) return ret; } -static int self_test_kdfs(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +static int self_test_kdfs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int i, ret = 1; @@ -642,7 +642,7 @@ static int self_test_kdfs(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) return ret; } -static int self_test_drbgs(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +static int self_test_drbgs(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int i, ret = 1; @@ -653,7 +653,7 @@ static int self_test_drbgs(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) return ret; } -static int self_test_kas(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +static int self_test_kas(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int i, ret = 1; @@ -664,7 +664,7 @@ static int self_test_kas(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) return ret; } -static int self_test_signatures(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +static int self_test_signatures(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int i, ret = 1; @@ -680,7 +680,7 @@ static int self_test_signatures(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) * Return 1 is successful, otherwise return 0. * This runs all the tests regardless of if any fail. */ -int SELF_TEST_kats(OSSL_SELF_TEST *st, OPENSSL_CTX *libctx) +int SELF_TEST_kats(OSSL_SELF_TEST *st, OSSL_LIB_CTX *libctx) { int ret = 1; diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index 6241ce5fcf..1287cc303a 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -62,7 +62,7 @@ static OSSL_ITEM padding_item[] = { */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; RSA *rsa; int pad_mode; int operation; @@ -87,7 +87,7 @@ static void *rsa_newctx(void *provctx) prsactx = OPENSSL_zalloc(sizeof(PROV_RSA_CTX)); if (prsactx == NULL) return NULL; - prsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + prsactx->libctx = PROV_LIBCTX_OF(provctx); return prsactx; } diff --git a/providers/implementations/asymciphers/sm2_enc.c b/providers/implementations/asymciphers/sm2_enc.c index 4f2f64bb1a..a67e2c26e4 100644 --- a/providers/implementations/asymciphers/sm2_enc.c +++ b/providers/implementations/asymciphers/sm2_enc.c @@ -38,7 +38,7 @@ static OSSL_FUNC_asym_cipher_settable_ctx_params_fn sm2_settable_ctx_params; */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; EC_KEY *key; PROV_DIGEST md; } PROV_SM2_CTX; @@ -49,7 +49,7 @@ static void *sm2_newctx(void *provctx) if (psm2ctx == NULL) return NULL; - psm2ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + psm2ctx->libctx = PROV_LIBCTX_OF(provctx); return psm2ctx; } diff --git a/providers/implementations/ciphers/cipher_aes_siv.c b/providers/implementations/ciphers/cipher_aes_siv.c index 6e986554f1..7a83506c24 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.c +++ b/providers/implementations/ciphers/cipher_aes_siv.c @@ -40,7 +40,7 @@ static void *aes_siv_newctx(void *provctx, size_t keybits, unsigned int mode, ctx->flags = flags; ctx->keylen = keybits / 8; ctx->hw = ossl_prov_cipher_hw_aes_siv(keybits); - ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + ctx->libctx = PROV_LIBCTX_OF(provctx); } return ctx; } diff --git a/providers/implementations/ciphers/cipher_aes_siv.h b/providers/implementations/ciphers/cipher_aes_siv.h index b407b407e6..6d2649f049 100644 --- a/providers/implementations/ciphers/cipher_aes_siv.h +++ b/providers/implementations/ciphers/cipher_aes_siv.h @@ -31,7 +31,7 @@ typedef struct prov_siv_ctx_st { EVP_CIPHER *ctr; /* These are fetched - so we need to free them */ EVP_CIPHER *cbc; const PROV_CIPHER_HW_AES_SIV *hw; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; } PROV_AES_SIV_CTX; const PROV_CIPHER_HW_AES_SIV *ossl_prov_cipher_hw_aes_siv(size_t keybits); diff --git a/providers/implementations/ciphers/cipher_aes_siv_hw.c b/providers/implementations/ciphers/cipher_aes_siv_hw.c index ddd88e00c9..f4ad6639cf 100644 --- a/providers/implementations/ciphers/cipher_aes_siv_hw.c +++ b/providers/implementations/ciphers/cipher_aes_siv_hw.c @@ -22,7 +22,7 @@ static int aes_siv_initkey(void *vctx, const unsigned char *key, size_t keylen) PROV_AES_SIV_CTX *ctx = (PROV_AES_SIV_CTX *)vctx; SIV128_CONTEXT *sctx = &ctx->siv; size_t klen = keylen / 2; - OPENSSL_CTX *libctx = ctx->libctx; + OSSL_LIB_CTX *libctx = ctx->libctx; const char *propq = NULL; EVP_CIPHER_free(ctx->cbc); diff --git a/providers/implementations/ciphers/ciphercommon.c b/providers/implementations/ciphers/ciphercommon.c index f191074605..8d45d7a7d7 100644 --- a/providers/implementations/ciphers/ciphercommon.c +++ b/providers/implementations/ciphers/ciphercommon.c @@ -595,5 +595,5 @@ void ossl_cipher_generic_initkey(void *vctx, size_t kbits, size_t blkbits, ctx->mode = mode; ctx->blocksize = blkbits / 8; if (provctx != NULL) - ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); /* used for rand */ + ctx->libctx = PROV_LIBCTX_OF(provctx); /* used for rand */ } diff --git a/providers/implementations/ciphers/ciphercommon_block.c b/providers/implementations/ciphers/ciphercommon_block.c index ba6f68eeff..68d5495b77 100644 --- a/providers/implementations/ciphers/ciphercommon_block.c +++ b/providers/implementations/ciphers/ciphercommon_block.c @@ -22,7 +22,7 @@ int ssl3_cbc_remove_padding_and_mac(size_t *reclen, unsigned char **mac, int *alloced, size_t block_size, size_t mac_size, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); int tls1_cbc_remove_padding_and_mac(size_t *reclen, size_t origreclen, @@ -31,7 +31,7 @@ int tls1_cbc_remove_padding_and_mac(size_t *reclen, int *alloced, size_t block_size, size_t mac_size, int aead, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); /* * Fills a single block of buffered data from the input, and returns the amount @@ -154,7 +154,7 @@ int unpadblock(unsigned char *buf, size_t *buflen, size_t blocksize) * 1: (in constant time) Record is publicly valid. If padding is invalid then * the mac is random */ -int tlsunpadblock(OPENSSL_CTX *libctx, unsigned int tlsversion, +int tlsunpadblock(OSSL_LIB_CTX *libctx, unsigned int tlsversion, unsigned char *buf, size_t *buflen, size_t blocksize, unsigned char **mac, int *alloced, size_t macsize, int aead) { diff --git a/providers/implementations/ciphers/ciphercommon_gcm.c b/providers/implementations/ciphers/ciphercommon_gcm.c index abe2e9ace0..e70fc474a3 100644 --- a/providers/implementations/ciphers/ciphercommon_gcm.c +++ b/providers/implementations/ciphers/ciphercommon_gcm.c @@ -36,7 +36,7 @@ void gcm_initctx(void *provctx, PROV_GCM_CTX *ctx, size_t keybits, ctx->ivlen = (EVP_GCM_TLS_FIXED_IV_LEN + EVP_GCM_TLS_EXPLICIT_IV_LEN); ctx->keylen = keybits / 8; ctx->hw = hw; - ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + ctx->libctx = PROV_LIBCTX_OF(provctx); } static int gcm_init(void *vctx, const unsigned char *key, size_t keylen, diff --git a/providers/implementations/ciphers/ciphercommon_local.h b/providers/implementations/ciphers/ciphercommon_local.h index 9427c0c537..b84785b731 100644 --- a/providers/implementations/ciphers/ciphercommon_local.h +++ b/providers/implementations/ciphers/ciphercommon_local.h @@ -11,6 +11,6 @@ void padblock(unsigned char *buf, size_t *buflen, size_t blocksize); int unpadblock(unsigned char *buf, size_t *buflen, size_t blocksize); -int tlsunpadblock(OPENSSL_CTX *libctx, unsigned int tlsversion, +int tlsunpadblock(OSSL_LIB_CTX *libctx, unsigned int tlsversion, unsigned char *buf, size_t *buflen, size_t blocksize, unsigned char **mac, int *alloced, size_t macsize, int aead); diff --git a/providers/implementations/encode_decode/decode_der2key.c b/providers/implementations/encode_decode/decode_der2key.c index 0b6debf506..fed4ae0720 100644 --- a/providers/implementations/encode_decode/decode_der2key.c +++ b/providers/implementations/encode_decode/decode_der2key.c @@ -176,7 +176,7 @@ static int der2key_decode(void *vctx, OSSL_CORE_BIO *cin, OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg) { struct der2key_ctx_st *ctx = vctx; - void *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + void *libctx = PROV_LIBCTX_OF(ctx->provctx); unsigned char *der = NULL; const unsigned char *derp; long der_len = 0; diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index beb487e940..ca8f24fed2 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -789,7 +789,7 @@ static const OSSL_PARAM *key2any_settable_ctx_params(ossl_unused void *provctx) static int key2any_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { struct key2any_ctx_st *ctx = vctx; - OPENSSL_CTX *libctx = ossl_prov_ctx_get0_library_context(ctx->provctx); + OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(ctx->provctx); const OSSL_PARAM *cipherp = OSSL_PARAM_locate_const(params, OSSL_ENCODER_PARAM_CIPHER); const OSSL_PARAM *propsp = diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index ac6d42970e..92efb0436e 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -408,7 +408,7 @@ static int ec_param_explicit_gen_to_text(BIO *out, const EC_GROUP *group, /* Print explicit parameters */ static int ec_param_explicit_to_text(BIO *out, const EC_GROUP *group, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { int ret = 0, tmp_nid; BN_CTX *ctx = NULL; @@ -449,7 +449,7 @@ err: } static int ec_param_to_text(BIO *out, const EC_GROUP *group, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { if (EC_GROUP_get_asn1_flag(group) & OPENSSL_EC_NAMED_CURVE) { const char *curve_name; diff --git a/providers/implementations/exchange/dh_exch.c b/providers/implementations/exchange/dh_exch.c index 9e65934bdc..3eeac98497 100644 --- a/providers/implementations/exchange/dh_exch.c +++ b/providers/implementations/exchange/dh_exch.c @@ -59,7 +59,7 @@ enum kdf_type { */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; DH *dh; DH *dhpeer; unsigned int pad : 1; @@ -87,7 +87,7 @@ static void *dh_newctx(void *provctx) pdhctx = OPENSSL_zalloc(sizeof(PROV_DH_CTX)); if (pdhctx == NULL) return NULL; - pdhctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + pdhctx->libctx = PROV_LIBCTX_OF(provctx); pdhctx->kdf_type = PROV_DH_KDF_NONE; return pdhctx; } diff --git a/providers/implementations/exchange/ecdh_exch.c b/providers/implementations/exchange/ecdh_exch.c index 84a9d2aa19..0ea54ecc5f 100644 --- a/providers/implementations/exchange/ecdh_exch.c +++ b/providers/implementations/exchange/ecdh_exch.c @@ -50,7 +50,7 @@ enum kdf_type { */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; EC_KEY *k; EC_KEY *peerk; @@ -90,7 +90,7 @@ void *ecdh_newctx(void *provctx) if (pectx == NULL) return NULL; - pectx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + pectx->libctx = PROV_LIBCTX_OF(provctx); pectx->cofactor_mode = -1; pectx->kdf_type = PROV_ECDH_KDF_NONE; diff --git a/providers/implementations/exchange/kdf_exch.c b/providers/implementations/exchange/kdf_exch.c index 524a3f0261..c022a35107 100644 --- a/providers/implementations/exchange/kdf_exch.c +++ b/providers/implementations/exchange/kdf_exch.c @@ -49,7 +49,7 @@ static void *kdf_newctx(const char *kdfname, void *provctx) kdfctx->provctx = provctx; - kdf = EVP_KDF_fetch(PROV_LIBRARY_CONTEXT_OF(provctx), kdfname, NULL); + kdf = EVP_KDF_fetch(PROV_LIBCTX_OF(provctx), kdfname, NULL); if (kdf == NULL) goto err; kdfctx->kdfctx = EVP_KDF_CTX_new(kdf); @@ -146,7 +146,7 @@ static int kdf_set_ctx_params(void *vpkdfctx, const OSSL_PARAM params[]) static const OSSL_PARAM *kdf_settable_ctx_params(void *provctx, const char *kdfname) { - EVP_KDF *kdf = EVP_KDF_fetch(PROV_LIBRARY_CONTEXT_OF(provctx), kdfname, + EVP_KDF *kdf = EVP_KDF_fetch(PROV_LIBCTX_OF(provctx), kdfname, NULL); const OSSL_PARAM *params; diff --git a/providers/implementations/include/prov/ciphercommon.h b/providers/implementations/include/prov/ciphercommon.h index 82dae0ba59..c034528448 100644 --- a/providers/implementations/include/prov/ciphercommon.h +++ b/providers/implementations/include/prov/ciphercommon.h @@ -81,7 +81,7 @@ struct prov_cipher_ctx_st { unsigned char iv[GENERIC_BLOCK_SIZE]; const PROV_CIPHER_HW *hw; /* hardware specific functions */ const void *ks; /* Pointer to algorithm specific key data */ - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; }; struct prov_cipher_hw_st { diff --git a/providers/implementations/include/prov/ciphercommon_gcm.h b/providers/implementations/include/prov/ciphercommon_gcm.h index b6d5c74949..dd914bdf25 100644 --- a/providers/implementations/include/prov/ciphercommon_gcm.h +++ b/providers/implementations/include/prov/ciphercommon_gcm.h @@ -72,7 +72,7 @@ typedef struct prov_gcm_ctx_st { unsigned char iv[GCM_IV_MAX_SIZE]; /* Buffer to use for IV's */ unsigned char buf[AES_BLOCK_SIZE]; /* Buffer of partial blocks processed via update calls */ - OPENSSL_CTX *libctx; /* needed for rand calls */ + OSSL_LIB_CTX *libctx; /* needed for rand calls */ const PROV_GCM_HW *hw; /* hardware specific methods */ GCM128_CONTEXT gcm; ctr128_f ctr; diff --git a/providers/implementations/include/prov/kdfexchange.h b/providers/implementations/include/prov/kdfexchange.h index 5c817bb929..3770487bff 100644 --- a/providers/implementations/include/prov/kdfexchange.h +++ b/providers/implementations/include/prov/kdfexchange.h @@ -12,7 +12,7 @@ #include "internal/refcount.h" struct kdf_data_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; CRYPTO_REF_COUNT refcnt; CRYPTO_RWLOCK *lock; }; diff --git a/providers/implementations/include/prov/macsignature.h b/providers/implementations/include/prov/macsignature.h index bec5c46fbe..1e59884cbc 100644 --- a/providers/implementations/include/prov/macsignature.h +++ b/providers/implementations/include/prov/macsignature.h @@ -14,7 +14,7 @@ struct mac_key_st { CRYPTO_RWLOCK *lock; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; CRYPTO_REF_COUNT refcnt; unsigned char *priv_key; size_t priv_key_len; @@ -25,6 +25,6 @@ struct mac_key_st { typedef struct mac_key_st MAC_KEY; -MAC_KEY *mac_key_new(OPENSSL_CTX *libctx, int cmac); +MAC_KEY *mac_key_new(OSSL_LIB_CTX *libctx, int cmac); void mac_key_free(MAC_KEY *mackey); int mac_key_up_ref(MAC_KEY *mackey); diff --git a/providers/implementations/kdfs/hkdf.c b/providers/implementations/kdfs/hkdf.c index 6998cceb57..a985c85440 100644 --- a/providers/implementations/kdfs/hkdf.c +++ b/providers/implementations/kdfs/hkdf.c @@ -168,7 +168,7 @@ static int kdf_hkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; KDF_HKDF *ctx = vctx; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); int n; if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c index 9f12ce07ba..cf3b90c19c 100644 --- a/providers/implementations/kdfs/kbkdf.c +++ b/providers/implementations/kdfs/kbkdf.c @@ -254,7 +254,7 @@ static int kbkdf_set_buffer(unsigned char **out, size_t *out_len, static int kbkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { KBKDF *ctx = (KBKDF *)vctx; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); const OSSL_PARAM *p; OSSL_PARAM mparams[2]; diff --git a/providers/implementations/kdfs/krb5kdf.c b/providers/implementations/kdfs/krb5kdf.c index a7748085fb..cdf8a15415 100644 --- a/providers/implementations/kdfs/krb5kdf.c +++ b/providers/implementations/kdfs/krb5kdf.c @@ -132,7 +132,7 @@ static int krb5kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; KRB5KDF_CTX *ctx = vctx; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); if (!ossl_prov_cipher_load_from_params(&ctx->cipher, params, provctx)) return 0; diff --git a/providers/implementations/kdfs/pbkdf2.c b/providers/implementations/kdfs/pbkdf2.c index 7ba9c406c8..37a81f00ba 100644 --- a/providers/implementations/kdfs/pbkdf2.c +++ b/providers/implementations/kdfs/pbkdf2.c @@ -111,7 +111,7 @@ static void kdf_pbkdf2_reset(void *vctx) static void kdf_pbkdf2_init(KDF_PBKDF2 *ctx) { OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); params[0] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, SN_sha1, 0); @@ -168,7 +168,7 @@ static int kdf_pbkdf2_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; KDF_PBKDF2 *ctx = vctx; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); int pkcs5; uint64_t iter, min_iter; diff --git a/providers/implementations/kdfs/pkcs12kdf.c b/providers/implementations/kdfs/pkcs12kdf.c index 7ed5945af9..b058005e1d 100644 --- a/providers/implementations/kdfs/pkcs12kdf.c +++ b/providers/implementations/kdfs/pkcs12kdf.c @@ -223,7 +223,7 @@ static int kdf_pkcs12_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; KDF_PKCS12 *ctx = vctx; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) return 0; diff --git a/providers/implementations/kdfs/scrypt.c b/providers/implementations/kdfs/scrypt.c index 23d6f7b4ad..678a882fcd 100644 --- a/providers/implementations/kdfs/scrypt.c +++ b/providers/implementations/kdfs/scrypt.c @@ -37,10 +37,10 @@ static int scrypt_alg(const char *pass, size_t passlen, const unsigned char *salt, size_t saltlen, uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, unsigned char *key, size_t keylen, EVP_MD *sha256, - OPENSSL_CTX *libctx, const char *propq); + OSSL_LIB_CTX *libctx, const char *propq); typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; unsigned char *pass; size_t pass_len; @@ -66,7 +66,7 @@ static void *kdf_scrypt_new(void *provctx) ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); return NULL; } - ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + ctx->libctx = PROV_LIBCTX_OF(provctx); kdf_scrypt_init(ctx); return ctx; } @@ -404,7 +404,7 @@ static int scrypt_alg(const char *pass, size_t passlen, const unsigned char *salt, size_t saltlen, uint64_t N, uint64_t r, uint64_t p, uint64_t maxmem, unsigned char *key, size_t keylen, EVP_MD *sha256, - OPENSSL_CTX *libctx, const char *propq) + OSSL_LIB_CTX *libctx, const char *propq) { int rv = 0; unsigned char *B; diff --git a/providers/implementations/kdfs/sshkdf.c b/providers/implementations/kdfs/sshkdf.c index 4478279854..daf0dd2e87 100644 --- a/providers/implementations/kdfs/sshkdf.c +++ b/providers/implementations/kdfs/sshkdf.c @@ -134,7 +134,7 @@ static int kdf_sshkdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; KDF_SSHKDF *ctx = vctx; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); int t; if (!ossl_prov_digest_load_from_params(&ctx->digest, params, provctx)) diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index 2984f69042..6cfde97842 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -452,7 +452,7 @@ static int sskdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; KDF_SSKDF *ctx = vctx; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); size_t sz; if (!ossl_prov_digest_load_from_params(&ctx->digest, params, libctx)) diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index 3d4fbc5fc4..315971a96e 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -166,7 +166,7 @@ static int kdf_tls1_prf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p; TLS1_PRF *ctx = vctx; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); if ((p = OSSL_PARAM_locate_const(params, OSSL_KDF_PARAM_DIGEST)) != NULL) { if (strcasecmp(p->data, SN_md5_sha1) == 0) { diff --git a/providers/implementations/kdfs/x942kdf.c b/providers/implementations/kdfs/x942kdf.c index 3377350bf3..f19e014927 100644 --- a/providers/implementations/kdfs/x942kdf.c +++ b/providers/implementations/kdfs/x942kdf.c @@ -70,7 +70,7 @@ static const struct { #endif }; -static int find_alg_id(OPENSSL_CTX *libctx, const char *algname, +static int find_alg_id(OSSL_LIB_CTX *libctx, const char *algname, const char *propq, size_t *id) { int ret = 1; @@ -387,7 +387,7 @@ static int x942kdf_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { const OSSL_PARAM *p, *pq; KDF_X942 *ctx = vctx; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(ctx->provctx); const char *propq = NULL; size_t id; diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c index cb02854100..58a223fe42 100644 --- a/providers/implementations/kem/rsa_kem.c +++ b/providers/implementations/kem/rsa_kem.c @@ -52,7 +52,7 @@ static OSSL_FUNC_kem_settable_ctx_params_fn rsakem_settable_ctx_params; * we use that here too. */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; RSA *rsa; int op; } PROV_RSA_CTX; @@ -86,7 +86,7 @@ static void *rsakem_newctx(void *provctx) if (prsactx == NULL) return NULL; - prsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + prsactx->libctx = PROV_LIBCTX_OF(provctx); prsactx->op = KEM_OP_UNDEFINED; return prsactx; diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index b0d89f792a..3cca031963 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -52,7 +52,7 @@ static OSSL_FUNC_keymgmt_export_types_fn dh_export_types; (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) struct dh_gen_ctx { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; FFC_PARAMS *ffc_params; int selection; @@ -136,7 +136,7 @@ static void *dh_newdata(void *provctx) DH *dh = NULL; if (ossl_prov_is_running()) { - dh = dh_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx)); + dh = dh_new_ex(PROV_LIBCTX_OF(provctx)); if (dh != NULL) { DH_clear_flags(dh, DH_FLAG_TYPE_MASK); DH_set_flags(dh, DH_FLAG_TYPE_DH); @@ -149,7 +149,7 @@ static void *dhx_newdata(void *provctx) { DH *dh = NULL; - dh = dh_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx)); + dh = dh_new_ex(PROV_LIBCTX_OF(provctx)); if (dh != NULL) { DH_clear_flags(dh, DH_FLAG_TYPE_MASK); DH_set_flags(dh, DH_FLAG_TYPE_DHX); @@ -430,7 +430,7 @@ static int dh_validate(void *keydata, int selection) static void *dh_gen_init_base(void *provctx, int selection, int type) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct dh_gen_ctx *gctx = NULL; if (!ossl_prov_is_running()) diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 5cf5c78514..0fe6760856 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -50,7 +50,7 @@ static OSSL_FUNC_keymgmt_export_types_fn dsa_export_types; (OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) struct dsa_gen_ctx { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; FFC_PARAMS *ffc_params; int selection; @@ -113,7 +113,7 @@ static void *dsa_newdata(void *provctx) { if (!ossl_prov_is_running()) return NULL; - return dsa_new_with_ctx(PROV_LIBRARY_CONTEXT_OF(provctx)); + return dsa_new_with_ctx(PROV_LIBCTX_OF(provctx)); } static void dsa_freedata(void *keydata) @@ -363,7 +363,7 @@ static int dsa_validate(void *keydata, int selection) static void *dsa_gen_init(void *provctx, int selection) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct dsa_gen_ctx *gctx = NULL; if (!ossl_prov_is_running() || (selection & DSA_POSSIBLE_SELECTIONS) == 0) diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 33d55288dd..7508a794ad 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -236,7 +236,7 @@ void *ec_newdata(void *provctx) { if (!ossl_prov_is_running()) return NULL; - return EC_KEY_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx), NULL); + return EC_KEY_new_ex(PROV_LIBCTX_OF(provctx), NULL); } static @@ -567,7 +567,7 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2) const EC_GROUP *ecg = NULL; OSSL_PARAM *p; unsigned char *pub_key = NULL, *genbuf = NULL; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const char *propq; BN_CTX *bnctx = NULL; @@ -817,7 +817,7 @@ int ec_validate(void *keydata, int selection) } struct ec_gen_ctx { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *group_name; char *encoding; char *field_type; @@ -831,7 +831,7 @@ struct ec_gen_ctx { static void *ec_gen_init(void *provctx, int selection) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct ec_gen_ctx *gctx = NULL; if (!ossl_prov_is_running() || (selection & (EC_POSSIBLE_SELECTIONS)) == 0) diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index 1c3a51d258..f4e59b3322 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -68,7 +68,7 @@ static OSSL_FUNC_keymgmt_export_types_fn ecx_imexport_types; #define ECX_POSSIBLE_SELECTIONS (OSSL_KEYMGMT_SELECT_KEYPAIR) struct ecx_gen_ctx { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; ECX_KEY_TYPE type; int selection; @@ -85,7 +85,7 @@ static void *x25519_new_key(void *provctx) { if (!ossl_prov_is_running()) return 0; - return ecx_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), ECX_KEY_TYPE_X25519, 0, + return ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_X25519, 0, NULL); } @@ -93,7 +93,7 @@ static void *x448_new_key(void *provctx) { if (!ossl_prov_is_running()) return 0; - return ecx_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), ECX_KEY_TYPE_X448, 0, + return ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_X448, 0, NULL); } @@ -101,7 +101,7 @@ static void *ed25519_new_key(void *provctx) { if (!ossl_prov_is_running()) return 0; - return ecx_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), ECX_KEY_TYPE_ED25519, 0, + return ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_ED25519, 0, NULL); } @@ -109,7 +109,7 @@ static void *ed448_new_key(void *provctx) { if (!ossl_prov_is_running()) return 0; - return ecx_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), ECX_KEY_TYPE_ED448, 0, + return ecx_key_new(PROV_LIBCTX_OF(provctx), ECX_KEY_TYPE_ED448, 0, NULL); } @@ -443,7 +443,7 @@ static const OSSL_PARAM *ed448_settable_params(void *provctx) static void *ecx_gen_init(void *provctx, int selection, ECX_KEY_TYPE type) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct ecx_gen_ctx *gctx = NULL; if (!ossl_prov_is_running()) diff --git a/providers/implementations/keymgmt/kdf_legacy_kmgmt.c b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c index 8883fbe7d4..f7f8f479af 100644 --- a/providers/implementations/keymgmt/kdf_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c @@ -42,7 +42,7 @@ KDF_DATA *kdf_data_new(void *provctx) OPENSSL_free(kdfdata); return NULL; } - kdfdata->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + kdfdata->libctx = PROV_LIBCTX_OF(provctx); kdfdata->refcnt = 1; return kdfdata; diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index a11b91c787..969b266c68 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -50,14 +50,14 @@ static OSSL_FUNC_keymgmt_gen_set_params_fn cmac_gen_set_params; static OSSL_FUNC_keymgmt_gen_settable_params_fn cmac_gen_settable_params; struct mac_gen_ctx { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; int selection; unsigned char *priv_key; size_t priv_key_len; PROV_CIPHER cipher; }; -MAC_KEY *mac_key_new(OPENSSL_CTX *libctx, int cmac) +MAC_KEY *mac_key_new(OSSL_LIB_CTX *libctx, int cmac) { MAC_KEY *mackey; @@ -118,12 +118,12 @@ int mac_key_up_ref(MAC_KEY *mackey) static void *mac_new(void *provctx) { - return mac_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), 0); + return mac_key_new(PROV_LIBCTX_OF(provctx), 0); } static void *mac_new_cmac(void *provctx) { - return mac_key_new(PROV_LIBRARY_CONTEXT_OF(provctx), 1); + return mac_key_new(PROV_LIBCTX_OF(provctx), 1); } static void mac_free(void *mackey) @@ -372,7 +372,7 @@ static const OSSL_PARAM *mac_settable_params(void *provctx) static void *mac_gen_init(void *provctx, int selection) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct mac_gen_ctx *gctx = NULL; if (!ossl_prov_is_running()) diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index 4156fbd5b0..8c45758ff7 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -58,7 +58,7 @@ DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) static int pss_params_fromdata(RSA_PSS_PARAMS_30 *pss_params, const OSSL_PARAM params[], int rsa_type, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { if (!ossl_rsa_pss_params_30_fromdata(pss_params, params, libctx)) return 0; @@ -73,7 +73,7 @@ static int pss_params_fromdata(RSA_PSS_PARAMS_30 *pss_params, static void *rsa_newdata(void *provctx) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); RSA *rsa; if (!ossl_prov_is_running()) @@ -89,7 +89,7 @@ static void *rsa_newdata(void *provctx) static void *rsapss_newdata(void *provctx) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); RSA *rsa; if (!ossl_prov_is_running()) @@ -382,7 +382,7 @@ static int rsa_validate(void *keydata, int selection) } struct rsa_gen_ctx { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const char *propq; int rsa_type; @@ -416,7 +416,7 @@ static int rsa_gencb(int p, int n, BN_GENCB *cb) static void *gen_init(void *provctx, int selection, int rsa_type) { - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(provctx); struct rsa_gen_ctx *gctx = NULL; if (!ossl_prov_is_running()) diff --git a/providers/implementations/macs/cmac_prov.c b/providers/implementations/macs/cmac_prov.c index 01b802c85b..9a8b71220f 100644 --- a/providers/implementations/macs/cmac_prov.c +++ b/providers/implementations/macs/cmac_prov.c @@ -173,7 +173,7 @@ static const OSSL_PARAM *cmac_settable_ctx_params(ossl_unused void *provctx) static int cmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) { struct cmac_data_st *macctx = vmacctx; - OPENSSL_CTX *ctx = PROV_LIBRARY_CONTEXT_OF(macctx->provctx); + OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(macctx->provctx); const OSSL_PARAM *p; if (!ossl_prov_cipher_load_from_params(&macctx->cipher, params, ctx)) diff --git a/providers/implementations/macs/gmac_prov.c b/providers/implementations/macs/gmac_prov.c index 6f35284587..d9790dcd6c 100644 --- a/providers/implementations/macs/gmac_prov.c +++ b/providers/implementations/macs/gmac_prov.c @@ -184,7 +184,7 @@ static int gmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) { struct gmac_data_st *macctx = vmacctx; EVP_CIPHER_CTX *ctx = macctx->ctx; - OPENSSL_CTX *provctx = PROV_LIBRARY_CONTEXT_OF(macctx->provctx); + OSSL_LIB_CTX *provctx = PROV_LIBCTX_OF(macctx->provctx); const OSSL_PARAM *p; if (ctx == NULL diff --git a/providers/implementations/macs/hmac_prov.c b/providers/implementations/macs/hmac_prov.c index db8f8cb221..b5d3f110f4 100644 --- a/providers/implementations/macs/hmac_prov.c +++ b/providers/implementations/macs/hmac_prov.c @@ -256,7 +256,7 @@ static const OSSL_PARAM *hmac_settable_ctx_params(ossl_unused void *provctx) static int hmac_set_ctx_params(void *vmacctx, const OSSL_PARAM params[]) { struct hmac_data_st *macctx = vmacctx; - OPENSSL_CTX *ctx = PROV_LIBRARY_CONTEXT_OF(macctx->provctx); + OSSL_LIB_CTX *ctx = PROV_LIBCTX_OF(macctx->provctx); const OSSL_PARAM *p; if (!ossl_prov_digest_load_from_params(&macctx->digest, params, ctx)) diff --git a/providers/implementations/macs/kmac_prov.c b/providers/implementations/macs/kmac_prov.c index 989eba8c7a..eb60510b96 100644 --- a/providers/implementations/macs/kmac_prov.c +++ b/providers/implementations/macs/kmac_prov.c @@ -178,7 +178,7 @@ static void *kmac_fetch_new(void *provctx, const OSSL_PARAM *params) if (kctx == NULL) return 0; if (!ossl_prov_digest_load_from_params(&kctx->digest, params, - PROV_LIBRARY_CONTEXT_OF(provctx))) { + PROV_LIBCTX_OF(provctx))) { kmac_free(kctx); return 0; } diff --git a/providers/implementations/rands/crngt.c b/providers/implementations/rands/crngt.c index c6874f8916..5f613f1c4e 100644 --- a/providers/implementations/rands/crngt.c +++ b/providers/implementations/rands/crngt.c @@ -29,7 +29,7 @@ typedef struct crng_test_global_st { RAND_POOL *crngt_pool; } CRNG_TEST_GLOBAL; -static int crngt_get_entropy(OPENSSL_CTX *ctx, RAND_POOL *pool, +static int crngt_get_entropy(OSSL_LIB_CTX *ctx, RAND_POOL *pool, unsigned char *buf, unsigned char *md, unsigned int *md_size) { @@ -65,7 +65,7 @@ static void rand_crng_ossl_ctx_free(void *vcrngt_glob) OPENSSL_free(crngt_glob); } -static void *rand_crng_ossl_ctx_new(OPENSSL_CTX *ctx) +static void *rand_crng_ossl_ctx_new(OSSL_LIB_CTX *ctx) { unsigned char buf[CRNGT_BUFSIZ]; CRNG_TEST_GLOBAL *crngt_glob = OPENSSL_zalloc(sizeof(*crngt_glob)); @@ -88,7 +88,7 @@ static void *rand_crng_ossl_ctx_new(OPENSSL_CTX *ctx) return NULL; } -static const OPENSSL_CTX_METHOD rand_crng_ossl_ctx_method = { +static const OSSL_LIB_CTX_METHOD rand_crng_ossl_ctx_method = { rand_crng_ossl_ctx_new, rand_crng_ossl_ctx_free, }; @@ -114,10 +114,10 @@ size_t prov_crngt_get_entropy(PROV_DRBG *drbg, RAND_POOL *pool; size_t q, r = 0, s, t = 0; int attempts = 3, crng_test_pass = 1; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(drbg->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(drbg->provctx); CRNG_TEST_GLOBAL *crngt_glob - = openssl_ctx_get_data(libctx, OPENSSL_CTX_RAND_CRNGT_INDEX, - &rand_crng_ossl_ctx_method); + = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_RAND_CRNGT_INDEX, + &rand_crng_ossl_ctx_method); OSSL_CALLBACK *stcb = NULL; void *stcbarg = NULL; OSSL_SELF_TEST *st = NULL; diff --git a/providers/implementations/rands/drbg.c b/providers/implementations/rands/drbg.c index 022e8e3794..ba630bbd79 100644 --- a/providers/implementations/rands/drbg.c +++ b/providers/implementations/rands/drbg.c @@ -272,12 +272,12 @@ typedef struct prov_drbg_nonce_global_st { /* * drbg_ossl_ctx_new() calls drgb_setup() which calls rand_drbg_get_nonce() - * which needs to get the rand_nonce_lock out of the OPENSSL_CTX...but since + * which needs to get the rand_nonce_lock out of the OSSL_LIB_CTX...but since * drbg_ossl_ctx_new() hasn't finished running yet we need the rand_nonce_lock * to be in a different global data object. Otherwise we will go into an * infinite recursion loop. */ -static void *prov_drbg_nonce_ossl_ctx_new(OPENSSL_CTX *libctx) +static void *prov_drbg_nonce_ossl_ctx_new(OSSL_LIB_CTX *libctx) { PROV_DRBG_NONCE_GLOBAL *dngbl = OPENSSL_zalloc(sizeof(*dngbl)); @@ -305,7 +305,7 @@ static void prov_drbg_nonce_ossl_ctx_free(void *vdngbl) OPENSSL_free(dngbl); } -static const OPENSSL_CTX_METHOD drbg_nonce_ossl_ctx_method = { +static const OSSL_LIB_CTX_METHOD drbg_nonce_ossl_ctx_method = { prov_drbg_nonce_ossl_ctx_new, prov_drbg_nonce_ossl_ctx_free, }; @@ -318,10 +318,10 @@ static size_t prov_drbg_get_nonce(PROV_DRBG *drbg, size_t ret = 0, n; RAND_POOL *pool; unsigned char *buf = NULL; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(drbg->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(drbg->provctx); PROV_DRBG_NONCE_GLOBAL *dngbl - = openssl_ctx_get_data(libctx, OPENSSL_CTX_DRBG_NONCE_INDEX, - &drbg_nonce_ossl_ctx_method); + = ossl_lib_ctx_get_data(libctx, OSSL_LIB_CTX_DRBG_NONCE_INDEX, + &drbg_nonce_ossl_ctx_method); struct { void *instance; int count; diff --git a/providers/implementations/rands/drbg_ctr.c b/providers/implementations/rands/drbg_ctr.c index 990fac3e7b..be6ea5ebfe 100644 --- a/providers/implementations/rands/drbg_ctr.c +++ b/providers/implementations/rands/drbg_ctr.c @@ -663,7 +663,7 @@ static int drbg_ctr_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_DRBG *ctx = (PROV_DRBG *)vctx; PROV_DRBG_CTR *ctr = (PROV_DRBG_CTR *)ctx->data; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); const OSSL_PARAM *p; char *ecb; const char *propquery = NULL; diff --git a/providers/implementations/rands/drbg_hash.c b/providers/implementations/rands/drbg_hash.c index cf05188968..2b7ac2bd5f 100644 --- a/providers/implementations/rands/drbg_hash.c +++ b/providers/implementations/rands/drbg_hash.c @@ -456,7 +456,7 @@ static int drbg_hash_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_DRBG *ctx = (PROV_DRBG *)vctx; PROV_DRBG_HASH *hash = (PROV_DRBG_HASH *)ctx->data; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); const EVP_MD *md; if (!ossl_prov_digest_load_from_params(&hash->digest, params, libctx)) diff --git a/providers/implementations/rands/drbg_hmac.c b/providers/implementations/rands/drbg_hmac.c index 57b9ac63f1..95ee2a1db5 100644 --- a/providers/implementations/rands/drbg_hmac.c +++ b/providers/implementations/rands/drbg_hmac.c @@ -364,7 +364,7 @@ static int drbg_hmac_set_ctx_params(void *vctx, const OSSL_PARAM params[]) { PROV_DRBG *ctx = (PROV_DRBG *)vctx; PROV_DRBG_HMAC *hmac = (PROV_DRBG_HMAC *)ctx->data; - OPENSSL_CTX *libctx = PROV_LIBRARY_CONTEXT_OF(ctx->provctx); + OSSL_LIB_CTX *libctx = PROV_LIBCTX_OF(ctx->provctx); const EVP_MD *md; if (!ossl_prov_digest_load_from_params(&hmac->digest, params, libctx)) diff --git a/providers/implementations/signature/dsa.c b/providers/implementations/signature/dsa.c index c7c1f095a3..a1621acf62 100644 --- a/providers/implementations/signature/dsa.c +++ b/providers/implementations/signature/dsa.c @@ -63,7 +63,7 @@ static OSSL_FUNC_signature_settable_ctx_md_params_fn dsa_settable_ctx_md_params; */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; DSA *dsa; @@ -108,7 +108,7 @@ static void *dsa_newctx(void *provctx, const char *propq) if (pdsactx == NULL) return NULL; - pdsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + pdsactx->libctx = PROV_LIBCTX_OF(provctx); pdsactx->flag_allow_md = 1; if (propq != NULL && (pdsactx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(pdsactx); diff --git a/providers/implementations/signature/ecdsa.c b/providers/implementations/signature/ecdsa.c index 7d4a7ebd11..b956917e49 100644 --- a/providers/implementations/signature/ecdsa.c +++ b/providers/implementations/signature/ecdsa.c @@ -61,7 +61,7 @@ static OSSL_FUNC_signature_settable_ctx_md_params_fn ecdsa_settable_ctx_md_param */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; EC_KEY *ec; char mdname[OSSL_MAX_NAME_SIZE]; @@ -107,7 +107,7 @@ static void *ecdsa_newctx(void *provctx, const char *propq) if (ctx == NULL) return NULL; - ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + ctx->libctx = PROV_LIBCTX_OF(provctx); if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(ctx); ctx = NULL; diff --git a/providers/implementations/signature/eddsa.c b/providers/implementations/signature/eddsa.c index dd99b53a61..dbec8e6040 100644 --- a/providers/implementations/signature/eddsa.c +++ b/providers/implementations/signature/eddsa.c @@ -35,7 +35,7 @@ static OSSL_FUNC_signature_get_ctx_params_fn eddsa_get_ctx_params; static OSSL_FUNC_signature_gettable_ctx_params_fn eddsa_gettable_ctx_params; typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; ECX_KEY *key; /* The Algorithm Identifier of the signature algorithm */ @@ -57,7 +57,7 @@ static void *eddsa_newctx(void *provctx, const char *propq_unused) return NULL; } - peddsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + peddsactx->libctx = PROV_LIBCTX_OF(provctx); return peddsactx; } diff --git a/providers/implementations/signature/mac_legacy.c b/providers/implementations/signature/mac_legacy.c index e1baf5d685..12a78b7ea4 100644 --- a/providers/implementations/signature/mac_legacy.c +++ b/providers/implementations/signature/mac_legacy.c @@ -37,7 +37,7 @@ static OSSL_FUNC_signature_settable_ctx_params_fn mac_poly1305_settable_ctx_para static OSSL_FUNC_signature_settable_ctx_params_fn mac_cmac_settable_ctx_params; typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; MAC_KEY *key; EVP_MAC_CTX *macctx; @@ -55,7 +55,7 @@ static void *mac_newctx(void *provctx, const char *propq, const char *macname) if (pmacctx == NULL) return NULL; - pmacctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + pmacctx->libctx = PROV_LIBCTX_OF(provctx); if (propq != NULL && (pmacctx->propq = OPENSSL_strdup(propq)) == NULL) { ERR_raise(ERR_LIB_PROV, ERR_R_MALLOC_FAILURE); goto err; @@ -200,7 +200,7 @@ static int mac_set_ctx_params(void *vpmacctx, const OSSL_PARAM params[]) static const OSSL_PARAM *mac_settable_ctx_params(void *provctx, const char *macname) { - EVP_MAC *mac = EVP_MAC_fetch(PROV_LIBRARY_CONTEXT_OF(provctx), macname, + EVP_MAC *mac = EVP_MAC_fetch(PROV_LIBCTX_OF(provctx), macname, NULL); const OSSL_PARAM *params; diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index efcb76661e..b463f03d7f 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -74,7 +74,7 @@ static OSSL_ITEM padding_item[] = { */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; RSA *rsa; int operation; @@ -170,7 +170,7 @@ static void *rsa_newctx(void *provctx, const char *propq) return NULL; } - prsactx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + prsactx->libctx = PROV_LIBCTX_OF(provctx); prsactx->flag_allow_md = 1; prsactx->propq = propq_copy; return prsactx; diff --git a/providers/implementations/signature/sm2sig.c b/providers/implementations/signature/sm2sig.c index d2a091b89b..6bd27d9d38 100644 --- a/providers/implementations/signature/sm2sig.c +++ b/providers/implementations/signature/sm2sig.c @@ -59,7 +59,7 @@ static OSSL_FUNC_signature_settable_ctx_md_params_fn sm2sig_settable_ctx_md_para * we use that here too. */ typedef struct { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; char *propq; EC_KEY *ec; @@ -102,7 +102,7 @@ static void *sm2sig_newctx(void *provctx, const char *propq) if (ctx == NULL) return NULL; - ctx->libctx = PROV_LIBRARY_CONTEXT_OF(provctx); + ctx->libctx = PROV_LIBCTX_OF(provctx); if (propq != NULL && (ctx->propq = OPENSSL_strdup(propq)) == NULL) { OPENSSL_free(ctx); ctx = NULL; diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index c4b1de40d1..e41e29ed35 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -530,7 +530,7 @@ void file_load_cleanup(void *construct_data) static int file_setup_decoders(struct file_ctx_st *ctx) { EVP_PKEY *dummy; /* for OSSL_DECODER_CTX_new_by_EVP_PKEY() */ - OPENSSL_CTX *libctx = ossl_prov_ctx_get0_library_context(ctx->provctx); + OSSL_LIB_CTX *libctx = ossl_prov_ctx_get0_libctx(ctx->provctx); OSSL_DECODER *to_obj = NULL; /* Last resort decoder */ OSSL_DECODER_INSTANCE *to_obj_inst = NULL; OSSL_DECODER_CLEANUP *old_cleanup = NULL; diff --git a/providers/legacyprov.c b/providers/legacyprov.c index 2085f4d4b3..f4e0bc9278 100644 --- a/providers/legacyprov.c +++ b/providers/legacyprov.c @@ -161,7 +161,7 @@ static const OSSL_ALGORITHM *legacy_query(void *provctx, int operation_id, static void legacy_teardown(void *provctx) { - OPENSSL_CTX_free(PROV_LIBRARY_CONTEXT_OF(provctx)); + OSSL_LIB_CTX_free(PROV_LIBCTX_OF(provctx)); ossl_prov_ctx_free(provctx); } @@ -179,8 +179,8 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH **out, void **provctx) { - OSSL_FUNC_core_get_library_context_fn *c_get_libctx = NULL; - OPENSSL_CTX *libctx = NULL; + OSSL_FUNC_core_get_libctx_fn *c_get_libctx = NULL; + OSSL_LIB_CTX *libctx = NULL; for (; in->function_id != 0; in++) { switch (in->function_id) { @@ -190,8 +190,8 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, case OSSL_FUNC_CORE_GET_PARAMS: c_get_params = OSSL_FUNC_core_get_params(in); break; - case OSSL_FUNC_CORE_GET_LIBRARY_CONTEXT: - c_get_libctx = OSSL_FUNC_core_get_library_context(in); + case OSSL_FUNC_CORE_GET_LIBCTX: + c_get_libctx = OSSL_FUNC_core_get_libctx(in); break; /* Just ignore anything we don't understand */ default: @@ -203,13 +203,13 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle, return 0; if ((*provctx = ossl_prov_ctx_new()) == NULL - || (libctx = OPENSSL_CTX_new()) == NULL) { - OPENSSL_CTX_free(libctx); + || (libctx = OSSL_LIB_CTX_new()) == NULL) { + OSSL_LIB_CTX_free(libctx); legacy_teardown(*provctx); *provctx = NULL; return 0; } - ossl_prov_ctx_set0_library_context(*provctx, libctx); + ossl_prov_ctx_set0_libctx(*provctx, libctx); ossl_prov_ctx_set0_handle(*provctx, handle); *out = legacy_dispatch_table; diff --git a/ssl/record/record_local.h b/ssl/record/record_local.h index 9047c23fd5..0a929c696a 100644 --- a/ssl/record/record_local.h +++ b/ssl/record/record_local.h @@ -113,7 +113,7 @@ __owur int ssl3_cbc_remove_padding_and_mac(size_t *reclen, unsigned char **mac, int *alloced, size_t block_size, size_t mac_size, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); __owur int tls1_cbc_remove_padding_and_mac(size_t *reclen, size_t origreclen, unsigned char *recdata, @@ -121,7 +121,7 @@ __owur int tls1_cbc_remove_padding_and_mac(size_t *reclen, int *alloced, size_t block_size, size_t mac_size, int aead, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); int dtls1_process_record(SSL *s, DTLS1_BITMAP *bitmap); __owur int dtls1_get_record(SSL *s); int early_data_count_ok(SSL *s, size_t length, size_t overhead, int send); diff --git a/ssl/record/tls_pad.c b/ssl/record/tls_pad.c index 9f698483f1..8383ce8d1c 100644 --- a/ssl/record/tls_pad.c +++ b/ssl/record/tls_pad.c @@ -29,7 +29,7 @@ static int ssl3_cbc_copy_mac(size_t *reclen, size_t block_size, size_t mac_size, size_t good, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); int ssl3_cbc_remove_padding_and_mac(size_t *reclen, size_t origreclen, @@ -37,7 +37,7 @@ int ssl3_cbc_remove_padding_and_mac(size_t *reclen, unsigned char **mac, int *alloced, size_t block_size, size_t mac_size, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); int tls1_cbc_remove_padding_and_mac(size_t *reclen, size_t origreclen, @@ -46,7 +46,7 @@ int tls1_cbc_remove_padding_and_mac(size_t *reclen, int *alloced, size_t block_size, size_t mac_size, int aead, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); /*- * ssl3_cbc_remove_padding removes padding from the decrypted, SSLv3, CBC @@ -71,7 +71,7 @@ int ssl3_cbc_remove_padding_and_mac(size_t *reclen, unsigned char **mac, int *alloced, size_t block_size, size_t mac_size, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { size_t padding_length; size_t good; @@ -117,7 +117,7 @@ int tls1_cbc_remove_padding_and_mac(size_t *reclen, int *alloced, size_t block_size, size_t mac_size, int aead, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { size_t good = -1; size_t padding_length, to_check, i; @@ -204,7 +204,7 @@ static int ssl3_cbc_copy_mac(size_t *reclen, size_t block_size, size_t mac_size, size_t good, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { #if defined(CBC_MAC_ROTATE_IN_PLACE) unsigned char rotated_mac_buf[64 + EVP_MAX_MD_SIZE]; diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c index e6a9f57f11..c1e26bd3b4 100644 --- a/ssl/ssl_cert.c +++ b/ssl/ssl_cert.c @@ -606,7 +606,7 @@ static unsigned long xname_hash(const X509_NAME *a) } STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, - OPENSSL_CTX *libctx, + OSSL_LIB_CTX *libctx, const char *propq) { BIO *in = BIO_new(BIO_s_file()); @@ -614,7 +614,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, X509_NAME *xn = NULL; STACK_OF(X509_NAME) *ret = NULL; LHASH_OF(X509_NAME) *name_hash = lh_X509_NAME_new(xname_hash, xname_cmp); - OPENSSL_CTX *prev_libctx = NULL; + OSSL_LIB_CTX *prev_libctx = NULL; if ((name_hash == NULL) || (in == NULL)) { SSLerr(0, ERR_R_MALLOC_FAILURE); @@ -630,7 +630,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, goto err; /* Internally lh_X509_NAME_retrieve() needs the libctx to retrieve SHA1 */ - prev_libctx = OPENSSL_CTX_set0_default(libctx); + prev_libctx = OSSL_LIB_CTX_set0_default(libctx); for (;;) { if (PEM_read_bio_X509(in, &x, NULL, NULL) == NULL) break; @@ -665,7 +665,7 @@ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, ret = NULL; done: /* restore the old libctx */ - OPENSSL_CTX_set0_default(prev_libctx); + OSSL_LIB_CTX_set0_default(prev_libctx); BIO_free(in); X509_free(x); lh_X509_NAME_free(name_hash); diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c index 26071cc2a1..8151213938 100644 --- a/ssl/ssl_conf.c +++ b/ssl/ssl_conf.c @@ -469,7 +469,7 @@ static int do_store(SSL_CONF_CTX *cctx, CERT *cert; X509_STORE **st; SSL_CTX *ctx; - OPENSSL_CTX *libctx = NULL; + OSSL_LIB_CTX *libctx = NULL; const char *propq = NULL; if (cctx->ctx != NULL) { diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index e8b004f4a6..219d30ff24 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -3123,7 +3123,7 @@ static int ssl_session_cmp(const SSL_SESSION *a, const SSL_SESSION *b) * via ssl.h. */ -SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq, +SSL_CTX *SSL_CTX_new_ex(OSSL_LIB_CTX *libctx, const char *propq, const SSL_METHOD *meth) { SSL_CTX *ret = NULL; @@ -5893,7 +5893,7 @@ void SSL_set_allow_early_data_cb(SSL *s, s->allow_early_data_cb_data = arg; } -const EVP_CIPHER *ssl_evp_cipher_fetch(OPENSSL_CTX *libctx, +const EVP_CIPHER *ssl_evp_cipher_fetch(OSSL_LIB_CTX *libctx, int nid, const char *properties) { @@ -5948,7 +5948,7 @@ void ssl_evp_cipher_free(const EVP_CIPHER *cipher) } } -const EVP_MD *ssl_evp_md_fetch(OPENSSL_CTX *libctx, +const EVP_MD *ssl_evp_md_fetch(OSSL_LIB_CTX *libctx, int nid, const char *properties) { diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index 66a84cf54e..b83cf1e1ca 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -832,7 +832,7 @@ typedef struct tls_group_info_st { # define TLS_GROUP_FFDHE_FOR_TLS1_3 (TLS_GROUP_FFDHE|TLS_GROUP_ONLY_FOR_TLS1_3) struct ssl_ctx_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; const SSL_METHOD *method; STACK_OF(SSL_CIPHER) *cipher_list; @@ -2812,12 +2812,12 @@ void ssl_comp_free_compression_methods_int(void); /* ssl_mcnf.c */ void ssl_ctx_system_config(SSL_CTX *ctx); -const EVP_CIPHER *ssl_evp_cipher_fetch(OPENSSL_CTX *libctx, +const EVP_CIPHER *ssl_evp_cipher_fetch(OSSL_LIB_CTX *libctx, int nid, const char *properties); int ssl_evp_cipher_up_ref(const EVP_CIPHER *cipher); void ssl_evp_cipher_free(const EVP_CIPHER *cipher); -const EVP_MD *ssl_evp_md_fetch(OPENSSL_CTX *libctx, +const EVP_MD *ssl_evp_md_fetch(OSSL_LIB_CTX *libctx, int nid, const char *properties); int ssl_evp_md_up_ref(const EVP_MD *md); diff --git a/ssl/ssl_mcnf.c b/ssl/ssl_mcnf.c index 10c2f412e0..82003ba69e 100644 --- a/ssl/ssl_mcnf.c +++ b/ssl/ssl_mcnf.c @@ -28,8 +28,8 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) unsigned int flags; const SSL_METHOD *meth; const SSL_CONF_CMD *cmds; - OPENSSL_CTX *prev_libctx = NULL; - OPENSSL_CTX *libctx = NULL; + OSSL_LIB_CTX *prev_libctx = NULL; + OSSL_LIB_CTX *libctx = NULL; if (s == NULL && ctx == NULL) { SSLerr(SSL_F_SSL_DO_CONFIG, ERR_R_PASSED_NULL_PARAMETER); @@ -66,7 +66,7 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) if (meth->ssl_connect != ssl_undefined_function) flags |= SSL_CONF_FLAG_CLIENT; SSL_CONF_CTX_set_flags(cctx, flags); - prev_libctx = OPENSSL_CTX_set0_default(libctx); + prev_libctx = OSSL_LIB_CTX_set0_default(libctx); for (i = 0; i < cmd_count; i++) { char *cmdstr, *arg; @@ -84,7 +84,7 @@ static int ssl_do_config(SSL *s, SSL_CTX *ctx, const char *name, int system) } rv = SSL_CONF_CTX_finish(cctx); err: - OPENSSL_CTX_set0_default(prev_libctx); + OSSL_LIB_CTX_set0_default(prev_libctx); SSL_CONF_CTX_free(cctx); return rv <= 0 ? 0 : 1; } diff --git a/test/acvp_test.c b/test/acvp_test.c index 9fa259ec16..1686d759db 100644 --- a/test/acvp_test.c +++ b/test/acvp_test.c @@ -43,7 +43,7 @@ typedef struct st_args { } SELF_TEST_ARGS; static OSSL_PROVIDER *prov_null = NULL; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static SELF_TEST_ARGS self_test_args = { 0 }; static OSSL_CALLBACK self_test_events; @@ -1440,9 +1440,9 @@ int setup_tests(void) return 0; } - libctx = OPENSSL_CTX_new(); + libctx = OSSL_LIB_CTX_new(); if (libctx == NULL - || !OPENSSL_CTX_load_config(libctx, config_file)) { + || !OSSL_LIB_CTX_load_config(libctx, config_file)) { opt_printf_stderr("Failed to load config\n"); return 0; } @@ -1489,5 +1489,5 @@ int setup_tests(void) void cleanup_tests(void) { OSSL_PROVIDER_unload(prov_null); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); } diff --git a/test/asynctest.c b/test/asynctest.c index a7aab8efde..6502ee9845 100644 --- a/test/asynctest.c +++ b/test/asynctest.c @@ -45,33 +45,33 @@ static int save_current(void *args) static int change_deflt_libctx(void *args) { - OPENSSL_CTX *libctx = OPENSSL_CTX_new(); - OPENSSL_CTX *oldctx, *tmpctx; + OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new(); + OSSL_LIB_CTX *oldctx, *tmpctx; int ret = 0; if (libctx == NULL) return 0; - oldctx = OPENSSL_CTX_set0_default(libctx); + oldctx = OSSL_LIB_CTX_set0_default(libctx); ASYNC_pause_job(); /* Check the libctx is set up as we expect */ - tmpctx = OPENSSL_CTX_set0_default(oldctx); + tmpctx = OSSL_LIB_CTX_set0_default(oldctx); if (tmpctx != libctx) goto err; /* Set it back again to continue to use our own libctx */ - oldctx = OPENSSL_CTX_set0_default(libctx); + oldctx = OSSL_LIB_CTX_set0_default(libctx); ASYNC_pause_job(); /* Check the libctx is set up as we expect */ - tmpctx = OPENSSL_CTX_set0_default(oldctx); + tmpctx = OSSL_LIB_CTX_set0_default(oldctx); if (tmpctx != libctx) goto err; ret = 1; err: - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); return ret; } @@ -344,8 +344,8 @@ static int test_ASYNC_start_job_ex(void) ASYNC_JOB *job = NULL; int funcret; ASYNC_WAIT_CTX *waitctx = NULL; - OPENSSL_CTX *libctx = OPENSSL_CTX_new(); - OPENSSL_CTX *oldctx, *tmpctx, *globalctx; + OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new(); + OSSL_LIB_CTX *oldctx, *tmpctx, *globalctx; int ret = 0; if (libctx == NULL) { @@ -354,7 +354,7 @@ static int test_ASYNC_start_job_ex(void) goto err; } - globalctx = oldctx = OPENSSL_CTX_set0_default(libctx); + globalctx = oldctx = OSSL_LIB_CTX_set0_default(libctx); if ((waitctx = ASYNC_WAIT_CTX_new()) == NULL || ASYNC_start_job(&job, waitctx, &funcret, change_deflt_libctx, @@ -366,8 +366,8 @@ static int test_ASYNC_start_job_ex(void) } /* Reset the libctx temporarily to find out what it is*/ - tmpctx = OPENSSL_CTX_set0_default(oldctx); - oldctx = OPENSSL_CTX_set0_default(tmpctx); + tmpctx = OSSL_LIB_CTX_set0_default(oldctx); + oldctx = OSSL_LIB_CTX_set0_default(tmpctx); if (tmpctx != libctx) { fprintf(stderr, "test_ASYNC_start_job_ex() failed - unexpected libctx\n"); @@ -382,7 +382,7 @@ static int test_ASYNC_start_job_ex(void) } /* Reset the libctx and continue with the global default libctx */ - tmpctx = OPENSSL_CTX_set0_default(oldctx); + tmpctx = OSSL_LIB_CTX_set0_default(oldctx); if (tmpctx != libctx) { fprintf(stderr, "test_ASYNC_start_job_ex() failed - unexpected libctx\n"); @@ -398,8 +398,8 @@ static int test_ASYNC_start_job_ex(void) } /* Reset the libctx temporarily to find out what it is*/ - tmpctx = OPENSSL_CTX_set0_default(libctx); - OPENSSL_CTX_set0_default(tmpctx); + tmpctx = OSSL_LIB_CTX_set0_default(libctx); + OSSL_LIB_CTX_set0_default(tmpctx); if (tmpctx != globalctx) { fprintf(stderr, "test_ASYNC_start_job_ex() failed - global libctx check failed\n"); @@ -409,7 +409,7 @@ static int test_ASYNC_start_job_ex(void) ret = 1; err: ASYNC_WAIT_CTX_free(waitctx); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); return ret; } diff --git a/test/cmp_client_test.c b/test/cmp_client_test.c index 169f63a822..dfb7dcb9f0 100644 --- a/test/cmp_client_test.c +++ b/test/cmp_client_test.c @@ -30,7 +30,7 @@ typedef struct test_fixture { STACK_OF(X509) *caPubs; } CMP_SES_TEST_FIXTURE; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; static EVP_PKEY *server_key = NULL; @@ -343,7 +343,7 @@ void cleanup_tests(void) EVP_PKEY_free(server_key); X509_free(client_cert); EVP_PKEY_free(client_key); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); return; } diff --git a/test/cmp_msg_test.c b/test/cmp_msg_test.c index 6f3b931eaa..cc5a6268fd 100644 --- a/test/cmp_msg_test.c +++ b/test/cmp_msg_test.c @@ -30,7 +30,7 @@ typedef struct test_fixture { OSSL_CMP_PKISI *si; } CMP_MSG_TEST_FIXTURE; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; /* TODO(3.0) Clean this up - See issue #12680 */ @@ -551,7 +551,7 @@ void cleanup_tests(void) { EVP_PKEY_free(newkey); X509_free(cert); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); } #define USAGE "new.key server.crt pkcs10.der module_name [module_conf_file]\n" diff --git a/test/cmp_protect_test.c b/test/cmp_protect_test.c index 8f76a14222..933adcb196 100644 --- a/test/cmp_protect_test.c +++ b/test/cmp_protect_test.c @@ -31,7 +31,7 @@ typedef struct test_fixture { int expected; } CMP_PROTECT_TEST_FIXTURE; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; static void tear_down(CMP_PROTECT_TEST_FIXTURE *fixture) @@ -500,7 +500,7 @@ void cleanup_tests(void) X509_free(intermediate); OSSL_CMP_MSG_free(ir_protected); OSSL_CMP_MSG_free(ir_unprotected); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); } #define USAGE "server.pem IR_protected.der IR_unprotected.der IP_PBM.der " \ diff --git a/test/cmp_server_test.c b/test/cmp_server_test.c index 4b3525d7bd..d2a34695c3 100644 --- a/test/cmp_server_test.c +++ b/test/cmp_server_test.c @@ -18,7 +18,7 @@ typedef struct test_fixture { OSSL_CMP_MSG *req; } CMP_SRV_TEST_FIXTURE; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; static OSSL_CMP_MSG *request = NULL; @@ -123,7 +123,7 @@ void cleanup_tests(void) OSSL_CMP_MSG_free(request); OSSL_PROVIDER_unload(default_null_provider); OSSL_PROVIDER_unload(provider); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); return; } diff --git a/test/cmp_testlib.c b/test/cmp_testlib.c index ee6f91a951..627b73c3b1 100644 --- a/test/cmp_testlib.c +++ b/test/cmp_testlib.c @@ -12,7 +12,7 @@ #include "cmp_testlib.h" #include /* needed in case config no-deprecated */ -EVP_PKEY *load_pem_key(const char *file, OPENSSL_CTX *libctx) +EVP_PKEY *load_pem_key(const char *file, OSSL_LIB_CTX *libctx) { EVP_PKEY *key = NULL; BIO *bio = NULL; @@ -27,7 +27,7 @@ EVP_PKEY *load_pem_key(const char *file, OPENSSL_CTX *libctx) return key; } -X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx) +X509 *load_pem_cert(const char *file, OSSL_LIB_CTX *libctx) { X509 *cert = NULL; BIO *bio = NULL; diff --git a/test/cmp_testlib.h b/test/cmp_testlib.h index e6b37a6e3d..e4361b198a 100644 --- a/test/cmp_testlib.h +++ b/test/cmp_testlib.h @@ -23,8 +23,8 @@ # ifndef OPENSSL_NO_CMP # define CMP_TEST_REFVALUE_LENGTH 15 /* arbitrary value */ -EVP_PKEY *load_pem_key(const char *file, OPENSSL_CTX *libctx); -X509 *load_pem_cert(const char *file, OPENSSL_CTX *libctx); +EVP_PKEY *load_pem_key(const char *file, OSSL_LIB_CTX *libctx); +X509 *load_pem_cert(const char *file, OSSL_LIB_CTX *libctx); X509_REQ *load_csr(const char *file); OSSL_CMP_MSG *load_pkimsg(const char *file); int valid_asn1_encoding(const OSSL_CMP_MSG *msg); diff --git a/test/cmp_vfy_test.c b/test/cmp_vfy_test.c index 0559ec47c3..2343ebe699 100644 --- a/test/cmp_vfy_test.c +++ b/test/cmp_vfy_test.c @@ -37,7 +37,7 @@ typedef struct test_fixture { int additional_arg; } CMP_VFY_TEST_FIXTURE; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL; static void tear_down(CMP_VFY_TEST_FIXTURE *fixture) @@ -549,7 +549,7 @@ void cleanup_tests(void) X509_free(instaca_cert); OSSL_CMP_MSG_free(ir_unprotected); OSSL_CMP_MSG_free(ir_rmprotection); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); return; } diff --git a/test/context_internal_test.c b/test/context_internal_test.c index 6c675bcf9d..e2d7b0f441 100644 --- a/test/context_internal_test.c +++ b/test/context_internal_test.c @@ -14,7 +14,7 @@ /* * Everything between BEGIN EXAMPLE and END EXAMPLE is copied from - * doc/internal/man3/openssl_ctx_get_data.pod + * doc/internal/man3/ossl_lib_ctx_get_data.pod */ /* @@ -27,7 +27,7 @@ typedef struct foo_st { void *data; } FOO; -static void *foo_new(OPENSSL_CTX *ctx) +static void *foo_new(OSSL_LIB_CTX *ctx) { FOO *ptr = OPENSSL_zalloc(sizeof(*ptr)); if (ptr != NULL) @@ -38,7 +38,7 @@ static void foo_free(void *ptr) { OPENSSL_free(ptr); } -static const OPENSSL_CTX_METHOD foo_method = { +static const OSSL_LIB_CTX_METHOD foo_method = { foo_new, foo_free }; @@ -48,23 +48,23 @@ static const OPENSSL_CTX_METHOD foo_method = { * ====================================================================== */ -static int test_context(OPENSSL_CTX *ctx) +static int test_context(OSSL_LIB_CTX *ctx) { FOO *data = NULL; - return TEST_ptr(data = openssl_ctx_get_data(ctx, 0, &foo_method)) + return TEST_ptr(data = ossl_lib_ctx_get_data(ctx, 0, &foo_method)) /* OPENSSL_zalloc in foo_new() initialized it to zero */ && TEST_int_eq(data->i, 42); } static int test_app_context(void) { - OPENSSL_CTX *ctx = NULL; + OSSL_LIB_CTX *ctx = NULL; int result = - TEST_ptr(ctx = OPENSSL_CTX_new()) + TEST_ptr(ctx = OSSL_LIB_CTX_new()) && test_context(ctx); - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); return result; } diff --git a/test/evp_extra_test.c b/test/evp_extra_test.c index 872b9d5313..8ee41ab5ce 100644 --- a/test/evp_extra_test.c +++ b/test/evp_extra_test.c @@ -34,7 +34,7 @@ #include "crypto/evp.h" #include "../e_os.h" /* strcasecmp */ -static OPENSSL_CTX *testctx = NULL; +static OSSL_LIB_CTX *testctx = NULL; /* * kExampleRSAKeyDER is an RSA private key in ASN.1, DER format. Of course, you @@ -478,11 +478,11 @@ static EVP_PKEY *load_example_hmac_key(void) static int test_EVP_set_default_properties(void) { - OPENSSL_CTX *ctx; + OSSL_LIB_CTX *ctx; EVP_MD *md = NULL; int res = 0; - if (!TEST_ptr(ctx = OPENSSL_CTX_new()) + if (!TEST_ptr(ctx = OSSL_LIB_CTX_new()) || !TEST_ptr(md = EVP_MD_fetch(ctx, "sha256", NULL))) goto err; EVP_MD_free(md); @@ -501,7 +501,7 @@ static int test_EVP_set_default_properties(void) res = 1; err: EVP_MD_free(md); - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); return res; } @@ -1894,7 +1894,7 @@ static int test_keygen_with_empty_template(int n) */ static int test_pkey_ctx_fail_without_provider(int tst) { - OPENSSL_CTX *tmpctx = OPENSSL_CTX_new(); + OSSL_LIB_CTX *tmpctx = OSSL_LIB_CTX_new(); OSSL_PROVIDER *nullprov = NULL; EVP_PKEY_CTX *pctx = NULL; const char *keytype = NULL; @@ -1949,7 +1949,7 @@ static int test_pkey_ctx_fail_without_provider(int tst) err: EVP_PKEY_CTX_free(pctx); OSSL_PROVIDER_unload(nullprov); - OPENSSL_CTX_free(tmpctx); + OSSL_LIB_CTX_free(tmpctx); return ret; } @@ -2098,7 +2098,7 @@ err: int setup_tests(void) { - testctx = OPENSSL_CTX_new(); + testctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(testctx)) return 0; @@ -2162,5 +2162,5 @@ int setup_tests(void) void cleanup_tests(void) { - OPENSSL_CTX_free(testctx); + OSSL_LIB_CTX_free(testctx); } diff --git a/test/evp_extra_test2.c b/test/evp_extra_test2.c index 0667a82647..f91e66a08b 100644 --- a/test/evp_extra_test2.c +++ b/test/evp_extra_test2.c @@ -20,7 +20,7 @@ #include "testutil.h" #include "internal/nelem.h" -static OPENSSL_CTX *mainctx = NULL; +static OSSL_LIB_CTX *mainctx = NULL; static OSSL_PROVIDER *nullprov = NULL; /* @@ -214,7 +214,7 @@ static int test_d2i_AutoPrivateKey_ex(int i) static int test_alternative_default(void) { - OPENSSL_CTX *oldctx; + OSSL_LIB_CTX *oldctx; EVP_MD *sha256; int ok = 0; @@ -229,7 +229,7 @@ static int test_alternative_default(void) * Now we switch to our main library context, and try again. Since no * providers are loaded in this one, it should fall back to the default. */ - if (!TEST_ptr(oldctx = OPENSSL_CTX_set0_default(mainctx)) + if (!TEST_ptr(oldctx = OSSL_LIB_CTX_set0_default(mainctx)) || !TEST_ptr(sha256 = EVP_MD_fetch(NULL, "SHA2-256", NULL))) goto err; EVP_MD_free(sha256); @@ -239,7 +239,7 @@ static int test_alternative_default(void) * Switching back should give us our main library context back, and * fetching SHA2-256 should fail again. */ - if (!TEST_ptr_eq(OPENSSL_CTX_set0_default(oldctx), mainctx) + if (!TEST_ptr_eq(OSSL_LIB_CTX_set0_default(oldctx), mainctx) || !TEST_ptr_null(sha256 = EVP_MD_fetch(NULL, "SHA2-256", NULL))) goto err; @@ -272,14 +272,14 @@ static int test_d2i_PrivateKey_ex(void) { int setup_tests(void) { - mainctx = OPENSSL_CTX_new(); + mainctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(mainctx)) return 0; nullprov = OSSL_PROVIDER_load(NULL, "null"); if (!TEST_ptr(nullprov)) { - OPENSSL_CTX_free(mainctx); + OSSL_LIB_CTX_free(mainctx); mainctx = NULL; return 0; } @@ -293,6 +293,6 @@ int setup_tests(void) void cleanup_tests(void) { - OPENSSL_CTX_free(mainctx); + OSSL_LIB_CTX_free(mainctx); OSSL_PROVIDER_unload(nullprov); } diff --git a/test/evp_fetch_prov_test.c b/test/evp_fetch_prov_test.c index d7f43f229d..18e57c76c6 100644 --- a/test/evp_fetch_prov_test.c +++ b/test/evp_fetch_prov_test.c @@ -76,17 +76,17 @@ static int calculate_digest(const EVP_MD *md, const char *msg, size_t len, return ret; } -static int load_providers(OPENSSL_CTX **libctx, OSSL_PROVIDER *prov[]) +static int load_providers(OSSL_LIB_CTX **libctx, OSSL_PROVIDER *prov[]) { - OPENSSL_CTX *ctx = NULL; + OSSL_LIB_CTX *ctx = NULL; int ret = 0; size_t i; - ctx = OPENSSL_CTX_new(); + ctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(ctx)) goto err; - if (!TEST_true(OPENSSL_CTX_load_config(ctx, config_file))) + if (!TEST_true(OSSL_LIB_CTX_load_config(ctx, config_file))) goto err; if (test_get_argument_count() > 2) goto err; @@ -102,7 +102,7 @@ static int load_providers(OPENSSL_CTX **libctx, OSSL_PROVIDER *prov[]) *libctx = ctx; err: if (ret == 0) - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); return ret; } @@ -111,7 +111,7 @@ err: */ static int test_EVP_MD_fetch(void) { - OPENSSL_CTX *ctx = NULL; + OSSL_LIB_CTX *ctx = NULL; EVP_MD *md = NULL; OSSL_PROVIDER *prov[2] = {NULL, NULL}; int ret = 0; @@ -162,7 +162,7 @@ err: */ if (ctx != NULL) { OPENSSL_thread_stop_ex(ctx); - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); } return ret; } @@ -197,7 +197,7 @@ err: */ static int test_EVP_CIPHER_fetch(void) { - OPENSSL_CTX *ctx = NULL; + OSSL_LIB_CTX *ctx = NULL; EVP_CIPHER *cipher = NULL; OSSL_PROVIDER *prov[2] = {NULL, NULL}; int ret = 0; @@ -229,7 +229,7 @@ err: EVP_CIPHER_free(cipher); OSSL_PROVIDER_unload(prov[0]); OSSL_PROVIDER_unload(prov[1]); - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); return ret; } diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c index 50d463680a..e8d41ab2a7 100644 --- a/test/evp_libctx_test.c +++ b/test/evp_libctx_test.c @@ -32,7 +32,7 @@ #include "crypto/bn_dh.h" /* _bignum_ffdhe2048_p */ #include "../e_os.h" /* strcasecmp */ -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static OSSL_PROVIDER *nullprov = NULL; static OSSL_PROVIDER *libprov = NULL; static STACK_OF(OPENSSL_CSTRING) *cipher_names = NULL; @@ -643,11 +643,11 @@ int setup_tests(void) if (!TEST_ptr(nullprov)) return 0; - libctx = OPENSSL_CTX_new(); + libctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(libctx)) return 0; if (config_file != NULL - && !TEST_true(OPENSSL_CTX_load_config(libctx, config_file))) + && !TEST_true(OSSL_LIB_CTX_load_config(libctx, config_file))) return 0; libprov = OSSL_PROVIDER_load(libctx, prov_name); @@ -681,6 +681,6 @@ void cleanup_tests(void) { sk_OPENSSL_CSTRING_free(cipher_names); OSSL_PROVIDER_unload(libprov); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); OSSL_PROVIDER_unload(nullprov); } diff --git a/test/evp_test.c b/test/evp_test.c index d7e40f214e..fc9121edac 100644 --- a/test/evp_test.c +++ b/test/evp_test.c @@ -73,7 +73,7 @@ typedef enum OPTION_choice { } OPTION_CHOICE; static OSSL_PROVIDER *prov_null = NULL; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; /* List of public and private keys */ static KEY_LIST *private_keys; @@ -1842,9 +1842,9 @@ static int pbe_test_run(EVP_TEST *t) PBE_DATA *expected = t->data; unsigned char *key; EVP_MD *fetched_digest = NULL; - OPENSSL_CTX *save_libctx; + OSSL_LIB_CTX *save_libctx; - save_libctx = OPENSSL_CTX_set0_default(libctx); + save_libctx = OSSL_LIB_CTX_set0_default(libctx); if (!TEST_ptr(key = OPENSSL_malloc(expected->key_len))) { t->err = "INTERNAL_ERROR"; @@ -1890,7 +1890,7 @@ static int pbe_test_run(EVP_TEST *t) err: EVP_MD_free(fetched_digest); OPENSSL_free(key); - OPENSSL_CTX_set0_default(save_libctx); + OSSL_LIB_CTX_set0_default(save_libctx); return 1; } @@ -3595,9 +3595,9 @@ int setup_tests(void) } /* load the provider via configuration into the created library context */ - libctx = OPENSSL_CTX_new(); + libctx = OSSL_LIB_CTX_new(); if (libctx == NULL - || !OPENSSL_CTX_load_config(libctx, config_file)) { + || !OSSL_LIB_CTX_load_config(libctx, config_file)) { TEST_error("Failed to load config %s\n", config_file); return 0; } @@ -3613,7 +3613,7 @@ int setup_tests(void) void cleanup_tests(void) { OSSL_PROVIDER_unload(prov_null); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); } #define STR_STARTS_WITH(str, pre) strncasecmp(pre, str, strlen(pre)) == 0 diff --git a/test/filterprov.c b/test/filterprov.c index 9c4f24f349..5b9cd30668 100644 --- a/test/filterprov.c +++ b/test/filterprov.c @@ -26,7 +26,7 @@ int filter_provider_set_filter(int operation, const char *name); #define MAX_ALG_FILTERS 5 struct filter_prov_globals_st { - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; OSSL_PROVIDER *deflt; struct { int operation; @@ -40,7 +40,7 @@ static struct filter_prov_globals_st ourglobals; static struct filter_prov_globals_st *get_globals(void) { /* - * Ideally we'd like to store this in the OPENSSL_CTX so that we can have + * Ideally we'd like to store this in the OSSL_LIB_CTX so that we can have * more than one instance of the filter provider at a time. But for now we * just make it simple. */ @@ -97,7 +97,7 @@ static void filter_teardown(void *provctx) struct filter_prov_globals_st *globs = get_globals(); OSSL_PROVIDER_unload(globs->deflt); - OPENSSL_CTX_free(globs->libctx); + OSSL_LIB_CTX_free(globs->libctx); } /* Functions we provide to the core */ @@ -116,7 +116,7 @@ int filter_provider_init(const OSSL_CORE_HANDLE *handle, void **provctx) { memset(&ourglobals, 0, sizeof(ourglobals)); - ourglobals.libctx = OPENSSL_CTX_new(); + ourglobals.libctx = OSSL_LIB_CTX_new(); if (ourglobals.libctx == NULL) goto err; @@ -130,7 +130,7 @@ int filter_provider_init(const OSSL_CORE_HANDLE *handle, err: OSSL_PROVIDER_unload(ourglobals.deflt); - OPENSSL_CTX_free(ourglobals.libctx); + OSSL_LIB_CTX_free(ourglobals.libctx); return 0; } diff --git a/test/keymgmt_internal_test.c b/test/keymgmt_internal_test.c index 1508123c7e..596019d294 100644 --- a/test/keymgmt_internal_test.c +++ b/test/keymgmt_internal_test.c @@ -21,9 +21,9 @@ #include "testutil.h" typedef struct { - OPENSSL_CTX *ctx1; + OSSL_LIB_CTX *ctx1; OSSL_PROVIDER *prov1; - OPENSSL_CTX *ctx2; + OSSL_LIB_CTX *ctx2; OSSL_PROVIDER *prov2; } FIXTURE; @@ -32,8 +32,8 @@ static void tear_down(FIXTURE *fixture) if (fixture != NULL) { OSSL_PROVIDER_unload(fixture->prov1); OSSL_PROVIDER_unload(fixture->prov2); - OPENSSL_CTX_free(fixture->ctx1); - OPENSSL_CTX_free(fixture->ctx2); + OSSL_LIB_CTX_free(fixture->ctx1); + OSSL_LIB_CTX_free(fixture->ctx2); OPENSSL_free(fixture); } } @@ -43,10 +43,10 @@ static FIXTURE *set_up(const char *testcase_name) FIXTURE *fixture; if (!TEST_ptr(fixture = OPENSSL_zalloc(sizeof(*fixture))) - || !TEST_ptr(fixture->ctx1 = OPENSSL_CTX_new()) + || !TEST_ptr(fixture->ctx1 = OSSL_LIB_CTX_new()) || !TEST_ptr(fixture->prov1 = OSSL_PROVIDER_load(fixture->ctx1, "default")) - || !TEST_ptr(fixture->ctx2 = OPENSSL_CTX_new()) + || !TEST_ptr(fixture->ctx2 = OSSL_LIB_CTX_new()) || !TEST_ptr(fixture->prov2 = OSSL_PROVIDER_load(fixture->ctx2, "default"))) { tear_down(fixture); diff --git a/test/property_test.c b/test/property_test.c index 6f8216ef33..ab61d01107 100644 --- a/test/property_test.c +++ b/test/property_test.c @@ -387,9 +387,9 @@ err: static int test_fips_mode(void) { int ret = 0; - OPENSSL_CTX *ctx = NULL; + OSSL_LIB_CTX *ctx = NULL; - if (!TEST_ptr(ctx = OPENSSL_CTX_new())) + if (!TEST_ptr(ctx = OSSL_LIB_CTX_new())) goto err; ret = TEST_true(EVP_set_default_properties(ctx, "default=yes,fips=yes")) @@ -408,7 +408,7 @@ static int test_fips_mode(void) && TEST_true(EVP_default_properties_enable_fips(ctx, 0)) && TEST_false(EVP_default_properties_is_fips_enabled(ctx)); err: - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); return ret; } diff --git a/test/provider_fallback_test.c b/test/provider_fallback_test.c index ce62184551..79765d9b65 100644 --- a/test/provider_fallback_test.c +++ b/test/provider_fallback_test.c @@ -12,7 +12,7 @@ #include #include "testutil.h" -static int test_provider(OPENSSL_CTX *ctx) +static int test_provider(OSSL_LIB_CTX *ctx) { EVP_KEYMGMT *rsameth = NULL; const OSSL_PROVIDER *prov = NULL; @@ -34,16 +34,16 @@ static int test_fallback_provider(void) static int test_explicit_provider(void) { - OPENSSL_CTX *ctx = NULL; + OSSL_LIB_CTX *ctx = NULL; OSSL_PROVIDER *prov = NULL; int ok; - ok = TEST_ptr(ctx = OPENSSL_CTX_new()) + ok = TEST_ptr(ctx = OSSL_LIB_CTX_new()) && TEST_ptr(prov = OSSL_PROVIDER_load(ctx, "default")) && test_provider(ctx) && TEST_true(OSSL_PROVIDER_unload(prov)); - OPENSSL_CTX_free(ctx); + OSSL_LIB_CTX_free(ctx); return ok; } diff --git a/test/provider_status_test.c b/test/provider_status_test.c index 83572e81f8..fb52fa67f0 100644 --- a/test/provider_status_test.c +++ b/test/provider_status_test.c @@ -28,7 +28,7 @@ struct self_test_arg { int count; }; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static char *provider_name = NULL; static struct self_test_arg self_test_args = { 0 }; @@ -170,13 +170,13 @@ int setup_tests(void) } } - libctx = OPENSSL_CTX_new(); + libctx = OSSL_LIB_CTX_new(); if (libctx == NULL) return 0; self_test_args.count = 0; OSSL_SELF_TEST_set_callback(libctx, self_test_on_load, &self_test_args); - if (!OPENSSL_CTX_load_config(libctx, config_file)) { + if (!OSSL_LIB_CTX_load_config(libctx, config_file)) { opt_printf_stderr("Failed to load config\n"); return 0; } diff --git a/test/ssl_test.c b/test/ssl_test.c index 4b7e26b4c1..d902283edf 100644 --- a/test/ssl_test.c +++ b/test/ssl_test.c @@ -21,7 +21,7 @@ static CONF *conf = NULL; static OSSL_PROVIDER *defctxnull = NULL, *thisprov = NULL; -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; /* Currently the section names are of the form test-, e.g. test-15. */ #define MAX_TESTCASE_NAME_LENGTH 100 @@ -542,5 +542,5 @@ void cleanup_tests(void) NCONF_free(conf); OSSL_PROVIDER_unload(defctxnull); OSSL_PROVIDER_unload(thisprov); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); } diff --git a/test/ssl_test_ctx.c b/test/ssl_test_ctx.c index 7721b17646..5c3de4c436 100644 --- a/test/ssl_test_ctx.c +++ b/test/ssl_test_ctx.c @@ -606,7 +606,8 @@ __owur static int parse_expected_client_sign_hash(SSL_TEST_CTX *test_ctx, } __owur static int parse_expected_ca_names(STACK_OF(X509_NAME) **pnames, - const char *value, OPENSSL_CTX *libctx) + const char *value, + OSSL_LIB_CTX *libctx) { if (value == NULL) return 0; @@ -718,7 +719,7 @@ static const ssl_test_server_option ssl_test_server_options[] = { { "SessionTicketAppData", &parse_server_session_ticket_app_data }, }; -SSL_TEST_CTX *SSL_TEST_CTX_new(OPENSSL_CTX *libctx) +SSL_TEST_CTX *SSL_TEST_CTX_new(OSSL_LIB_CTX *libctx) { SSL_TEST_CTX *ret; @@ -837,7 +838,7 @@ static int parse_server_options(SSL_TEST_SERVER_CONF *server, const CONF *conf, } SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section, - OPENSSL_CTX *libctx) + OSSL_LIB_CTX *libctx) { STACK_OF(CONF_VALUE) *sk_conf = NULL; SSL_TEST_CTX *ctx = NULL; diff --git a/test/ssl_test_ctx.h b/test/ssl_test_ctx.h index 4a0d72b682..4e8d3df4ac 100644 --- a/test/ssl_test_ctx.h +++ b/test/ssl_test_ctx.h @@ -226,7 +226,7 @@ typedef struct { /* Expected Session Ticket Application Data */ char *expected_session_ticket_app_data; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; } SSL_TEST_CTX; const char *ssl_test_result_name(ssl_test_result_t result); @@ -249,9 +249,9 @@ const char *ssl_max_fragment_len_name(int MFL_mode); * See test/README.ssltest.md for details on the conf file format. */ SSL_TEST_CTX *SSL_TEST_CTX_create(const CONF *conf, const char *test_section, - OPENSSL_CTX *libctx); + OSSL_LIB_CTX *libctx); -SSL_TEST_CTX *SSL_TEST_CTX_new(OPENSSL_CTX *libctx); +SSL_TEST_CTX *SSL_TEST_CTX_new(OSSL_LIB_CTX *libctx); void SSL_TEST_CTX_free(SSL_TEST_CTX *ctx); diff --git a/test/sslapitest.c b/test/sslapitest.c index 6dc3be92cb..b87b07e270 100644 --- a/test/sslapitest.c +++ b/test/sslapitest.c @@ -48,7 +48,7 @@ int tls_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH **out, void **provctx); -static OPENSSL_CTX *libctx = NULL; +static OSSL_LIB_CTX *libctx = NULL; static OSSL_PROVIDER *defctxnull = NULL; #ifndef OPENSSL_NO_TLS1_3 @@ -6565,7 +6565,7 @@ static int int_test_ssl_get_shared_ciphers(int tst, int clnt) SSL *clientssl = NULL, *serverssl = NULL; int testresult = 0; char buf[1024]; - OPENSSL_CTX *tmplibctx = OPENSSL_CTX_new(); + OSSL_LIB_CTX *tmplibctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(tmplibctx)) goto end; @@ -6630,7 +6630,7 @@ static int int_test_ssl_get_shared_ciphers(int tst, int clnt) SSL_free(clientssl); SSL_CTX_free(sctx); SSL_CTX_free(cctx); - OPENSSL_CTX_free(tmplibctx); + OSSL_LIB_CTX_free(tmplibctx); return testresult; } @@ -7824,8 +7824,8 @@ static int test_sigalgs_available(int idx) SSL_CTX *cctx = NULL, *sctx = NULL; SSL *clientssl = NULL, *serverssl = NULL; int testresult = 0; - OPENSSL_CTX *tmpctx = OPENSSL_CTX_new(); - OPENSSL_CTX *clientctx = libctx, *serverctx = libctx; + OSSL_LIB_CTX *tmpctx = OSSL_LIB_CTX_new(); + OSSL_LIB_CTX *clientctx = libctx, *serverctx = libctx; OSSL_PROVIDER *filterprov = NULL; int sig, hash; @@ -7928,7 +7928,7 @@ static int test_sigalgs_available(int idx) SSL_CTX_free(sctx); SSL_CTX_free(cctx); OSSL_PROVIDER_unload(filterprov); - OPENSSL_CTX_free(tmpctx); + OSSL_LIB_CTX_free(tmpctx); return testresult; } @@ -8054,7 +8054,7 @@ int setup_tests(void) char *modulename; char *configfile; - libctx = OPENSSL_CTX_new(); + libctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(libctx)) return 0; @@ -8080,7 +8080,7 @@ int setup_tests(void) || !TEST_ptr(configfile = test_get_argument(4))) return 0; - if (!TEST_true(OPENSSL_CTX_load_config(libctx, configfile))) + if (!TEST_true(OSSL_LIB_CTX_load_config(libctx, configfile))) return 0; /* Check we have the expected provider available */ @@ -8272,5 +8272,5 @@ void cleanup_tests(void) bio_s_mempacket_test_free(); bio_s_always_retry_free(); OSSL_PROVIDER_unload(defctxnull); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); } diff --git a/test/ssltest_old.c b/test/ssltest_old.c index 875e6eac13..8368bd2409 100644 --- a/test/ssltest_old.c +++ b/test/ssltest_old.c @@ -926,7 +926,7 @@ int main(int argc, char *argv[]) char *arg = NULL, *argn = NULL; const char *provider = NULL, *config = NULL; OSSL_PROVIDER *thisprov = NULL, *defctxnull = NULL; - OPENSSL_CTX *libctx = NULL; + OSSL_LIB_CTX *libctx = NULL; verbose = 0; debug = 0; @@ -1367,12 +1367,12 @@ int main(int argc, char *argv[]) defctxnull = OSSL_PROVIDER_load(NULL, "null"); if (defctxnull == NULL) goto end; - libctx = OPENSSL_CTX_new(); + libctx = OSSL_LIB_CTX_new(); if (libctx == NULL) goto end; if (config != NULL - && !OPENSSL_CTX_load_config(libctx, config)) + && !OSSL_LIB_CTX_load_config(libctx, config)) goto end; thisprov = OSSL_PROVIDER_load(libctx, provider); @@ -1891,7 +1891,7 @@ int main(int argc, char *argv[]) OSSL_PROVIDER_unload(defctxnull); OSSL_PROVIDER_unload(thisprov); - OPENSSL_CTX_free(libctx); + OSSL_LIB_CTX_free(libctx); BIO_free(bio_err); EXIT(ret); diff --git a/test/ssltestlib.c b/test/ssltestlib.c index b2baa9fa43..734d1e936b 100644 --- a/test/ssltestlib.c +++ b/test/ssltestlib.c @@ -684,7 +684,7 @@ static int always_retry_puts(BIO *bio, const char *str) return -1; } -int create_ssl_ctx_pair(OPENSSL_CTX *libctx, const SSL_METHOD *sm, +int create_ssl_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm, const SSL_METHOD *cm, int min_proto_version, int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, diff --git a/test/ssltestlib.h b/test/ssltestlib.h index f3f22f38c3..0466286365 100644 --- a/test/ssltestlib.h +++ b/test/ssltestlib.h @@ -12,7 +12,7 @@ # include -int create_ssl_ctx_pair(OPENSSL_CTX *libctx, const SSL_METHOD *sm, +int create_ssl_ctx_pair(OSSL_LIB_CTX *libctx, const SSL_METHOD *sm, const SSL_METHOD *cm, int min_proto_version, int max_proto_version, SSL_CTX **sctx, SSL_CTX **cctx, char *certfile, char *privkeyfile); diff --git a/test/testutil.h b/test/testutil.h index 14483fd405..f1e3aae6fb 100644 --- a/test/testutil.h +++ b/test/testutil.h @@ -205,7 +205,7 @@ size_t test_get_argument_count(void); */ int test_skip_common_options(void); -int test_get_libctx(OPENSSL_CTX **libctx, +int test_get_libctx(OSSL_LIB_CTX **libctx, OSSL_PROVIDER **default_null_provider, OSSL_PROVIDER **provider, int argn, const char *usage); diff --git a/test/testutil/provider.c b/test/testutil/provider.c index f7c7b1cdb6..c7ff44c754 100644 --- a/test/testutil/provider.c +++ b/test/testutil/provider.c @@ -11,7 +11,7 @@ #include #include -int test_get_libctx(OPENSSL_CTX **libctx, +int test_get_libctx(OSSL_LIB_CTX **libctx, OSSL_PROVIDER **default_null_provider, OSSL_PROVIDER **provider, int argn, const char *usage) { @@ -25,14 +25,14 @@ int test_get_libctx(OPENSSL_CTX **libctx, const char *config_fname = test_get_argument(argn + 1); *default_null_provider = OSSL_PROVIDER_load(NULL, "null"); - *libctx = OPENSSL_CTX_new(); + *libctx = OSSL_LIB_CTX_new(); if (!TEST_ptr(*libctx)) { TEST_error("Failed to create libctx\n"); goto err; } if (config_fname != NULL - && !TEST_true(OPENSSL_CTX_load_config(*libctx, config_fname))) { + && !TEST_true(OSSL_LIB_CTX_load_config(*libctx, config_fname))) { TEST_error("Error loading config file %s\n", config_fname); goto err; } diff --git a/test/tls-provider.c b/test/tls-provider.c index bcbcd710ce..86d204240b 100644 --- a/test/tls-provider.c +++ b/test/tls-provider.c @@ -528,7 +528,7 @@ static const OSSL_PARAM *xor_settable_params(void *provctx) struct xor_gen_ctx { int selection; - OPENSSL_CTX *libctx; + OSSL_LIB_CTX *libctx; }; static void *xor_gen_init(void *provctx, int selection) @@ -542,8 +542,8 @@ static void *xor_gen_init(void *provctx, int selection) if ((gctx = OPENSSL_zalloc(sizeof(*gctx))) != NULL) gctx->selection = selection; - /* Our provctx is really just an OPENSSL_CTX */ - gctx->libctx = (OPENSSL_CTX *)provctx; + /* Our provctx is really just an OSSL_LIB_CTX */ + gctx->libctx = (OSSL_LIB_CTX *)provctx; return gctx; } @@ -648,14 +648,14 @@ static const OSSL_ALGORITHM *tls_prov_query(void *provctx, int operation_id, /* Functions we provide to the core */ static const OSSL_DISPATCH tls_prov_dispatch_table[] = { - { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OPENSSL_CTX_free }, + { OSSL_FUNC_PROVIDER_TEARDOWN, (void (*)(void))OSSL_LIB_CTX_free }, { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))tls_prov_query }, { OSSL_FUNC_PROVIDER_GET_CAPABILITIES, (void (*)(void))tls_prov_get_capabilities }, { 0, NULL } }; static -unsigned int randomize_tls_group_id(OPENSSL_CTX *libctx) +unsigned int randomize_tls_group_id(OSSL_LIB_CTX *libctx) { /* * Randomise the group_id we're going to use to ensure we don't interoperate @@ -692,7 +692,7 @@ int tls_provider_init(const OSSL_CORE_HANDLE *handle, const OSSL_DISPATCH **out, void **provctx) { - OPENSSL_CTX *libctx = OPENSSL_CTX_new(); + OSSL_LIB_CTX *libctx = OSSL_LIB_CTX_new(); *provctx = libctx; diff --git a/util/libcrypto.num b/util/libcrypto.num index 12ba103689..6c0fae783b 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4444,8 +4444,8 @@ EVP_KDF_derive ? 3_0_0 EXIST::FUNCTION: EVP_KDF_name ? 3_0_0 EXIST::FUNCTION: EC_GROUP_get0_field ? 3_0_0 EXIST::FUNCTION:EC CRYPTO_alloc_ex_data ? 3_0_0 EXIST::FUNCTION: -OPENSSL_CTX_new ? 3_0_0 EXIST::FUNCTION: -OPENSSL_CTX_free ? 3_0_0 EXIST::FUNCTION: +OSSL_LIB_CTX_new ? 3_0_0 EXIST::FUNCTION: +OSSL_LIB_CTX_free ? 3_0_0 EXIST::FUNCTION: OPENSSL_LH_flush ? 3_0_0 EXIST::FUNCTION: BN_native2bn ? 3_0_0 EXIST::FUNCTION: BN_bn2nativepad ? 3_0_0 EXIST::FUNCTION: @@ -4970,7 +4970,7 @@ EVP_PKEY_CTX_set1_rsa_keygen_pubexp ? 3_0_0 EXIST::FUNCTION:RSA EVP_PKEY_CTX_set_rsa_keygen_primes ? 3_0_0 EXIST::FUNCTION:RSA NCONF_new_ex ? 3_0_0 EXIST::FUNCTION: CONF_modules_load_file_ex ? 3_0_0 EXIST::FUNCTION: -OPENSSL_CTX_load_config ? 3_0_0 EXIST::FUNCTION: +OSSL_LIB_CTX_load_config ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_to_param ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_free_params ? 3_0_0 EXIST::FUNCTION: OSSL_PARAM_BLD_push_int ? 3_0_0 EXIST::FUNCTION: @@ -5100,7 +5100,7 @@ OSSL_PROVIDER_get_capabilities ? 3_0_0 EXIST::FUNCTION: EC_GROUP_new_by_curve_name_ex ? 3_0_0 EXIST::FUNCTION:EC EC_KEY_new_ex ? 3_0_0 EXIST::FUNCTION:EC EC_KEY_new_by_curve_name_ex ? 3_0_0 EXIST::FUNCTION:EC -OPENSSL_CTX_set0_default ? 3_0_0 EXIST::FUNCTION: +OSSL_LIB_CTX_set0_default ? 3_0_0 EXIST::FUNCTION: PEM_X509_INFO_read_bio_ex ? 3_0_0 EXIST::FUNCTION: PEM_X509_INFO_read_ex ? 3_0_0 EXIST::FUNCTION:STDIO X509_REQ_verify_ex ? 3_0_0 EXIST::FUNCTION: diff --git a/util/other.syms b/util/other.syms index d4c552e298..e5d98a9877 100644 --- a/util/other.syms +++ b/util/other.syms @@ -39,7 +39,7 @@ EVP_RAND datatype EVP_RAND_CTX datatype GEN_SESSION_CB datatype OPENSSL_Applink external -OPENSSL_CTX datatype +OSSL_LIB_CTX datatype NAMING_AUTHORITY datatype OSSL_DECODER datatype OSSL_DECODER_CTX datatype From openssl at openssl.org Thu Oct 15 12:12:28 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 12:12:28 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1602763948.026391.17950.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 40C7D1A9B67F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4057E9506A7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 4057E9506A7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:399: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1554 wallclock secs (14.20 usr 1.45 sys + 1453.04 cusr 85.59 csys = 1554.28 CPU) Result: FAIL Makefile:3181: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3179: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 15 12:35:35 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 12:35:35 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1602765335.279658.5732.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 716 wallclock secs (13.53 usr 1.07 sys + 618.79 cusr 57.75 csys = 691.14 CPU) Result: FAIL Makefile:3173: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3171: recipe for target 'tests' failed make: *** [tests] Error 2 From matt at openssl.org Thu Oct 15 13:04:58 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 13:04:58 +0000 Subject: [openssl] master update Message-ID: <1602767098.884962.26970.nullmailer@dev.openssl.org> The branch master has been updated via 796948cd733d2bd0d8acbaf2354c718bcd4352a6 (commit) from a829b735b645516041b55746e013692babd8cd31 (commit) - Log ----------------------------------------------------------------- commit 796948cd733d2bd0d8acbaf2354c718bcd4352a6 Author: Akshit Akhoury Date: Fri Oct 2 22:28:36 2020 +0530 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE CLA: trivial Reviewed-by: Kurt Roeckx Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13062) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x509_att.c | 2 +- include/openssl/x509.h.in | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c index d93d757aef..6966d12c20 100644 --- a/crypto/x509/x509_att.c +++ b/crypto/x509/x509_att.c @@ -149,7 +149,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) return ret; } -void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, +void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x, const ASN1_OBJECT *obj, int lastpos, int type) { int i; diff --git a/include/openssl/x509.h.in b/include/openssl/x509.h.in index 1c4a13aa42..eda5ee986f 100644 --- a/include/openssl/x509.h.in +++ b/include/openssl/x509.h.in @@ -975,7 +975,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) int type, const unsigned char *bytes, int len); -void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, +void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x, const ASN1_OBJECT *obj, int lastpos, int type); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype, const void *data, From matt at openssl.org Thu Oct 15 13:13:24 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 13:13:24 +0000 Subject: [openssl] master update Message-ID: <1602767604.616452.30319.nullmailer@dev.openssl.org> The branch master has been updated via eec0ad10b943bc10690358cf2db32ca06c3e81a0 (commit) from 796948cd733d2bd0d8acbaf2354c718bcd4352a6 (commit) - Log ----------------------------------------------------------------- commit eec0ad10b943bc10690358cf2db32ca06c3e81a0 Author: Matt Caswell Date: Thu Oct 15 14:10:06 2020 +0100 Update copyright year Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/13144) ----------------------------------------------------------------------- Summary of changes: apps/include/app_params.h | 2 +- apps/lib/app_params.c | 2 +- crypto/asn1/a_d2i_fp.c | 2 +- crypto/asn1/d2i_param.c | 2 +- crypto/asn1/standard_methods.h | 2 +- crypto/asn1/tbl_standard.h | 2 +- crypto/asn1_dsa.c | 2 +- crypto/bio/b_addr.c | 2 +- crypto/cms/cms_asn1.c | 2 +- crypto/cms/cms_cd.c | 2 +- crypto/cms/cms_dd.c | 2 +- crypto/cms/cms_io.c | 2 +- crypto/cryptlib.c | 2 +- crypto/ec/curve448/ed448.h | 2 +- crypto/encode_decode/encoder_lib.c | 2 +- crypto/evp/e_aria.c | 2 +- crypto/evp/e_sm4.c | 2 +- crypto/evp/evp_pbe.c | 2 +- crypto/evp/names.c | 2 +- crypto/evp/p_sign.c | 2 +- crypto/evp/p_verify.c | 2 +- crypto/getenv.c | 2 +- crypto/ocsp/ocsp_local.h | 2 +- crypto/pkcs12/p12_attr.c | 2 +- crypto/pkcs12/p12_decr.c | 2 +- crypto/pkcs12/p12_key.c | 2 +- crypto/pkcs7/pk7_asn1.c | 2 +- crypto/pkcs7/pk7_mime.c | 2 +- crypto/property/defn_cache.c | 2 +- crypto/property/property_string.c | 2 +- crypto/punycode.c | 2 +- crypto/sm2/sm2_sign.c | 2 +- crypto/sparse_array.c | 2 +- crypto/store/store_init.c | 2 +- crypto/store/store_strings.c | 2 +- doc/internal/man3/ossl_lib_ctx_get_data.pod | 2 +- doc/internal/man3/ossl_namemap_new.pod | 2 +- doc/internal/man3/ossl_punycode_decode.pod | 2 +- doc/internal/man3/ossl_rsa_get0_all_params.pod | 2 +- doc/man3/BN_CTX_new.pod | 2 +- doc/man3/BN_rand.pod | 2 +- doc/man3/CMS_sign.pod | 2 +- doc/man3/EVP_ASYM_CIPHER_free.pod | 2 +- doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod | 2 +- doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod | 2 +- doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod | 2 +- doc/man3/OCSP_resp_find_status.pod | 2 +- doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod | 2 +- doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod | 2 +- doc/man3/OSSL_CRMF_pbmp_new.pod | 2 +- doc/man3/OSSL_ENCODER.pod | 2 +- doc/man3/OSSL_ENCODER_CTX.pod | 2 +- doc/man3/OSSL_STORE_SEARCH.pod | 2 +- doc/man3/PKCS12_SAFEBAG_create_cert.pod | 2 +- doc/man3/PKCS12_SAFEBAG_get1_cert.pod | 2 +- doc/man3/PKCS12_parse.pod | 2 +- doc/man3/PKCS7_sign.pod | 2 +- doc/man3/SSL_CTX_set_ssl_version.pod | 2 +- doc/man3/UI_new.pod | 2 +- doc/man3/X509_NAME_print_ex.pod | 2 +- doc/man3/X509_cmp.pod | 2 +- doc/man3/d2i_DHparams.pod | 2 +- doc/man7/RAND.pod | 2 +- fuzz/test-corpus.c | 2 +- include/crypto/asn1_dsa.h | 2 +- include/crypto/bn.h | 2 +- include/crypto/punycode.h | 2 +- include/crypto/sm2.h | 2 +- include/internal/namemap.h | 2 +- include/openssl/md5.h | 2 +- providers/implementations/ciphers/cipher_aes.h | 2 +- providers/implementations/ciphers/cipher_aes_ccm.h | 2 +- providers/implementations/ciphers/cipher_aes_ccm_hw_aesni.inc | 2 +- providers/implementations/ciphers/cipher_aes_ccm_hw_s390x.inc | 2 +- providers/implementations/ciphers/cipher_aes_ccm_hw_t4.inc | 2 +- providers/implementations/ciphers/cipher_aes_gcm.h | 2 +- providers/implementations/ciphers/cipher_aes_gcm_hw_s390x.inc | 2 +- providers/implementations/ciphers/cipher_aes_hw_aesni.inc | 2 +- providers/implementations/ciphers/cipher_aes_hw_s390x.inc | 2 +- providers/implementations/ciphers/cipher_aes_ocb.h | 2 +- providers/implementations/ciphers/cipher_aes_xts.h | 2 +- providers/implementations/ciphers/cipher_aria.h | 2 +- providers/implementations/ciphers/cipher_aria_ccm.h | 2 +- providers/implementations/ciphers/cipher_aria_ccm_hw.c | 2 +- providers/implementations/ciphers/cipher_aria_gcm.h | 2 +- providers/implementations/ciphers/cipher_aria_hw.c | 2 +- providers/implementations/ciphers/cipher_blowfish.h | 2 +- providers/implementations/ciphers/cipher_camellia.h | 2 +- providers/implementations/ciphers/cipher_cast.h | 2 +- providers/implementations/ciphers/cipher_chacha20_hw.c | 2 +- providers/implementations/ciphers/cipher_chacha20_poly1305.h | 2 +- providers/implementations/ciphers/cipher_idea.h | 2 +- providers/implementations/ciphers/cipher_rc2.h | 2 +- providers/implementations/ciphers/cipher_rc4.h | 2 +- providers/implementations/ciphers/cipher_rc4_hmac_md5.h | 2 +- providers/implementations/ciphers/cipher_rc5.h | 2 +- providers/implementations/ciphers/cipher_seed.h | 2 +- providers/implementations/ciphers/cipher_sm4.h | 2 +- providers/implementations/ciphers/cipher_sm4_hw.c | 2 +- providers/implementations/ciphers/cipher_tdes_default.h | 2 +- providers/implementations/ciphers/ciphercommon_hw.c | 2 +- providers/implementations/digests/digestcommon.c | 2 +- providers/implementations/digests/sm3_prov.c | 2 +- providers/implementations/macs/blake2b_mac.c | 2 +- providers/implementations/macs/blake2s_mac.c | 2 +- ssl/statem/statem_dtls.c | 2 +- test/asn1_dsa_internal_test.c | 2 +- test/bntest.c | 2 +- test/context_internal_test.c | 2 +- test/lhash_test.c | 2 +- test/pkey_meth_kdf_test.c | 2 +- test/recipes/01-test_symbol_presence.t | 2 +- test/recipes/25-test_eai_data.t | 2 +- test/recipes/30-test_evp_data/evpciph_bf.txt | 2 +- test/recipes/30-test_evp_data/evpciph_chacha.txt | 2 +- test/recipes/30-test_evp_data/evpciph_des.txt | 2 +- test/recipes/30-test_evp_data/evpciph_sm4.txt | 2 +- test/recipes/30-test_evp_data/evpencod.txt | 2 +- test/recipes/30-test_evp_data/evpkdf_krb5.txt | 2 +- test/recipes/30-test_evp_data/evpkdf_scrypt.txt | 2 +- test/recipes/30-test_evp_data/evpkdf_ss.txt | 2 +- test/recipes/30-test_evp_data/evpmd_blake.txt | 2 +- test/recipes/30-test_evp_data/evpmd_ripemd.txt | 2 +- test/recipes/30-test_evp_data/evpmd_sm3.txt | 2 +- test/recipes/30-test_evp_data/evpmd_whirlpool.txt | 2 +- test/recipes/30-test_evp_data/evppbe_pkcs12.txt | 2 +- test/recipes/65-test_cmp_msg.t | 2 +- test/recipes/65-test_cmp_protect.t | 2 +- test/recipes/80-test_pkcs12.t | 2 +- test/recipes/90-test_shlibload.t | 2 +- test/stack_test.c | 2 +- test/uitest.c | 2 +- util/mknum.pl | 2 +- util/perl/OpenSSL/Ordinals.pm | 2 +- 134 files changed, 134 insertions(+), 134 deletions(-) diff --git a/apps/include/app_params.h b/apps/include/app_params.h index d282fd657f..79f8f58b31 100644 --- a/apps/include/app_params.h +++ b/apps/include/app_params.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/apps/lib/app_params.c b/apps/lib/app_params.c index 04337cbc83..95e1298ee9 100644 --- a/apps/lib/app_params.c +++ b/apps/lib/app_params.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c index 249e6294c8..9da166f9f3 100644 --- a/crypto/asn1/a_d2i_fp.c +++ b/crypto/asn1/a_d2i_fp.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/asn1/d2i_param.c b/crypto/asn1/d2i_param.c index f0217b47f6..e755eedea2 100644 --- a/crypto/asn1/d2i_param.c +++ b/crypto/asn1/d2i_param.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/asn1/standard_methods.h b/crypto/asn1/standard_methods.h index fdf1d23558..59fa726991 100644 --- a/crypto/asn1/standard_methods.h +++ b/crypto/asn1/standard_methods.h @@ -1,5 +1,5 @@ /* - * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/asn1/tbl_standard.h b/crypto/asn1/tbl_standard.h index ea6ad2847a..3e8fe81eeb 100644 --- a/crypto/asn1/tbl_standard.h +++ b/crypto/asn1/tbl_standard.h @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/asn1_dsa.c b/crypto/asn1_dsa.c index 6578b8f606..cb48ae9956 100644 --- a/crypto/asn1_dsa.c +++ b/crypto/asn1_dsa.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c index b7469bc720..4a367ec54c 100644 --- a/crypto/bio/b_addr.c +++ b/crypto/bio/b_addr.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/cms/cms_asn1.c b/crypto/cms/cms_asn1.c index 8bf2f8f1cc..72cd14317d 100644 --- a/crypto/cms/cms_asn1.c +++ b/crypto/cms/cms_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/cms/cms_cd.c b/crypto/cms/cms_cd.c index 717b0a6a41..c806a472d5 100644 --- a/crypto/cms/cms_cd.c +++ b/crypto/cms/cms_cd.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/cms/cms_dd.c b/crypto/cms/cms_dd.c index fd9ea7e342..0353c2276f 100644 --- a/crypto/cms/cms_dd.c +++ b/crypto/cms/cms_dd.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/cms/cms_io.c b/crypto/cms/cms_io.c index 55a2510ad6..9b62e4874f 100644 --- a/crypto/cms/cms_io.c +++ b/crypto/cms/cms_io.c @@ -1,5 +1,5 @@ /* - * Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c index 0f6d38e67b..7779ad05fe 100644 --- a/crypto/cryptlib.c +++ b/crypto/cryptlib.c @@ -1,5 +1,5 @@ /* - * Copyright 1998-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1998-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/crypto/ec/curve448/ed448.h b/crypto/ec/curve448/ed448.h index af9bbb39ac..3a1a9b46d6 100644 --- a/crypto/ec/curve448/ed448.h +++ b/crypto/ec/curve448/ed448.h @@ -1,5 +1,5 @@ /* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2015-2016 Cryptography Research, Inc. * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/crypto/encode_decode/encoder_lib.c b/crypto/encode_decode/encoder_lib.c index 11be9f7902..593483313c 100644 --- a/crypto/encode_decode/encoder_lib.c +++ b/crypto/encode_decode/encoder_lib.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/evp/e_aria.c b/crypto/evp/e_aria.c index 438693265d..9f3a909122 100644 --- a/crypto/evp/e_aria.c +++ b/crypto/evp/e_aria.c @@ -1,5 +1,5 @@ /* - * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/crypto/evp/e_sm4.c b/crypto/evp/e_sm4.c index 96c50cf13f..5a164eff75 100644 --- a/crypto/evp/e_sm4.c +++ b/crypto/evp/e_sm4.c @@ -1,5 +1,5 @@ /* - * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2017 Ribose Inc. All Rights Reserved. * Ported from Ribose contributions from Botan. * diff --git a/crypto/evp/evp_pbe.c b/crypto/evp/evp_pbe.c index 5dae42b6a1..b283b0a684 100644 --- a/crypto/evp/evp_pbe.c +++ b/crypto/evp/evp_pbe.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/evp/names.c b/crypto/evp/names.c index 07fda004dc..cb59813857 100644 --- a/crypto/evp/names.c +++ b/crypto/evp/names.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c index 33d23404a5..7d7fcbfdfd 100644 --- a/crypto/evp/p_sign.c +++ b/crypto/evp/p_sign.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c index 31b04b309b..f4026d8a10 100644 --- a/crypto/evp/p_verify.c +++ b/crypto/evp/p_verify.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/getenv.c b/crypto/getenv.c index 431a7644b9..e79b6cc161 100644 --- a/crypto/getenv.c +++ b/crypto/getenv.c @@ -1,5 +1,5 @@ /* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/ocsp/ocsp_local.h b/crypto/ocsp/ocsp_local.h index fa291d37eb..1e7de1384f 100644 --- a/crypto/ocsp/ocsp_local.h +++ b/crypto/ocsp/ocsp_local.h @@ -1,5 +1,5 @@ /* - * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c index 0acecef7a3..da228336eb 100644 --- a/crypto/pkcs12/p12_attr.c +++ b/crypto/pkcs12/p12_attr.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/pkcs12/p12_decr.c b/crypto/pkcs12/p12_decr.c index 37c8e40194..cabfe07908 100644 --- a/crypto/pkcs12/p12_decr.c +++ b/crypto/pkcs12/p12_decr.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/pkcs12/p12_key.c b/crypto/pkcs12/p12_key.c index b22a75e20d..20a29c7d44 100644 --- a/crypto/pkcs12/p12_key.c +++ b/crypto/pkcs12/p12_key.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c index 21d8e8785d..9820d1b8eb 100644 --- a/crypto/pkcs7/pk7_asn1.c +++ b/crypto/pkcs7/pk7_asn1.c @@ -1,5 +1,5 @@ /* - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/pkcs7/pk7_mime.c b/crypto/pkcs7/pk7_mime.c index c505b23648..381df40a94 100644 --- a/crypto/pkcs7/pk7_mime.c +++ b/crypto/pkcs7/pk7_mime.c @@ -1,5 +1,5 @@ /* - * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/property/defn_cache.c b/crypto/property/defn_cache.c index ea44476213..b3aefe8f8e 100644 --- a/crypto/property/defn_cache.c +++ b/crypto/property/defn_cache.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/crypto/property/property_string.c b/crypto/property/property_string.c index 17b930b439..90bb322faa 100644 --- a/crypto/property/property_string.c +++ b/crypto/property/property_string.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/crypto/punycode.c b/crypto/punycode.c index 2607d6157a..385b4b1df4 100644 --- a/crypto/punycode.c +++ b/crypto/punycode.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/sm2/sm2_sign.c b/crypto/sm2/sm2_sign.c index ddc19a2de8..d180a5ace7 100644 --- a/crypto/sm2/sm2_sign.c +++ b/crypto/sm2/sm2_sign.c @@ -1,5 +1,5 @@ /* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2017 Ribose Inc. All Rights Reserved. * Ported from Ribose contributions from Botan. * diff --git a/crypto/sparse_array.c b/crypto/sparse_array.c index 69a56db01c..be4db2c620 100644 --- a/crypto/sparse_array.c +++ b/crypto/sparse_array.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2019, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/crypto/store/store_init.c b/crypto/store/store_init.c index 4d434eb57b..d308dc5d0b 100644 --- a/crypto/store/store_init.c +++ b/crypto/store/store_init.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/crypto/store/store_strings.c b/crypto/store/store_strings.c index 97497c8a78..3d4a8ea730 100644 --- a/crypto/store/store_strings.c +++ b/crypto/store/store_strings.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/doc/internal/man3/ossl_lib_ctx_get_data.pod b/doc/internal/man3/ossl_lib_ctx_get_data.pod index a6684635c6..b79e93d848 100644 --- a/doc/internal/man3/ossl_lib_ctx_get_data.pod +++ b/doc/internal/man3/ossl_lib_ctx_get_data.pod @@ -132,7 +132,7 @@ L =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/internal/man3/ossl_namemap_new.pod b/doc/internal/man3/ossl_namemap_new.pod index 2c6f901b1e..7868dd5493 100644 --- a/doc/internal/man3/ossl_namemap_new.pod +++ b/doc/internal/man3/ossl_namemap_new.pod @@ -115,7 +115,7 @@ The functions described here were all added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/internal/man3/ossl_punycode_decode.pod b/doc/internal/man3/ossl_punycode_decode.pod index b0ff76653b..1926a4b4bc 100644 --- a/doc/internal/man3/ossl_punycode_decode.pod +++ b/doc/internal/man3/ossl_punycode_decode.pod @@ -49,7 +49,7 @@ The functions described here were all added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/internal/man3/ossl_rsa_get0_all_params.pod b/doc/internal/man3/ossl_rsa_get0_all_params.pod index 7af5d77d63..a7ebb613bb 100644 --- a/doc/internal/man3/ossl_rsa_get0_all_params.pod +++ b/doc/internal/man3/ossl_rsa_get0_all_params.pod @@ -65,7 +65,7 @@ L =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/BN_CTX_new.pod b/doc/man3/BN_CTX_new.pod index e53bc62169..1d93c8b55e 100644 --- a/doc/man3/BN_CTX_new.pod +++ b/doc/man3/BN_CTX_new.pod @@ -79,7 +79,7 @@ BN_CTX_init() was removed in OpenSSL 1.1.0. =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/BN_rand.pod b/doc/man3/BN_rand.pod index 529d6471e4..01c3ff4dd1 100644 --- a/doc/man3/BN_rand.pod +++ b/doc/man3/BN_rand.pod @@ -110,7 +110,7 @@ BN_priv_rand_range_ex() functions were added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/CMS_sign.pod b/doc/man3/CMS_sign.pod index 81cc981414..0d812756ae 100644 --- a/doc/man3/CMS_sign.pod +++ b/doc/man3/CMS_sign.pod @@ -132,7 +132,7 @@ The CMS_sign_ex() method was added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2008-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_ASYM_CIPHER_free.pod b/doc/man3/EVP_ASYM_CIPHER_free.pod index 036d62fe36..1476103b94 100644 --- a/doc/man3/EVP_ASYM_CIPHER_free.pod +++ b/doc/man3/EVP_ASYM_CIPHER_free.pod @@ -89,7 +89,7 @@ The functions described here were added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod b/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod index d0c521adbf..991b6a9d81 100644 --- a/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod +++ b/doc/man3/EVP_PKEY_CTX_set1_pbe_pass.pod @@ -61,7 +61,7 @@ OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod b/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod index 6fcecbe4f2..aae31710d7 100644 --- a/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod +++ b/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod @@ -159,7 +159,7 @@ OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod b/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod index 4cc79886bc..9c204b8b32 100644 --- a/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod +++ b/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod @@ -102,7 +102,7 @@ OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OCSP_resp_find_status.pod b/doc/man3/OCSP_resp_find_status.pod index 7c16b8c889..bc3c2127bc 100644 --- a/doc/man3/OCSP_resp_find_status.pod +++ b/doc/man3/OCSP_resp_find_status.pod @@ -197,7 +197,7 @@ L =head1 COPYRIGHT -Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod index 9a76567a10..b1f732257e 100644 --- a/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod +++ b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod @@ -100,7 +100,7 @@ The OpenSSL CRMF support was added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod index a9309bbf29..56a6814ea0 100644 --- a/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod +++ b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod @@ -43,7 +43,7 @@ The OpenSSL CRMF support was added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OSSL_CRMF_pbmp_new.pod b/doc/man3/OSSL_CRMF_pbmp_new.pod index 76ef43b149..9b4761b8ba 100644 --- a/doc/man3/OSSL_CRMF_pbmp_new.pod +++ b/doc/man3/OSSL_CRMF_pbmp_new.pod @@ -82,7 +82,7 @@ The OpenSSL CRMF support was added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OSSL_ENCODER.pod b/doc/man3/OSSL_ENCODER.pod index c418148dc4..46e3717276 100644 --- a/doc/man3/OSSL_ENCODER.pod +++ b/doc/man3/OSSL_ENCODER.pod @@ -125,7 +125,7 @@ The functions described here were added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OSSL_ENCODER_CTX.pod b/doc/man3/OSSL_ENCODER_CTX.pod index 01587ff7cb..e8771fc087 100644 --- a/doc/man3/OSSL_ENCODER_CTX.pod +++ b/doc/man3/OSSL_ENCODER_CTX.pod @@ -198,7 +198,7 @@ The functions described here were added in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/OSSL_STORE_SEARCH.pod b/doc/man3/OSSL_STORE_SEARCH.pod index 82ff05f9ef..79186b0899 100644 --- a/doc/man3/OSSL_STORE_SEARCH.pod +++ b/doc/man3/OSSL_STORE_SEARCH.pod @@ -183,7 +183,7 @@ were added in OpenSSL 1.1.1. =head1 COPYRIGHT -Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/PKCS12_SAFEBAG_create_cert.pod b/doc/man3/PKCS12_SAFEBAG_create_cert.pod index 380cde5612..be0aee4226 100644 --- a/doc/man3/PKCS12_SAFEBAG_create_cert.pod +++ b/doc/man3/PKCS12_SAFEBAG_create_cert.pod @@ -70,7 +70,7 @@ L =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/PKCS12_SAFEBAG_get1_cert.pod b/doc/man3/PKCS12_SAFEBAG_get1_cert.pod index e1bff6a1c8..b89b17eeaf 100644 --- a/doc/man3/PKCS12_SAFEBAG_get1_cert.pod +++ b/doc/man3/PKCS12_SAFEBAG_get1_cert.pod @@ -64,7 +64,7 @@ L =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/PKCS12_parse.pod b/doc/man3/PKCS12_parse.pod index 3697546976..f16600147b 100644 --- a/doc/man3/PKCS12_parse.pod +++ b/doc/man3/PKCS12_parse.pod @@ -67,7 +67,7 @@ L =head1 COPYRIGHT -Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/PKCS7_sign.pod b/doc/man3/PKCS7_sign.pod index 62427581f7..8a4a74ffab 100644 --- a/doc/man3/PKCS7_sign.pod +++ b/doc/man3/PKCS7_sign.pod @@ -121,7 +121,7 @@ The B flag was added in OpenSSL 1.0.0. =head1 COPYRIGHT -Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/SSL_CTX_set_ssl_version.pod b/doc/man3/SSL_CTX_set_ssl_version.pod index 20efe0fbf7..ba2b816f38 100644 --- a/doc/man3/SSL_CTX_set_ssl_version.pod +++ b/doc/man3/SSL_CTX_set_ssl_version.pod @@ -71,7 +71,7 @@ SSL_CTX_set_ssl_version() was deprecated in OpenSSL 3.0. =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/UI_new.pod b/doc/man3/UI_new.pod index c3852587eb..eb80f453d5 100644 --- a/doc/man3/UI_new.pod +++ b/doc/man3/UI_new.pod @@ -245,7 +245,7 @@ The UI_dup_user_data() function was added in OpenSSL 1.1.1. =head1 COPYRIGHT -Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/X509_NAME_print_ex.pod b/doc/man3/X509_NAME_print_ex.pod index ccb4b5629a..e43bb191f5 100644 --- a/doc/man3/X509_NAME_print_ex.pod +++ b/doc/man3/X509_NAME_print_ex.pod @@ -122,7 +122,7 @@ L =head1 COPYRIGHT -Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/X509_cmp.pod b/doc/man3/X509_cmp.pod index 7460d901db..1e6a166e65 100644 --- a/doc/man3/X509_cmp.pod +++ b/doc/man3/X509_cmp.pod @@ -73,7 +73,7 @@ L, L =head1 COPYRIGHT -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man3/d2i_DHparams.pod b/doc/man3/d2i_DHparams.pod index 83c3fd9c4b..1f3ecded50 100644 --- a/doc/man3/d2i_DHparams.pod +++ b/doc/man3/d2i_DHparams.pod @@ -32,7 +32,7 @@ L =head1 COPYRIGHT -Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/doc/man7/RAND.pod b/doc/man7/RAND.pod index d5fa154224..7bad23a0ca 100644 --- a/doc/man7/RAND.pod +++ b/doc/man7/RAND.pod @@ -74,7 +74,7 @@ L =head1 COPYRIGHT -Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy diff --git a/fuzz/test-corpus.c b/fuzz/test-corpus.c index 6491d0c21c..aaeec77860 100644 --- a/fuzz/test-corpus.c +++ b/fuzz/test-corpus.c @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"); * you may not use this file except in compliance with the License. diff --git a/include/crypto/asn1_dsa.h b/include/crypto/asn1_dsa.h index a51de6faf0..df6ca0fe9c 100644 --- a/include/crypto/asn1_dsa.h +++ b/include/crypto/asn1_dsa.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/crypto/bn.h b/include/crypto/bn.h index c1d5b2b3ec..4060541886 100644 --- a/include/crypto/bn.h +++ b/include/crypto/bn.h @@ -1,5 +1,5 @@ /* - * Copyright 2014-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2014-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/crypto/punycode.h b/include/crypto/punycode.h index ec97c17cab..ab31494060 100644 --- a/include/crypto/punycode.h +++ b/include/crypto/punycode.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/crypto/sm2.h b/include/crypto/sm2.h index a83c20b7af..fe87c84bba 100644 --- a/include/crypto/sm2.h +++ b/include/crypto/sm2.h @@ -1,5 +1,5 @@ /* - * Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright 2017 Ribose Inc. All Rights Reserved. * Ported from Ribose contributions from Botan. * diff --git a/include/internal/namemap.h b/include/internal/namemap.h index a6c2597e79..685ccb41c1 100644 --- a/include/internal/namemap.h +++ b/include/internal/namemap.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/include/openssl/md5.h b/include/openssl/md5.h index c61b3d94c8..c111639b5d 100644 --- a/include/openssl/md5.h +++ b/include/openssl/md5.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes.h b/providers/implementations/ciphers/cipher_aes.h index 2fa96582ce..7eaf76c8c4 100644 --- a/providers/implementations/ciphers/cipher_aes.h +++ b/providers/implementations/ciphers/cipher_aes.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_ccm.h b/providers/implementations/ciphers/cipher_aes_ccm.h index 2c3ebd0950..fd35080db3 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm.h +++ b/providers/implementations/ciphers/cipher_aes_ccm.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_ccm_hw_aesni.inc b/providers/implementations/ciphers/cipher_aes_ccm_hw_aesni.inc index 12b2bfe96b..1860f3f701 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm_hw_aesni.inc +++ b/providers/implementations/ciphers/cipher_aes_ccm_hw_aesni.inc @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_ccm_hw_s390x.inc b/providers/implementations/ciphers/cipher_aes_ccm_hw_s390x.inc index 9a9f12875f..7253f03a7e 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm_hw_s390x.inc +++ b/providers/implementations/ciphers/cipher_aes_ccm_hw_s390x.inc @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_ccm_hw_t4.inc b/providers/implementations/ciphers/cipher_aes_ccm_hw_t4.inc index f81f422d5a..f659ab9b2d 100644 --- a/providers/implementations/ciphers/cipher_aes_ccm_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_aes_ccm_hw_t4.inc @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_gcm.h b/providers/implementations/ciphers/cipher_aes_gcm.h index 2fe5e5499e..bcffa15871 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm.h +++ b/providers/implementations/ciphers/cipher_aes_gcm.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_gcm_hw_s390x.inc b/providers/implementations/ciphers/cipher_aes_gcm_hw_s390x.inc index 256b9cb91c..f797093928 100644 --- a/providers/implementations/ciphers/cipher_aes_gcm_hw_s390x.inc +++ b/providers/implementations/ciphers/cipher_aes_gcm_hw_s390x.inc @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc index 22bc1ce1db..13b52d5987 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_aesni.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_aesni.inc @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc index f6f5e68559..ff88673f14 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_s390x.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_s390x.inc @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_ocb.h b/providers/implementations/ciphers/cipher_aes_ocb.h index 674f4bbccc..370717b436 100644 --- a/providers/implementations/ciphers/cipher_aes_ocb.h +++ b/providers/implementations/ciphers/cipher_aes_ocb.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aes_xts.h b/providers/implementations/ciphers/cipher_aes_xts.h index 3e2bbebba3..95b5c9074c 100644 --- a/providers/implementations/ciphers/cipher_aes_xts.h +++ b/providers/implementations/ciphers/cipher_aes_xts.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aria.h b/providers/implementations/ciphers/cipher_aria.h index 7a5986087e..39f84d3b43 100644 --- a/providers/implementations/ciphers/cipher_aria.h +++ b/providers/implementations/ciphers/cipher_aria.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aria_ccm.h b/providers/implementations/ciphers/cipher_aria_ccm.h index c1865ce5e0..558da4973f 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm.h +++ b/providers/implementations/ciphers/cipher_aria_ccm.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aria_ccm_hw.c b/providers/implementations/ciphers/cipher_aria_ccm_hw.c index bfdb75be81..ec39f5702f 100644 --- a/providers/implementations/ciphers/cipher_aria_ccm_hw.c +++ b/providers/implementations/ciphers/cipher_aria_ccm_hw.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aria_gcm.h b/providers/implementations/ciphers/cipher_aria_gcm.h index 973586bdec..6251e8322f 100644 --- a/providers/implementations/ciphers/cipher_aria_gcm.h +++ b/providers/implementations/ciphers/cipher_aria_gcm.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_aria_hw.c b/providers/implementations/ciphers/cipher_aria_hw.c index e5490e68b4..f457aaf750 100644 --- a/providers/implementations/ciphers/cipher_aria_hw.c +++ b/providers/implementations/ciphers/cipher_aria_hw.c @@ -1,5 +1,5 @@ /* - * Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_blowfish.h b/providers/implementations/ciphers/cipher_blowfish.h index 3fa86eeac6..bbdc9da378 100644 --- a/providers/implementations/ciphers/cipher_blowfish.h +++ b/providers/implementations/ciphers/cipher_blowfish.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_camellia.h b/providers/implementations/ciphers/cipher_camellia.h index 2dd658f00e..bd4debcd39 100644 --- a/providers/implementations/ciphers/cipher_camellia.h +++ b/providers/implementations/ciphers/cipher_camellia.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_cast.h b/providers/implementations/ciphers/cipher_cast.h index fdba630f09..84b58621c1 100644 --- a/providers/implementations/ciphers/cipher_cast.h +++ b/providers/implementations/ciphers/cipher_cast.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_chacha20_hw.c b/providers/implementations/ciphers/cipher_chacha20_hw.c index c298c6f0a3..06cb6b12d3 100644 --- a/providers/implementations/ciphers/cipher_chacha20_hw.c +++ b/providers/implementations/ciphers/cipher_chacha20_hw.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_chacha20_poly1305.h b/providers/implementations/ciphers/cipher_chacha20_poly1305.h index c7c3e88741..1f6f0066dc 100644 --- a/providers/implementations/ciphers/cipher_chacha20_poly1305.h +++ b/providers/implementations/ciphers/cipher_chacha20_poly1305.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_idea.h b/providers/implementations/ciphers/cipher_idea.h index cb3541a031..212efa8af5 100644 --- a/providers/implementations/ciphers/cipher_idea.h +++ b/providers/implementations/ciphers/cipher_idea.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_rc2.h b/providers/implementations/ciphers/cipher_rc2.h index fca1e95271..7a4bea5ac4 100644 --- a/providers/implementations/ciphers/cipher_rc2.h +++ b/providers/implementations/ciphers/cipher_rc2.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_rc4.h b/providers/implementations/ciphers/cipher_rc4.h index ec038bdde5..40d822ceb2 100644 --- a/providers/implementations/ciphers/cipher_rc4.h +++ b/providers/implementations/ciphers/cipher_rc4.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_rc4_hmac_md5.h b/providers/implementations/ciphers/cipher_rc4_hmac_md5.h index 042f5f13df..1697aabbf3 100644 --- a/providers/implementations/ciphers/cipher_rc4_hmac_md5.h +++ b/providers/implementations/ciphers/cipher_rc4_hmac_md5.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_rc5.h b/providers/implementations/ciphers/cipher_rc5.h index 508b662cfe..c630e7c87b 100644 --- a/providers/implementations/ciphers/cipher_rc5.h +++ b/providers/implementations/ciphers/cipher_rc5.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_seed.h b/providers/implementations/ciphers/cipher_seed.h index 21f8b6e384..9006a9183b 100644 --- a/providers/implementations/ciphers/cipher_seed.h +++ b/providers/implementations/ciphers/cipher_seed.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_sm4.h b/providers/implementations/ciphers/cipher_sm4.h index e1b3363a40..f7f833fcb4 100644 --- a/providers/implementations/ciphers/cipher_sm4.h +++ b/providers/implementations/ciphers/cipher_sm4.h @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_sm4_hw.c b/providers/implementations/ciphers/cipher_sm4_hw.c index 49cde3421d..5cfa81d46f 100644 --- a/providers/implementations/ciphers/cipher_sm4_hw.c +++ b/providers/implementations/ciphers/cipher_sm4_hw.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/cipher_tdes_default.h b/providers/implementations/ciphers/cipher_tdes_default.h index 7d2f1cb034..dc8458b5da 100644 --- a/providers/implementations/ciphers/cipher_tdes_default.h +++ b/providers/implementations/ciphers/cipher_tdes_default.h @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/ciphers/ciphercommon_hw.c b/providers/implementations/ciphers/ciphercommon_hw.c index d52c570d7f..7063593011 100644 --- a/providers/implementations/ciphers/ciphercommon_hw.c +++ b/providers/implementations/ciphers/ciphercommon_hw.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/digests/digestcommon.c b/providers/implementations/digests/digestcommon.c index d4910e121d..6d926713c8 100644 --- a/providers/implementations/digests/digestcommon.c +++ b/providers/implementations/digests/digestcommon.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/digests/sm3_prov.c b/providers/implementations/digests/sm3_prov.c index aa586cb1f5..fec3dcbef3 100644 --- a/providers/implementations/digests/sm3_prov.c +++ b/providers/implementations/digests/sm3_prov.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/macs/blake2b_mac.c b/providers/implementations/macs/blake2b_mac.c index d2127b304c..31c3dd03b3 100644 --- a/providers/implementations/macs/blake2b_mac.c +++ b/providers/implementations/macs/blake2b_mac.c @@ -1,5 +1,5 @@ /* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/providers/implementations/macs/blake2s_mac.c b/providers/implementations/macs/blake2s_mac.c index 0c8281dbed..54db7e3a92 100644 --- a/providers/implementations/macs/blake2s_mac.c +++ b/providers/implementations/macs/blake2s_mac.c @@ -1,5 +1,5 @@ /* - * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/ssl/statem/statem_dtls.c b/ssl/statem/statem_dtls.c index 84ae35b655..8f7ec0c695 100644 --- a/ssl/statem/statem_dtls.c +++ b/ssl/statem/statem_dtls.c @@ -1,5 +1,5 @@ /* - * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/test/asn1_dsa_internal_test.c b/test/asn1_dsa_internal_test.c index 89e3c33a15..9beb382af7 100644 --- a/test/asn1_dsa_internal_test.c +++ b/test/asn1_dsa_internal_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/test/bntest.c b/test/bntest.c index 5ec35181f1..b6147395fd 100644 --- a/test/bntest.c +++ b/test/bntest.c @@ -1,5 +1,5 @@ /* - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/test/context_internal_test.c b/test/context_internal_test.c index e2d7b0f441..0b786adf67 100644 --- a/test/context_internal_test.c +++ b/test/context_internal_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/test/lhash_test.c b/test/lhash_test.c index a9aac5fb86..537ae1876c 100644 --- a/test/lhash_test.c +++ b/test/lhash_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/test/pkey_meth_kdf_test.c b/test/pkey_meth_kdf_test.c index 1d3e9eca3c..f816d24fb5 100644 --- a/test/pkey_meth_kdf_test.c +++ b/test/pkey_meth_kdf_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2017-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/01-test_symbol_presence.t b/test/recipes/01-test_symbol_presence.t index 81f9d59e0e..9df57de421 100644 --- a/test/recipes/01-test_symbol_presence.t +++ b/test/recipes/01-test_symbol_presence.t @@ -1,6 +1,6 @@ #! /usr/bin/env perl # -*- mode: Perl -*- -# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/25-test_eai_data.t b/test/recipes/25-test_eai_data.t index ccdb09dd9c..9b42229e94 100644 --- a/test/recipes/25-test_eai_data.t +++ b/test/recipes/25-test_eai_data.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpciph_bf.txt b/test/recipes/30-test_evp_data/evpciph_bf.txt index d0fcb288ec..26b530780b 100644 --- a/test/recipes/30-test_evp_data/evpciph_bf.txt +++ b/test/recipes/30-test_evp_data/evpciph_bf.txt @@ -1,5 +1,5 @@ # -# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpciph_chacha.txt b/test/recipes/30-test_evp_data/evpciph_chacha.txt index 4fb1d2cc1b..3315a66f33 100644 --- a/test/recipes/30-test_evp_data/evpciph_chacha.txt +++ b/test/recipes/30-test_evp_data/evpciph_chacha.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpciph_des.txt b/test/recipes/30-test_evp_data/evpciph_des.txt index d501e43cdd..db8087d70f 100644 --- a/test/recipes/30-test_evp_data/evpciph_des.txt +++ b/test/recipes/30-test_evp_data/evpciph_des.txt @@ -1,5 +1,5 @@ # -# Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpciph_sm4.txt b/test/recipes/30-test_evp_data/evpciph_sm4.txt index 464c4750eb..ec8a45bd3f 100644 --- a/test/recipes/30-test_evp_data/evpciph_sm4.txt +++ b/test/recipes/30-test_evp_data/evpciph_sm4.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpencod.txt b/test/recipes/30-test_evp_data/evpencod.txt index 8584d532fd..16bcb9aa23 100644 --- a/test/recipes/30-test_evp_data/evpencod.txt +++ b/test/recipes/30-test_evp_data/evpencod.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpkdf_krb5.txt b/test/recipes/30-test_evp_data/evpkdf_krb5.txt index 8c515ae39b..d8f6aa72a1 100644 --- a/test/recipes/30-test_evp_data/evpkdf_krb5.txt +++ b/test/recipes/30-test_evp_data/evpkdf_krb5.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpkdf_scrypt.txt b/test/recipes/30-test_evp_data/evpkdf_scrypt.txt index a7eb3a0789..7aba716246 100644 --- a/test/recipes/30-test_evp_data/evpkdf_scrypt.txt +++ b/test/recipes/30-test_evp_data/evpkdf_scrypt.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpkdf_ss.txt b/test/recipes/30-test_evp_data/evpkdf_ss.txt index 82c1d4e561..6de5c2d999 100644 --- a/test/recipes/30-test_evp_data/evpkdf_ss.txt +++ b/test/recipes/30-test_evp_data/evpkdf_ss.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpmd_blake.txt b/test/recipes/30-test_evp_data/evpmd_blake.txt index 1d0ba59806..add7d4e3fe 100644 --- a/test/recipes/30-test_evp_data/evpmd_blake.txt +++ b/test/recipes/30-test_evp_data/evpmd_blake.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpmd_ripemd.txt b/test/recipes/30-test_evp_data/evpmd_ripemd.txt index 6c63cc7db2..4b876fbaa8 100644 --- a/test/recipes/30-test_evp_data/evpmd_ripemd.txt +++ b/test/recipes/30-test_evp_data/evpmd_ripemd.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpmd_sm3.txt b/test/recipes/30-test_evp_data/evpmd_sm3.txt index f2546b5acc..b699584869 100644 --- a/test/recipes/30-test_evp_data/evpmd_sm3.txt +++ b/test/recipes/30-test_evp_data/evpmd_sm3.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evpmd_whirlpool.txt b/test/recipes/30-test_evp_data/evpmd_whirlpool.txt index 148969ac1d..0e0b0755bb 100644 --- a/test/recipes/30-test_evp_data/evpmd_whirlpool.txt +++ b/test/recipes/30-test_evp_data/evpmd_whirlpool.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/30-test_evp_data/evppbe_pkcs12.txt b/test/recipes/30-test_evp_data/evppbe_pkcs12.txt index 5ba3f5840a..701b2cbe92 100644 --- a/test/recipes/30-test_evp_data/evppbe_pkcs12.txt +++ b/test/recipes/30-test_evp_data/evppbe_pkcs12.txt @@ -1,5 +1,5 @@ # -# Copyright 2001-2017 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2001-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/65-test_cmp_msg.t b/test/recipes/65-test_cmp_msg.t index b74b2dc2ed..8525b6539f 100644 --- a/test/recipes/65-test_cmp_msg.t +++ b/test/recipes/65-test_cmp_msg.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. # Copyright Nokia 2007-2019 # Copyright Siemens AG 2015-2019 # diff --git a/test/recipes/65-test_cmp_protect.t b/test/recipes/65-test_cmp_protect.t index eb8e75d485..54219e386a 100644 --- a/test/recipes/65-test_cmp_protect.t +++ b/test/recipes/65-test_cmp_protect.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved. # Copyright Nokia 2007-2019 # Copyright Siemens AG 2015-2019 # diff --git a/test/recipes/80-test_pkcs12.t b/test/recipes/80-test_pkcs12.t index e474d4448c..07cd91f196 100644 --- a/test/recipes/80-test_pkcs12.t +++ b/test/recipes/80-test_pkcs12.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/recipes/90-test_shlibload.t b/test/recipes/90-test_shlibload.t index 96e3e6e12e..e73748279b 100644 --- a/test/recipes/90-test_shlibload.t +++ b/test/recipes/90-test_shlibload.t @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/test/stack_test.c b/test/stack_test.c index 3aa0b08a43..0c1648da77 100644 --- a/test/stack_test.c +++ b/test/stack_test.c @@ -1,5 +1,5 @@ /* - * Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. * Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use diff --git a/test/uitest.c b/test/uitest.c index d45d57d9fb..9013126f73 100644 --- a/test/uitest.c +++ b/test/uitest.c @@ -1,5 +1,5 @@ /* - * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy diff --git a/util/mknum.pl b/util/mknum.pl index 8f840ffe7f..45f3381c81 100644 --- a/util/mknum.pl +++ b/util/mknum.pl @@ -1,6 +1,6 @@ #! /usr/bin/env perl -# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy diff --git a/util/perl/OpenSSL/Ordinals.pm b/util/perl/OpenSSL/Ordinals.pm index 8f113fb8f6..4b337c6ffd 100644 --- a/util/perl/OpenSSL/Ordinals.pm +++ b/util/perl/OpenSSL/Ordinals.pm @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2018-2020 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the Apache License 2.0 (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy From matt at openssl.org Thu Oct 15 13:32:12 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 13:32:12 +0000 Subject: [web] master update Message-ID: <1602768732.350619.21688.nullmailer@dev.openssl.org> The branch master has been updated via 6353e2de0800ad057bf5d9abb1fb82955d3144da (commit) from ccf53c574247ac38f8ebfa956c0dee6d9501ed62 (commit) - Log ----------------------------------------------------------------- commit 6353e2de0800ad057bf5d9abb1fb82955d3144da Author: Matt Caswell Date: Thu Oct 15 14:23:01 2020 +0100 Update newsflash for alpha7 release Reviewed-by: Mark J. Cox Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/202) ----------------------------------------------------------------------- Summary of changes: news/newsflash.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/news/newsflash.txt b/news/newsflash.txt index 25cb6db..79dda77 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -5,6 +5,7 @@ # headings. URL paths must all be absolute. Date: Item +15-Oct-2020: Alpha 7 of OpenSSL 3.0 is now available: please download and test it 22-Sep-2020: OpenSSL 1.1.1h is now available, including bug fixes 09-Sep-2020: Security Advisory: Raccoon attack 05-Sep-2020: New Blog post: OpenSSL Is Looking for a Full Time Administrator and Manager From matt at openssl.org Thu Oct 15 13:34:49 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 13:34:49 +0000 Subject: [openssl] master update Message-ID: <1602768889.573289.2672.nullmailer@dev.openssl.org> The branch master has been updated via e8dca211b4bb0261bc4d2adfd2782fd171bd6cfb (commit) via f9a5682e5c0fbf8b17319d71b0040dba9f8b46ee (commit) from eec0ad10b943bc10690358cf2db32ca06c3e81a0 (commit) - Log ----------------------------------------------------------------- commit e8dca211b4bb0261bc4d2adfd2782fd171bd6cfb Author: Matt Caswell Date: Thu Oct 15 14:16:19 2020 +0100 Prepare for 3.0 alpha 8 Reviewed-by: Nicola Tuveri commit f9a5682e5c0fbf8b17319d71b0040dba9f8b46ee Author: Matt Caswell Date: Thu Oct 15 14:15:55 2020 +0100 Prepare for release of 3.0 alpha 7 Reviewed-by: Nicola Tuveri ----------------------------------------------------------------------- Summary of changes: VERSION.dat | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION.dat b/VERSION.dat index fa4e93c5f0..2c8ab6f52d 100644 --- a/VERSION.dat +++ b/VERSION.dat @@ -1,7 +1,7 @@ MAJOR=3 MINOR=0 PATCH=0 -PRE_RELEASE_TAG=alpha7-dev +PRE_RELEASE_TAG=alpha8-dev BUILD_METADATA= RELEASE_DATE="" SHLIB_VERSION=3 From matt at openssl.org Thu Oct 15 13:34:49 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 13:34:49 +0000 Subject: [openssl] openssl-101e-no-gmt-time-v1 create Message-ID: <1602768889.815965.2736.nullmailer@dev.openssl.org> The annotated tag openssl-101e-no-gmt-time-v1 has been created at e8da5107b8eafdb2b9b4e39dfda9dd16a17b26b1 (tag) tagging f4c93b46edb51da71f09eda99e83eaf193a33c08 (commit) replaces OpenSSL_1_0_1e tagged by Nick Mathewson on Tue Sep 17 16:49:32 2013 -0400 - Log ----------------------------------------------------------------- OpenSSL 1.0.1e, plus a patch to disable gmt_unix_time. This is the first version ot the patch, and the one I sent to Ben. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQGVAwUAUjjAYpEDl9iNKTGaAQKczwv+P5p/oJnvxuR9GxcOJ6pDtyDu1gt3QPhs tgw1hrqNP9ceGj0tR7wB8VLJT2fq99p209gjd/0k6NbYeJskqrclqShTRD9e1BnD uP3ouSZDsz0XCCccsXMn1UnbL+7HNzit45uNqIXNZZb+Xklt4VuzVKLaNtUJQwKA KyK5qc3tQPX3XP9fqKv6u0i6eLgdYZJ6sHDvzyvQyR5cn5lDdvTEHf3JgDeM0WgZ 6Rty82hSXnKUQ2rsm3eOk3XWAoOPB7tdW4wWNBimpQ4RL3B6eWAjiYDziV1zkbDU hkwbk0imUuJaPo17nzJX4sbUcknCDVYpt0/9E7hUEXlOUpuzt7wp+7Qz3scU0Lvo KyTxGHqmFV7Q+fxtTcXf+6c5gjFc1E89LPxOV6MneKMk11eP88pEShnUssVcr8Id GZYl3bEf6bXZ5K6t+ft9J2Zps3rFP2JC7PJGJ3+ZFtFJJF7Ng+qLsiZbhOYfbXUB HaaIeXWS7hn7EhOxAnJ1TI2Tcu/+T0NQ =WH1j -----END PGP SIGNATURE----- Nick Mathewson (2): Do not include a timestamp in the ClientHello Random field. Do not include a timestamp in the ServerHello Random field. ----------------------------------------------------------------------- From matt at openssl.org Thu Oct 15 13:34:49 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 13:34:49 +0000 Subject: [openssl] openssl-3.0.0-alpha7 create Message-ID: <1602768889.925427.2772.nullmailer@dev.openssl.org> The annotated tag openssl-3.0.0-alpha7 has been created at 062506642b11e4231e78a80a7b030fed07127946 (tag) tagging f9a5682e5c0fbf8b17319d71b0040dba9f8b46ee (commit) replaces openssl-3.0.0-alpha6 tagged by Matt Caswell on Thu Oct 15 14:16:06 2020 +0100 - Log ----------------------------------------------------------------- OpenSSL 3.0.0-alpha7 release tag -----BEGIN PGP SIGNATURE----- iQFFBAABCAAvFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl+IS5YRHG1hdHRAb3Bl bnNzbC5vcmcACgkQ2cTSbQ5gRJHapwgAuPb61BIl0qEs05Z/mc9DUd7A8xKogDWM ZGrRX/3Z9cDHbLZyq+zH58esTDiJJ+EzoArTcz/ng8/HVaf0+JxX2Oh3pP/Wh9i4 KbQfm+O5qvi8JkX1oCtZveMSI6o5IyIqC2llHZmCyDHkzvFPxUB04ENy++phM4QO p5xTmE6NqhdCfF7IFEHPwZrGzkdH9kycUJniZOv8pCZvvpHBq5IIHiIiABc9yQ/G 9M9Ka2Ay6yaqhBf4d3xl8ZQMevmtlgEHFGJf6ynRtIMYhcl6cA4g8hNNVmXZFnZU T4Q06PX+tqyUGlqy1wswlPCpdhxjEG1ObzoVhHhezWges2y3wIt2pQ== =90me -----END PGP SIGNATURE----- Akshit Akhoury (1): Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE Alexander Borkowski (1): s_client.pod: Fix grammar in NOTES section. Andr? Klitzing (1): Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE Benjamin Kaduk (21): Support cipher provider "iv state" Deprecate and replace EVP_CIPHER_CTX_iv()/etc. Add tests for new EVP_CIPHER_CTX IV accessors Make GCM providers more generous about fetching IVs Document EVP_CIPHER_CTX IV accessors Retire EVP_CTRL_GET_IV Use local IV storage in e_aes.c Use local IV storage in e_aes_ebc_hmac_sha1.c Use local IV storage in e_aes_ebc_hmac_sha256.c Use local IV storage in e_aria.c Use local IV storage in e_camellia.c Use local IV storage in e_des.c Use local IV storage in e_des3.c Use local IV storage in e_sm4.c Use local IV storage in e_xcbc_d.c Use local IV storage in e_rc2.c Use local IV storage in EVP BLOCK_* macros Avoid deprecated function in evp_lib.c Avoid deprecated API in evp_test.c Expose S390x HW ciphers' IV state to provider layer Mark SSL_CTX_set_ssl_version() as deprecated in 3.0 Benny Baumann (2): Use size of target buffer for allocation Avoid memory leak of parent on allocation failure for child structure Biswapriyo Nath (1): fuzz/test-corpus: check if PATH_MAX is already defined C.W. Betts (1): Initial Apple Silicon support. Chris Novakovic (1): apps/ca: allow CRL lastUpdate/nextUpdate fields to be specified Daniel Bevenius (5): Fix typo in FIPS_MODULE endif macro comment Fix typo in bind_loader_attic comment DOC: remove OPENSSL_CTX from OSSL_DECODER_CTX_new ERR: fix comment typo in err.c Set mark and pop error in d2i_PrivateKey_ex David Benjamin (1): Deprecate ASN1_STRING_length_set in OpenSSL 3.0. Dmitry Belyavskiy (16): Update gost-engine to fix API rename Punycode decoding implementation RFC 8398: Name constraints validation RFC 8398: EAI comparison Add NID_id_on_SmtpUTF8Mailbox to table of X.509 attributes RFC 8398: documentation EAI test script and data Documentation for internal PUNYCODE-related functions Replace hierogliphs with stub to pass tests Fix PKCS#7 so that it still works with non fetchable digest algorithms. Fix PKCS#7 so that it still works with non fetchable cipher algorithms. New GOST PKCS12 standard support HMAC should work with non-provided digests Some OIDs used in Russian X.509 certificates. Tests for processing zero-length content in SMIME format Fix zero-length content verification in S/MIME format Dr. David von Oheimb (103): Introduce X509_add_cert[s] simplifying various additions to cert lists Remove needless #ifndef OPENSSL_NO_SOCK for X509_{CRL_}load_http OSSL_STORE file_load_try_decode(): Avoid flooding error queue by failed tries PKCS12_parse(): Fix reversed order of certs parsed and output via *ca PKCS12_parse(): Clean up code and correct documentation Fix mem leaks on PKCS#12 read error in PKCS12_key_gen_{asc,utf8} apps: make use of OSSL_STORE for generalized certs and CRLs loading Make better use of new load_cert_pass() variant of load_cert() in apps/ Make sure x509v3_cache_extensions() does not modify the error queue Add prerequisite #include directives to include/crypto/x509.h Correct the #define's of EVP_PKEY_CTRL_SET1_ID and EVP_PKEY_CTRL_GET1_ID{,_LEN} testutil: Make SETUP_TEST_FIXTURE return 0 on fixture == NULL testutil: Add provider.c with test_get_libctx(), to use at least for SSL and CMP Re-word null->empty property; improve iteration.count example in property.pod x_x509.c: Simplify X509_new_with_libctx() using x509_set0_libctx() Add libctx and propq param to ASN.1 sign/verify/HMAC/decrypt Update CMP header file references in internal CMP documentation cmp_vfy.c: Fix bug: must verify msg signature also in 3GPP mode Add libctx and propq parameters to OSSL_CMP_{SRV_},CTX_new() and ossl_cmp_mock_srv_new() Add OPENSSL_CTX parameter to OSSL_CRMF_pbmp_new() and improve its doc crypto/cmp: Prevent misleading errors in case x509v3_cache_extensions() fails cmp_hdr.c: Adapt ossl_cmp_hdr_init() to use OPENSSL_CTX for random number generation cmp_util.c: Add OPENSSL_CTX parameter to ossl_cmp_build_cert_chain(), improve its doc cmp_msg.c: Copy libctx and propq of CMP_CTX to newly enrolled certificate Use in CMP+CRMF libctx and propq param added to sign/verify/HMAC/decrypt Add libctx/provider support to cmp_client_test Add libctx/provider support to cmp_vfy_test Add libctx/provider support to cmp_protect_test Add libctx/provider support to cmp_msg_test run_tests.pl: Add warning that HARNESS_JOBS > 1 overrides HARNESS_VERBOSE X509_add_certs(): Add to doc some warning notes on memory management apps/pkcs12.c: Add -untrusted option Add -verbosity option to apps/cmp.c and add log output also in crypto/cmp apps/cmp.c: Clean up loading of certificates and CRLs Add OSSL_CMP_CTX_get1_newChain() and related CLI option -chainout Strengthen chain building for CMP OSSL_CMP_CTX: rename field and its getter/setter from 'untrusted_certs' to 'untrusted X509_STORE_CTX_print_verify_cb(): add AKID and SKID output for (non-)trusted certs OSSL_HTTP_parse_url(): add optional port number return parameter and strengthen documentation apps/cmp.c: Use enhanced OSSL_HTTP_parse_url(), removing parse_addr() and atoint() apps/cmp.c: Allow default HTTP path (aka CMP alias) given with -server option Add 4 new OIDs for PKIX key purposes and 3 new CMP information types Allow unauthenticated CMP server if missing -trusted, -srvcert, and -secret options Clean up CMP chain building for CMP signer, TLS client, and newly enrolled certs Replace all wrong usages of 'B<...>' (typically by 'I<...>') in OSSL_CMP_CTX_new.pod apps.c: Fix diagnostics and return value of load_key_certs_crls() on error apps/cmp.c: clear leftover errors on loading libengines.so etc. apps.c: Fix mem leaks on error in load_certs() and load_crls() 81-test_cmp_cli.t: Stop unlinking test output files according to #11080 81-test_cmp_cli: Make test output files all different according to #11080 test/recipes/81-test_cmp_cli_data/Mock/server.cnf: minor cleanup test/cmp_{client,msg}_test.c: minor code cleanup bugfix in ossl_cmp_msg_add_extraCerts(): should include cert chain when using PBM bugfix in ossl_cmp_msg_protect(): set senderKID and extend extraCerts also for unprotected CMP requests bugfix in apps/cmp.c and cmp_client.c: inconsistencies on retrieving extraCerts in code and doc app_load_config_bio(): fix crash on error X509_NAME_print_ex.pod: re-format lines to fit within 80 chars limit X509_NAME_oneline(): Fix output of multi-valued RDNs, escaping '/' and '+' in values X509_NAME_cmp: restrict normal return values to {-1,0,1} to avoid confusion with -2 for error X509_NAME_add_entry_by_txt.pod: Improve documentation w.r.t. multi-valued RDNs (containing sets of AVAs) X509_NAME_cmp(): Clearly document its semantics, referencing relevant RFCs Add/harmonize multi-valued RDN support and doc of ca, cmp, req, storeutl, and x509 apps apps_ui.c: Improve error handling and return value of setup_ui_method() apps_ui.c: Correct handling of empty password from -passin apps_ui.c: Correct password prompt for ui_method apps/cmp.c: Improve safeguard assertion on consistency of cmp_options[] and cmp_vars[] Extend X509 cert checks and error reporting in v3_{purp,crld}.c and x509_{set,vfy}.c check_chain_extensions(): Add check that Basic Constraints of CA cert are marked critical check_chain_extensions(): Add check that AKID and SKID are not marked critical check_chain_extensions(): Add check that on empty Subject the SAN must be marked critical check_chain_extensions(): Add check that CA cert includes key usage extension x509_vfy.c: Make sure that strict checks are not done for self-issued EE certs check_chain_extensions(): Change exclusion condition w.r.t. RFC 6818 section 2 check_chain_extensions(): Require X.509 v3 if extensions are present apps/cmp.c: Improve documentation of -secret, -cert, and -key options apps/cmp.c: Improve documentation of -extracerts, -untrusted, and -otherpass apps/cmp.c: Improve user guidance on missing -subject etc. options openssl-cmp.pod.in: Update Insta Demo CA port number in case needed OSSL_CMP_CTX_new.pod: improve doc of OSSL_CMP_CTX_get1_{extraCertsIn,caPubs} apps/cmp.c: Improve example given for -geninfo option (also in man page) Improve robustness and performance of building Unix static libraries Fix Coverity CID 1466708 - correct pointer calculation in one case ocsp_vfy.c: Clean up code w.r.t. coding guidelines and reduce redundancies load_key_certs_crls(): Restore output of fatal errors Prune low-level ASN.1 parse errors from error queue in decoder_process() apps/ca.c: Rename confusing variable 'req' to 'template_cert' in certify_cert() Test.pm: Some clarifications added to the documentation OCSP_resp_find_status.pod: Replace function arg references B<...> by I<...> OCSP_resp_find_status.pod: Slightly improve the documentation of various flags Implement treatment of id-pkix-ocsp-no-check extension for OCSP_basic_verify() appveyor.yml: Clean up minimal configuration, adding no-ec and pruning cascaded no-* 30-test_evp.t: On no-dh, no-dsa, no-ec, no-sm2, and no-gost configurations disable respective tests 25-test_x509.t: Add test for suitable error report loading unsupported sm2 cert Prune low-level ASN.1 parse errors from error queue in der2key_decode() etc. EC_GROUP_new_by_curve_name_with_libctx(): Add name of unknown group to error output check-format.pl: Document how to run positive and negative self-tests check-format.pl: Extend exceptions for no SPC after trailing ';' in 'for (...;)' check-format.pl: Allow nested indentation of labels (not only at line pos 1) Fix memory leak in req_cb() of x_req.c - handle distinguishing_id also with NO_SM2 Test.pm: Add result_dir and export both result_dir and result_file Move CMP CLI test output files to BLDTOP/test-runs/test_cmp_cli/ ocsp.h: Fix backward compatibility declaration of OCSP_parse_url() Correct and simplify use of ERR_clear_error() etc. for loading DSO libs Dr. Matthias St. Pierre (11): rand: fix typo in parameter name README.md: replace incorrect access token for the AppVeyor badge README.md: remove incorrect link to openssl.github.io test/drbgtest: improve the reseed after fork test prov/drbg: fix misspelling of '#ifdef FIPS_MODULE' prov/drbg: cleanup some RAND_DRBG leftovers drbg: revert renamings of the generate and reseed counter Update CHANGES and NEWS for 1.1.1h release Change CVE link style in CHANGES and NEWS Rename OPENSSL_CTX prefix to OSSL_LIB_CTX Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' Eric Curtin (1): Increase PSK_MAX_IDENTITY_LEN from 128 to 256 Felix Monninger (1): also zero pad DHE public key in ClientKeyExchange message for interop Henry N (1): Fix: ecp_nistz256-armv4.S bad arguments Hu Keping (1): Simplify the tarball generating scripts Ikko Ashimine (1): Fixed typo in ssl_lib.c Jakub Zelenka (1): Add CMS AuthEnvelopedData with AES-GCM support John Baldwin (13): Add a ktls_crypto_info_t typedef. Add helper functions for FreeBSD KTLS. Add support for KTLS receive for TLS 1.1-1.2 on FreeBSD. Don't check errno if ktls_read_record() returned 0. Support for KTLS TX on FreeBSD for TLS 1.3. Move KTLS inline functions only used by libssl into ssl/ktls.c. Refactor the KTLS tests to minimize code duplication. Skip tests using KTLS RX if KTLS RX is not supported. Skip tests using KTLS RX for TLS 1.3. Use global 'libctx' with RAND_bytes_ex to generate sendfile temp data. Fix the socket BIO control methods to use ktls_crypto_info_t. Remove unused dummy functions from ktls.h. Slightly abstract ktls_start() to reduce OS-specific #ifdefs. Jon Spillett (9): Add new APIs to get PKCS12 secretBag OID and value Add the correct enum value for DSA public key serialization Update test data for DSA public key text Avoid uninitialised variable warning for jobs Avoid AIX compiler issue by making the macro argument names not match any substring Use return code for 'which command' checks Fix up issue on AIX caused by broken compiler handling of macro expansion Allow zero-length secret for EVP_KDF API Make KDFs fail if requesting a zero-length key. Jordan Montgomery (1): Expose PKCS7_get_octet_string and PKCS7_type_is_other Jung-uk Kim (1): Ignore vendor name in Clang version number. Kelvin Lee (1): Use .cnf for config files, not .conf Kurt Roeckx (2): Support writing RSA keys using the traditional format again Use __BYTE_ORDER__ to test the endianness when available Marc (2): apps: -msg flag enhancement 1/2 apps: -msg flag enhancement 2/2 Matt Caswell (97): Prepare for 3.0 alpha 7 Implement a EVP_PKEY KDF to KDF provider bridge Extend the EVP_PKEY KDF to KDF provider bridge to also support HKDF Extend the EVP_PKEY KDF to KDF provider bridge to also support Scrypt Delete old KDF bridge EVP_PKEY_METHODS Update KDF documentation Minimise the size of the macros in kdf_exch.c Extend the EVP_PKEY KDF to KDF provider bridge to the FIPS provider Remove a TODO from evp_test Load the default config file before working with default properties Test that EVP_default_properties_is_fips_enabled() works early Fix stitched ciphersuites in TLS1.0 Test mte with stitched ciphersuites in TLSv1.0 Implement key management for the EVP_PKEY MAC to EVP_MAC provider bridge Implement signature functions for EVP_PKEY MAC to EVP_MAC provider bridge Make the provider side EVP PKEY MAC bridge available in default and fips Fix evp_extra_test to not assume that HMAC is legacy Convert EVP_PKEY_CTX_set_mac_key() into a function Fix some EVP_MD_CTX_* functions Ensure libssl creates libctx aware MAC keys Extend the provider MAC bridge for SIPHASH Don't require a default digest from signature algorithms Extend the provider MAC bridge for Poly1305 Extend the provider MAC bridge for CMAC Delete unused PKEY MAC files Extend test_CMAC_keygen in evp_extra_test Document the EVP_PKEY_new_CMAC_key_with_libctx() function Improve code reuse in the provider MAC bridge Add some documentation about the EVP_PKEY MAC interface Include "legacy" in the name of the various MAC bridge functions Improve some error messages if a digest is not available Check whether we have MD5-SHA1 and whether we need it Add an HMAC implementation that is TLS aware Start using the provider side TLS HMAC implementation Make ssl3_cbc_digest_record() use the real data_size Enable PKEY MAC bridge signature algs to take ctx params Update the EVP_PKEY MAC documentation Convert ssl3_cbc_digest_record() to use EVP_MD_is_a() Ensure EVP_MAC_update() passes the length even if it is 0 Fix an EVP_MD_CTX leak Fix safestack issues in ssl.h Fix safestack issues in x509.h Fix safestack issues in x509v3.h Fix stacks of OPENSSL_STRING, OPENSSL_CSTRING and OPENSSL_BLOCK Fix safestack issues in asn1.h Fix safestack issues in cmp.h Fix safestack issues in cms.h Fix safestack issues in ocsp.h Fix safestack issues in pkcs7.h Fix safestack issues in srp.h Fix safestack issues in x509_vfy.h Fix safestack issues in crmf.h Fix safestack issues in ct.h Fix safestack issues in asn1t.h Fix safestack issues in ess.h Fix safestack issues in bio.h Fix safestack issues in conf.h Fix safestack issues in crypto.h Fix safestack issues in pkcs12.h Fix safestack issues in ui.h Remove some safestack things that are no longer needed Add a CHANGES entry for the safestack updates Streamline the safestack generated code Don't complain about stack related macros Ignore unused return values from some sk_*() macros Don't send -1 as the length of the hmac key Redirect EVP_DigestInit to EVP_DigestSignInit_ex if appropriate Correctly display the signing/hmac algorithm in the dgst app Test HMAC output from the dgst CLI Document 2 newly added functions Provide basis for fixing lhash code Update conf.h.in to use the new lhash generation code Update err.h to use the new lhash generation code Remove some unneeded code from lhash.h Fix some doc-nits and make update errors Teach EdDSA signature algorithms about AlgorithmIdentifiers Make sure we properly test for EdDSA with alg ids Update the EdDSA docs with information about Algorithm Identifiers Move SM2 asymmetric encryption to be available in the default provider Clean up some SM2 related TODOs in the tests Remove some dead SM2 code Extend the SM2 asym cipher test Document the provider side SM2 Asymmetric Cipher support Perl util to do with_libctx renaming Run the withlibctx.pl script Fix some things the rename script didn't quite get right Fix encoding of DHX parameters files Add a test for encoding and decoding of parameters files Fix the decoder start type handling Remove a CMS key downgrade Move CMS enveloping code out of the algorithms and into CMS Move CMS signing code out of the algorithms and into CMS Remove CMS recipient info information out of the algorithm implementations Remove some more CMS key downgrades Make evp_pkey_ctx_get0_libctx/propq public API Update copyright year Prepare for release of 3.0 alpha 7 Maxim Masiutin (1): TLS AEAD ciphers: more bytes for key_block than needed Nicola Tuveri (9): Add CLI tests in FIPS configuration Fix segfault on missing provider_query_operation() [test][tls-provider] Group xor_group properties in a struct [test][sslapitest] Add test for pluggable KEM group [test][tls-provider] Add 2nd pluggable tls group for KEM Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM [ssl] Support ssl_decapsulate on client side [ssl] Support ssl_encapsulate on server side [test][tls-provider] Implement KEM algorithm Norman Ashley (1): Support keys with RSA_METHOD_FLAG_NO_CHECK with OCSP sign Patrick Steuer (1): Appease -Werror=stringop-overflow= Paul Yang (6): Add SM2 key management Add SM2 signature algorithm to default provider Address review comments support PARAM_SECURITY_BITS for SM2 refactor get params functions Add auto-gen SM2 der files into .gitignore Pauli (68): gettables: core changes to pass the provider context. gettables: provider changes to pass the provider context. gettables: test changes to pass the provider context. gettables: documentation changes to pass the provider context. mac: add some consistency to setting the XXX_final output length. rand_drbg: remove RAND_DRBG. drbgtest: avoid a memory leak conf: add an error if the openssl_conf section isn't found. provider: add the unused paramater tag to the gettable and settable functions Move PKCS#12 KDF to provider. PKCS#12 KDF: don't run tests with the FIPS provider. provider: disable fall-backs if OSSL_PROVIDER_load() fails. Apps: change provider_path option to provider-path. OCSP: Add return value checks. pkeyutil: check return value reading password cmp: handle error return from OBJ_obj2txt() EVP: NULL pctx pointer after free. rand: add a note about a potentially misleading code analyzer warning. rand: instantiate the DRBGs upon first use. provider_conf: report missing section on error conf: add diagnostic option Deprecate SHA and MD5 again. legacy: include MD5 code in legacy provider TLS: remove legacy code path supporting special CBC mode TLS fixes for CBC mode and no-deprecated In a non-shared build, don't include the md5 object files in legacy provider s_time: check return values better provider: add an 'is_running' call to all providers. FIPS: rename the status call to is_running. digests: add FIPS error state handling asymciphers: add FIPS error state handling rand: add FIPS error state handling mac: add FIPS error state handling kdf: add FIPS error state handling exchange: add FIPS error state handling signature: add FIPS error state handling keymgmt: add FIPS error state handling ciphers: add FIPS error state handling FIPS: error mode is set from failed self tests and produced a limited number of errors when algorithm accesses are attempted CRNGT: enter FIPS error state if the test fails DTLS: free allocated memory on error paths PKCS#8: free data on error path in newpass_bag PKCS5 PBE: free allocations on unlikely / impossible failure path generate_cookie_callback: free temporary memory on an error path free memory use on error in cert verify rand: reference count the EVP_RAND contexts. Add a "random" configuration section. evp_rand: fix bug in gettable_ctx/settable_ctx calls kdf/mac: add name query calls for KDFs and MACs drbg: gettable parameters for cipher/digest/mac type. list: add capability to print details about the current DRBGs rand: add a test case for configuration based random ACVP: add test case for DRBG todo: remove fork protection todo comment, it isn't relevant to the FIPS provider rand: declare get_hardware_random_value() before use. prov: prefix all OSSL_DISPATCH tables names with ossl_ prov: prefix provider internal functions with ossl_ prov: prefix aes-cbc-cts functions with ossl_ prov: prefix all exposed 'cipher' symbols with ossl_ der: _ossl prefix DER functions der: _ossl prefix der_oid_ and der_aid_ functions doc: remove duplicated code in example ffc: add _ossl to exported but internal functions rsa: add ossl_ prefix to internal rsa_ calls. apps: remove internal/cryptlib.h include that isn't used vms: move otherwise dead code into the VMS relevant path. coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). Rainer Jung (1): Make TAP::Harness and TAP::Parser optional. Randall S. Becker (5): NonStop port updates for 3.0.0. Added FIPS DEP initialization for the NonStop platform in fips/self_test.c. Modified rand_cpu_x86.c to support builtin hardware randomizer on HPE NonStop. Disabled symbol_presence test on NonStop due to different nm format. Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Rich Salz (2): Add OCSP_PARTIAL_CHAIN to OCSP_basic_verify() Fix markdown nits in NOTES-Windows.txt Richard Levitte (124): RSA: Be less strict on PSS parameters when exporting to provider PEM: Make general MSBLOB reader functions exposed internally DESERIALIZER: Adjust to allow the use several deserializers with same name PROV: Add MSBLOB and PVK to DSA and RSA deserializers PEM: Fix i2b_PvK to use EVP_Encrypt calls consistently TEST: Adjust the serdes test to include MSBLOB and PVK EVP: Fix the returned value for ASN1_PKEY_CTRL_DEFAULT_MD_NID PROV: Fix MSBLOB / PVK deserializer EVP: Have evp_pkey_cmp_any() detect if export wasn't possible TEST: separate out NIST ECC tests from non-NIST RSA: Fix rsa_todata() to only add params for existing data PROV: Fix EC OSSL_FUNC_keymgmt_match() to work in the FIPS provider X509: Add d2i_PUBKEY_ex(), which take a libctx and propq PROV: Fix DSA and DH private key serializers STORE: Distinguish public keys from private keys PEM: Add more library context aware PEM readers TEST: Use PEM_read_bio_PUBKEY_ex() and PEM_read_bio_PrivateKey_ex() Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE Rename OSSL_SERIALIZER / OSSL_DESERIALIZER to OSSL_ENCODE / OSSL_DECODE Remove the OSSL_SERIALIZER / OSSL_DESERIALIZER renaming scripts Clean away some declarations CORE: Define provider-native abstract objects CORE: Generalise internal pass phrase prompter STORE: Add missing function OSSL_STORE_LOADER_set_open_with_libctx() STORE for providers: define libcrypto <-> provider interface STORE: Add the base functions to support provider based loaders OSSL_PARAM: Add string pointer getters DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback STORE: Modify to support loading with provider based loaders STORE: Change all error recording to use ERR_raise() / ERR_raise_data() TEST: Fix CMP tests so they load keys in the current library context crypto/x509/v3_utl.c: Fix IPv6 output in ipaddr_to_asc() Fix PEM_write_bio_PrivateKey_traditional() to not output PKCS#8 TEST: Adapt some tests for a stricter PEM_write_bio_PrivateKey_traditional() ASN1: Fix d2i_KeyParams() to advance |pp| like all other d2i functions do OSSL_ENCODER / OSSL_DECODER post-rename cleanup STORE: Move the built-in 'file:' loader to become an engine module STORE: Add a built-in 'file:' storemgmt implementation (loader) STORE: Deprecate legacy / ENGINE functions TEST: Modify test/recipes/90-test_store.t for use with different 'file:' loaders EVP: Downgrade EVP_PKEYs in EVP_PKEY2PKCS8() "Downgrade" provider-native keys to legacy where needed STORE: Fix potential memory leak CORE: Fix small bug in passphrase caching STORE: Stop the flood of errors TEST: have key_unsupported() in evp_test.c look at the last error EVP: Don't report malloc failure in new_raw_key_int() Revert "TEST: separate out NIST ECC tests from non-NIST" TEST: Ensure that the base provider i activated when needed EC: Remove one error record that shadows another ASN1: Make ASN1_item_verify_ctx() work with provider-native keys DOC: Modify one example in EVP_PKEY_fromdata(3) DOC: Fix check of EVP_PKEY_fromdata{,_init} in examples Building: Build Unix static libraries one object file at a time EVP: Preserve the EVP_PKEY id in a few more spots EVP: Don't shadow EVP_PKEY_CTX_new* error records Fix test/evp_extra_test.c EVP: Add support for delayed EVP_PKEY operation parameters EVP: Expand the use of EVP_PKEY_CTX_md() EVP: Move the functions and controls for setting and getting distid PEM: Make PEM_write_bio_PrivateKey_traditional() handle provider-native keys TEST: modify test/endecode_test.c to not use legacy keys ENCODER: Refactor provider implementations, and some cleanup Diverse build.info: Adjust paths STORE: Fix OSSL_STORE_attach() to check |ui_method| before use TEST: skip POSIX errcode zero in tesst/recipes/02-test_errstr.t OSSL_DECODER 'decode' function must never be NULL. dev/release.sh: Rework to be smoother EC: Reimplement EVP_PKEY_CTX_set_ec_param_enc() to support providers EVP: Add the internal convenience function evp_keymgmt_util_export() TEST: Add a test of EC key generation with encoding spec util/mknum.pl: Fix file opening Make 'make ordinals' work again Make 'make errors' work again EVP: Centralise fetching error reporting OpenSSL::ParseC: recognise inline function bodies Configurations/unix-Makefile.tmpl: Don't specify headers twice util/mkerr.h: Restore header file rename ENCODER: Redefine the libcrypto <-> provider interface ENCODER: Refactor the OSSL_ENCODER API to be more like OSSL_DECODER ENCODER: Refactor our provider encoder implementations ENCODER: Adapt calls to the changed OSSL_ENCODER_CTX_new_by_EVP_PKEY() TEST: Adapt applicable tests to the changed OSSL_ENCODER_CTX_new_by_EVP_PKEY() DECODER: Some cleanups, and aligning with OSSL_ENCODER util/find-doc-nits: Add a regexp for C symbols and use it DOC: POD syntax fixes in doc/man1/openssl-cmp.pod.in Configurations/unix-Makefile.tmpl: make cleanup kinder Configuration: Streamline NonStop entries Configure: Show 'enable' and 'disable' config attributes Use OPENSSL_SYS_TANDEM instead of OPENSSL_SYSNAME_TANDEM Hide ECX_KEY again Configuration: Make it possible to have an argument file Configuration: Don't have shared libraries depend on themselves EVP: Enforce that EVP_PKEY_set_alias_type() only works with legacy keys TEST: Remove use of EVP_PKEY_set_alias_type() in test/evp_extra_test.c Build: Make NonStop shared libraries only export selected symbols STORE: Clear a couple of TODOs that were there for the sake of SM2 Configure: handle undefined shared_target. EVP: use evp_pkey_ctx_is_legacy() to find what implementation to use Configuration: add initial NonStop values in OpenSSL::config DECODER: Handle abstract object data type DECODER: Allow precise result type for OSSL_DECODER_CTX_new_by_EVP_PKEY() APPS: Reduce deprecation warning suppression - ENGINE unix-Makefile.tmpl: Add a target to install the FIPS module config windows-makefile.tmpl: Add a target to install the FIPS module config descrip.mms.tmpl: Add a target to install the FIPS module config providers/build.info: Tag the FIPS module, for the build file Document install_fips in INSTALL.md OpenSSL::Ordinals: Add options for the writing functions Modify util/mknum.pl to drop new symbols that don't exist any more make ordinals Fix diverse ERR code conflicts ENCODER / DECODER: Add functions to encode/decode to/from a buffer Adapt some code to OSSL_ENCODER_to_data() / OSSL_DECODER_from_data() Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes Change OSSL_DEPRECATED to take a version argument Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently Add ASN1 declaration macros that take attributes Add PEM declaration macros that take attributes OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC Document how deprecation should be done EVP: Take care of locks when downgrading an EVP_PKEY Robert J?drzejczyk (1): Windows get ENV value as UTF-8 encoded string instead of a raw string Rutger Hendriks (1): Increase PSK_MAX_PSK_LEN to 512 Sahana Prasad (1): apps/pkcs12: Change defaults from RC2 to PBES2 with PBKDF2 Shane Lontis (108): Add evp_test fixes. Add libctx support to CMS. Add internal method x509_set0_libctx(). Add libctx to SMIME ASN1 Add libctx support to PKCS7. Fix EVP_PKEY_CTX_get_rsa_oaep_md() & EVP_PKEY_CTX_get_rsa_mgf1_md() so they use a libctx to retrieve the digest Add libctx to ecdh_KDF_X9_63. Use libctx for EVP_CIPHER_CTX_rand_key() method. Add EVP signature with libctx methods. Change CMS tests to use a library context. Add some of the missing CMS API documentation Add 'on demand self test' and status test to providers Fix memory leak in drbgtest Add DHX support to keymanager Add dh_kdf support to provider Add DHX serialization Add fix for RSA keygen in FIPS using keysizes 2048 < bits < 3072 Fix serializer_EVP_PKEY_to_bio so that that the key is exported if the serializer provider does not match the key provider. Add public API for gettables and settables for keymanagement, signatures and key exchange. Fix broken windows builds. Fix DSA/DH so that legacy keys can still be generated by the default provider Fix no-cms build errors. Fix incorrect selection flags for ec serializer. Add libctx/provider support to cmp_server_test Add Explicit EC parameter support to providers. Fix CMS so that it still works with non fetchable algorithms. Fix coverity CID #1465594 - Null dereference in EVP_PKEY_get0() Fix coverity CID #1465797 - Negative loop bound in collect_deserializer Fix coverity CID #1465795 - Incorrect free deallocator used in SSL_add1_host() Fix coverity CID #1465794 - Uninitialized pointer read in x942_encode_otherinfo() Fix coverity CID #1465790 - Dereference after NULL check in evp_test.c Fix coverity CID #1465531 - Negative return passed to a function param using size_t in asn1_item_digest_with_libctx() Fix coverity CID #1465525 - NULL pointer dereference in OSSL_DECODER_CTX_new_by_EVP_PKEY() Fix coverity CID #1458648 - Wrong sizeof() arg in rsa_freectx() Fix coverity CID #1458647 - Use after free in clean_tbuf() which uses ctx->rsa Fix coverity CID #1458645 - Dereference before NULL check in rsa_digest_verify_final() Fix coverity CID #1458644 - Negative return passed to function taking size_t in ecdh_cms_set_shared_info() Fix coverity CID #1458641 - Dereference before NULL check when setting ctx->flag_allow_md in rsa.c Fix coverity CID #1455335 - Dereference after NULL check in fromdata_init() Fix coverity CID #1454638 - Dereference after NULL check in EVP_MD_CTX_gettable_params() Fix coverity CID #1452775 & #1452772- Dereference before NULL check in evp_lib.c Fix coverity CID #1452773 - Dereference before NULL check in EVP_DigestFinal_ex() Fix coverity CID #1452770 - Dereference before NULL check in CRYPTO_siv128_init() Fix DH serializer import calls to use correct selection flags. Fix DSA serializer import calls to use correct selection flags. Fix RSA serializer import calls to use correct selection flags. Fix ECX serializer import calls to use correct selection flags. Fix coverity CID #1466378 - Incorrect expression in ec_backend.c Fix coverity CID #1466377 - resource leak due to early return in ec_get_params(). Fix coverity CID #1466375 - Remove dead code. Fix coverity CID #1466371 - fix dereference before NULL check. Fix coverity CID #1465967 & #1465968 - fix NULL dereference in dh_ameth.c Fix coverity CID #1457935 - Check return value in ffc_params.c for BIO_indent/BIO_puts calls. Fix coverity CID #1452769 & #1452771 - Arg passed to function that cannot be negative in cms_ess.c Fix coverity CID #1454815 - NULL ptr dereference in initthread.c Fix fipsinstall module path Fix coverity issue: CID 1466486 - Resource leak in OSSL_STORE Fix coverity issue: CID 1466485 - Explicit NULL dereference in OSSL_STORE_find() Fix coverity issue: CID 1466484 - Remove dead code in PKCS7_dataInit() Fix coverity issue: CID 1466483 - Improper use of Negative value in dh_ctrl.c Fix coverity issue: CID 1466482 - Resource leak in OSSL_STORE_SEARCH_by_key_fingerprint() Fix coverity issue: CID 1466479 - Resource leak in apps/pkcs12.c keygen: add FIPS error state management to conditional self tests Update doc for EVP_PKEY_CTX_set_ec_param_enc() Fix EVP_PKEY_CTX_ctrl() documentation Add self tests for rsa encryption Update AES GCM IV max length to be 1024 bits (was 512) Fix AES_XTS on x86-64 platforms with BSAES and VPAES support. Add selftest callback to CRNG output test Add fips checks for rsa signatures. Add fips checks for dsa signatures Add fips checks for ecdsa signatures Add fips checks for dh key agreement Add fips checks for rsa encryption Add fips checks for ecdh key agreement Add error message to genpkey app for the '-genparam' option Add missing 'ossl_unused' tags to some gettable and settable methods. Separate fips and non fips code for key operations fix provider signatures fix provider exchange operations Add 'fips-securitychecks' option and plumb this into the actual fips checks Add option to fipsinstall to disable fips security checks at run time. Add KEM (Key encapsulation mechanism) support to providers Add a copy of OSSL_SELF_TEST_get_callback() to the fips module. Fix ec keygen so that it passes the library context to SSL_SELF_TEST_get_callback(). Fix merge error with libcrypto.num Fix CID 1467068 : Null pointer dereference in self_test.c Fix CID 1466714 : Null pointer dereference in EVP_PKEY_CTX_ctrl() due to new call to evp_pkey_ctx_store_cached_data() Fix CID 1466713 : Dead code in encode_key2text.c Fix CID 1466712 : Resource leak in ec_kmgmt due to new callto ossl_prov_is_running() Fix CID 1466710 : Resource leak in ec_kmgmt due to new call to ossl_prov_is_running() Fix CID 1466709 : Negative value passed to a function that cant be negative in cms_sd.c Change rsa gen so it can use the propq from OSSL_PKEY_PARAM_RSA_DIGEST Fix EVP_KDF_scrypt so that is uses a propq for its fetch. Fix ssl_hmac_new() so that it uses the propq Fix ecx so that is uses a settable propertyquery Fix missing propq in ecdh_cms_set_shared_info() Fix missing propq in ffc_params_generate Fix missing propq in sm2 Fix propq in x942kdf Add key length check to rsa_kem operation. Add EVP_KEM_gettable_ctx_params() and EVP_KEM_settable_ctx_params() Add EVP_ASYM_CIPHER_gettable_ctx_params() and EVP_ASYM_CIPHER_settable_ctx_params() Update openssl list to support new provider objects. Remove openssl provider app Fix bug in EDDSA speed test Remove TODO comment from sskdf.c rsa_mp_coeff_names should only have one entry in it for fips mode. T.Yanagisawa (1): Correct description of BN_mask_bits Tim Hudson (1): undeprecate EVP_PKEY_cmp and EVP_PKEY_cmp_parameters Todd Short (2): Fix use of OPENSSL_realloc in provider Fix post-condition in algorithm_do_this Tomas Mraz (9): Avoid segfault in SSL_export_keying_material if there is no session sslapitest: Add test for premature call of SSL_export_keying_material EC_KEY: add EC_KEY_decoded_from_explicit_params() Disallow certs with explicit curve in verification chain Rename check_chain_extensions to check_chain Correct certificate and key names for explicit ec param test apps/ocsp: Return non zero exit code with invalid certID Generate a certificate with critical id-pkix-ocsp-nocheck extension INSTALL.md: Drop trailing spaces on a line Vadim Fedorenko (1): Fix two issues with AES-CCM KTLS tests. Xiaofei Bai (1): FIX strncpy warning in apps/cmp.c. Yury Is (1): syscall_random(): don't fail if the getentropy() function is a dummy drgler (1): Ensure that _GNU_SOURCE is defined for NI_MAXHOST and NI_MAXSERV hklaas (1): optimise ssl3_get_cipher_by_std_name() jwalch (4): Cleanup deprecation of ENGINE_setup_bsd_cryptodev Add a NULL check to EVP_PKEY_assign Annotate potential -Wunused-function violations in err.h en EVP_PKEY_CTX_set_rsa_keygen_pubexp() BIGNUM management luxinyou (1): Fix memory leaks in conf_def.c olszomal (1): Add const to 'ppin' function parameter ozppupbg (1): Fixed EVP_MAC_final argument count in example ----------------------------------------------------------------------- From matt at openssl.org Thu Oct 15 13:52:36 2020 From: matt at openssl.org (Matt Caswell) Date: Thu, 15 Oct 2020 13:52:36 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1602769956.198369.30233.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 7a23c23e4515d253d23b5c8258300873eca179c8 (commit) from b316d06dd99ec55f0a5275ca8ca4188848227b3b (commit) - Log ----------------------------------------------------------------- commit 7a23c23e4515d253d23b5c8258300873eca179c8 Author: Akshit Akhoury Date: Fri Oct 2 22:28:36 2020 +0530 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE CLA: trivial Reviewed-by: Kurt Roeckx Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13062) (cherry picked from commit 796948cd733d2bd0d8acbaf2354c718bcd4352a6) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x509_att.c | 2 +- include/openssl/x509.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c index 651aa78083..256c4fb8ef 100644 --- a/crypto/x509/x509_att.c +++ b/crypto/x509/x509_att.c @@ -149,7 +149,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) return ret; } -void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, +void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x, const ASN1_OBJECT *obj, int lastpos, int type) { int i; diff --git a/include/openssl/x509.h b/include/openssl/x509.h index b97ec342e2..3ff86ec7b5 100644 --- a/include/openssl/x509.h +++ b/include/openssl/x509.h @@ -933,7 +933,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) int type, const unsigned char *bytes, int len); -void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x, +void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x, const ASN1_OBJECT *obj, int lastpos, int type); X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, int atrtype, const void *data, From builds at travis-ci.com Thu Oct 15 14:28:58 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 15 Oct 2020 14:28:58 +0000 Subject: Still Failing: openssl/openssl#38049 (master - a829b73) In-Reply-To: Message-ID: <5f885ca97084e_13fc553e9d58831751a@travis-pro-tasks-8648db6cbc-vzn9j.mail> Build Update for openssl/openssl ------------------------------------- Build: #38049 Status: Still Failing Duration: 1 hr, 40 mins, and 27 secs Commit: a829b73 (master) Author: Dr. Matthias St. Pierre Message: Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' This change makes the naming more consistent, because three different terms were used for the same thing. (The term libctx was used by far most often.) Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/12621) View the changeset: https://github.com/openssl/openssl/compare/29000e43ea25...a829b735b645 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190235342?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 15 15:17:25 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 15:17:25 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1602775045.656350.18788.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 701 wallclock secs (13.36 usr 1.17 sys + 641.59 cusr 58.58 csys = 714.70 CPU) Result: FAIL Makefile:3194: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3192: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 15 15:44:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 15 Oct 2020 15:44:51 +0000 Subject: Build failed: openssl master.37519 Message-ID: <20201015154451.1.7C280FAEB13BFAB7@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 15 17:33:35 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 15 Oct 2020 17:33:35 +0000 Subject: Still Failing: openssl/openssl#38054 (master - 796948c) In-Reply-To: Message-ID: <5f8887eebb596_13fe32eeac4b820317d@travis-pro-tasks-86f769f65f-hxh6z.mail> Build Update for openssl/openssl ------------------------------------- Build: #38054 Status: Still Failing Duration: 1 hr, 35 mins, and 44 secs Commit: 796948c (master) Author: Akshit Akhoury Message: Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE CLA: trivial Reviewed-by: Kurt Roeckx Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13062) View the changeset: https://github.com/openssl/openssl/compare/a829b735b645...796948cd733d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190253816?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 15 17:54:04 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 17:54:04 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1602784444.346412.24623.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D0A1C7477F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0D0A1C7477F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D0A1C7477F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/AQxxwGxGVR default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E04593757F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E04593757F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E04593757F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E04593757F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E04593757F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E04593757F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/AQxxwGxGVR fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 691 wallclock secs (13.46 usr 1.13 sys + 627.82 cusr 59.05 csys = 701.46 CPU) Result: FAIL Makefile:3168: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3166: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 15 18:42:28 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 15 Oct 2020 18:42:28 +0000 Subject: Still Failing: openssl/openssl#38055 (master - eec0ad1) In-Reply-To: Message-ID: <5f88981477417_13fe68aeb6044678238@travis-pro-tasks-86f769f65f-lbgc6.mail> Build Update for openssl/openssl ------------------------------------- Build: #38055 Status: Still Failing Duration: 1 hr, 38 mins, and 30 secs Commit: eec0ad1 (master) Author: Matt Caswell Message: Update copyright year Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/13144) View the changeset: https://github.com/openssl/openssl/compare/796948cd733d...eec0ad10b943 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190255212?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 15 19:21:43 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 15 Oct 2020 19:21:43 +0000 Subject: Build failed: openssl master.37526 Message-ID: <20201015192143.1.B635BE836B0D6122@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 15 20:00:38 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 15 Oct 2020 20:00:38 +0000 Subject: Still Failing: openssl/openssl#38057 (master - e8dca21) In-Reply-To: Message-ID: <5f88aa6630cb8_13fe68aec3d481038910@travis-pro-tasks-86f769f65f-lbgc6.mail> Build Update for openssl/openssl ------------------------------------- Build: #38057 Status: Still Failing Duration: 1 hr, 32 mins, and 30 secs Commit: e8dca21 (master) Author: Matt Caswell Message: Prepare for 3.0 alpha 8 Reviewed-by: Nicola Tuveri View the changeset: https://github.com/openssl/openssl/compare/eec0ad10b943...e8dca211b4bb View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190259137?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 15 20:10:46 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 20:10:46 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1602792646.504735.20215.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0B0336DE77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0B0336DE77F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3325: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0B0336DE77F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/t8v63nNfRv default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F08EE1D97F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F08EE1D97F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F08EE1D97F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F08EE1D97F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F08EE1D97F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F08EE1D97F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/t8v63nNfRv fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 710 wallclock secs (13.64 usr 1.18 sys + 646.47 cusr 59.59 csys = 720.88 CPU) Result: FAIL Makefile:3178: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3176: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 15 20:55:47 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 15 Oct 2020 20:55:47 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1602795347.808117.25948.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: a8154452e5 EVP: Take care of locks when downgrading an EVP_PKEY 9f7505ab6a Fixed typo in ssl_lib.c c804f2965e Make TAP::Harness and TAP::Parser optional. 8ebd88950d Document how deprecation should be done d406f0fe67 OpenSSL::ParseC: handle OSSL_CORE_MAKE_FUNC 3ad9c47864 Add PEM declaration macros that take attributes 895419b7d1 Add ASN1 declaration macros that take attributes 053730c5b7 Make OpenSSL::ParseC and OpenSSL::Ordinals treat deprecation consistently 77c30753cd Add convenience macros OSSL_DEPRECATEDIN_{major}_{minor} f044964e7a Add definitions of OSSL_DEPRECATED[_FOR] for Microsoft VC 6fbb89fb12 Change OSSL_DEPRECATED to take a version argument abd9d035a7 Add a macro OSSL_DEPRECATED for compiler dependent deprecation attributes 71abae18f5 coverity 1403324 negative array index: check for finding an unknown value and error if so (since it shouldn't happen). fb33f99409 coverity 1414446 out-of-bounds access: allocate \0 terminator byte to be safe 19431e5e44 vms: move otherwise dead code into the VMS relevant path. Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05040319B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05040319B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05040319B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05040319B7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/KsqbAQKsyP default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F0FD05837F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F0FD05837F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F0FD05837F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F0FD05837F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/KsqbAQKsyP fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 660 wallclock secs (12.35 usr 1.25 sys + 597.41 cusr 56.90 csys = 667.91 CPU) Result: FAIL Makefile:3182: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3180: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 15 21:12:47 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 15 Oct 2020 21:12:47 +0000 Subject: Failed: openssl/openssl#38058 (openssl-3.0.0-alpha7 - f9a5682) In-Reply-To: Message-ID: <5f88bb4ed2c74_13f8096ac8e282233cd@travis-pro-tasks-5c484d5fd4-pd8mh.mail> Build Update for openssl/openssl ------------------------------------- Build: #38058 Status: Failed Duration: 1 hr, 40 mins, and 12 secs Commit: f9a5682 (openssl-3.0.0-alpha7) Author: Matt Caswell Message: Prepare for release of 3.0 alpha 7 Reviewed-by: Nicola Tuveri View the changeset: https://github.com/openssl/openssl/compare/openssl-3.0.0-alpha7 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190259157?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 15 21:37:58 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 15 Oct 2020 21:37:58 +0000 Subject: Build failed: openssl openssl-3.0.0-alpha7.37527 Message-ID: <20201015213758.1.F39A72F67099FEE4@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 15 22:50:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 15 Oct 2020 22:50:51 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37528 Message-ID: <20201015225051.1.36686B6CAE102EFE@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Fri Oct 16 00:34:30 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Fri, 16 Oct 2020 00:34:30 +0000 Subject: [openssl] master update Message-ID: <1602808470.337840.14955.nullmailer@dev.openssl.org> The branch master has been updated via f4bd510503071e20472032dc9d053810a1937e95 (commit) via 994a924b3c28780b2a7ba8662a9544abcdfab8b0 (commit) from e8dca211b4bb0261bc4d2adfd2782fd171bd6cfb (commit) - Log ----------------------------------------------------------------- commit f4bd510503071e20472032dc9d053810a1937e95 Author: Pauli Date: Wed Oct 7 12:19:04 2020 +1000 list: add a -provider-info option. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/13084) commit 994a924b3c28780b2a7ba8662a9544abcdfab8b0 Author: Pauli Date: Wed Oct 7 12:18:36 2020 +1000 null prov: fix gettable param array type. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/13084) ----------------------------------------------------------------------- Summary of changes: CHANGES.md | 6 ++++ apps/list.c | 75 ++++++++++++++++++++++++++++++++++++++++++++ doc/man1/openssl-list.pod.in | 9 ++++++ providers/nullprov.c | 14 ++++----- 4 files changed, 97 insertions(+), 7 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 4114ce96cf..e7f4992cf1 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -28,6 +28,12 @@ OpenSSL 3.0 *Jordan Montgomery* + * Added new option for 'openssl list', '-providers', which will display the + list of loaded providers, their names, version and status. It optionally + displays their gettable parameters. + + *Paul Dale* + * Deprecated EVP_PKEY_set_alias_type(). This function was previously needed as a workaround to recognise SM2 keys. With OpenSSL 3.0, this key type is internally recognised so the workaround is no longer needed. diff --git a/apps/list.c b/apps/list.c index ec9e24dfb8..20973298a8 100644 --- a/apps/list.c +++ b/apps/list.c @@ -1037,6 +1037,72 @@ static void list_pkey_meth(void) list_kems(); } +DEFINE_STACK_OF(OSSL_PROVIDER) +static int provider_cmp(const OSSL_PROVIDER * const *a, + const OSSL_PROVIDER * const *b) +{ + return strcmp(OSSL_PROVIDER_name(*a), OSSL_PROVIDER_name(*b)); +} + +static int collect_providers(OSSL_PROVIDER *provider, void *stack) +{ + STACK_OF(OSSL_PROVIDER) *provider_stack = stack; + + sk_OSSL_PROVIDER_push(provider_stack, provider); + return 1; +} + +static void list_provider_info(void) +{ + STACK_OF(OSSL_PROVIDER) *providers = sk_OSSL_PROVIDER_new(provider_cmp); + OSSL_PARAM params[5]; + char *name, *version, *buildinfo; + int status; + int i; + + if (providers == NULL) { + BIO_printf(bio_err, "ERROR: Memory allocation\n"); + return; + } + BIO_printf(bio_out, "Providers:\n"); + OSSL_PROVIDER_do_all(NULL, &collect_providers, providers); + sk_OSSL_PROVIDER_sort(providers); + for (i = 0; i < sk_OSSL_PROVIDER_num(providers); i++) { + const OSSL_PROVIDER *prov = sk_OSSL_PROVIDER_value(providers, i); + + /* Query the "known" information parameters, the order matches below */ + params[0] = OSSL_PARAM_construct_utf8_ptr(OSSL_PROV_PARAM_NAME, + &name, 0); + params[1] = OSSL_PARAM_construct_utf8_ptr(OSSL_PROV_PARAM_VERSION, + &version, 0); + params[2] = OSSL_PARAM_construct_int(OSSL_PROV_PARAM_STATUS, &status); + params[3] = OSSL_PARAM_construct_utf8_ptr(OSSL_PROV_PARAM_BUILDINFO, + &buildinfo, 0); + params[4] = OSSL_PARAM_construct_end(); + OSSL_PARAM_set_all_unmodified(params); + if (!OSSL_PROVIDER_get_params(prov, params)) { + BIO_printf(bio_err, "ERROR: Unable to query provider parameters\n"); + return; + } + + /* Print out the provider information, the params order matches above */ + BIO_printf(bio_out, " %s\n", OSSL_PROVIDER_name(prov)); + if (OSSL_PARAM_modified(params)) + BIO_printf(bio_out, " name: %s\n", name); + if (OSSL_PARAM_modified(params + 1)) + BIO_printf(bio_out, " version: %s\n", version); + if (OSSL_PARAM_modified(params + 2)) + BIO_printf(bio_out, " status: %sactive\n", status ? "" : "in"); + if (verbose) { + if (OSSL_PARAM_modified(params + 3)) + BIO_printf(bio_out, " build info: %s\n", buildinfo); + print_param_types("gettable provider parameters", + OSSL_PROVIDER_gettable_params(prov), 4); + } + } + sk_OSSL_PROVIDER_free(providers); +} + #ifndef OPENSSL_NO_DEPRECATED_3_0 static void list_engines(void) { @@ -1210,6 +1276,7 @@ typedef enum HELPLIST_CHOICE { OPT_KDF_ALGORITHMS, OPT_RANDOM_INSTANCES, OPT_RANDOM_GENERATORS, OPT_ENCODERS, OPT_DECODERS, OPT_KEYMANAGERS, OPT_KEYEXCHANGE_ALGORITHMS, OPT_KEM_ALGORITHMS, OPT_SIGNATURE_ALGORITHMS, OPT_ASYM_CIPHER_ALGORITHMS, + OPT_PROVIDER_INFO, OPT_MISSING_HELP, OPT_OBJECTS, OPT_SELECT_NAME, #ifndef OPENSSL_NO_DEPRECATED_3_0 OPT_ENGINES, @@ -1258,6 +1325,8 @@ const OPTIONS list_options[] = { "List of public key algorithms"}, {"public-key-methods", OPT_PK_METHOD, '-', "List of public key methods"}, + {"providers", OPT_PROVIDER_INFO, '-', + "List of provider information"}, #ifndef OPENSSL_NO_DEPRECATED_3_0 {"engines", OPT_ENGINES, '-', "List of loaded engines"}, @@ -1298,6 +1367,7 @@ int list_main(int argc, char **argv) unsigned int asym_cipher_algorithms:1; unsigned int pk_algorithms:1; unsigned int pk_method:1; + unsigned int provider_info:1; #ifndef OPENSSL_NO_DEPRECATED_3_0 unsigned int engines:1; #endif @@ -1377,6 +1447,9 @@ opthelp: case OPT_PK_METHOD: todo.pk_method = 1; break; + case OPT_PROVIDER_INFO: + todo.provider_info = 1; + break; #ifndef OPENSSL_NO_DEPRECATED_3_0 case OPT_ENGINES: todo.engines = 1; @@ -1448,6 +1521,8 @@ opthelp: list_pkey(); if (todo.pk_method) list_pkey_meth(); + if (todo.provider_info) + list_provider_info(); #ifndef OPENSSL_NO_DEPRECATED_3_0 if (todo.engines) list_engines(); diff --git a/doc/man1/openssl-list.pod.in b/doc/man1/openssl-list.pod.in index 3493fad843..45e58da870 100644 --- a/doc/man1/openssl-list.pod.in +++ b/doc/man1/openssl-list.pod.in @@ -29,6 +29,7 @@ B [B<-asymcipher-algorithms>] [B<-public-key-algorithms>] [B<-public-key-methods>] +[B<-providers>] {- output_off() if $disabled{"deprecated-3.0"}; "" -}[B<-engines>] {- output_on() if $disabled{"deprecated-3.0"}; "" @@ -143,6 +144,14 @@ Display a list of signature algorithms. Display a list of asymmetric cipher algorithms. +=item B<-providers> + +Display a list of all loaded providers with their names, version and status. + +In verbose mode, the full version and all provider parameters will additionally +be displayed. + + =item B<-engines> This option is deprecated. diff --git a/providers/nullprov.c b/providers/nullprov.c index 537c90b78f..d5b4c05d93 100644 --- a/providers/nullprov.c +++ b/providers/nullprov.c @@ -19,15 +19,15 @@ OSSL_provider_init_fn ossl_null_provider_init; /* Parameters we provide to the core */ -static const OSSL_ITEM null_param_types[] = { - { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_NAME }, - { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_VERSION }, - { OSSL_PARAM_UTF8_PTR, OSSL_PROV_PARAM_BUILDINFO }, - { OSSL_PARAM_INTEGER, OSSL_PROV_PARAM_STATUS }, - { 0, NULL } +static const OSSL_PARAM null_param_types[] = { + OSSL_PARAM_DEFN(OSSL_PROV_PARAM_NAME, OSSL_PARAM_UTF8_PTR, NULL, 0), + OSSL_PARAM_DEFN(OSSL_PROV_PARAM_VERSION, OSSL_PARAM_UTF8_PTR, NULL, 0), + OSSL_PARAM_DEFN(OSSL_PROV_PARAM_BUILDINFO, OSSL_PARAM_UTF8_PTR, NULL, 0), + OSSL_PARAM_DEFN(OSSL_PROV_PARAM_STATUS, OSSL_PARAM_INTEGER, NULL, 0), + OSSL_PARAM_END }; -static const OSSL_ITEM *null_gettable_params(const OSSL_PROVIDER *prov) +static const OSSL_PARAM *null_gettable_params(const OSSL_PROVIDER *prov) { return null_param_types; } From builds at travis-ci.com Fri Oct 16 01:59:56 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 16 Oct 2020 01:59:56 +0000 Subject: Still Failing: openssl/openssl#38064 (master - f4bd510) In-Reply-To: Message-ID: <5f88fe9bb7c41_13fec4c3b83f0241856@travis-pro-tasks-bb4548658-qljmj.mail> Build Update for openssl/openssl ------------------------------------- Build: #38064 Status: Still Failing Duration: 1 hr, 24 mins, and 11 secs Commit: f4bd510 (master) Author: Pauli Message: list: add a -provider-info option. Reviewed-by: Nicola Tuveri (Merged from https://github.com/openssl/openssl/pull/13084) View the changeset: https://github.com/openssl/openssl/compare/e8dca211b4bb...f4bd51050307 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190368003?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 16 03:06:04 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 16 Oct 2020 03:06:04 +0000 Subject: Build failed: openssl master.37533 Message-ID: <20201016030604.1.3637AF612AE70392@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 16 07:07:44 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 16 Oct 2020 07:07:44 +0000 Subject: Build completed: openssl master.37534 Message-ID: <20201016070744.1.5F6FA7499520A89C@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Fri Oct 16 07:33:33 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 16 Oct 2020 07:33:33 +0000 Subject: [openssl] master update Message-ID: <1602833613.983392.29387.nullmailer@dev.openssl.org> The branch master has been updated via 192d4b9ca6d7603ace714f7a21111d35be311170 (commit) from f4bd510503071e20472032dc9d053810a1937e95 (commit) - Log ----------------------------------------------------------------- commit 192d4b9ca6d7603ace714f7a21111d35be311170 Author: Randall S. Becker Date: Fri Oct 9 09:27:20 2020 -0600 Fix missing include of string.h in apps/lib/engine.c for strcmp. This include is required for c99 on the NonStop TNS/X platform. CLA: trivial Fixes #13102 Signed-off-by: Randall S. Becker Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13103) ----------------------------------------------------------------------- Summary of changes: apps/lib/engine.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/lib/engine.c b/apps/lib/engine.c index e6682f5e8f..f47c94fbce 100644 --- a/apps/lib/engine.c +++ b/apps/lib/engine.c @@ -14,6 +14,8 @@ */ #define OPENSSL_SUPPRESS_DEPRECATED +#include /* strcmp */ + #include /* Ensure we have the ENGINE type, regardless */ #ifndef OPENSSL_NO_ENGINE # include From matt at openssl.org Fri Oct 16 08:47:59 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 16 Oct 2020 08:47:59 +0000 Subject: [openssl] openssl-101e-no-gmt-time-v1 delete Message-ID: <1602838079.174761.11181.nullmailer@dev.openssl.org> The annotated tag openssl-101e-no-gmt-time-v1 has been deleted was e8da5107b8eafdb2b9b4e39dfda9dd16a17b26b1 - Log ----------------------------------------------------------------- f4c93b46edb51da71f09eda99e83eaf193a33c08 Do not include a timestamp in the ServerHello Random field. ----------------------------------------------------------------------- From builds at travis-ci.com Fri Oct 16 08:57:03 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 16 Oct 2020 08:57:03 +0000 Subject: Still Failing: openssl/openssl#38066 (master - 192d4b9) In-Reply-To: Message-ID: <5f896062c4743_13fe5755be998229246@travis-pro-tasks-6c88996b84-vlm76.mail> Build Update for openssl/openssl ------------------------------------- Build: #38066 Status: Still Failing Duration: 1 hr, 22 mins, and 11 secs Commit: 192d4b9 (master) Author: Randall S. Becker Message: Fix missing include of string.h in apps/lib/engine.c for strcmp. This include is required for c99 on the NonStop TNS/X platform. CLA: trivial Fixes #13102 Signed-off-by: Randall S. Becker Reviewed-by: Richard Levitte Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13103) View the changeset: https://github.com/openssl/openssl/compare/f4bd51050307...192d4b9ca6d7 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190413031?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 16 09:39:53 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 16 Oct 2020 09:39:53 +0000 Subject: Build failed: openssl master.37535 Message-ID: <20201016093953.1.C71D755657A6D76E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 16 10:43:34 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 16 Oct 2020 10:43:34 +0000 Subject: Build completed: openssl master.37536 Message-ID: <20201016104334.1.56C3D870F7DD700D@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Fri Oct 16 13:57:39 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 16 Oct 2020 13:57:39 +0000 Subject: [openssl] master update Message-ID: <1602856659.236475.23321.nullmailer@dev.openssl.org> The branch master has been updated via 301fcb284328902842ff363e6ad3a4144dae928c (commit) from 192d4b9ca6d7603ace714f7a21111d35be311170 (commit) - Log ----------------------------------------------------------------- commit 301fcb284328902842ff363e6ad3a4144dae928c Author: Matt Caswell Date: Wed Oct 14 10:45:21 2020 +0100 Concentrate deprecated libssl API usage in one file We create a new file ssl/tls_depr.c to contain functions that need to call deprecated APIs in libssl. This enables us to remove OPENSSL_SUPPRESS_DEPRECATED from a number of other libssl files. The deprecated API usage is either related to ENGINEs and is needed to continue to support applications that use such ENGINEs. Or they are needed to support some deprecated public libssl APIs. One other file remains in libssl that still uses deprecated APIs: s3_cbc.c This is needed to support the deprecated SSLv3. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13135) ----------------------------------------------------------------------- Summary of changes: ssl/build.info | 2 +- ssl/ssl_ciph.c | 5 +- ssl/ssl_lib.c | 42 ++++---------- ssl/ssl_local.h | 11 ++++ ssl/ssl_sess.c | 21 ------- ssl/statem/statem_clnt.c | 7 +-- ssl/t1_lib.c | 33 +++-------- ssl/tls_depr.c | 147 +++++++++++++++++++++++++++++++++++++++++++++++ 8 files changed, 179 insertions(+), 89 deletions(-) create mode 100644 ssl/tls_depr.c diff --git a/ssl/build.info b/ssl/build.info index fd9a16784e..36755819dd 100644 --- a/ssl/build.info +++ b/ssl/build.info @@ -33,7 +33,7 @@ SOURCE[../libssl]=\ bio_ssl.c ssl_err.c tls_srp.c t1_trce.c ssl_utst.c \ record/ssl3_buffer.c record/ssl3_record.c record/dtls1_bitmap.c \ statem/statem.c record/ssl3_record_tls13.c record/tls_pad.c \ - $KTLSSRC + tls_depr.c $KTLSSRC IF[{- !$disabled{'deprecated-3.0'} -}] SOURCE[../libssl]=s3_cbc.c ENDIF diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c index b8d22a72ce..984578c05b 100644 --- a/ssl/ssl_ciph.c +++ b/ssl/ssl_ciph.c @@ -9,9 +9,6 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some engine deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include #include #include @@ -316,7 +313,7 @@ static int get_optional_pkey_id(const char *pkey_name) ameth) <= 0) pkey_id = 0; } - ENGINE_finish(tmpeng); + tls_engine_finish(tmpeng); return pkey_id; } diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 219d30ff24..2c6b28aacf 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -9,9 +9,6 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some engine deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include #include "ssl_local.h" #include "e_os.h" @@ -3396,7 +3393,7 @@ void SSL_CTX_free(SSL_CTX *a) SSL_CTX_SRP_CTX_free(a); #endif #ifndef OPENSSL_NO_ENGINE - ENGINE_finish(a->client_cert_engine); + tls_engine_finish(a->client_cert_engine); #endif #ifndef OPENSSL_NO_EC @@ -5897,23 +5894,16 @@ const EVP_CIPHER *ssl_evp_cipher_fetch(OSSL_LIB_CTX *libctx, int nid, const char *properties) { - EVP_CIPHER *ciph; + const EVP_CIPHER *ciph; -#ifndef OPENSSL_NO_ENGINE - ENGINE *eng; + ciph = tls_get_cipher_from_engine(nid); + if (ciph != NULL) + return ciph; /* - * If there is an Engine available for this cipher we use the "implicit" - * form to ensure we use that engine later. + * If there is no engine cipher then we do an explicit fetch. This may fail + * and that could be ok */ - eng = ENGINE_get_cipher_engine(nid); - if (eng != NULL) { - ENGINE_finish(eng); - return EVP_get_cipherbynid(nid); - } -#endif - - /* Otherwise we do an explicit fetch. This may fail and that could be ok */ ERR_set_mark(); ciph = EVP_CIPHER_fetch(libctx, OBJ_nid2sn(nid), properties); ERR_pop_to_mark(); @@ -5952,21 +5942,11 @@ const EVP_MD *ssl_evp_md_fetch(OSSL_LIB_CTX *libctx, int nid, const char *properties) { - EVP_MD *md; + const EVP_MD *md; -#ifndef OPENSSL_NO_ENGINE - ENGINE *eng; - - /* - * If there is an Engine available for this digest we use the "implicit" - * form to ensure we use that engine later. - */ - eng = ENGINE_get_digest_engine(nid); - if (eng != NULL) { - ENGINE_finish(eng); - return EVP_get_digestbynid(nid); - } -#endif + md = tls_get_digest_from_engine(nid); + if (md != NULL) + return md; /* Otherwise we do an explicit fetch */ ERR_set_mark(); diff --git a/ssl/ssl_local.h b/ssl/ssl_local.h index b83cf1e1ca..5e47320d62 100644 --- a/ssl/ssl_local.h +++ b/ssl/ssl_local.h @@ -2827,6 +2827,17 @@ int tls_provider_set_tls_params(SSL *s, EVP_CIPHER_CTX *ctx, const EVP_CIPHER *ciph, const EVP_MD *md); +void tls_engine_finish(ENGINE *e); +const EVP_CIPHER *tls_get_cipher_from_engine(int nid); +const EVP_MD *tls_get_digest_from_engine(int nid); +int tls_engine_load_ssl_client_cert(SSL *s, X509 **px509, EVP_PKEY **ppkey); +int ssl_hmac_old_new(SSL_HMAC *ret); +void ssl_hmac_old_free(SSL_HMAC *ctx); +int ssl_hmac_old_init(SSL_HMAC *ctx, void *key, size_t len, char *md); +int ssl_hmac_old_update(SSL_HMAC *ctx, const unsigned char *data, size_t len); +int ssl_hmac_old_final(SSL_HMAC *ctx, unsigned char *md, size_t *len); +size_t ssl_hmac_old_size(const SSL_HMAC *ctx); + # else /* OPENSSL_UNIT_TEST */ # define ssl_init_wbio_buffer SSL_test_functions()->p_ssl_init_wbio_buffer diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c index 4c4fc80023..a10b1de071 100644 --- a/ssl/ssl_sess.c +++ b/ssl/ssl_sess.c @@ -8,9 +8,6 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some engine deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include #include #include @@ -1205,24 +1202,6 @@ int (*SSL_CTX_get_client_cert_cb(SSL_CTX *ctx)) (SSL *ssl, X509 **x509, return ctx->client_cert_cb; } -#ifndef OPENSSL_NO_ENGINE -int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e) -{ - if (!ENGINE_init(e)) { - SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB); - return 0; - } - if (!ENGINE_get_ssl_client_cert_function(e)) { - SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, - SSL_R_NO_CLIENT_CERT_METHOD); - ENGINE_finish(e); - return 0; - } - ctx->client_cert_engine = e; - return 1; -} -#endif - void SSL_CTX_set_cookie_generate_cb(SSL_CTX *ctx, int (*cb) (SSL *ssl, unsigned char *cookie, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index cb5130c713..bda6f48f46 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -9,9 +9,6 @@ * https://www.openssl.org/source/license.html */ -/* We need to use some engine deprecated APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include #include #include @@ -3866,9 +3863,7 @@ int ssl_do_client_cert_cb(SSL *s, X509 **px509, EVP_PKEY **ppkey) int i = 0; #ifndef OPENSSL_NO_ENGINE if (s->ctx->client_cert_engine) { - i = ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s, - SSL_get_client_CA_list(s), - px509, ppkey, NULL, NULL, NULL); + i = tls_engine_load_ssl_client_cert(s, px509, ppkey); if (i != 0) return i; } diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 8005f4ee32..1971a8e0bc 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -7,9 +7,6 @@ * https://www.openssl.org/source/license.html */ -/* We need access to the deprecated low level HMAC APIs */ -#define OPENSSL_SUPPRESS_DEPRECATED - #include #include #include @@ -3387,8 +3384,7 @@ SSL_HMAC *ssl_hmac_new(const SSL_CTX *ctx) #ifndef OPENSSL_NO_DEPRECATED_3_0 if (ctx->ext.ticket_key_evp_cb == NULL && ctx->ext.ticket_key_cb != NULL) { - ret->old_ctx = HMAC_CTX_new(); - if (ret->old_ctx == NULL) + if (!ssl_hmac_old_new(ret)) goto err; return ret; } @@ -3410,19 +3406,12 @@ void ssl_hmac_free(SSL_HMAC *ctx) if (ctx != NULL) { EVP_MAC_CTX_free(ctx->ctx); #ifndef OPENSSL_NO_DEPRECATED_3_0 - HMAC_CTX_free(ctx->old_ctx); + ssl_hmac_old_free(ctx); #endif OPENSSL_free(ctx); } } -#ifndef OPENSSL_NO_DEPRECATED_3_0 -HMAC_CTX *ssl_hmac_get0_HMAC_CTX(SSL_HMAC *ctx) -{ - return ctx->old_ctx; -} -#endif - EVP_MAC_CTX *ssl_hmac_get0_EVP_MAC_CTX(SSL_HMAC *ctx) { return ctx->ctx; @@ -3441,8 +3430,7 @@ int ssl_hmac_init(SSL_HMAC *ctx, void *key, size_t len, char *md) } #ifndef OPENSSL_NO_DEPRECATED_3_0 if (ctx->old_ctx != NULL) - return HMAC_Init_ex(ctx->old_ctx, key, len, - EVP_get_digestbyname(md), NULL); + return ssl_hmac_old_init(ctx, key, len, md); #endif return 0; } @@ -3453,7 +3441,7 @@ int ssl_hmac_update(SSL_HMAC *ctx, const unsigned char *data, size_t len) return EVP_MAC_update(ctx->ctx, data, len); #ifndef OPENSSL_NO_DEPRECATED_3_0 if (ctx->old_ctx != NULL) - return HMAC_Update(ctx->old_ctx, data, len); + return ssl_hmac_old_update(ctx, data, len); #endif return 0; } @@ -3464,15 +3452,8 @@ int ssl_hmac_final(SSL_HMAC *ctx, unsigned char *md, size_t *len, if (ctx->ctx != NULL) return EVP_MAC_final(ctx->ctx, md, len, max_size); #ifndef OPENSSL_NO_DEPRECATED_3_0 - if (ctx->old_ctx != NULL) { - unsigned int l; - - if (HMAC_Final(ctx->old_ctx, md, &l) > 0) { - if (len != NULL) - *len = l; - return 1; - } - } + if (ctx->old_ctx != NULL) + return ssl_hmac_old_final(ctx, md, len); #endif return 0; } @@ -3483,7 +3464,7 @@ size_t ssl_hmac_size(const SSL_HMAC *ctx) return EVP_MAC_size(ctx->ctx); #ifndef OPENSSL_NO_DEPRECATED_3_0 if (ctx->old_ctx != NULL) - return HMAC_size(ctx->old_ctx); + return ssl_hmac_old_size(ctx); #endif return 0; } diff --git a/ssl/tls_depr.c b/ssl/tls_depr.c new file mode 100644 index 0000000000..df630915d0 --- /dev/null +++ b/ssl/tls_depr.c @@ -0,0 +1,147 @@ +/* + * Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the Apache License 2.0 (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +/* We need to use some engine and HMAC deprecated APIs */ +#define OPENSSL_SUPPRESS_DEPRECATED + +#include +#include "ssl_local.h" + +/* + * Engine APIs are only used to support applications that still use ENGINEs. + * Once ENGINE is removed completely, all of this code can also be removed. + */ + +#ifndef OPENSSL_NO_ENGINE +void tls_engine_finish(ENGINE *e) +{ + ENGINE_finish(e); +} +#endif + +const EVP_CIPHER *tls_get_cipher_from_engine(int nid) +{ +#ifndef OPENSSL_NO_ENGINE + ENGINE *eng; + + /* + * If there is an Engine available for this cipher we use the "implicit" + * form to ensure we use that engine later. + */ + eng = ENGINE_get_cipher_engine(nid); + if (eng != NULL) { + ENGINE_finish(eng); + return EVP_get_cipherbynid(nid); + } +#endif + return NULL; +} + +const EVP_MD *tls_get_digest_from_engine(int nid) +{ +#ifndef OPENSSL_NO_ENGINE + ENGINE *eng; + + /* + * If there is an Engine available for this digest we use the "implicit" + * form to ensure we use that engine later. + */ + eng = ENGINE_get_digest_engine(nid); + if (eng != NULL) { + ENGINE_finish(eng); + return EVP_get_digestbynid(nid); + } +#endif + return NULL; +} + +#ifndef OPENSSL_NO_ENGINE +int tls_engine_load_ssl_client_cert(SSL *s, X509 **px509, EVP_PKEY **ppkey) +{ + return ENGINE_load_ssl_client_cert(s->ctx->client_cert_engine, s, + SSL_get_client_CA_list(s), + px509, ppkey, NULL, NULL, NULL); +} +#endif + +#ifndef OPENSSL_NO_ENGINE +int SSL_CTX_set_client_cert_engine(SSL_CTX *ctx, ENGINE *e) +{ + if (!ENGINE_init(e)) { + SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, ERR_R_ENGINE_LIB); + return 0; + } + if (!ENGINE_get_ssl_client_cert_function(e)) { + SSLerr(SSL_F_SSL_CTX_SET_CLIENT_CERT_ENGINE, + SSL_R_NO_CLIENT_CERT_METHOD); + ENGINE_finish(e); + return 0; + } + ctx->client_cert_engine = e; + return 1; +} +#endif + +/* + * The HMAC APIs below are only used to support the deprecated public API + * macro SSL_CTX_set_tlsext_ticket_key_cb(). The application supplied callback + * takes an HMAC_CTX in its argument list. The preferred alternative is + * SSL_CTX_set_tlsext_ticket_key_evp_cb(). Once + * SSL_CTX_set_tlsext_ticket_key_cb() is removed, then all of this code can also + * be removed. + */ +#ifndef OPENSSL_NO_DEPRECATED_3_0 +int ssl_hmac_old_new(SSL_HMAC *ret) +{ + ret->old_ctx = HMAC_CTX_new(); + if (ret->old_ctx == NULL) + return 0; + + return 1; +} + +void ssl_hmac_old_free(SSL_HMAC *ctx) +{ + HMAC_CTX_free(ctx->old_ctx); +} + +int ssl_hmac_old_init(SSL_HMAC *ctx, void *key, size_t len, char *md) +{ + return HMAC_Init_ex(ctx->old_ctx, key, len, EVP_get_digestbyname(md), NULL); +} + +int ssl_hmac_old_update(SSL_HMAC *ctx, const unsigned char *data, size_t len) +{ + return HMAC_Update(ctx->old_ctx, data, len); +} + +int ssl_hmac_old_final(SSL_HMAC *ctx, unsigned char *md, size_t *len) +{ + unsigned int l; + + if (HMAC_Final(ctx->old_ctx, md, &l) > 0) { + if (len != NULL) + *len = l; + return 1; + } + + return 0; +} + +size_t ssl_hmac_old_size(const SSL_HMAC *ctx) +{ + return HMAC_size(ctx->old_ctx); +} + +HMAC_CTX *ssl_hmac_get0_HMAC_CTX(SSL_HMAC *ctx) +{ + return ctx->old_ctx; +} +#endif + From matt at openssl.org Fri Oct 16 14:08:54 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 16 Oct 2020 14:08:54 +0000 Subject: [openssl] master update Message-ID: <1602857334.420733.27225.nullmailer@dev.openssl.org> The branch master has been updated via 372e72b19ee0b3584370fdea85e8be7dcf8b445b (commit) via 47e81a1bfa5ebd21f23c19745c7f5f93d141b02f (commit) from 301fcb284328902842ff363e6ad3a4144dae928c (commit) - Log ----------------------------------------------------------------- commit 372e72b19ee0b3584370fdea85e8be7dcf8b445b Author: Matt Caswell Date: Thu Oct 15 11:37:38 2020 +0100 Add a CHANGES entry for the SSL_SECOP_TMP_DH change Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13136) commit 47e81a1bfa5ebd21f23c19745c7f5f93d141b02f Author: Matt Caswell Date: Wed Oct 14 15:13:28 2020 +0100 Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback The security operation SSL_SECOP_TMP_DH is defined to take an EVP_PKEY in the "other" parameter: /* Temporary DH key */ # define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_PKEY) In most places this is what is passed. All these places occur server side. However there is one client side call of this security operation and it passes a DH object instead. This is incorrect according to the definition of SSL_SECOP_TMP_DH, and is inconsistent with all of the other locations. Our own default security callback, and the debug callback in the apps, never look at this value and therefore this issue was never noticed previously. In theory a client side application could be relying on this behaviour and could be broken by this change. This is probably fairly unlikely but can't be ruled out. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13136) ----------------------------------------------------------------------- Summary of changes: CHANGES.md | 11 +++++++++++ ssl/statem/statem_clnt.c | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/CHANGES.md b/CHANGES.md index e7f4992cf1..ba068b4f9d 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -23,6 +23,17 @@ OpenSSL 3.0 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx] + * The security callback, which can be customised by application code, supports + the security operation SSL_SECOP_TMP_DH. This is defined to take an EVP_PKEY + in the "other" parameter. In most places this is what is passed. All these + places occur server side. However there was one client side call of this + security operation and it passed a DH object instead. This is incorrect + according to the definition of SSL_SECOP_TMP_DH, and is inconsistent with all + of the other locations. Therefore this client side call has been changed to + pass an EVP_PKEY instead. + + *Matt Caswell* + * Add PKCS7_get_octet_string() and PKCS7_type_is_other() to the public interface. Their functionality remains unchanged. diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index bda6f48f46..ba57d31428 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2163,7 +2163,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey) dh = NULL; if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(peer_tmp), - 0, EVP_PKEY_get0_DH(peer_tmp))) { + 0, peer_tmp)) { SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PROCESS_SKE_DHE, SSL_R_DH_KEY_TOO_SMALL); goto err; From matt at openssl.org Fri Oct 16 14:15:13 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 16 Oct 2020 14:15:13 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1602857713.155219.29305.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via ed7cdb954e96d463add20f584f5e7ce99560af27 (commit) via 7844f3c784bfc93c9b94ae5a4082f9d01e82e0af (commit) from 7a23c23e4515d253d23b5c8258300873eca179c8 (commit) - Log ----------------------------------------------------------------- commit ed7cdb954e96d463add20f584f5e7ce99560af27 Author: Matt Caswell Date: Thu Oct 15 11:40:18 2020 +0100 Add a CHANGES entry for the SSL_SECOP_TMP_DH change Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13136) commit 7844f3c784bfc93c9b94ae5a4082f9d01e82e0af Author: Matt Caswell Date: Wed Oct 14 15:13:28 2020 +0100 Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback The security operation SSL_SECOP_TMP_DH is defined to take an EVP_PKEY in the "other" parameter: /* Temporary DH key */ # define SSL_SECOP_TMP_DH (7 | SSL_SECOP_OTHER_PKEY) In most places this is what is passed. All these places occur server side. However there is one client side call of this security operation and it passes a DH object instead. This is incorrect according to the definition of SSL_SECOP_TMP_DH, and is inconsistent with all of the other locations. Our own default security callback, and the debug callback in the apps, never look at this value and therefore this issue was never noticed previously. In theory a client side application could be relying on this behaviour and could be broken by this change. This is probably fairly unlikely but can't be ruled out. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13136) ----------------------------------------------------------------------- Summary of changes: CHANGES | 10 +++++++++- ssl/statem/statem_clnt.c | 13 +++++++------ 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/CHANGES b/CHANGES index fcb824c02d..401ae7a339 100644 --- a/CHANGES +++ b/CHANGES @@ -9,7 +9,15 @@ Changes between 1.1.1h and 1.1.1i [xx XXX xxxx] - *) + *) The security callback, which can be customised by application code, supports + the security operation SSL_SECOP_TMP_DH. This is defined to take an EVP_PKEY + in the "other" parameter. In most places this is what is passed. All these + places occur server side. However there was one client side call of this + security operation and it passed a DH object instead. This is incorrect + according to the definition of SSL_SECOP_TMP_DH, and is inconsistent with all + of the other locations. Therefore this client side call has been changed to + pass an EVP_PKEY instead. + [Matt Caswell] Changes between 1.1.1g and 1.1.1h [22 Sep 2020] diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 64e392cfbf..3bf8aacfc0 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2145,18 +2145,19 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey) } bnpub_key = NULL; - if (!ssl_security(s, SSL_SECOP_TMP_DH, DH_security_bits(dh), 0, dh)) { - SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PROCESS_SKE_DHE, - SSL_R_DH_KEY_TOO_SMALL); - goto err; - } - if (EVP_PKEY_assign_DH(peer_tmp, dh) == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_SKE_DHE, ERR_R_EVP_LIB); goto err; } + if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(peer_tmp), + 0, peer_tmp)) { + SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_F_TLS_PROCESS_SKE_DHE, + SSL_R_DH_KEY_TOO_SMALL); + goto err; + } + s->s3->peer_tmp = peer_tmp; /* From builds at travis-ci.com Fri Oct 16 15:19:07 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 16 Oct 2020 15:19:07 +0000 Subject: Still Failing: openssl/openssl#38068 (master - 301fcb2) In-Reply-To: Message-ID: <5f89b9ea1922_13f9953c45a8c61673e@travis-pro-tasks-5cc7f4b5d8-k6czq.mail> Build Update for openssl/openssl ------------------------------------- Build: #38068 Status: Still Failing Duration: 1 hr, 20 mins, and 15 secs Commit: 301fcb2 (master) Author: Matt Caswell Message: Concentrate deprecated libssl API usage in one file We create a new file ssl/tls_depr.c to contain functions that need to call deprecated APIs in libssl. This enables us to remove OPENSSL_SUPPRESS_DEPRECATED from a number of other libssl files. The deprecated API usage is either related to ENGINEs and is needed to continue to support applications that use such ENGINEs. Or they are needed to support some deprecated public libssl APIs. One other file remains in libssl that still uses deprecated APIs: s3_cbc.c This is needed to support the deprecated SSLv3. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13135) View the changeset: https://github.com/openssl/openssl/compare/192d4b9ca6d7...301fcb284328 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190481033?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 16 16:23:03 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 16 Oct 2020 16:23:03 +0000 Subject: Build failed: openssl master.37538 Message-ID: <20201016162303.1.191DAF7D58504901@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 16 16:30:21 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 16 Oct 2020 16:30:21 +0000 Subject: Still Failing: openssl/openssl#38069 (master - 372e72b) In-Reply-To: Message-ID: <5f89ca9d368bd_13f99560285bc90915@travis-pro-tasks-7b77d54985-nqnm7.mail> Build Update for openssl/openssl ------------------------------------- Build: #38069 Status: Still Failing Duration: 1 hr, 33 mins, and 36 secs Commit: 372e72b (master) Author: Matt Caswell Message: Add a CHANGES entry for the SSL_SECOP_TMP_DH change Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13136) View the changeset: https://github.com/openssl/openssl/compare/301fcb284328...372e72b19ee0 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190484000?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 16 16:54:17 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 16 Oct 2020 16:54:17 +0000 Subject: Broken: openssl/openssl#38070 (OpenSSL_1_1_1-stable - ed7cdb9) In-Reply-To: Message-ID: <5f89d038f2012_13fd644eb69a0107623@travis-pro-tasks-7b77d54985-clz5n.mail> Build Update for openssl/openssl ------------------------------------- Build: #38070 Status: Broken Duration: 50 mins and 36 secs Commit: ed7cdb9 (OpenSSL_1_1_1-stable) Author: Matt Caswell Message: Add a CHANGES entry for the SSL_SECOP_TMP_DH change Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13136) View the changeset: https://github.com/openssl/openssl/compare/7a23c23e4515...ed7cdb954e96 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190485056?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Fri Oct 16 17:08:18 2020 From: levitte at openssl.org (Richard Levitte) Date: Fri, 16 Oct 2020 17:08:18 +0000 Subject: [openssl] master update Message-ID: <1602868098.907856.20297.nullmailer@dev.openssl.org> The branch master has been updated via b40498c6e7c6726cc4fc8fef5346f743fdd48aaf (commit) from 372e72b19ee0b3584370fdea85e8be7dcf8b445b (commit) - Log ----------------------------------------------------------------- commit b40498c6e7c6726cc4fc8fef5346f743fdd48aaf Author: Richard Levitte Date: Thu Oct 15 16:53:29 2020 +0200 TEST: modify tconversion.pl for forensics In the interest of finding out what went wrong with a test by looking at its output, tconversion.pl is modified to take arguments in option form, and gets an additional -prefix option that callers can use to ensure output files are uniquely named. Test recipes are modified to use these new options. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13147) ----------------------------------------------------------------------- Summary of changes: test/recipes/15-test_dsa.t | 17 ++++++++++------ test/recipes/15-test_ec.t | 48 +++++++++++++++++++++++++++++--------------- test/recipes/15-test_rsa.t | 12 +++++++---- test/recipes/25-test_crl.t | 2 +- test/recipes/25-test_pkcs7.t | 6 ++++-- test/recipes/25-test_req.t | 3 ++- test/recipes/25-test_sid.t | 3 ++- test/recipes/25-test_x509.t | 9 ++++++--- test/recipes/tconversion.pl | 35 ++++++++++++++++++++------------ 9 files changed, 88 insertions(+), 47 deletions(-) diff --git a/test/recipes/15-test_dsa.t b/test/recipes/15-test_dsa.t index c99b320a5c..b2747e3d46 100644 --- a/test/recipes/15-test_dsa.t +++ b/test/recipes/15-test_dsa.t @@ -26,17 +26,22 @@ ok(run(test(["dsa_no_digest_size_test"])), "running dsa_no_digest_size_test"); subtest "dsa conversions using 'openssl dsa' -- private key" => sub { - tconversion("dsa", srctop_file("test","testdsa.pem")); + tconversion( -type => 'dsa', -prefix => 'dsa-priv', + -in => srctop_file("test","testdsa.pem") ); }; subtest "dsa conversions using 'openssl dsa' -- public key" => sub { - tconversion("msb", srctop_file("test","testdsapub.pem"), "dsa", - "-pubin", "-pubout"); + tconversion( -type => 'msb', -prefix => 'dsa-msb-pub', + -in => srctop_file("test","testdsapub.pem"), + -args => ["dsa", "-pubin", "-pubout"] ); }; subtest "dsa conversions using 'openssl pkey' -- private key PKCS#8" => sub { - tconversion("dsa", srctop_file("test","testdsa.pem"), "pkey"); + tconversion( -type => 'dsa', -prefix => 'dsa-pkcs8', + -in => srctop_file("test","testdsa.pem"), + -args => ["pkey"] ); }; subtest "dsa conversions using 'openssl pkey' -- public key" => sub { - tconversion("dsa", srctop_file("test","testdsapub.pem"), "pkey", - "-pubin", "-pubout"); + tconversion( -type => 'dsa', -prefix => 'dsa-pkey-pub', + -in => srctop_file("test","testdsapub.pem"), + -args => ["pkey", "-pubin", "-pubout"] ); }; diff --git a/test/recipes/15-test_ec.t b/test/recipes/15-test_ec.t index c65814f602..5a042d1d4d 100644 --- a/test/recipes/15-test_ec.t +++ b/test/recipes/15-test_ec.t @@ -30,14 +30,18 @@ SKIP: { if disabled("ec"); subtest 'EC conversions -- private key' => sub { - tconversion("ec", srctop_file("test","testec-p256.pem")); + tconversion( -type => 'ec', -prefix => 'ec-priv', + -in => srctop_file("test","testec-p256.pem") ); }; subtest 'EC conversions -- private key PKCS#8' => sub { - tconversion("ec", srctop_file("test","testec-p256.pem"), "pkey"); + tconversion( -type => 'ec', -prefix => 'ec-pkcs8', + -in => srctop_file("test","testec-p256.pem"), + -args => "pkey" ); }; subtest 'EC conversions -- public key' => sub { - tconversion("ec", srctop_file("test","testecpub-p256.pem"), - "ec", "-pubin", "-pubout"); + tconversion( -type => 'ec', -prefix => 'ec-pub', + -in => srctop_file("test","testecpub-p256.pem"), + -args => [ "ec", "-pubin", "-pubout" ] ); }; } @@ -46,14 +50,18 @@ SKIP: { if disabled("ec"); subtest 'PKEY conversions -- private key' => sub { - tconversion("pkey", srctop_file("test","testec-p256.pem")); + tconversion( -type => 'pkey', -prefix => 'ec-pkey-priv', + -in => srctop_file("test","testec-p256.pem") ); }; subtest 'PKEY conversions -- private key PKCS#8' => sub { - tconversion("pkey", srctop_file("test","testec-p256.pem"), "pkey"); + tconversion( -type => 'pkey', -prefix => 'ec-pkey-pkcs8', + -in => srctop_file("test","testec-p256.pem"), + -args => "pkey" ); }; subtest 'PKEY conversions -- public key' => sub { - tconversion("pkey", srctop_file("test","testecpub-p256.pem"), - "pkey", "-pubin", "-pubout"); + tconversion( -type => 'pkey', -prefix => 'ec-pkey-pub', + -in => srctop_file("test","testecpub-p256.pem"), + -args => [ "pkey", "-pubin", "-pubout" ] ); }; } @@ -62,24 +70,32 @@ SKIP: { if disabled("ec"); subtest 'Ed25519 conversions -- private key' => sub { - tconversion("pkey", srctop_file("test", "tested25519.pem")); + tconversion( -type => "pkey", -prefix => "ed25519-pkey-priv", + -in => srctop_file("test", "tested25519.pem") ); }; subtest 'Ed25519 conversions -- private key PKCS#8' => sub { - tconversion("pkey", srctop_file("test", "tested25519.pem"), "pkey"); + tconversion( -type => "pkey", -prefix => "ed25519-pkey-pkcs8", + -in => srctop_file("test", "tested25519.pem"), + -args => ["pkey"] ); }; subtest 'Ed25519 conversions -- public key' => sub { - tconversion("pkey", srctop_file("test", "tested25519pub.pem"), - "pkey", "-pubin", "-pubout"); + tconversion( -type => "pkey", -prefix => "ed25519-pkey-pub", + -in => srctop_file("test", "tested25519pub.pem"), + -args => ["pkey", "-pubin", "-pubout"] ); }; subtest 'Ed448 conversions -- private key' => sub { - tconversion("pkey", srctop_file("test", "tested448.pem")); + tconversion( -type => "pkey", -prefix => "ed448-pkey-priv", + -in => srctop_file("test", "tested448.pem") ); }; subtest 'Ed448 conversions -- private key PKCS#8' => sub { - tconversion("pkey", srctop_file("test", "tested448.pem"), "pkey"); + tconversion( -type => "pkey", -prefix => "ed448-pkey-pkcs8", + -in => srctop_file("test", "tested448.pem"), + -args => ["pkey"] ); }; subtest 'Ed448 conversions -- public key' => sub { - tconversion("pkey", srctop_file("test", "tested448pub.pem"), - "pkey", "-pubin", "-pubout"); + tconversion( -type => "pkey", -prefix => "ed448-pkey-pub", + -in => srctop_file("test", "tested448pub.pem"), + -args => ["pkey", "-pubin", "-pubout"] ); }; } diff --git a/test/recipes/15-test_rsa.t b/test/recipes/15-test_rsa.t index 2f94e6b088..7e554579d8 100644 --- a/test/recipes/15-test_rsa.t +++ b/test/recipes/15-test_rsa.t @@ -37,10 +37,13 @@ sub run_rsa_tests { if disabled("rsa"); subtest "$cmd conversions -- private key" => sub { - tconversion($cmd, srctop_file("test", "testrsa.pem")); + tconversion( -type => $cmd, -prefix => "$cmd-priv", + -in => srctop_file("test", "testrsa.pem") ); }; subtest "$cmd conversions -- private key PKCS#8" => sub { - tconversion($cmd, srctop_file("test", "testrsa.pem"), "pkey"); + tconversion( -type => $cmd, -prefix => "$cmd-pkcs8", + -in => srctop_file("test", "testrsa.pem"), + -args => ["pkey"] ); }; } @@ -49,8 +52,9 @@ sub run_rsa_tests { if disabled($cmd) || disabled("dsa") || $cmd == 'pkey'; subtest "$cmd conversions -- public key" => sub { - tconversion("msb", srctop_file("test", "testrsapub.pem"), "rsa", - "-pubin", "-pubout"); + tconversion( -type => 'msb', -prefix => "$cmd-msb-pub", + -in => srctop_file("test", "testrsapub.pem"), + -args => ["rsa", "-pubin", "-pubout"] ); }; } } diff --git a/test/recipes/25-test_crl.t b/test/recipes/25-test_crl.t index b7e805cbc9..4b487867f5 100644 --- a/test/recipes/25-test_crl.t +++ b/test/recipes/25-test_crl.t @@ -24,7 +24,7 @@ my $out = "cyrillic_crl.out"; my $utf = srctop_file("test/certs", "cyrillic_crl.utf8"); subtest 'crl conversions' => sub { - tconversion("crl", srctop_file("test","testcrl.pem")); + tconversion( -type => "crl", -in => srctop_file("test","testcrl.pem") ); }; ok(run(test(['crltest']))); diff --git a/test/recipes/25-test_pkcs7.t b/test/recipes/25-test_pkcs7.t index df15545c39..1d2a757d9f 100644 --- a/test/recipes/25-test_pkcs7.t +++ b/test/recipes/25-test_pkcs7.t @@ -20,8 +20,10 @@ plan tests => 3; require_ok(srctop_file('test','recipes','tconversion.pl')); subtest 'pkcs7 conversions -- pkcs7' => sub { - tconversion("p7", srctop_file("test", "testp7.pem"), "pkcs7"); + tconversion( -type => 'p7', -in => srctop_file("test", "testp7.pem"), + -args => ["pkcs7"] ); }; subtest 'pkcs7 conversions -- pkcs7d' => sub { - tconversion("p7d", srctop_file("test", "pkcs7-1.pem"), "pkcs7"); + tconversion( -type => 'p7d', -in => srctop_file("test", "pkcs7-1.pem"), + -args => ["pkcs7"] ); }; diff --git a/test/recipes/25-test_req.t b/test/recipes/25-test_req.t index 8d26be2bf0..b5d63fe1da 100644 --- a/test/recipes/25-test_req.t +++ b/test/recipes/25-test_req.t @@ -237,7 +237,8 @@ sub run_conversion { plan skip_all => "skipping req conversion test for $reqfile" if grep /Unknown Public Key/, map { s/\R//; } ; - tconversion("req", $reqfile, @openssl_args); + tconversion( -type => 'req', -in => $reqfile, + -args => [ @openssl_args ] ); } close DATA; unlink "req-check.err"; diff --git a/test/recipes/25-test_sid.t b/test/recipes/25-test_sid.t index 82f567f114..7d35e98c2d 100644 --- a/test/recipes/25-test_sid.t +++ b/test/recipes/25-test_sid.t @@ -24,5 +24,6 @@ plan tests => 2; require_ok(srctop_file('test','recipes','tconversion.pl')); subtest 'sid conversions' => sub { - tconversion("sid", srctop_file("test","testsid.pem"), "sess_id"); + tconversion( -type => 'sid', -in => srctop_file("test","testsid.pem"), + -args => ["sess_id"] ); }; diff --git a/test/recipes/25-test_x509.t b/test/recipes/25-test_x509.t index f5b4245960..896c5a1e6a 100644 --- a/test/recipes/25-test_x509.t +++ b/test/recipes/25-test_x509.t @@ -72,13 +72,16 @@ SKIP: { } subtest 'x509 -- x.509 v1 certificate' => sub { - tconversion("x509", srctop_file("test","testx509.pem")); + tconversion( -type => 'x509', -prefix => 'x509v1', + -in => srctop_file("test","testx509.pem") ); }; subtest 'x509 -- first x.509 v3 certificate' => sub { - tconversion("x509", srctop_file("test","v3-cert1.pem")); + tconversion( -type => 'x509', -prefix => 'x509v3-1', + -in => srctop_file("test","v3-cert1.pem") ); }; subtest 'x509 -- second x.509 v3 certificate' => sub { - tconversion("x509", srctop_file("test","v3-cert2.pem")); + tconversion( -type => 'x509', -prefix => 'x509v3-2', + -in => srctop_file("test","v3-cert2.pem") ); }; subtest 'x509 -- pathlen' => sub { diff --git a/test/recipes/tconversion.pl b/test/recipes/tconversion.pl index 828c822c9c..d3b64590da 100644 --- a/test/recipes/tconversion.pl +++ b/test/recipes/tconversion.pl @@ -21,14 +21,23 @@ my %conversionforms = ( "msb" => [ "d", "p", "msblob" ], ); sub tconversion { - my $testtype = shift; - my $t = shift; + my %opts = @_; + + die "Missing option -type" unless $opts{-type}; + die "Missing option -in" unless $opts{-in}; + my $testtype = $opts{-type}; + my $t = $opts{-in}; + my $prefix = $opts{-prefix} // $testtype; my @conversionforms = defined($conversionforms{$testtype}) ? @{$conversionforms{$testtype}} : @{$conversionforms{"*"}}; - my @openssl_args = @_; - if (!@openssl_args) { @openssl_args = ($testtype); } + my @openssl_args; + if (defined $opts{-args}) { + @openssl_args = @{$opts{-args}} if ref $opts{-args} eq 'ARRAY'; + @openssl_args = ($opts{-args}) if ref $opts{-args} eq ''; + } + @openssl_args = ($testtype) unless @openssl_args; my $n = scalar @conversionforms; my $totaltests = @@ -44,13 +53,13 @@ sub tconversion { my $init; if (scalar @openssl_args > 0 && $openssl_args[0] eq "pkey") { - $init = ok(run(app([@cmd, "-in", $t, "-out", "$testtype-fff.p"])), + $init = ok(run(app([@cmd, "-in", $t, "-out", "$prefix-fff.p"])), 'initializing'); } else { - $init = ok(copy($t, "$testtype-fff.p"), 'initializing'); + $init = ok(copy($t, "$prefix-fff.p"), 'initializing'); } if (!$init) { - diag("Trying to copy $t to $testtype-fff.p : $!"); + diag("Trying to copy $t to $prefix-fff.p : $!"); } SKIP: { @@ -58,9 +67,9 @@ sub tconversion { foreach my $to (@conversionforms) { ok(run(app([@cmd, - "-in", "$testtype-fff.p", + "-in", "$prefix-fff.p", "-inform", "p", - "-out", "$testtype-f.$to", + "-out", "$prefix-f.$to", "-outform", $to])), "p -> $to"); } @@ -68,23 +77,23 @@ sub tconversion { foreach my $to (@conversionforms) { foreach my $from (@conversionforms) { ok(run(app([@cmd, - "-in", "$testtype-f.$from", + "-in", "$prefix-f.$from", "-inform", $from, - "-out", "$testtype-ff.$from$to", + "-out", "$prefix-ff.$from$to", "-outform", $to])), "$from -> $to"); } } if ($testtype ne "p7d") { - is(cmp_text("$testtype-fff.p", "$testtype-f.p"), 0, + is(cmp_text("$prefix-fff.p", "$prefix-f.p"), 0, 'comparing orig to p'); } foreach my $to (@conversionforms) { next if $to eq "d"; foreach my $from (@conversionforms) { - is(cmp_text("$testtype-f.$to", "$testtype-ff.$from$to"), 0, + is(cmp_text("$prefix-f.$to", "$prefix-ff.$from$to"), 0, "comparing $to to $from$to"); } } From no-reply at appveyor.com Fri Oct 16 17:46:08 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 16 Oct 2020 17:46:08 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37539 Message-ID: <20201016174608.1.AE56DA18B59656D6@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 16 20:19:04 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 16 Oct 2020 20:19:04 +0000 Subject: Still Failing: openssl/openssl#38074 (master - b40498c) In-Reply-To: Message-ID: <5f8a003790a9d_13fd8daf9e6183172e3@travis-pro-tasks-5c9dc4dbb9-nr8qn.mail> Build Update for openssl/openssl ------------------------------------- Build: #38074 Status: Still Failing Duration: 1 hr, 17 mins, and 47 secs Commit: b40498c (master) Author: Richard Levitte Message: TEST: modify tconversion.pl for forensics In the interest of finding out what went wrong with a test by looking at its output, tconversion.pl is modified to take arguments in option form, and gets an additional -prefix option that callers can use to ensure output files are uniquely named. Test recipes are modified to use these new options. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13147) View the changeset: https://github.com/openssl/openssl/compare/372e72b19ee0...b40498c6e7c6 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190513681?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 16 23:22:02 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 16 Oct 2020 23:22:02 +0000 Subject: Build failed: openssl master.37543 Message-ID: <20201016232202.1.0FECDFD863DB21E1@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Sat Oct 17 09:54:43 2020 From: levitte at openssl.org (Richard Levitte) Date: Sat, 17 Oct 2020 09:54:43 +0000 Subject: [openssl] master update Message-ID: <1602928483.120676.10432.nullmailer@dev.openssl.org> The branch master has been updated via a1fc4642e1cedbce54945da36d256bbb12ff752d (commit) from b40498c6e7c6726cc4fc8fef5346f743fdd48aaf (commit) - Log ----------------------------------------------------------------- commit a1fc4642e1cedbce54945da36d256bbb12ff752d Author: Richard Levitte Date: Fri Oct 16 10:24:18 2020 +0200 dev/release.sh: improve instruction for pushing the tag 'git push --follow-tags' does a little too much, any spurious tag object that the releaser have in their local repository will come along, even though they have nothing to do with the commits being pushed. Therefore, we modify the instructions to show a separate and explicit push of the release tag. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13159) ----------------------------------------------------------------------- Summary of changes: dev/release.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/dev/release.sh b/dev/release.sh index 98fdd6a580..be8c89bb69 100755 --- a/dev/release.sh +++ b/dev/release.sh @@ -556,10 +556,12 @@ Push them to github, make PRs from them and have them approved: When merging them into the main repository, do it like this: - git push --follow-tags openssl-git at git.openssl.org:openssl.git \\ + git push openssl-git at git.openssl.org:openssl.git \\ $tmp_release_branch:$release_branch git push openssl-git at git.openssl.org:openssl.git \\ $tmp_update_branch:$update_branch + git push openssl-git at git.openssl.org:openssl.git \\ + $tag EOF else cat < An HTML attachment was scrubbed... URL: From levitte at openssl.org Sat Oct 17 09:58:03 2020 From: levitte at openssl.org (Richard Levitte) Date: Sat, 17 Oct 2020 09:58:03 +0000 Subject: [openssl] master update Message-ID: <1602928683.162485.12777.nullmailer@dev.openssl.org> The branch master has been updated via 9096809b209a03eb3948242e702b19526e675d57 (commit) from a1fc4642e1cedbce54945da36d256bbb12ff752d (commit) - Log ----------------------------------------------------------------- commit 9096809b209a03eb3948242e702b19526e675d57 Author: Richard Levitte Date: Fri Oct 16 07:58:33 2020 +0200 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally OSSL_DECODER_CTX_set_params() and OSSL_ENCODER_CTX_set_params() would stop as soon as a decoder / encoder instance failed, which leaves the rest of them with a possibly previous and different value. Instead, these functions will now call them all, but will return 0 if any of the instance calls failed. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13156) ----------------------------------------------------------------------- Summary of changes: crypto/encode_decode/decoder_meth.c | 5 +++-- crypto/encode_decode/encoder_meth.c | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c index f27bb4c1e4..edbb140c44 100644 --- a/crypto/encode_decode/decoder_meth.c +++ b/crypto/encode_decode/decoder_meth.c @@ -493,6 +493,7 @@ OSSL_DECODER_CTX *OSSL_DECODER_CTX_new(void) int OSSL_DECODER_CTX_set_params(OSSL_DECODER_CTX *ctx, const OSSL_PARAM params[]) { + int ok = 1; size_t i; size_t l; @@ -516,9 +517,9 @@ int OSSL_DECODER_CTX_set_params(OSSL_DECODER_CTX *ctx, if (decoderctx == NULL || decoder->set_ctx_params == NULL) continue; if (!decoder->set_ctx_params(decoderctx, params)) - return 0; + ok = 0; } - return 1; + return ok; } void OSSL_DECODER_CTX_free(OSSL_DECODER_CTX *ctx) diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c index bee54bf63a..adff759bd4 100644 --- a/crypto/encode_decode/encoder_meth.c +++ b/crypto/encode_decode/encoder_meth.c @@ -503,6 +503,7 @@ OSSL_ENCODER_CTX *OSSL_ENCODER_CTX_new(void) int OSSL_ENCODER_CTX_set_params(OSSL_ENCODER_CTX *ctx, const OSSL_PARAM params[]) { + int ok = 1; size_t i; size_t l; @@ -524,9 +525,9 @@ int OSSL_ENCODER_CTX_set_params(OSSL_ENCODER_CTX *ctx, if (encoderctx == NULL || encoder->set_ctx_params == NULL) continue; if (!encoder->set_ctx_params(encoderctx, params)) - return 0; + ok = 0; } - return 1; + return ok; } void OSSL_ENCODER_CTX_free(OSSL_ENCODER_CTX *ctx) From builds at travis-ci.com Sat Oct 17 11:29:13 2020 From: builds at travis-ci.com (Travis CI) Date: Sat, 17 Oct 2020 11:29:13 +0000 Subject: Still Failing: openssl/openssl#38077 (master - a1fc464) In-Reply-To: Message-ID: <5f8ad5894f3d1_13ff8bc64888c5113c9@travis-pro-tasks-5dc8768948-s84t9.mail> Build Update for openssl/openssl ------------------------------------- Build: #38077 Status: Still Failing Duration: 1 hr, 19 mins, and 54 secs Commit: a1fc464 (master) Author: Richard Levitte Message: dev/release.sh: improve instruction for pushing the tag 'git push --follow-tags' does a little too much, any spurious tag object that the releaser have in their local repository will come along, even though they have nothing to do with the commits being pushed. Therefore, we modify the instructions to show a separate and explicit push of the release tag. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13159) View the changeset: https://github.com/openssl/openssl/compare/b40498c6e7c6...a1fc4642e1ce View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190635670?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 17 12:22:31 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 17 Oct 2020 12:22:31 +0000 Subject: Build failed: openssl master.37547 Message-ID: <20201017122231.1.DF245514B362823A@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Sat Oct 17 12:34:31 2020 From: builds at travis-ci.com (Travis CI) Date: Sat, 17 Oct 2020 12:34:31 +0000 Subject: Still Failing: openssl/openssl#38078 (master - 9096809) In-Reply-To: Message-ID: <5f8ae4d6e3acb_13fa35bb98438343b7@travis-pro-tasks-68458676b-8dhmm.mail> Build Update for openssl/openssl ------------------------------------- Build: #38078 Status: Still Failing Duration: 1 hr, 29 mins, and 47 secs Commit: 9096809 (master) Author: Richard Levitte Message: ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally OSSL_DECODER_CTX_set_params() and OSSL_ENCODER_CTX_set_params() would stop as soon as a decoder / encoder instance failed, which leaves the rest of them with a possibly previous and different value. Instead, these functions will now call them all, but will return 0 if any of the instance calls failed. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13156) View the changeset: https://github.com/openssl/openssl/compare/a1fc4642e1ce...9096809b209a View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190635825?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 17 15:31:48 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 17 Oct 2020 15:31:48 +0000 Subject: Build failed: openssl master.37552 Message-ID: <20201017153148.1.4F3F304267F35601@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 17 16:35:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 17 Oct 2020 16:35:51 +0000 Subject: Build failed: openssl master.37553 Message-ID: <20201017163551.1.A5619CEE4D7B9D73@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 17 17:18:05 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 17 Oct 2020 17:18:05 +0000 Subject: Build failed: openssl master.37554 Message-ID: <20201017171805.1.240C6E2A0C996697@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sun Oct 18 07:53:12 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 18 Oct 2020 07:53:12 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5f8bf467ea754_edaa82ad18cf02f5c97ee@prd-scan-dashboard-0.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DGNH7_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeFBS1h2NyYxTi34aRCo-2FbQ7nBthTF86Qfgrqtd2NCapoH-2BTJHmNhznnf0gNOGjc0MLSCKF1ZXh5gKvuZLmO9Hw2GF8Rf-2FyZBNGmtZmLAWvwq3oto-2FFwjqFrrKeCDMHxHcsKu4OAb8sXwHn4r80TLRlZp1Gg7HXkXDDJ6mpgMBcnIytLG9p-2BoEAIqIQvY1nXMwE-3D Build ID: 346138 Analysis Summary: New defects found: 0 Defects eliminated: 0 From scan-admin at coverity.com Sun Oct 18 07:55:54 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 18 Oct 2020 07:55:54 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5f8bf50958c52_edc122ad18cf02f5c97f2@prd-scan-dashboard-0.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3D_6Un_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHLMepXQCsHexfam1VSDeLmGR-2F3kRHJoXIAszluFhiqIeyaF9UsVysl4Fjt84ucwR4-2BbntNAN8iuzASdz0b-2FGp3Kqg65sgVB1IBgZLX-2FChf90REyegizqoBdlvWaMzAs-2BzJ70CDPVsuzu-2BKrPe6txslozQqqqpNwlFMHYa-2FqD05MJLAKZhAZ3eA6fzIhOMQC84-3D Build ID: 346137 Analysis Summary: New defects found: 0 Defects eliminated: 5 From no-reply at appveyor.com Sun Oct 18 09:09:49 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 18 Oct 2020 09:09:49 +0000 Subject: Build failed: openssl master.37557 Message-ID: <20201018090949.1.B7B087D17E77E1AC@appveyor.com> An HTML attachment was scrubbed... URL: From matthias.st.pierre at ncp-e.com Sun Oct 18 11:26:42 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Sun, 18 Oct 2020 11:26:42 +0000 Subject: [openssl] master update Message-ID: <1603020402.361989.17838.nullmailer@dev.openssl.org> The branch master has been updated via 84dd002f41f1b3238cc305126d316c28245db180 (commit) from 9096809b209a03eb3948242e702b19526e675d57 (commit) - Log ----------------------------------------------------------------- commit 84dd002f41f1b3238cc305126d316c28245db180 Author: Dr. Matthias St. Pierre Date: Sat Oct 17 10:40:25 2020 +0200 README: make the link to the OpenSSL 3.0 Wiki page more prominent Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13164) ----------------------------------------------------------------------- Summary of changes: README.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ba8efb17b7..811d6588ff 100644 --- a/README.md +++ b/README.md @@ -114,8 +114,7 @@ document. * [NOTES-Valgrind.md](NOTES-Valgrind.md) Specific notes on upgrading to OpenSSL 3.0 from previous versions, as well as -known issues are available on the OpenSSL -[wiki](https://wiki.openssl.org/index.php/OpenSSL_3.0). +known issues are available on the [OpenSSL 3.0 Wiki] page. Documentation ============= @@ -194,6 +193,10 @@ All rights reserved. "OpenSSL Wiki" +[OpenSSL 3.0 Wiki]: + + "OpenSSL 3.0 Wiki" + [RFC 8446]: From matthias.st.pierre at ncp-e.com Sun Oct 18 11:28:42 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Sun, 18 Oct 2020 11:28:42 +0000 Subject: [openssl] master update Message-ID: <1603020522.674046.19016.nullmailer@dev.openssl.org> The branch master has been updated via 6c8149df1fb6fce50a914a70040955d3512b0bd6 (commit) from 84dd002f41f1b3238cc305126d316c28245db180 (commit) - Log ----------------------------------------------------------------- commit 6c8149df1fb6fce50a914a70040955d3512b0bd6 Author: Dr. Matthias St. Pierre Date: Sat Oct 17 10:45:49 2020 +0200 Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING Replace [collapsed reference links][] by [shortcut reference links], in order to to improve the readability of the raw markdown text, see also commit d8dc853825 (Change CVE link style in CHANGES and NEWS). [collapsed reference links]: https://github.github.com/gfm/#collapsed-reference-link [shortcut reference links]: https://github.github.com/gfm/#shortcut-reference-link Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13165) ----------------------------------------------------------------------- Summary of changes: CONTRIBUTING.md | 14 +++++++------- INSTALL.md | 18 +++++++++--------- README.md | 16 ++++++++-------- SUPPORT.md | 18 +++++++++--------- 4 files changed, 33 insertions(+), 33 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3e11b0b89f..d21aab0e6e 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,13 +1,13 @@ HOW TO CONTRIBUTE TO OpenSSL ============================ -Please visit our [Getting Started][gs] page for other ideas about how to contribute. +Please visit our [Getting Started] page for other ideas about how to contribute. - [gs]: https://www.openssl.org/community/getting-started.html + [Getting Started]: -Development is done on GitHub in the [openssl/openssl][gh] repository. +Development is done on GitHub in the [openssl/openssl] repository. - [gh]: https://github.com/openssl/openssl + [openssl/openssl]: To request new features or report bugs, please open an issue on GitHub @@ -20,13 +20,13 @@ To make it easier to review and accept your pull request, please follow these guidelines: 1. Anything other than a trivial contribution requires a [Contributor - License Agreement][CLA] (CLA), giving us permission to use your code. + License Agreement] (CLA), giving us permission to use your code. If your contribution is too small to require a CLA (e.g. fixing a spelling mistake), place the text "`CLA: trivial`" on a line by itself separated by an empty line from the rest of the commit message. It is not sufficient to only place the text in the GitHub pull request description. - [CLA]: https://www.openssl.org/policies/cla.html + [Contributor License Agreement]: To amend a missing "`CLA: trivial`" line after submission, do the following: @@ -53,7 +53,7 @@ guidelines: often. We do not accept merge commits, you will have to remove them (usually by rebasing) before it will be acceptable. - 4. Patches should follow our [coding style][] and compile without warnings. + 4. Patches should follow our [coding style] and compile without warnings. Where `gcc` or `clang` is available you should use the `--strict-warnings` `Configure` option. OpenSSL compiles on many varied platforms: try to ensure you only use portable features. Clean builds diff --git a/INSTALL.md b/INSTALL.md index 30c88872d2..b1624b0d27 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1524,7 +1524,7 @@ directory, which you can supply to the `./Configure` command, possibly after some adjustment. The `Configurations/` directory contains a lot of examples of such targets. -The main configuration file is [10-main.conf][], which contains all targets that +The main configuration file is [10-main.conf], which contains all targets that are officially supported by the OpenSSL team. Other configuration files contain targets contributed by other OpenSSL users. The list of targets can be found in a Perl list `my %targets = ( ... )`. @@ -1552,11 +1552,11 @@ design of the configuration files. - [Configurations/README.md](Configurations/README.md) - [Configurations/README-design.md](Configurations/README-design.md) -If you need further help, try to search the [openssl-users][] mailing list -or the [GitHub Issues][] for existing solutions. If you don't find anything, -you can [raise an issue][] to ask a question yourself. +If you need further help, try to search the [openssl-users] mailing list +or the [GitHub Issues] for existing solutions. If you don't find anything, +you can [raise an issue] to ask a question yourself. -More about our support resources can be found in the [SUPPORT][] file. +More about our support resources can be found in the [SUPPORT] file. ### Configuration Errors @@ -1564,7 +1564,7 @@ If the `./Configure` or `./Configure` command fails with an error message, read the error message carefully and try to figure out whether you made a mistake (e.g., by providing a wrong option), or whether the script is working incorrectly. If you think you encountered a bug, please -[raise an issue][] on GitHub to file a bug report. +[raise an issue] on GitHub to file a bug report. Along with a short description of the bug, please provide the complete configure command line and the relevant output including the error message. @@ -1603,9 +1603,9 @@ Assembler error messages can sometimes be sidestepped by using the Compiling parts of OpenSSL with gcc and others with the system compiler will result in unresolved symbols on some systems. -If you are still having problems, try to search the [openssl-users][] mailing -list or the [GitHub Issues][] for existing solutions. If you think you -encountered an OpenSSL bug, please [raise an issue][] to file a bug report. +If you are still having problems, try to search the [openssl-users] mailing +list or the [GitHub Issues] for existing solutions. If you think you +encountered an OpenSSL bug, please [raise an issue] to file a bug report. Please take the time to review the existing issues first; maybe the bug was already reported or has already been fixed. diff --git a/README.md b/README.md index 811d6588ff..f6d9ed6483 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ Welcome to the OpenSSL Project ============================== -[![openssl logo][]][www.openssl.org] +[![openssl logo]][www.openssl.org] -[![travis badge][]][travis jobs] -[![appveyor badge][]][appveyor jobs] +[![travis badge]][travis jobs] +[![appveyor badge]][appveyor jobs] OpenSSL is a robust, commercial-grade, full-featured Open Source Toolkit for the Transport Layer Security (TLS) protocol formerly known as the @@ -15,7 +15,7 @@ be used stand-alone. OpenSSL is descended from the SSLeay library developed by Eric A. Young and Tim J. Hudson. -The official Home Page of the OpenSSL Project is [www.openssl.org][]. +The official Home Page of the OpenSSL Project is [www.openssl.org]. Table of Contents ================= @@ -35,7 +35,7 @@ Overview The OpenSSL toolkit includes: - **libssl** - an implementation of all TLS protocol versions up to TLSv1.3 ([RFC 8446][]). + an implementation of all TLS protocol versions up to TLSv1.3 ([RFC 8446]). - **libcrypto** a full-strength general purpose cryptographic library. It constitutes the @@ -75,8 +75,8 @@ the source tarballs, having a local copy of the git repository with the entire project history gives you much more insight into the code base. -The official OpenSSL Git Repository is located at [git.openssl.org][]. -There is a GitHub mirror of the repository at [github.com/openssl/openssl][], +The official OpenSSL Git Repository is located at [git.openssl.org]. +There is a GitHub mirror of the repository at [github.com/openssl/openssl], which is updated automatically from the former on every commit. A local copy of the Git Repository can be obtained by cloning it from @@ -131,7 +131,7 @@ available online. Wiki ---- -There is a Wiki at [wiki.openssl.org][] which is currently not very active. +There is a Wiki at [wiki.openssl.org] which is currently not very active. It contains a lot of useful information, not all of which is up to date. License diff --git a/SUPPORT.md b/SUPPORT.md index a2f70564e6..503a23093d 100644 --- a/SUPPORT.md +++ b/SUPPORT.md @@ -43,7 +43,7 @@ For more information, see You have general questions about using OpenSSL ---------------------------------------------- -In this case the [openssl-users][] mailing list is the right place for you. +In this case the [openssl-users] mailing list is the right place for you. The list is not only watched by the OpenSSL team members, but also by many other OpenSSL users. Here you will most likely get the answer to your questions. An overview over the [mailing lists](#mailing-lists) can be found below. @@ -64,7 +64,7 @@ If you have any problems with OpenSSL then please take the following steps first Please keep in mind: Just because something doesn't work the way you expect does not mean it is necessarily a bug in OpenSSL. If you are not sure, consider searching the mail archives and posting a question to the -[openssl-users][] mailing list first. +[openssl-users] mailing list first. ### Open an Issue @@ -94,18 +94,18 @@ like a grammatical or typographical error in the documentation. Mailing Lists ============= -The OpenSSL maintains a number of [mailing lists][] for various purposes. +The OpenSSL maintains a number of [mailing lists] for various purposes. The most important lists are: -- [openssl-users][] for general questions about using the OpenSSL software - and discussions between OpenSSL users. +- [openssl-users] for general questions about using the OpenSSL software + and discussions between OpenSSL users. -- [openssl-announce][] for official announcements to the OpenSSL community. +- [openssl-announce] for official announcements to the OpenSSL community. -- [openssl-project][] for discussion about the development roadmap - and governance. +- [openssl-project] for discussion about the development roadmap + and governance. -- [openssl-dev][] for discussion about development of OpenSSL. +- [openssl-dev] for discussion about development of OpenSSL. The openssl-dev list has been discontinued since development is now taking place in form of GitHub pull requests. Although not active anymore, the From builds at travis-ci.com Sun Oct 18 12:48:47 2020 From: builds at travis-ci.com (Travis CI) Date: Sun, 18 Oct 2020 12:48:47 +0000 Subject: Still Failing: openssl/openssl#38088 (master - 84dd002) In-Reply-To: Message-ID: <5f8c39ade765a_13fd160fadd101081e1@travis-pro-tasks-55dc6cf779-wldwr.mail> Build Update for openssl/openssl ------------------------------------- Build: #38088 Status: Still Failing Duration: 1 hr, 19 mins, and 38 secs Commit: 84dd002 (master) Author: Dr. Matthias St. Pierre Message: README: make the link to the OpenSSL 3.0 Wiki page more prominent Reviewed-by: Matt Caswell Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13164) View the changeset: https://github.com/openssl/openssl/compare/9096809b209a...84dd002f41f1 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190765264?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 18 13:25:41 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 18 Oct 2020 13:25:41 +0000 Subject: Build failed: openssl master.37559 Message-ID: <20201018132541.1.9D1D19879073677C@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Sun Oct 18 13:51:04 2020 From: builds at travis-ci.com (Travis CI) Date: Sun, 18 Oct 2020 13:51:04 +0000 Subject: Still Failing: openssl/openssl#38089 (master - 6c8149d) In-Reply-To: Message-ID: <5f8c484822325_13fd160fad748282444@travis-pro-tasks-55dc6cf779-wldwr.mail> Build Update for openssl/openssl ------------------------------------- Build: #38089 Status: Still Failing Duration: 1 hr, 28 mins, and 43 secs Commit: 6c8149d (master) Author: Dr. Matthias St. Pierre Message: Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING Replace [collapsed reference links][] by [shortcut reference links], in order to to improve the readability of the raw markdown text, see also commit d8dc853825 (Change CVE link style in CHANGES and NEWS). [collapsed reference links]: https://github.github.com/gfm/#collapsed-reference-link [shortcut reference links]: https://github.github.com/gfm/#shortcut-reference-link Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13165) View the changeset: https://github.com/openssl/openssl/compare/84dd002f41f1...6c8149df1fb6 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190765323?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 18 18:13:03 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 18 Oct 2020 18:13:03 +0000 Subject: Build failed: openssl master.37563 Message-ID: <20201018181303.1.FCEE74BEA4FCF4AE@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 18 18:41:53 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 18 Oct 2020 18:41:53 +0000 Subject: Build failed: openssl master.37564 Message-ID: <20201018184153.1.D7CBA50A7A7E0608@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sun Oct 18 23:52:55 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sun, 18 Oct 2020 23:52:55 +0000 Subject: Build completed: openssl master.37565 Message-ID: <20201018235255.1.4D0176E004C22D09@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 19 00:05:34 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 00:05:34 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1603065934.595969.12766.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80B78C0DA37F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 803723A2FC7E0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 803723A2FC7E0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1346 wallclock secs (11.84 usr 1.45 sys + 1180.30 cusr 148.93 csys = 1342.52 CPU) Result: FAIL Makefile:2545: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2543: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 19 01:16:10 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 01:16:10 +0000 Subject: FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm Message-ID: <1603070170.011952.2302.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): 60-test_x509_time.t ................ ok 61-test_bio_prefix.t ............... ok 65-test_cmp_asn.t .................. ok 65-test_cmp_client.t ............... ok 65-test_cmp_ctx.t .................. ok 65-test_cmp_hdr.t .................. ok 65-test_cmp_msg.t .................. ok 65-test_cmp_protect.t .............. ok 65-test_cmp_server.t ............... ok 65-test_cmp_status.t ............... ok 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok Makefile:3191: recipe for target 'tests' failed make: *** [tests] Terminated Makefile:3193: recipe for target '_tests' failed make[1]: *** [_tests] Terminated From no-reply at appveyor.com Mon Oct 19 01:24:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 19 Oct 2020 01:24:51 +0000 Subject: Build failed: openssl OpenSSL_1_1_1-stable.37566 Message-ID: <20201019012451.1.46C8B34D5D81CC2C@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 19 02:04:33 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 02:04:33 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1603073073.118494.20282.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 702 wallclock secs (14.03 usr 1.38 sys + 634.21 cusr 59.59 csys = 709.21 CPU) Result: FAIL Makefile:3197: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3195: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 19 02:09:16 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 19 Oct 2020 02:09:16 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37567 Message-ID: <20201019020916.1.838117F15AA8B800@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 19 04:47:55 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 04:47:55 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1603082875.500142.15383.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s chmod a+x apps/tsget.pl clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-eddsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-eddsa.o -c -o providers/implementations/signature/libimplementations-lib-eddsa.o ../openssl/providers/implementations/signature/eddsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21580: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3129: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Mon Oct 19 07:04:47 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 07:04:47 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1603091087.915560.2649.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0906D9FDC7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0000E69B17F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0000E69B17F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0F06CCD1A7F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0F06CCD1A7F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 694 wallclock secs (14.00 usr 1.35 sys + 632.54 cusr 57.74 csys = 705.63 CPU) Result: FAIL Makefile:3120: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3118: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 19 07:27:20 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 07:27:20 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1603092440.446140.22599.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 693 wallclock secs (13.58 usr 1.32 sys + 625.63 cusr 60.49 csys = 701.02 CPU) Result: FAIL Makefile:3179: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3177: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 19 07:49:08 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 07:49:08 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1603093748.407738.9594.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. skipped: dh is not supported by this OpenSSL build 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. skipped: dh is not supported by this OpenSSL build 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 25-test_x509.t (Wstat: 256 Tests: 15 Failed: 1) Failed test: 14 Non-zero exit status: 1 Files=212, Tests=3574, 660 wallclock secs (13.37 usr 1.20 sys + 595.02 cusr 58.74 csys = 668.33 CPU) Result: FAIL Makefile:3172: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dh' Makefile:3170: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Mon Oct 19 10:16:02 2020 From: levitte at openssl.org (Richard Levitte) Date: Mon, 19 Oct 2020 10:16:02 +0000 Subject: [openssl] master update Message-ID: <1603102562.561779.13922.nullmailer@dev.openssl.org> The branch master has been updated via ea7277fd2e27afa3a173ea30d567f45d7bb3d30d (commit) via ee55a2072785701d7f9322013f5e9968b1ff141f (commit) via 0ba71d6a63add7efb244965c0f18502bd786a0f7 (commit) from 6c8149df1fb6fce50a914a70040955d3512b0bd6 (commit) - Log ----------------------------------------------------------------- commit ea7277fd2e27afa3a173ea30d567f45d7bb3d30d Author: Richard Levitte Date: Thu Oct 15 08:30:49 2020 +0200 TEST: fix the DH tests to reproduce the priv_len settings Some DH tests are done against files generated with '-pkeyopt priv_len:224' This parameter must of course be reproduced when creating the key with EVP_PKEY_fromdata(), or there will be a default that's guaranteed to differ from the key parameters on file. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13166) commit ee55a2072785701d7f9322013f5e9968b1ff141f Author: Richard Levitte Date: Thu Oct 15 07:14:16 2020 +0200 DH: have DH_set_length() increment the dirty count. The recommended private key length is a key parameter among other key parameters, and is included in the key data transferred in an import or export between legacy implementations and provider implementations. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13166) commit 0ba71d6a63add7efb244965c0f18502bd786a0f7 Author: Richard Levitte Date: Thu Oct 15 07:10:29 2020 +0200 DH: make the private key length importable / exportable The DH private key length, which is an optional parameter, wasn't properly imported / exported between legacy and provider side implementations. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13166) ----------------------------------------------------------------------- Summary of changes: crypto/dh/dh_ameth.c | 8 +++- crypto/dh/dh_backend.c | 66 ++++++++++++++++++++++++++++ crypto/dh/dh_lib.c | 20 +-------- crypto/param_build_set.c | 11 +++++ include/crypto/dh.h | 5 ++- include/internal/param_build_set.h | 2 + providers/implementations/keymgmt/dh_kmgmt.c | 30 +++---------- test/evp_pkey_provided_test.c | 6 +++ 8 files changed, 103 insertions(+), 45 deletions(-) diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index 69b166362a..49e65e4d6c 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -485,6 +485,7 @@ static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata, DH *dh = from->pkey.dh; OSSL_PARAM_BLD *tmpl; const BIGNUM *p = DH_get0_p(dh), *g = DH_get0_g(dh), *q = DH_get0_q(dh); + long l = DH_get_length(dh); const BIGNUM *pub_key = DH_get0_pub_key(dh); const BIGNUM *priv_key = DH_get0_priv_key(dh); OSSL_PARAM *params = NULL; @@ -512,6 +513,11 @@ static int dh_pkey_export_to(const EVP_PKEY *from, void *to_keydata, goto err; } selection |= OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS; + if (l > 0) { + if (!OSSL_PARAM_BLD_push_long(tmpl, OSSL_PKEY_PARAM_DH_PRIV_LEN, l)) + goto err; + selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS; + } if (pub_key != NULL) { if (!OSSL_PARAM_BLD_push_BN(tmpl, OSSL_PKEY_PARAM_PUB_KEY, pub_key)) goto err; @@ -550,7 +556,7 @@ static int dh_pkey_import_from_type(const OSSL_PARAM params[], void *vpctx, DH_clear_flags(dh, DH_FLAG_TYPE_MASK); DH_set_flags(dh, type == EVP_PKEY_DH ? DH_FLAG_TYPE_DH : DH_FLAG_TYPE_DHX); - if (!dh_ffc_params_fromdata(dh, params) + if (!dh_params_fromdata(dh, params) || !dh_key_fromdata(dh, params) || !EVP_PKEY_assign(pkey, type, dh)) { DH_free(dh); diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c index 704f6efac1..1ce29e652d 100644 --- a/crypto/dh/dh_backend.c +++ b/crypto/dh/dh_backend.c @@ -8,6 +8,7 @@ */ #include +#include "internal/param_build_set.h" #include "crypto/dh.h" /* @@ -16,6 +17,41 @@ * implementations alike. */ +static int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]) +{ + int ret; + FFC_PARAMS *ffc; + + if (dh == NULL) + return 0; + ffc = dh_get0_params(dh); + if (ffc == NULL) + return 0; + + ret = ossl_ffc_params_fromdata(ffc, params); + if (ret) + dh_cache_named_group(dh); /* This increments dh->dirt_cnt */ + return ret; +} + +int dh_params_fromdata(DH *dh, const OSSL_PARAM params[]) +{ + const OSSL_PARAM *param_priv_len; + long priv_len; + + if (!dh_ffc_params_fromdata(dh, params)) + return 0; + + param_priv_len = + OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_DH_PRIV_LEN); + if (param_priv_len != NULL + && (!OSSL_PARAM_get_long(param_priv_len, &priv_len) + || !DH_set_length(dh, priv_len))) + return 0; + + return 1; +} + int dh_key_fromdata(DH *dh, const OSSL_PARAM params[]) { const OSSL_PARAM *param_priv_key, *param_pub_key; @@ -52,3 +88,33 @@ int dh_key_fromdata(DH *dh, const OSSL_PARAM params[]) BN_free(pub_key); return 0; } + +int dh_params_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +{ + long l = DH_get_length(dh); + + if (!ossl_ffc_params_todata(dh_get0_params(dh), bld, params)) + return 0; + if (l > 0 + && !ossl_param_build_set_long(bld, params, OSSL_PKEY_PARAM_DH_PRIV_LEN, l)) + return 0; + return 1; +} + +int dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +{ + const BIGNUM *priv = NULL, *pub = NULL; + + if (dh == NULL) + return 0; + + DH_get0_key(dh, &pub, &priv); + if (priv != NULL + && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PRIV_KEY, priv)) + return 0; + if (pub != NULL + && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PUB_KEY, pub)) + return 0; + + return 1; +} diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 94978a2cb2..6280472ade 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -243,6 +243,7 @@ long DH_get_length(const DH *dh) int DH_set_length(DH *dh, long length) { dh->length = length; + dh->dirty_cnt++; return 1; } @@ -325,22 +326,3 @@ int dh_get0_nid(const DH *dh) { return dh->params.nid; } - -int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]) -{ - int ret; - FFC_PARAMS *ffc; - - if (dh == NULL) - return 0; - ffc = dh_get0_params(dh); - if (ffc == NULL) - return 0; - - ret = ossl_ffc_params_fromdata(ffc, params); - if (ret) { - dh_cache_named_group(dh); - dh->dirty_cnt++; - } - return ret; -} diff --git a/crypto/param_build_set.c b/crypto/param_build_set.c index b74b0d59ee..1ea8097e88 100644 --- a/crypto/param_build_set.c +++ b/crypto/param_build_set.c @@ -30,6 +30,17 @@ int ossl_param_build_set_int(OSSL_PARAM_BLD *bld, OSSL_PARAM *p, return 1; } +int ossl_param_build_set_long(OSSL_PARAM_BLD *bld, OSSL_PARAM *p, + const char *key, long num) +{ + if (bld != NULL) + return OSSL_PARAM_BLD_push_long(bld, key, num); + p = OSSL_PARAM_locate(p, key); + if (p != NULL) + return OSSL_PARAM_set_long(p, num); + return 1; +} + int ossl_param_build_set_utf8_string(OSSL_PARAM_BLD *bld, OSSL_PARAM *p, const char *key, const char *buf) { diff --git a/include/crypto/dh.h b/include/crypto/dh.h index cd7e1e4a89..4dbd0c582c 100644 --- a/include/crypto/dh.h +++ b/include/crypto/dh.h @@ -8,6 +8,7 @@ */ #include +#include #include #include "internal/ffc.h" @@ -24,8 +25,10 @@ void dh_cache_named_group(DH *dh); FFC_PARAMS *dh_get0_params(DH *dh); int dh_get0_nid(const DH *dh); -int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]); +int dh_params_fromdata(DH *dh, const OSSL_PARAM params[]); int dh_key_fromdata(DH *dh, const OSSL_PARAM params[]); +int dh_params_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); +int dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); int dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret); int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret); diff --git a/include/internal/param_build_set.h b/include/internal/param_build_set.h index 36d3b914d9..d1f1863381 100644 --- a/include/internal/param_build_set.h +++ b/include/internal/param_build_set.h @@ -12,6 +12,8 @@ int ossl_param_build_set_int(OSSL_PARAM_BLD *bld, OSSL_PARAM *p, const char *key, int num); +int ossl_param_build_set_long(OSSL_PARAM_BLD *bld, OSSL_PARAM *p, + const char *key, long num); int ossl_param_build_set_utf8_string(OSSL_PARAM_BLD *bld, OSSL_PARAM *p, const char *key, const char *buf); int ossl_param_build_set_octet_string(OSSL_PARAM_BLD *bld, OSSL_PARAM *p, diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 3cca031963..bfd70c3962 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -24,7 +24,6 @@ #include "crypto/dh.h" #include "internal/sizes.h" #include "internal/nelem.h" -#include "internal/param_build_set.h" static OSSL_FUNC_keymgmt_new_fn dh_newdata; static OSSL_FUNC_keymgmt_free_fn dh_freedata; @@ -113,24 +112,6 @@ static int dh_gen_type_name2id(const char *name) return -1; } -static int dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) -{ - const BIGNUM *priv = NULL, *pub = NULL; - - if (dh == NULL) - return 0; - - DH_get0_key(dh, &pub, &priv); - if (priv != NULL - && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PRIV_KEY, priv)) - return 0; - if (pub != NULL - && !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_PUB_KEY, pub)) - return 0; - - return 1; -} - static void *dh_newdata(void *provctx) { DH *dh = NULL; @@ -215,7 +196,7 @@ static int dh_import(void *keydata, int selection, const OSSL_PARAM params[]) return 0; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) - ok = ok && dh_ffc_params_fromdata(dh, params); + ok = ok && dh_params_fromdata(dh, params); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) ok = ok && dh_key_fromdata(dh, params); @@ -239,7 +220,7 @@ static int dh_export(void *keydata, int selection, OSSL_CALLBACK *param_cb, return 0; if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0) - ok = ok && ossl_ffc_params_todata(dh_get0_params(dh), tmpl, NULL); + ok = ok && dh_params_todata(dh, tmpl, NULL); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) ok = ok && dh_key_todata(dh, tmpl, NULL); @@ -266,7 +247,8 @@ err: OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_PCOUNTER, NULL), \ OSSL_PARAM_int(OSSL_PKEY_PARAM_FFC_H, NULL), \ OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_FFC_SEED, NULL, 0), \ - OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0) + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, NULL, 0), \ + OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_DH_PRIV_LEN, NULL, 0) # define DH_IMEXPORTABLE_PUBLIC_KEY \ OSSL_PARAM_BN(OSSL_PKEY_PARAM_PUB_KEY, NULL, 0) # define DH_IMEXPORTABLE_PRIVATE_KEY \ @@ -337,8 +319,8 @@ static ossl_inline int dh_get_params(void *key, OSSL_PARAM params[]) return 0; } - return ossl_ffc_params_todata(dh_get0_params(dh), NULL, params) - && dh_key_todata(dh, NULL, params); + return dh_params_todata(dh, NULL, params) + && dh_key_todata(dh, NULL, params); } static const OSSL_PARAM dh_params[] = { diff --git a/test/evp_pkey_provided_test.c b/test/evp_pkey_provided_test.c index 33f3915222..6b56fc7997 100644 --- a/test/evp_pkey_provided_test.c +++ b/test/evp_pkey_provided_test.c @@ -457,6 +457,7 @@ static int test_fromdata_dh_named_group(void) 0xcf, 0x33, 0x42, 0x83, 0x42 }; static const char group_name[] = "ffdhe2048"; + static const long priv_len = 224; if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) || !TEST_ptr(pub = BN_bin2bn(pub_data, sizeof(pub_data), NULL)) @@ -464,6 +465,8 @@ static int test_fromdata_dh_named_group(void) || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0)) + || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN, + priv_len)) || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub)) || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))) @@ -597,6 +600,7 @@ static int test_fromdata_dh_fips186_4(void) 0x33, 0x42, 0x83, 0x42 }; static const char group_name[] = "ffdhe2048"; + static const long priv_len = 224; if (!TEST_ptr(bld = OSSL_PARAM_BLD_new()) @@ -605,6 +609,8 @@ static int test_fromdata_dh_fips186_4(void) || !TEST_true(OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_PKEY_PARAM_GROUP_NAME, group_name, 0)) + || !TEST_true(OSSL_PARAM_BLD_push_long(bld, OSSL_PKEY_PARAM_DH_PRIV_LEN, + priv_len)) || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PUB_KEY, pub)) || !TEST_true(OSSL_PARAM_BLD_push_BN(bld, OSSL_PKEY_PARAM_PRIV_KEY, priv)) || !TEST_ptr(fromdata_params = OSSL_PARAM_BLD_to_param(bld))) From openssl at openssl.org Mon Oct 19 11:26:16 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 11:26:16 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1603106776.185196.13929.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 680 wallclock secs (10.59 usr 1.12 sys + 622.60 cusr 55.65 csys = 689.96 CPU) Result: FAIL Makefile:3116: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3114: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 19 12:22:11 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 12:22:11 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1603110131.777051.11813.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 715 wallclock secs (13.62 usr 1.25 sys + 652.77 cusr 58.79 csys = 726.43 CPU) Result: FAIL Makefile:3180: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3178: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Mon Oct 19 12:22:38 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 19 Oct 2020 12:22:38 +0000 Subject: Still Failing: openssl/openssl#38101 (master - ea7277f) In-Reply-To: Message-ID: <5f8d850e52739_13fa629219e7c348461@travis-pro-tasks-5d958cf97c-m9r98.mail> Build Update for openssl/openssl ------------------------------------- Build: #38101 Status: Still Failing Duration: 1 hr, 25 mins, and 7 secs Commit: ea7277f (master) Author: Richard Levitte Message: TEST: fix the DH tests to reproduce the priv_len settings Some DH tests are done against files generated with '-pkeyopt priv_len:224' This parameter must of course be reproduced when creating the key with EVP_PKEY_fromdata(), or there will be a default that's guaranteed to differ from the key parameters on file. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13166) View the changeset: https://github.com/openssl/openssl/compare/6c8149df1fb6...ea7277fd2e27 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190929687?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 19 13:46:59 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 19 Oct 2020 13:46:59 +0000 Subject: Build failed: openssl master.37571 Message-ID: <20201019134659.1.8948639A1C269384@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Mon Oct 19 15:21:14 2020 From: matt at openssl.org (Matt Caswell) Date: Mon, 19 Oct 2020 15:21:14 +0000 Subject: [openssl] master update Message-ID: <1603120874.964078.22407.nullmailer@dev.openssl.org> The branch master has been updated via 1dc5128577ed983fab8d5b3e65c06dd7e12cf4dc (commit) from ea7277fd2e27afa3a173ea30d567f45d7bb3d30d (commit) - Log ----------------------------------------------------------------- commit 1dc5128577ed983fab8d5b3e65c06dd7e12cf4dc Author: Matt Caswell Date: Fri Oct 16 17:16:30 2020 +0100 Fix no-dh One of the x509 tests checks to make sure spurious errors don't appear on the stack. The x509 app uses the OSSL_STORE code to load things. The OSSL_STORE code will try various different formats - which results in lots of failures. However those failures are typically suppressed by OSSL_STORE unless they are interesting. OSSL_STORE thinks it knows what kind of errors are uninteresting (ASN.1 errors) but gets confused if upper levels of code add additional errors to the stack. This was happening in the DSA code which confused OSSL_STORE and meant the errors were not being suppressed properly - and hence the x509 test failed. Interestingly this only impacts a no-dh build, because in a no-dh build the DSA param decoder suddenly becomes the last to be tried. If it happens earlier in the list the errors end up getting suppressed anyway. The simplest solution is to just to remove the error from the DSA param decoder code. It's not adding any useful information anyway. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13162) ----------------------------------------------------------------------- Summary of changes: crypto/dsa/dsa_ameth.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 208c4ec19f..d3e22abc35 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -374,10 +374,9 @@ static int dsa_param_decode(EVP_PKEY *pkey, { DSA *dsa; - if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) { - DSAerr(DSA_F_DSA_PARAM_DECODE, ERR_R_DSA_LIB); + if ((dsa = d2i_DSAparams(NULL, pder, derlen)) == NULL) return 0; - } + dsa->dirty_cnt++; EVP_PKEY_assign_DSA(pkey, dsa); return 1; From no-reply at appveyor.com Mon Oct 19 15:48:17 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 19 Oct 2020 15:48:17 +0000 Subject: Build completed: openssl master.37572 Message-ID: <20201019154817.1.9C3243CD569F0CFD@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Mon Oct 19 16:42:40 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 19 Oct 2020 16:42:40 +0000 Subject: Still Failing: openssl/openssl#38103 (master - 1dc5128) In-Reply-To: Message-ID: <5f8dc2002a55e_13f96dc4a9d2438918@travis-pro-tasks-68dbc68695-4f69d.mail> Build Update for openssl/openssl ------------------------------------- Build: #38103 Status: Still Failing Duration: 1 hr, 19 mins, and 55 secs Commit: 1dc5128 (master) Author: Matt Caswell Message: Fix no-dh One of the x509 tests checks to make sure spurious errors don't appear on the stack. The x509 app uses the OSSL_STORE code to load things. The OSSL_STORE code will try various different formats - which results in lots of failures. However those failures are typically suppressed by OSSL_STORE unless they are interesting. OSSL_STORE thinks it knows what kind of errors are uninteresting (ASN.1 errors) but gets confused if upper levels of code add additional errors to the stack. This was happening in the DSA code which confused OSSL_STORE and meant the errors were not being suppressed properly - and hence the x509 test failed. Interestingly this only impacts a no-dh build, because in a no-dh build the DSA param decoder suddenly becomes the last to be tried. If it happens earlier in the list the errors end up getting suppressed anyway. The simplest solution is to just to remove the error from the DSA param decoder code. It's not adding any useful information anyway. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13162) View the changeset: https://github.com/openssl/openssl/compare/ea7277fd2e27...1dc5128577ed View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/190985500?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 19 18:02:51 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 19 Oct 2020 18:02:51 +0000 Subject: Build failed: openssl master.37573 Message-ID: <20201019180251.1.2CAA8A99A074E6AF@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 19 18:35:13 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 19 Oct 2020 18:35:13 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37574 Message-ID: <20201019183513.1.CFE93FBFEFE0ED39@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 19 20:05:30 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 20:05:30 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1603137930.911909.15441.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 739 wallclock secs (13.99 usr 1.38 sys + 634.20 cusr 60.22 csys = 709.79 CPU) Result: FAIL Makefile:3208: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3206: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 19 22:24:34 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 19 Oct 2020 22:24:34 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1603146274.914738.8352.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 582 wallclock secs ( 9.59 usr 1.13 sys + 525.77 cusr 47.46 csys = 583.95 CPU) Result: FAIL Makefile:2402: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2400: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 20 04:17:08 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 04:17:08 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1603167428.742237.32071.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4294: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3152: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Tue Oct 20 04:22:54 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 04:22:54 +0000 Subject: Build failed: openssl master.37581 Message-ID: <20201020042254.1.BA8C6D16D764933D@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 20 04:37:45 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 04:37:45 +0000 Subject: Build failed: openssl master.37582 Message-ID: <20201020043745.1.9098D32FE5FABA30@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 20 04:51:49 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 04:51:49 +0000 Subject: Build failed: openssl master.37585 Message-ID: <20201020045149.1.D916A36856039F36@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 20 05:02:44 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 05:02:44 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1603170164.463454.7875.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C020AA90CA7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 702 wallclock secs (14.07 usr 1.21 sys + 634.13 cusr 60.46 csys = 709.87 CPU) Result: FAIL Makefile:3188: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3186: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 20 05:07:17 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 05:07:17 +0000 Subject: Build failed: openssl master.37586 Message-ID: <20201020050717.1.7878B5BC0E91AA28@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 20 06:33:37 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 06:33:37 +0000 Subject: Build completed: openssl master.37587 Message-ID: <20201020063337.1.0BD881CD555821DB@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Tue Oct 20 07:28:12 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Tue, 20 Oct 2020 07:28:12 +0000 Subject: [openssl] master update Message-ID: <1603178892.618184.7468.nullmailer@dev.openssl.org> The branch master has been updated via 6be235a0927473a2fddad83dd30ce4474ae53880 (commit) from 1dc5128577ed983fab8d5b3e65c06dd7e12cf4dc (commit) - Log ----------------------------------------------------------------- commit 6be235a0927473a2fddad83dd30ce4474ae53880 Author: Jacob Hoffman-Andrews Date: Mon Jul 13 15:04:04 2020 -0700 Prefix crlNumber output with 0x. When the crlNumber field contains only 0-9 digits, the output is ambiguous as to what base it's in, which can be confusing. Adding this prefix makes it explicit that it's in hex. CLA: trivial Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12434) ----------------------------------------------------------------------- Summary of changes: apps/crl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/crl.c b/apps/crl.c index d417642cce..4cb1bcc2c3 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -288,6 +288,7 @@ int crl_main(int argc, char **argv) crlnum = X509_CRL_get_ext_d2i(x, NID_crl_number, NULL, NULL); BIO_printf(bio_out, "crlNumber="); if (crlnum) { + BIO_puts(bio_out, "0x"); i2a_ASN1_INTEGER(bio_out, crlnum); ASN1_INTEGER_free(crlnum); } else From no-reply at appveyor.com Tue Oct 20 08:29:01 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 08:29:01 +0000 Subject: Build failed: openssl master.37590 Message-ID: <20201020082901.1.5436294B3E280070@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Tue Oct 20 08:48:20 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 20 Oct 2020 08:48:20 +0000 Subject: Still Failing: openssl/openssl#38123 (master - 6be235a) In-Reply-To: Message-ID: <5f8ea4529bc7b_13f809f6ae8341352df@travis-pro-tasks-7cbf6ddbd6-269f7.mail> Build Update for openssl/openssl ------------------------------------- Build: #38123 Status: Still Failing Duration: 1 hr, 18 mins, and 22 secs Commit: 6be235a (master) Author: Jacob Hoffman-Andrews Message: Prefix crlNumber output with 0x. When the crlNumber field contains only 0-9 digits, the output is ambiguous as to what base it's in, which can be confusing. Adding this prefix makes it explicit that it's in hex. CLA: trivial Reviewed-by: Dmitry Belyavskiy Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/12434) View the changeset: https://github.com/openssl/openssl/compare/1dc5128577ed...6be235a09274 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191118607?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 20 09:04:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 09:04:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1603184685.731298.10093.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c CC="clang" /usr/bin/perl ../openssl/crypto/aes/asm/aes-x86_64.pl "elf" -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM crypto/aes/aes-x86_64.s ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4307: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3165: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Tue Oct 20 09:13:41 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 09:13:41 +0000 Subject: Build failed: openssl master.37592 Message-ID: <20201020091341.1.3797FD406920481F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 20 11:25:54 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 11:25:54 +0000 Subject: Build failed: openssl master.37593 Message-ID: <20201020112554.1.9414A7239B95DE67@appveyor.com> An HTML attachment was scrubbed... URL: From tmraz at fedoraproject.org Tue Oct 20 11:45:44 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Tue, 20 Oct 2020 11:45:44 +0000 Subject: [openssl] master update Message-ID: <1603194344.808964.24878.nullmailer@dev.openssl.org> The branch master has been updated via ec5059c3effc59457f4b539ed105123c0b702307 (commit) from 6be235a0927473a2fddad83dd30ce4474ae53880 (commit) - Log ----------------------------------------------------------------- commit ec5059c3effc59457f4b539ed105123c0b702307 Author: XiaokangQian Date: Tue Oct 13 09:53:58 2020 +0000 Fix Aes-xts potential failure on aarch64 Add return value for aarch64 in the init key function. This will avoid overwriting the stream pointers of aarch64. Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13133) ----------------------------------------------------------------------- Summary of changes: providers/implementations/ciphers/cipher_aes_xts_hw.c | 1 + 1 file changed, 1 insertion(+) diff --git a/providers/implementations/ciphers/cipher_aes_xts_hw.c b/providers/implementations/ciphers/cipher_aes_xts_hw.c index 15c136bafd..c45d67b825 100644 --- a/providers/implementations/ciphers/cipher_aes_xts_hw.c +++ b/providers/implementations/ciphers/cipher_aes_xts_hw.c @@ -59,6 +59,7 @@ static int cipher_hw_aes_xts_generic_initkey(PROV_CIPHER_CTX *ctx, XTS_SET_KEY_FN(HWAES_set_encrypt_key, HWAES_set_decrypt_key, HWAES_encrypt, HWAES_decrypt, stream_enc, stream_dec); + return 1; } else #endif /* HWAES_CAPABLE */ From no-reply at appveyor.com Tue Oct 20 12:34:02 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 12:34:02 +0000 Subject: Build completed: openssl master.37594 Message-ID: <20201020123402.1.570BC13158E37D27@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 20 12:48:56 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 12:48:56 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1603198136.130080.18258.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 403705CB3E7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 404760AF287F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 404760AF287F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1553 wallclock secs (14.44 usr 1.32 sys + 1458.78 cusr 88.63 csys = 1563.17 CPU) Result: FAIL Makefile:3200: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3198: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 20 13:12:01 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 13:12:01 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1603199521.292575.7173.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 729 wallclock secs (13.60 usr 1.13 sys + 631.23 cusr 59.24 csys = 705.20 CPU) Result: FAIL Makefile:3191: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3189: recipe for target 'tests' failed make: *** [tests] Error 2 From tmraz at fedoraproject.org Tue Oct 20 13:29:25 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Tue, 20 Oct 2020 13:29:25 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1603200565.282026.15188.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 7b324bb09f6313b370954fde8f2034a6055d8c2f (commit) from ed7cdb954e96d463add20f584f5e7ce99560af27 (commit) - Log ----------------------------------------------------------------- commit 7b324bb09f6313b370954fde8f2034a6055d8c2f Author: Tomas Mraz Date: Tue Oct 20 14:16:30 2020 +0200 Avoid potential doublefree on dh object assigned to EVP_PKEY Fixes regression from 7844f3c784bfc93c9b94ae5a4082f9d01e82e0af Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13194) ----------------------------------------------------------------------- Summary of changes: ssl/statem/statem_clnt.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index 3bf8aacfc0..fd3b79c4ef 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2150,6 +2150,7 @@ static int tls_process_ske_dhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey) ERR_R_EVP_LIB); goto err; } + dh = NULL; if (!ssl_security(s, SSL_SECOP_TMP_DH, EVP_PKEY_security_bits(peer_tmp), 0, peer_tmp)) { From matt at openssl.org Tue Oct 20 13:31:18 2020 From: matt at openssl.org (Matt Caswell) Date: Tue, 20 Oct 2020 13:31:18 +0000 Subject: [openssl] master update Message-ID: <1603200678.664107.16510.nullmailer@dev.openssl.org> The branch master has been updated via 6a13c9c9842f54ed8d98c6f37cc4ae6c1cde8b7a (commit) from ec5059c3effc59457f4b539ed105123c0b702307 (commit) - Log ----------------------------------------------------------------- commit 6a13c9c9842f54ed8d98c6f37cc4ae6c1cde8b7a Author: xuyunjia Date: Sun Oct 18 23:33:54 2020 +0800 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13170) ----------------------------------------------------------------------- Summary of changes: apps/ca.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 apps/ca.c diff --git a/apps/ca.c b/apps/ca.c old mode 100644 new mode 100755 index 4a67d61477..00078f90d4 --- a/apps/ca.c +++ b/apps/ca.c @@ -1924,8 +1924,8 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, row[DB_exp_date][tm->length] = '\0'; row[DB_rev_date] = NULL; row[DB_file] = OPENSSL_strdup("unknown"); - if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || - (row[DB_file] == NULL) || (row[DB_name] == NULL)) { + if ((row[DB_type] == NULL) || (row[DB_file] == NULL) + || (row[DB_name] == NULL)) { BIO_printf(bio_err, "Memory allocation failure\n"); goto end; } From matt at openssl.org Tue Oct 20 13:37:28 2020 From: matt at openssl.org (Matt Caswell) Date: Tue, 20 Oct 2020 13:37:28 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1603201048.269335.19262.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 4b7595e3ecf3e31ecb93f6397300331ba36b2ca4 (commit) from 7b324bb09f6313b370954fde8f2034a6055d8c2f (commit) - Log ----------------------------------------------------------------- commit 4b7595e3ecf3e31ecb93f6397300331ba36b2ca4 Author: xuyunjia Date: Sun Oct 18 23:33:54 2020 +0800 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13170) (cherry picked from commit 6a13c9c9842f54ed8d98c6f37cc4ae6c1cde8b7a) ----------------------------------------------------------------------- Summary of changes: apps/ca.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) mode change 100644 => 100755 apps/ca.c diff --git a/apps/ca.c b/apps/ca.c old mode 100644 new mode 100755 index a4a77126f2..1b38de37ac --- a/apps/ca.c +++ b/apps/ca.c @@ -1862,8 +1862,8 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, row[DB_exp_date][tm->length] = '\0'; row[DB_rev_date] = NULL; row[DB_file] = OPENSSL_strdup("unknown"); - if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) || - (row[DB_file] == NULL) || (row[DB_name] == NULL)) { + if ((row[DB_type] == NULL) || (row[DB_file] == NULL) + || (row[DB_name] == NULL)) { BIO_printf(bio_err, "Memory allocation failure\n"); goto end; } From builds at travis-ci.com Tue Oct 20 13:56:24 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 20 Oct 2020 13:56:24 +0000 Subject: Still Failing: openssl/openssl#38129 (master - ec5059c) In-Reply-To: Message-ID: <5f8eec88241f9_13fedcc69351c5229b4@travis-pro-tasks-6f4d97fc84-jqvxj.mail> Build Update for openssl/openssl ------------------------------------- Build: #38129 Status: Still Failing Duration: 1 hr, 20 mins, and 25 secs Commit: ec5059c (master) Author: XiaokangQian Message: Fix Aes-xts potential failure on aarch64 Add return value for aarch64 in the init key function. This will avoid overwriting the stream pointers of aarch64. Reviewed-by: Shane Lontis Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13133) View the changeset: https://github.com/openssl/openssl/compare/6be235a09274...ec5059c3effc View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191172335?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Tue Oct 20 14:43:13 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 20 Oct 2020 14:43:13 +0000 Subject: Fixed: openssl/openssl#38132 (OpenSSL_1_1_1-stable - 7b324bb) In-Reply-To: Message-ID: <5f8ef780f38dc_13fd08bdc96dc4832e@travis-pro-tasks-6f4d97fc84-xxt5m.mail> Build Update for openssl/openssl ------------------------------------- Build: #38132 Status: Fixed Duration: 40 mins and 36 secs Commit: 7b324bb (OpenSSL_1_1_1-stable) Author: Tomas Mraz Message: Avoid potential doublefree on dh object assigned to EVP_PKEY Fixes regression from 7844f3c784bfc93c9b94ae5a4082f9d01e82e0af Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13194) View the changeset: https://github.com/openssl/openssl/compare/ed7cdb954e96...7b324bb09f63 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191194166?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From matt at openssl.org Tue Oct 20 15:50:12 2020 From: matt at openssl.org (Matt Caswell) Date: Tue, 20 Oct 2020 15:50:12 +0000 Subject: [openssl] master update Message-ID: <1603209012.173946.13265.nullmailer@dev.openssl.org> The branch master has been updated via 0a737e16b2bc333cc3a8727458acc5460be10e0e (commit) via 3795b2a302fe0bd49118605f8692591e971c4608 (commit) via 5ac8fb584a0ba8e4223e98b87a5416d67340360e (commit) from 6a13c9c9842f54ed8d98c6f37cc4ae6c1cde8b7a (commit) - Log ----------------------------------------------------------------- commit 0a737e16b2bc333cc3a8727458acc5460be10e0e Author: Matt Caswell Date: Fri Oct 9 16:24:07 2020 +0100 Deprecate EVP_PKEY_set1_tls_encodedpoint() Also deprecate EVP_PKEY_get1_tls_encodedpoint(). The preferred alternative is EVP_PKEY_set1_encoded_public_key() and EVP_PKEY_get1_encoded_public_key(). Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13105) commit 3795b2a302fe0bd49118605f8692591e971c4608 Author: Matt Caswell Date: Fri Oct 9 15:43:24 2020 +0100 Document EVP_PKEY_set1_encoded_public_key() Also documented EVP_PKEY_get1_encoded_public_key Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13105) commit 5ac8fb584a0ba8e4223e98b87a5416d67340360e Author: Matt Caswell Date: Fri Oct 9 14:19:42 2020 +0100 Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key We do the same thing for the "get1" version. In reality this has broader use than just TLS (it can also be used in CMS), and "encodedpoint" only makes sense when you are talking about EC based algorithms. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13105) ----------------------------------------------------------------------- Summary of changes: CHANGES.md | 10 ++ crypto/cms/cms_dh.c | 6 +- crypto/cms/cms_ec.c | 6 +- crypto/evp/p_lib.c | 29 +++--- doc/man3/EVP_PKEY_ASN1_METHOD.pod | 4 +- doc/man3/EVP_PKEY_set1_encoded_public_key.pod | 142 ++++++++++++++++++++++++++ doc/man7/EVP_PKEY-DH.pod | 2 +- doc/man7/EVP_PKEY-EC.pod | 7 +- doc/man7/EVP_PKEY-X25519.pod | 7 +- include/openssl/core_names.h | 2 +- include/openssl/evp.h | 25 ++++- providers/implementations/keymgmt/dh_kmgmt.c | 8 +- providers/implementations/keymgmt/ec_kmgmt.c | 13 +-- providers/implementations/keymgmt/ecx_kmgmt.c | 8 +- ssl/statem/extensions_clnt.c | 8 +- ssl/statem/extensions_srvr.c | 6 +- ssl/statem/statem_clnt.c | 8 +- ssl/statem/statem_srvr.c | 6 +- test/tls-provider.c | 9 +- util/libcrypto.num | 6 +- util/missingcrypto.txt | 2 - util/missingcrypto111.txt | 2 - util/other.syms | 2 + 23 files changed, 244 insertions(+), 74 deletions(-) create mode 100644 doc/man3/EVP_PKEY_set1_encoded_public_key.pod diff --git a/CHANGES.md b/CHANGES.md index ba068b4f9d..828bbd1b75 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -23,6 +23,16 @@ OpenSSL 3.0 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx] + * Deprecated EVP_PKEY_set1_tls_encodedpoint() and + EVP_PKEY_get1_tls_encodedpoint(). These functions were previously used by + libssl to set or get an encoded public key in/from an EVP_PKEY object. With + OpenSSL 3.0 these are replaced by the more generic functions + EVP_PKEY_set1_encoded_public_key() and EVP_PKEY_get1_encoded_public_key(). + The old versions have been converted to deprecated macros that just call the + new functions. + + *Matt Caswell* + * The security callback, which can be customised by application code, supports the security operation SSL_SECOP_TMP_DH. This is defined to take an EVP_PKEY in the "other" parameter. In most places this is what is passed. All these diff --git a/crypto/cms/cms_dh.c b/crypto/cms/cms_dh.c index 0d9eac50b3..2c64f50259 100644 --- a/crypto/cms/cms_dh.c +++ b/crypto/cms/cms_dh.c @@ -46,11 +46,7 @@ static int dh_cms_set_peerkey(EVP_PKEY_CTX *pctx, pkpeer = EVP_PKEY_new(); if (pkpeer == NULL || !EVP_PKEY_copy_parameters(pkpeer, pk) - /* - * TODO(3.0): This is badly named!! Can we make this more - * generic and not TLS specific? - */ - || !EVP_PKEY_set1_tls_encodedpoint(pkpeer, p, plen)) + || !EVP_PKEY_set1_encoded_public_key(pkpeer, p, plen)) goto err; if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) diff --git a/crypto/cms/cms_ec.c b/crypto/cms/cms_ec.c index 79d603adcb..9a602bb81d 100644 --- a/crypto/cms/cms_ec.c +++ b/crypto/cms/cms_ec.c @@ -112,8 +112,7 @@ static int ecdh_cms_set_peerkey(EVP_PKEY_CTX *pctx, if (p == NULL || plen == 0) goto err; - /* TODO(3.0): Terrible name. We need a non-tls specific name */ - if (!EVP_PKEY_set1_tls_encodedpoint(pkpeer, p, plen)) + if (!EVP_PKEY_set1_encoded_public_key(pkpeer, p, plen)) goto err; if (EVP_PKEY_derive_set_peer(pctx, pkpeer) > 0) @@ -279,8 +278,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) if (aoid == OBJ_nid2obj(NID_undef)) { /* Set the key */ - /* TODO(3.0): Terrible name. Needs a non TLS specific name */ - penclen = EVP_PKEY_get1_tls_encodedpoint(pkey, &penc); + penclen = EVP_PKEY_get1_encoded_public_key(pkey, &penc); ASN1_STRING_set0(pubkey, penc, penclen); pubkey->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); pubkey->flags |= ASN1_STRING_FLAG_BITS_LEFT; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index cc30bc3495..1ec36d6cbc 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1317,8 +1317,8 @@ int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid) return rv; } -int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, - const unsigned char *pt, size_t ptlen) +int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey, const unsigned char *pub, + size_t publen) { if (pkey->ameth == NULL) { OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; @@ -1327,20 +1327,21 @@ int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, return 0; params[0] = - OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, - (unsigned char *)pt, ptlen); + OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, + (unsigned char *)pub, publen); return evp_keymgmt_set_params(pkey->keymgmt, pkey->keydata, params); } - if (ptlen > INT_MAX) + if (publen > INT_MAX) return 0; - if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, ptlen, - (void *)pt) <= 0) + /* Historically this function was EVP_PKEY_set1_tls_encodedpoint */ + if (evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_SET1_TLS_ENCPT, publen, + (void *)pub) <= 0) return 0; return 1; } -size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt) +size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub) { int rv; @@ -1351,18 +1352,18 @@ size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt) return 0; params[0] = - OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, + OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0); if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) return 0; - *ppt = OPENSSL_malloc(params[0].return_size); - if (*ppt == NULL) + *ppub = OPENSSL_malloc(params[0].return_size); + if (*ppub == NULL) return 0; params[0] = - OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, - *ppt, params[0].return_size); + OSSL_PARAM_construct_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, + *ppub, params[0].return_size); if (!evp_keymgmt_get_params(pkey->keymgmt, pkey->keydata, params)) return 0; @@ -1370,7 +1371,7 @@ size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt) } - rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppt); + rv = evp_pkey_asn1_ctrl(pkey, ASN1_PKEY_CTRL_GET1_TLS_ENCPT, 0, ppub); if (rv <= 0) return 0; return rv; diff --git a/doc/man3/EVP_PKEY_ASN1_METHOD.pod b/doc/man3/EVP_PKEY_ASN1_METHOD.pod index bc1f1ad04d..9f50a56964 100644 --- a/doc/man3/EVP_PKEY_ASN1_METHOD.pod +++ b/doc/man3/EVP_PKEY_ASN1_METHOD.pod @@ -258,8 +258,8 @@ L, and L. The pkey_ctrl() method adds extra algorithm specific control. It's called by L, L, -L, -L, L, +L, +L, L, L, ... int (*old_priv_decode) (EVP_PKEY *pkey, diff --git a/doc/man3/EVP_PKEY_set1_encoded_public_key.pod b/doc/man3/EVP_PKEY_set1_encoded_public_key.pod new file mode 100644 index 0000000000..be30ad2d11 --- /dev/null +++ b/doc/man3/EVP_PKEY_set1_encoded_public_key.pod @@ -0,0 +1,142 @@ +=pod + +=head1 NAME + +EVP_PKEY_set1_encoded_public_key, EVP_PKEY_get1_encoded_public_key, +EVP_PKEY_set1_tls_encodedpoint, EVP_PKEY_get1_tls_encodedpoint +- functions to set and get public key data within an EVP_PKEY + +=head1 SYNOPSIS + + #include + + int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey, + const unsigned char *pub, size_t publen); + + size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub); + +Deprecated since OpenSSL 3.0, can be hidden entirely by defining +B with a suitable version value, see +L: + + int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, + const unsigned char *pt, size_t ptlen); + + size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt); + +=head1 DESCRIPTION + +EVP_PKEY_set1_encoded_public_key() can be used to set the public key value +within an existing EVP_PKEY object. For the built-in OpenSSL algorithms this +currently only works for those that support key exchange. Parameters are not +set as part of this operation, so typically an application will create an +EVP_PKEY first, set the parameters on it, and then call this function. +For example setting the parameters might be done using +L. + +The format for the encoded public key will depend on the algorithm in use. For +DH it should be encoded as a positive integer in big-endian form. For EC is +should be a point conforming to Sec. 2.3.4 of the SECG SEC 1 ("Elliptic +Curve Cryptography") standard. For X25519 and X448 it should be encoded in a +format as defined by RFC7748. + +The key to be updated is supplied in B. The buffer containing the encoded +key is pointed to be B. The length of the buffer is supplied in B. + +EVP_PKEY_get1_encoded_public_key() does the equivalent operation except that +the encoded public key is returned to the application. The key containing the +public key data is supplied in B. A buffer containing the encoded key will +be allocated and stored in B<*ppub>. The length of the encoded public key is +returned by the function. The application is responsible for freeing the +allocated buffer. + +The macro EVP_PKEY_set1_tls_encodedpoint() is deprecated and simply calls +EVP_PKEY_set1_encoded_public_key() with all the same arguments. New applications +should use EVP_PKEY_set1_encoded_public_key() instead. + +The macro EVP_PKEY_get1_tls_encodedpoint() is deprecated and simply calls +EVP_PKEY_get1_encoded_public_key() with all the same arguments. New applications +should use EVP_PKEY_get1_encoded_public_key() instead. + + +=head1 RETURN VALUES + +EVP_PKEY_set1_encoded_public_key() returns 1 for success and 0 or a negative +value for failure. + +EVP_PKEY_get1_encoded_public_key() return 1 + +=head1 EXAMPLES + +See L and L for information about +performing a key exchange operation. + +=head2 Set up a peer's EVP_PKEY ready for a key exchange operation + + #include + + int exchange(EVP_PKEY *ourkey, unsigned char *peer_pub, size_t peer_pub_len) + { + EVP_PKEY *peerkey = EVP_PKEY_new(); + + if (peerkey == NULL || EVP_PKEY_copy_parameters(peerkey, ourkey) <= 0) + return 0; + + if (EVP_PKEY_set1_encoded_public_key(peerkey, peer_pub, + peer_pub_len) <= 0) + return 0; + + /* Do the key exchange here */ + + EVP_PKEY_free(peerkey); + + return 1; + } + +=head2 Get an encoded public key to send to a peer + + #include + + int get_encoded_pub_key(EVP_PKEY *ourkey) + { + unsigned char *pubkey; + size_t pubkey_len; + + pubkey_len = EVP_PKEY_get1_encoded_public_key(ourkey, &pubkey); + if (pubkey_len == 0) + return 0; + + /* + * Send the encoded public key stored in the buffer at "pubkey" and of + * length pubkey_len, to the peer. + */ + + OPENSSL_free(pubkey); + return 1; + } + +=head1 SEE ALSO + +L, L, +L, L, +L, L, L, L + +=head1 HISTORY + +EVP_PKEY_set1_encoded_public_key() and EVP_PKEY_get1_encoded_public_key() were +added in OpenSSL 3.0. + +EVP_PKEY_set1_tls_encodedpoint() and EVP_PKEY_get1_tls_encodedpoint() were +deprecated in OpenSSL 3.0. + +=head1 COPYRIGHT + +Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the Apache License 2.0 (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut + diff --git a/doc/man7/EVP_PKEY-DH.pod b/doc/man7/EVP_PKEY-DH.pod index 45d7c6ed5f..64ba7079dc 100644 --- a/doc/man7/EVP_PKEY-DH.pod +++ b/doc/man7/EVP_PKEY-DH.pod @@ -54,7 +54,7 @@ validation is required. The default value is 2. These are not named safe prime groups so setting this value for the OpenSSL FIPS provider will instead choose a named safe prime group based on the size of I

. -=item "tls-encoded-pt" (B) +=item "encoded-pub-key" (B) Used for getting and setting the encoding of the DH public key used in a key exchange message for the TLS protocol. diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod index 9b195810d0..be6e507169 100644 --- a/doc/man7/EVP_PKEY-EC.pod +++ b/doc/man7/EVP_PKEY-EC.pod @@ -91,10 +91,11 @@ The public key value in EC point format. The private key value. -=item "tls-encoded-pt" (B) +=item "encoded-pub-key" (B) -Used for getting and setting the encoding of the EC public key used in key -exchange message for the TLS protocol. +Used for getting and setting the encoding of an EC public key. The public key +is expected to be a point conforming to Sec. 2.3.4 of the SECG SEC 1 ("Elliptic +Curve Cryptography") standard. =back diff --git a/doc/man7/EVP_PKEY-X25519.pod b/doc/man7/EVP_PKEY-X25519.pod index 63760389c9..80a1a627d0 100644 --- a/doc/man7/EVP_PKEY-X25519.pod +++ b/doc/man7/EVP_PKEY-X25519.pod @@ -40,10 +40,11 @@ The public key value. The private key value. -=item "tls-encoded-pt" (B) +=item "encoded-pub-key" (B) -Used for getting and setting the encoding of the public key used in a key exchange -message for the TLS protocol. +Used for getting and setting the encoding of a public key for the B and +B key types. Public keys are expected be encoded in a format as defined by +RFC7748. =back diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index 4a4bd36cbe..6a50f10da7 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -261,7 +261,7 @@ extern "C" { #define OSSL_PKEY_PARAM_MASKGENFUNC "mgf" #define OSSL_PKEY_PARAM_MGF1_DIGEST "mgf1-digest" #define OSSL_PKEY_PARAM_MGF1_PROPERTIES "mgf1-properties" -#define OSSL_PKEY_PARAM_TLS_ENCODED_PT "tls-encoded-pt" +#define OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY "encoded-pub-key" #define OSSL_PKEY_PARAM_GROUP_NAME "group" #define OSSL_PKEY_PARAM_DIST_ID "distid" #define OSSL_PKEY_PARAM_PUB_KEY "pub" diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 326289a1dd..7c36e78ce1 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1280,9 +1280,28 @@ int EVP_PKEY_get_default_digest_name(EVP_PKEY *pkey, char *mdname, size_t mdname_sz); int EVP_PKEY_supports_digest_nid(EVP_PKEY *pkey, int nid); -int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *pkey, - const unsigned char *pt, size_t ptlen); -size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *pkey, unsigned char **ppt); +# ifndef OPENSSL_NO_DEPRECATED_3_0 +/* + * For backwards compatibility. Use EVP_PKEY_set1_encoded_public_key in + * preference + */ +# define EVP_PKEY_set1_tls_encodedpoint(pkey, pt, ptlen) \ + EVP_PKEY_set1_encoded_public_key((pkey), (pt), (ptlen)) +# endif + +int EVP_PKEY_set1_encoded_public_key(EVP_PKEY *pkey, + const unsigned char *pub, size_t publen); + +# ifndef OPENSSL_NO_DEPRECATED_3_0 +/* + * For backwards compatibility. Use EVP_PKEY_get1_encoded_public_key in + * preference + */ +# define EVP_PKEY_get1_tls_encodedpoint(pkey, ppt) \ + EVP_PKEY_get1_encoded_public_key((pkey), (ppt)) +# endif + +size_t EVP_PKEY_get1_encoded_public_key(EVP_PKEY *pkey, unsigned char **ppub); int EVP_CIPHER_type(const EVP_CIPHER *ctx); diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index bfd70c3962..73164672f8 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -310,7 +310,7 @@ static ossl_inline int dh_get_params(void *key, OSSL_PARAM params[]) if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL && !OSSL_PARAM_set_int(p, DH_size(dh))) return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) { + if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) { if (p->data_type != OSSL_PARAM_OCTET_STRING) return 0; p->return_size = dh_key2buf(dh, (unsigned char **)&p->data, @@ -327,7 +327,7 @@ static const OSSL_PARAM dh_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL), - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), DH_IMEXPORTABLE_PARAMETERS, DH_IMEXPORTABLE_PUBLIC_KEY, DH_IMEXPORTABLE_PRIVATE_KEY, @@ -340,7 +340,7 @@ static const OSSL_PARAM *dh_gettable_params(void *provctx) } static const OSSL_PARAM dh_known_settable_params[] = { - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), OSSL_PARAM_END }; @@ -354,7 +354,7 @@ static int dh_set_params(void *key, const OSSL_PARAM params[]) DH *dh = key; const OSSL_PARAM *p; - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT); + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); if (p != NULL && (p->data_type != OSSL_PARAM_OCTET_STRING || !dh_buf2key(dh, p->data, p->data_size))) diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 7508a794ad..b96d0ea538 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -650,7 +650,8 @@ int common_get_params(void *key, OSSL_PARAM params[], int sm2) goto err; } } - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) { + if ((p = OSSL_PARAM_locate(params, + OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) { p->return_size = EC_POINT_point2oct(EC_KEY_get0_group(key), EC_KEY_get0_public_key(key), POINT_CONVERSION_UNCOMPRESSED, @@ -693,7 +694,7 @@ static const OSSL_PARAM ec_known_gettable_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL), - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), EC_IMEXPORTABLE_DOM_PARAMETERS, EC2M_GETTABLE_DOM_PARAMS EC_IMEXPORTABLE_PUBLIC_KEY, @@ -712,7 +713,7 @@ const OSSL_PARAM *ec_gettable_params(void *provctx) static const OSSL_PARAM ec_known_settable_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_USE_COFACTOR_ECDH, NULL), - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), OSSL_PARAM_END }; @@ -728,7 +729,7 @@ int ec_set_params(void *key, const OSSL_PARAM params[]) EC_KEY *eck = key; const OSSL_PARAM *p; - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT); + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); if (p != NULL) { BN_CTX *ctx = BN_CTX_new_ex(ec_key_get_libctx(key)); int ret = 1; @@ -756,7 +757,7 @@ static const OSSL_PARAM sm2_known_gettable_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL), - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), EC_IMEXPORTABLE_DOM_PARAMETERS, EC_IMEXPORTABLE_PUBLIC_KEY, OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_EC_PUB_X, NULL, 0), @@ -772,7 +773,7 @@ const OSSL_PARAM *sm2_gettable_params(ossl_unused void *provctx) } static const OSSL_PARAM sm2_known_settable_params[] = { - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), OSSL_PARAM_END }; diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index f4e59b3322..16ffc3126c 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -265,7 +265,7 @@ static int ecx_get_params(void *key, OSSL_PARAM params[], int bits, int secbits, if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL && !OSSL_PARAM_set_int(p, size)) return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL + if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL && (ecx->type == ECX_KEY_TYPE_X25519 || ecx->type == ECX_KEY_TYPE_X448)) { if (!OSSL_PARAM_set_octet_string(p, ecx->pubkey, ecx->keylen)) @@ -317,7 +317,7 @@ static const OSSL_PARAM ecx_gettable_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL), OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST, NULL, 0), - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), ECX_KEY_TYPES(), OSSL_PARAM_END }; @@ -369,7 +369,7 @@ static int ecx_set_params(void *key, const OSSL_PARAM params[]) ECX_KEY *ecxkey = key; const OSSL_PARAM *p; - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT); + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); if (p != NULL) { void *buf = ecxkey->pubkey; @@ -412,7 +412,7 @@ static int ed448_set_params(void *key, const OSSL_PARAM params[]) } static const OSSL_PARAM ecx_settable_params[] = { - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_PROPERTIES, NULL, 0), OSSL_PARAM_END }; diff --git a/ssl/statem/extensions_clnt.c b/ssl/statem/extensions_clnt.c index 15cd622ed5..351d695af8 100644 --- a/ssl/statem/extensions_clnt.c +++ b/ssl/statem/extensions_clnt.c @@ -647,8 +647,8 @@ static int add_key_share(SSL *s, WPACKET *pkt, unsigned int curve_id) } /* Encode the public key. */ - encodedlen = EVP_PKEY_get1_tls_encodedpoint(key_share_key, - &encoded_point); + encodedlen = EVP_PKEY_get1_encoded_public_key(key_share_key, + &encoded_point); if (encodedlen == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_ADD_KEY_SHARE, ERR_R_EC_LIB); goto err; @@ -1916,8 +1916,8 @@ int tls_parse_stoc_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, return 0; } - if (!EVP_PKEY_set1_tls_encodedpoint(skey, PACKET_data(&encoded_pt), - PACKET_remaining(&encoded_pt))) { + if (EVP_PKEY_set1_encoded_public_key(skey, PACKET_data(&encoded_pt), + PACKET_remaining(&encoded_pt)) <= 0) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_STOC_KEY_SHARE, SSL_R_BAD_ECPOINT); EVP_PKEY_free(skey); diff --git a/ssl/statem/extensions_srvr.c b/ssl/statem/extensions_srvr.c index eb24d0a19e..cf4937125f 100644 --- a/ssl/statem/extensions_srvr.c +++ b/ssl/statem/extensions_srvr.c @@ -713,9 +713,9 @@ int tls_parse_ctos_key_share(SSL *s, PACKET *pkt, unsigned int context, X509 *x, s->s3.group_id = group_id; - if (!EVP_PKEY_set1_tls_encodedpoint(s->s3.peer_tmp, + if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp, PACKET_data(&encoded_pt), - PACKET_remaining(&encoded_pt))) { + PACKET_remaining(&encoded_pt)) <= 0) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PARSE_CTOS_KEY_SHARE, SSL_R_BAD_ECPOINT); return 0; @@ -1751,7 +1751,7 @@ EXT_RETURN tls_construct_stoc_key_share(SSL *s, WPACKET *pkt, } /* Generate encoding of server key */ - encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(skey, &encodedPoint); + encoded_pt_len = EVP_PKEY_get1_encoded_public_key(skey, &encodedPoint); if (encoded_pt_len == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_KEY_SHARE, diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c index ba57d31428..f896e19d40 100644 --- a/ssl/statem/statem_clnt.c +++ b/ssl/statem/statem_clnt.c @@ -2235,9 +2235,9 @@ static int tls_process_ske_ecdhe(SSL *s, PACKET *pkt, EVP_PKEY **pkey) return 0; } - if (!EVP_PKEY_set1_tls_encodedpoint(s->s3.peer_tmp, - PACKET_data(&encoded_pt), - PACKET_remaining(&encoded_pt))) { + if (EVP_PKEY_set1_encoded_public_key(s->s3.peer_tmp, + PACKET_data(&encoded_pt), + PACKET_remaining(&encoded_pt)) <= 0) { SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_F_TLS_PROCESS_SKE_ECDHE, SSL_R_BAD_ECPOINT); return 0; @@ -3147,7 +3147,7 @@ static int tls_construct_cke_ecdhe(SSL *s, WPACKET *pkt) } /* Generate encoding of client key */ - encoded_pt_len = EVP_PKEY_get1_tls_encodedpoint(ckey, &encodedPoint); + encoded_pt_len = EVP_PKEY_get1_encoded_public_key(ckey, &encodedPoint); if (encoded_pt_len == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CKE_ECDHE, diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 2da037a248..81cea6db37 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2633,8 +2633,8 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) } /* Encode the public key. */ - encodedlen = EVP_PKEY_get1_tls_encodedpoint(s->s3.tmp.pkey, - &encodedPoint); + encodedlen = EVP_PKEY_get1_encoded_public_key(s->s3.tmp.pkey, + &encodedPoint); if (encodedlen == 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE, ERR_R_EC_LIB); @@ -3216,7 +3216,7 @@ static int tls_process_cke_ecdhe(SSL *s, PACKET *pkt) goto err; } - if (EVP_PKEY_set1_tls_encodedpoint(ckey, data, i) == 0) { + if (EVP_PKEY_set1_encoded_public_key(ckey, data, i) <= 0) { SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CKE_ECDHE, ERR_R_EC_LIB); goto err; diff --git a/test/tls-provider.c b/test/tls-provider.c index 86d204240b..d3188d0c20 100644 --- a/test/tls-provider.c +++ b/test/tls-provider.c @@ -476,7 +476,8 @@ static ossl_inline int xor_get_params(void *vkey, OSSL_PARAM params[]) && !OSSL_PARAM_set_int(p, xor_group.secbits)) return 0; - if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT)) != NULL) { + if ((p = OSSL_PARAM_locate(params, + OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY)) != NULL) { if (p->data_type != OSSL_PARAM_OCTET_STRING) return 0; p->return_size = XOR_KEY_SIZE; @@ -490,7 +491,7 @@ static ossl_inline int xor_get_params(void *vkey, OSSL_PARAM params[]) static const OSSL_PARAM xor_params[] = { OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL), OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL), - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), OSSL_PARAM_END }; @@ -504,7 +505,7 @@ static int xor_set_params(void *vkey, const OSSL_PARAM params[]) XORKEY *key = vkey; const OSSL_PARAM *p; - p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_TLS_ENCODED_PT); + p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY); if (p != NULL) { if (p->data_type != OSSL_PARAM_OCTET_STRING || p->data_size != XOR_KEY_SIZE) @@ -517,7 +518,7 @@ static int xor_set_params(void *vkey, const OSSL_PARAM params[]) } static const OSSL_PARAM xor_known_settable_params[] = { - OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_TLS_ENCODED_PT, NULL, 0), + OSSL_PARAM_octet_string(OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY, NULL, 0), OSSL_PARAM_END }; diff --git a/util/libcrypto.num b/util/libcrypto.num index 6c0fae783b..4fa6d9e50e 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4046,8 +4046,8 @@ X509_STORE_lock 4134 3_0_0 EXIST::FUNCTION: X509_set_proxy_pathlen 4135 3_0_0 EXIST::FUNCTION: X509_get_proxy_pathlen 4136 3_0_0 EXIST::FUNCTION: DSA_bits 4137 3_0_0 EXIST::FUNCTION:DSA -EVP_PKEY_set1_tls_encodedpoint 4138 3_0_0 EXIST::FUNCTION: -EVP_PKEY_get1_tls_encodedpoint 4139 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set1_tls_encodedpoint 4138 3_0_0 NOEXIST::FUNCTION: +EVP_PKEY_get1_tls_encodedpoint 4139 3_0_0 NOEXIST::FUNCTION: ASN1_STRING_get0_data 4140 3_0_0 EXIST::FUNCTION: X509_SIG_getm 4141 3_0_0 EXIST::FUNCTION: X509_get0_serialNumber 4142 3_0_0 EXIST::FUNCTION: @@ -5290,3 +5290,5 @@ OSSL_DECODER_from_data ? 3_0_0 EXIST::FUNCTION: OSSL_ENCODER_to_data ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get0_libctx ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get0_propq ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_set1_encoded_public_key ? 3_0_0 EXIST::FUNCTION: +EVP_PKEY_get1_encoded_public_key ? 3_0_0 EXIST::FUNCTION: diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt index 481331e261..f2b91e2587 100644 --- a/util/missingcrypto.txt +++ b/util/missingcrypto.txt @@ -692,13 +692,11 @@ EVP_PKEY_decrypt_old(3) EVP_PKEY_delete_attr(3) EVP_PKEY_encrypt_old(3) EVP_PKEY_get0(3) -EVP_PKEY_get1_tls_encodedpoint(3) EVP_PKEY_get_attr(3) EVP_PKEY_get_attr_by_NID(3) EVP_PKEY_get_attr_by_OBJ(3) EVP_PKEY_get_attr_count(3) EVP_PKEY_save_parameters(3) -EVP_PKEY_set1_tls_encodedpoint(3) EVP_add_alg_module(3) EVP_add_cipher(3) EVP_add_digest(3) diff --git a/util/missingcrypto111.txt b/util/missingcrypto111.txt index 77a7295246..a232ed2af0 100644 --- a/util/missingcrypto111.txt +++ b/util/missingcrypto111.txt @@ -691,13 +691,11 @@ EVP_PKEY_encrypt_old(3) EVP_PKEY_get0(3) EVP_PKEY_get0_poly1305(3) EVP_PKEY_get0_siphash(3) -EVP_PKEY_get1_tls_encodedpoint(3) EVP_PKEY_get_attr(3) EVP_PKEY_get_attr_by_NID(3) EVP_PKEY_get_attr_by_OBJ(3) EVP_PKEY_get_attr_count(3) EVP_PKEY_save_parameters(3) -EVP_PKEY_set1_tls_encodedpoint(3) EVP_PKEY_set_type(3) EVP_PKEY_set_type_str(3) EVP_add_alg_module(3) diff --git a/util/other.syms b/util/other.syms index e5d98a9877..aa85ffa26a 100644 --- a/util/other.syms +++ b/util/other.syms @@ -601,3 +601,5 @@ OSSL_TRACE1 define OSSL_TRACE2 define OSSL_TRACE9 define TS_VERIFY_CTS_set_certs define deprecated 3.0.0 +EVP_PKEY_get1_tls_encodedpoint define deprecated 3.0.0 +EVP_PKEY_set1_tls_encodedpoint define deprecated 3.0.0 From openssl at openssl.org Tue Oct 20 15:51:49 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 15:51:49 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1603209109.092067.19996.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 694 wallclock secs (13.29 usr 1.11 sys + 631.35 cusr 59.27 csys = 705.02 CPU) Result: FAIL Makefile:3189: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3187: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Tue Oct 20 16:02:03 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 20 Oct 2020 16:02:03 +0000 Subject: Still Failing: openssl/openssl#38133 (master - 6a13c9c) In-Reply-To: Message-ID: <5f8f09faaf3a1_13fd0951a93e8753649@travis-pro-tasks-6f4d97fc84-xxt5m.mail> Build Update for openssl/openssl ------------------------------------- Build: #38133 Status: Still Failing Duration: 1 hr, 26 mins, and 6 secs Commit: 6a13c9c (master) Author: xuyunjia Message: resolve defects: reverse_inull; row[DB_exp_date] referenced before checking Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13170) View the changeset: https://github.com/openssl/openssl/compare/ec5059c3effc...6a13c9c9842f View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191194531?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Tue Oct 20 16:26:40 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 20 Oct 2020 16:26:40 +0000 Subject: Fixed: openssl/openssl#38134 (OpenSSL_1_1_1-stable - 4b7595e) In-Reply-To: Message-ID: <5f8f0fbfa1eeb_13fef148a83b83239b@travis-pro-tasks-55c56c9d86-c8lcs.mail> Build Update for openssl/openssl ------------------------------------- Build: #38134 Status: Fixed Duration: 52 mins and 35 secs Commit: 4b7595e (OpenSSL_1_1_1-stable) Author: xuyunjia Message: resolve defects: reverse_inull; row[DB_exp_date] referenced before checking Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13170) (cherry picked from commit 6a13c9c9842f54ed8d98c6f37cc4ae6c1cde8b7a) View the changeset: https://github.com/openssl/openssl/compare/7b324bb09f63...4b7595e3ecf3 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191195779?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Tue Oct 20 17:59:21 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 20 Oct 2020 17:59:21 +0000 Subject: Still Failing: openssl/openssl#38135 (master - 0a737e1) In-Reply-To: Message-ID: <5f8f2578ca848_13fbe4e1a9c3438086c@travis-pro-tasks-55c56c9d86-kjd6l.mail> Build Update for openssl/openssl ------------------------------------- Build: #38135 Status: Still Failing Duration: 1 hr, 40 mins, and 55 secs Commit: 0a737e1 (master) Author: Matt Caswell Message: Deprecate EVP_PKEY_set1_tls_encodedpoint() Also deprecate EVP_PKEY_get1_tls_encodedpoint(). The preferred alternative is EVP_PKEY_set1_encoded_public_key() and EVP_PKEY_get1_encoded_public_key(). Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13105) View the changeset: https://github.com/openssl/openssl/compare/6a13c9c9842f...0a737e16b2bc View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191222608?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 20 18:28:07 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 18:28:07 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1603218487.963515.27476.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090CA1FEB7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090CA1FEB7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090CA1FEB7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/3mPw0i8nFx default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0801FABB57F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0801FABB57F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0801FABB57F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0801FABB57F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0801FABB57F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0801FABB57F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/3mPw0i8nFx fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 699 wallclock secs (13.95 usr 1.22 sys + 632.75 cusr 61.19 csys = 709.11 CPU) Result: FAIL Makefile:3184: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3182: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 20 20:42:18 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 20:42:18 +0000 Subject: Build failed: openssl master.37605 Message-ID: <20201020204218.1.7ED5EB181E9F30E6@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 20 20:44:52 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 20:44:52 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1603226692.451067.19319.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D02D31CC7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0D02D31CC7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D02D31CC7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/aC7sNzmhCq default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F05574C87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F05574C87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F05574C87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F05574C87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F05574C87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F05574C87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/aC7sNzmhCq fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 718 wallclock secs (13.74 usr 1.38 sys + 636.44 cusr 60.52 csys = 712.08 CPU) Result: FAIL Makefile:3190: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3188: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 20 21:29:42 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 20 Oct 2020 21:29:42 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1603229383.003975.26361.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: 6c8149df1f Change markdown link style in README, INSTALL, SUPPORT and CONTRIBUTING 84dd002f41 README: make the link to the OpenSSL 3.0 Wiki page more prominent 9096809b20 ENCODER & DECODER: set params on all encoder/decoder instances, unconditionally a1fc4642e1 dev/release.sh: improve instruction for pushing the tag b40498c6e7 TEST: modify tconversion.pl for forensics 372e72b19e Add a CHANGES entry for the SSL_SECOP_TMP_DH change 47e81a1bfa Pass an EVP_PKEY for SSL_SECOP_TMP_DH in the security callback 301fcb2843 Concentrate deprecated libssl API usage in one file 192d4b9ca6 Fix missing include of string.h in apps/lib/engine.c for strcmp. f4bd510503 list: add a -provider-info option. 994a924b3c null prov: fix gettable param array type. e8dca211b4 Prepare for 3.0 alpha 8 f9a5682e5c Prepare for release of 3.0 alpha 7 eec0ad10b9 Update copyright year 796948cd73 Changing X509at_get0_data_by_OBJ to expect const stack of X509_ATTRIBUTE a829b735b6 Rename some occurrences of 'library_context' and 'lib_ctx' to 'libctx' b425001010 Rename OPENSSL_CTX prefix to OSSL_LIB_CTX 29000e43ea Make evp_pkey_ctx_get0_libctx/propq public API 0d30e15a57 Remove some more CMS key downgrades 7022d9b903 Remove CMS recipient info information out of the algorithm implementations 9ab7fe4836 Move CMS signing code out of the algorithms and into CMS 0b3a4ef27a Move CMS enveloping code out of the algorithms and into CMS 99b3b762c3 Remove a CMS key downgrade 5b70206cb3 [test][tls-provider] Implement KEM algorithm 8b17fbaf46 [ssl] Support ssl_encapsulate on server side a011b5861b [ssl] Support ssl_decapsulate on client side c1a74f59ac Define OSSL_CAPABILITY_TLS_GROUP_IS_KEM ecff43e0ca [test][tls-provider] Add 2nd pluggable tls group for KEM c8e3a4c613 [test][sslapitest] Add test for pluggable KEM group 32fea070dc [test][tls-provider] Group xor_group properties in a struct 47690cd4ce Use __BYTE_ORDER__ to test the endianness when available 8e596a93bc syscall_random(): don't fail if the getentropy() function is a dummy 58608c7c7a Reconciled c99 and loader arguments for float on NonStop TNS/E and TNS/X. Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D0C236237F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0D0C236237F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0D0C236237F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D0C236237F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/b7OQSvdUwU default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C000331E7A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C000331E7A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C000331E7A7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C000331E7A7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/b7OQSvdUwU fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 677 wallclock secs (12.32 usr 1.24 sys + 613.54 cusr 58.25 csys = 685.35 CPU) Result: FAIL Makefile:3189: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3187: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 20 21:49:41 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 20 Oct 2020 21:49:41 +0000 Subject: Build completed: openssl master.37606 Message-ID: <20201020214941.1.B891FF4084CCCDD4@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Wed Oct 21 06:04:17 2020 From: levitte at openssl.org (Richard Levitte) Date: Wed, 21 Oct 2020 06:04:17 +0000 Subject: [openssl] master update Message-ID: <1603260257.897907.28744.nullmailer@dev.openssl.org> The branch master has been updated via 8300a8742b2abc487594a09b5e6ee726dbd30771 (commit) from 0a737e16b2bc333cc3a8727458acc5460be10e0e (commit) - Log ----------------------------------------------------------------- commit 8300a8742b2abc487594a09b5e6ee726dbd30771 Author: Richard Levitte Date: Tue Oct 20 06:48:10 2020 +0200 Work around Windows ftell() bug as per Microsoft engineering's suggestion See https://developercommunity.visualstudio.com/content/problem/425878/fseek-ftell-fail-in-text-mode-for-unix-style-text.html Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13190) ----------------------------------------------------------------------- Summary of changes: crypto/bio/bss_file.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c index a57bd973f7..986fba874a 100644 --- a/crypto/bio/bss_file.c +++ b/crypto/bio/bss_file.c @@ -237,6 +237,15 @@ static long file_ctrl(BIO *b, int cmd, long num, void *ptr) _setmode(fd, _O_TEXT); else _setmode(fd, _O_BINARY); + /* + * Reports show that ftell() isn't trustable in text mode. + * This has been confirmed as a bug in the Universal C RTL, see + * https://developercommunity.visualstudio.com/content/problem/425878/fseek-ftell-fail-in-text-mode-for-unix-style-text.html + * The suggested work-around from Microsoft engineering is to + * turn off buffering until the bug is resolved. + */ + if ((num & BIO_FP_TEXT) != 0) + setvbuf((FILE *)ptr, NULL, _IONBF, 0); # elif defined(OPENSSL_SYS_MSDOS) int fd = fileno((FILE *)ptr); /* Set correct text/binary mode */ From builds at travis-ci.com Wed Oct 21 07:54:33 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 21 Oct 2020 07:54:33 +0000 Subject: Still Failing: openssl/openssl#38152 (master - 8300a87) In-Reply-To: Message-ID: <5f8fe93c57f71_13f9d696c598089844e@travis-pro-tasks-6dfff548f7-d2829.mail> Build Update for openssl/openssl ------------------------------------- Build: #38152 Status: Still Failing Duration: 1 hr, 23 mins, and 49 secs Commit: 8300a87 (master) Author: Richard Levitte Message: Work around Windows ftell() bug as per Microsoft engineering's suggestion See https://developercommunity.visualstudio.com/content/problem/425878/fseek-ftell-fail-in-text-mode-for-unix-style-text.html Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13190) View the changeset: https://github.com/openssl/openssl/compare/0a737e16b2bc...8300a8742b2a View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191357364?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From matt at openssl.org Wed Oct 21 11:08:18 2020 From: matt at openssl.org (Matt Caswell) Date: Wed, 21 Oct 2020 11:08:18 +0000 Subject: [web] master update Message-ID: <1603278498.895167.21424.nullmailer@dev.openssl.org> The branch master has been updated via 7c84bf7db927de5a6676a0fad2e88546e7e6e7ed (commit) from 6353e2de0800ad057bf5d9abb1fb82955d3144da (commit) - Log ----------------------------------------------------------------- commit 7c84bf7db927de5a6676a0fad2e88546e7e6e7ed Author: Matt Caswell Date: Wed Oct 21 11:49:29 2020 +0100 Add link to blog post about alpha7 Reviewed-by: Paul Dale Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/web/pull/203) ----------------------------------------------------------------------- Summary of changes: news/newsflash.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/news/newsflash.txt b/news/newsflash.txt index 79dda77..a6bb492 100644 --- a/news/newsflash.txt +++ b/news/newsflash.txt @@ -5,6 +5,7 @@ # headings. URL paths must all be absolute. Date: Item +21-Oct-2020: New Blog post: OpenSSL 3.0 Alpha7 Release 15-Oct-2020: Alpha 7 of OpenSSL 3.0 is now available: please download and test it 22-Sep-2020: OpenSSL 1.1.1h is now available, including bug fixes 09-Sep-2020: Security Advisory: Raccoon attack From tmraz at fedoraproject.org Wed Oct 21 13:28:47 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Wed, 21 Oct 2020 13:28:47 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1603286927.113709.2468.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via b11aa831cfe09befe3fb3229ca46a4a59352de34 (commit) from 4b7595e3ecf3e31ecb93f6397300331ba36b2ca4 (commit) - Log ----------------------------------------------------------------- commit b11aa831cfe09befe3fb3229ca46a4a59352de34 Author: simplelins Date: Fri Jan 3 22:56:18 2020 +0800 Fix AES-GCM bug on aarch64 BigEndian Fixes #10638 Fixes #13188 Fixes a bug for aarch64 bigendian with instructions 'st1' and 'ld1' on AES-GCM mode. CLA: trivial (cherry picked from commit bc8b648f744566031ce84d77333dbbcb9689e975) Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13193) ----------------------------------------------------------------------- Summary of changes: crypto/aes/asm/aesv8-armx.pl | 10 +++++++++- crypto/modes/modes_local.h | 7 +++++-- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/crypto/aes/asm/aesv8-armx.pl b/crypto/aes/asm/aesv8-armx.pl index d6068dbf03..f42f7bd1df 100755 --- a/crypto/aes/asm/aesv8-armx.pl +++ b/crypto/aes/asm/aesv8-armx.pl @@ -183,7 +183,12 @@ $code.=<<___; .Loop192: vtbl.8 $key,{$in1},$mask vext.8 $tmp,$zero,$in0,#12 +#ifdef __ARMEB__ + vst1.32 {$in1},[$out],#16 + sub $out,$out,#8 +#else vst1.32 {$in1},[$out],#8 +#endif aese $key,$zero subs $bits,$bits,#1 @@ -715,8 +720,11 @@ $code.=<<___; ldr $rounds,[$key,#240] ldr $ctr, [$ivp, #12] +#ifdef __ARMEB__ + vld1.8 {$dat0},[$ivp] +#else vld1.32 {$dat0},[$ivp] - +#endif vld1.32 {q8-q9},[$key] // load key schedule... sub $rounds,$rounds,#4 mov $step,#16 diff --git a/crypto/modes/modes_local.h b/crypto/modes/modes_local.h index 28c32c0643..888141681e 100644 --- a/crypto/modes/modes_local.h +++ b/crypto/modes/modes_local.h @@ -63,12 +63,15 @@ typedef u32 u32_a1; asm ("bswapl %0" \ : "+r"(ret_)); ret_; }) # elif defined(__aarch64__) -# define BSWAP8(x) ({ u64 ret_; \ +# if defined(__BYTE_ORDER__) && defined(__ORDER_LITTLE_ENDIAN__) && \ + __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__ +# define BSWAP8(x) ({ u64 ret_; \ asm ("rev %0,%1" \ : "=r"(ret_) : "r"(x)); ret_; }) -# define BSWAP4(x) ({ u32 ret_; \ +# define BSWAP4(x) ({ u32 ret_; \ asm ("rev %w0,%w1" \ : "=r"(ret_) : "r"(x)); ret_; }) +# endif # elif (defined(__arm__) || defined(__arm)) && !defined(STRICT_ALIGNMENT) # define BSWAP8(x) ({ u32 lo_=(u64)(x)>>32,hi_=(x); \ asm ("rev %0,%0; rev %1,%1" \ From no-reply at appveyor.com Wed Oct 21 14:22:06 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 21 Oct 2020 14:22:06 +0000 Subject: Build failed: openssl master.37622 Message-ID: <20201021142206.1.646972D816781BA9@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 21 15:39:36 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 21 Oct 2020 15:39:36 +0000 Subject: Build completed: openssl master.37623 Message-ID: <20201021153936.1.318365B721FACBFE@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 21 17:49:31 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 21 Oct 2020 17:49:31 +0000 Subject: Build failed: openssl master.37624 Message-ID: <20201021174931.1.1756AC8A26A5986C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 21 19:02:16 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 21 Oct 2020 19:02:16 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37625 Message-ID: <20201021190216.1.511BF8B2FFBBBC15@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Wed Oct 21 19:11:40 2020 From: levitte at openssl.org (Richard Levitte) Date: Wed, 21 Oct 2020 19:11:40 +0000 Subject: [openssl] master update Message-ID: <1603307500.073010.27108.nullmailer@dev.openssl.org> The branch master has been updated via 0934cf4834059cf2d6e3b7e4106d5e04f50ed7f5 (commit) from 8300a8742b2abc487594a09b5e6ee726dbd30771 (commit) - Log ----------------------------------------------------------------- commit 0934cf4834059cf2d6e3b7e4106d5e04f50ed7f5 Author: Richard Levitte Date: Tue Oct 20 18:11:30 2020 +0200 Unexport internal MSBLOB and PVK functions The following internal functions are affected: ossl_do_blob_header ossl_do_PVK_header ossl_b2i ossl_b2i_bio This is reflected by moving include/internal/pem.h to include/crypto/pem.h engines/e_loader_attic gets the source code added to it to have continued access to those functions. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13195) ----------------------------------------------------------------------- Summary of changes: crypto/pem/pvkfmt.c | 2 +- engines/build.info | 2 +- engines/e_loader_attic.c | 2 +- include/{internal => crypto}/pem.h | 0 providers/implementations/encode_decode/decode_ms2key.c | 2 +- providers/implementations/storemgmt/file_store.c | 2 +- test/endecode_test.c | 2 +- util/libcrypto.num | 4 ---- 8 files changed, 6 insertions(+), 10 deletions(-) rename include/{internal => crypto}/pem.h (100%) diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 95d1ff5a94..bd1d99e338 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -20,7 +20,7 @@ #include "internal/cryptlib.h" #include -#include "internal/pem.h" +#include "crypto/pem.h" #include #include #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) diff --git a/engines/build.info b/engines/build.info index 4e83dbf9bc..e47f2d44a5 100644 --- a/engines/build.info +++ b/engines/build.info @@ -87,7 +87,7 @@ IF[{- !$disabled{"engine"} -}] GENERATE[ossltest.ld]=../util/engines.num ENDIF - SOURCE[loader_attic]=e_loader_attic.c + SOURCE[loader_attic]=e_loader_attic.c ../crypto/pem/pvkfmt.c DEPEND[loader_attic]=../libcrypto INCLUDE[loader_attic]=../include IF[{- defined $target{shared_defflag} -}] diff --git a/engines/e_loader_attic.c b/engines/e_loader_attic.c index 72ceb38a33..4f238b9cb2 100644 --- a/engines/e_loader_attic.c +++ b/engines/e_loader_attic.c @@ -31,9 +31,9 @@ #include #include /* For the PKCS8 stuff o.O */ #include "internal/asn1.h" /* For asn1_d2i_read_bio */ -#include "internal/pem.h" /* For PVK and "blob" PEM headers */ #include "internal/o_dir.h" #include "internal/cryptlib.h" +#include "crypto/pem.h" /* For PVK and "blob" PEM headers */ #include "e_loader_attic_err.c" diff --git a/include/internal/pem.h b/include/crypto/pem.h similarity index 100% rename from include/internal/pem.h rename to include/crypto/pem.h diff --git a/providers/implementations/encode_decode/decode_ms2key.c b/providers/implementations/encode_decode/decode_ms2key.c index 1bc55e5493..deb2cc2d5b 100644 --- a/providers/implementations/encode_decode/decode_ms2key.c +++ b/providers/implementations/encode_decode/decode_ms2key.c @@ -22,8 +22,8 @@ #include #include /* For public PVK functions */ #include -#include "internal/pem.h" /* For internal PVK and "blob" headers */ #include "internal/passphrase.h" +#include "crypto/pem.h" /* For internal PVK and "blob" headers */ #include "prov/bio.h" #include "prov/implementations.h" #include "endecoder_local.h" diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c index e41e29ed35..3b6c50c9e5 100644 --- a/providers/implementations/storemgmt/file_store.c +++ b/providers/implementations/storemgmt/file_store.c @@ -25,7 +25,7 @@ #include #include /* The OSSL_STORE_INFO type numbers */ #include "internal/o_dir.h" -#include "internal/pem.h" /* For PVK and "blob" PEM headers */ +#include "crypto/pem.h" /* For PVK and "blob" PEM headers */ #include "crypto/decoder.h" #include "prov/implementations.h" #include "prov/bio.h" diff --git a/test/endecode_test.c b/test/endecode_test.c index b882ff85b1..7a901e9793 100644 --- a/test/endecode_test.c +++ b/test/endecode_test.c @@ -19,8 +19,8 @@ #include #include -#include "internal/pem.h" /* For PVK and "blob" PEM headers */ #include "internal/cryptlib.h" /* ossl_assert */ +#include "crypto/pem.h" /* For PVK and "blob" PEM headers */ #include "testutil.h" diff --git a/util/libcrypto.num b/util/libcrypto.num index 4fa6d9e50e..0e8d3953c8 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -5235,12 +5235,8 @@ EVP_PKEY_CTX_set_mac_key ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_new_CMAC_key_ex ? 3_0_0 EXIST::FUNCTION: OSSL_STORE_INFO_new ? 3_0_0 EXIST::FUNCTION: OSSL_STORE_INFO_get0_data ? 3_0_0 EXIST::FUNCTION: -ossl_do_blob_header ? 3_0_0 EXIST::FUNCTION:DSA -ossl_do_PVK_header ? 3_0_0 EXIST::FUNCTION:DSA,RC4 asn1_d2i_read_bio ? 3_0_0 EXIST::FUNCTION: EVP_PKCS82PKEY_ex ? 3_0_0 EXIST::FUNCTION: -ossl_b2i ? 3_0_0 EXIST::FUNCTION:DSA -ossl_b2i_bio ? 3_0_0 EXIST::FUNCTION:DSA EVP_PKEY_CTX_set1_id ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get1_id ? 3_0_0 EXIST::FUNCTION: EVP_PKEY_CTX_get1_id_len ? 3_0_0 EXIST::FUNCTION: From no-reply at appveyor.com Wed Oct 21 20:06:17 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 21 Oct 2020 20:06:17 +0000 Subject: Build failed: openssl master.37626 Message-ID: <20201021200617.1.C466A80F99DDFF4F@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Wed Oct 21 20:39:20 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 21 Oct 2020 20:39:20 +0000 Subject: Still Failing: openssl/openssl#38158 (master - 0934cf4) In-Reply-To: Message-ID: <5f909c77a4457_13f97053ee50067379@travis-pro-tasks-7b6988c88d-92k5p.mail> Build Update for openssl/openssl ------------------------------------- Build: #38158 Status: Still Failing Duration: 1 hr, 21 mins, and 37 secs Commit: 0934cf4 (master) Author: Richard Levitte Message: Unexport internal MSBLOB and PVK functions The following internal functions are affected: ossl_do_blob_header ossl_do_PVK_header ossl_b2i ossl_b2i_bio This is reflected by moving include/internal/pem.h to include/crypto/pem.h engines/e_loader_attic gets the source code added to it to have continued access to those functions. Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13195) View the changeset: https://github.com/openssl/openssl/compare/8300a8742b2a...0934cf483405 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191515392?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 21 23:10:15 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 21 Oct 2020 23:10:15 +0000 Subject: Build failed: openssl master.37628 Message-ID: <20201021231015.1.3F1C7A8E94B49292@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 21 23:49:35 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 21 Oct 2020 23:49:35 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1603324175.343463.14967.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 8047194EAE7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80571547867F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80571547867F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1377 wallclock secs (12.56 usr 1.53 sys + 1196.01 cusr 163.83 csys = 1373.93 CPU) Result: FAIL Makefile:2550: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2548: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 22 00:58:04 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 00:58:04 +0000 Subject: Build failed: openssl master.37631 Message-ID: <20201022005804.1.3BDC597037FEF1DB@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 22 00:59:16 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 00:59:16 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm Message-ID: <1603328356.343527.4554.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): 60-test_x509_dup_cert.t ............ ok 60-test_x509_store.t ............... ok 60-test_x509_time.t ................ ok 61-test_bio_prefix.t ............... ok 65-test_cmp_asn.t .................. ok 65-test_cmp_client.t ............... ok 65-test_cmp_ctx.t .................. ok 65-test_cmp_hdr.t .................. ok 65-test_cmp_msg.t .................. ok 65-test_cmp_protect.t .............. ok 65-test_cmp_server.t ............... ok 65-test_cmp_status.t ............... ok 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok Makefile:3192: recipe for target '_tests' failed make[1]: *** [_tests] Terminated From openssl at openssl.org Thu Oct 22 01:46:39 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 01:46:39 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1603331199.544728.22529.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 732 wallclock secs (14.14 usr 1.40 sys + 655.61 cusr 68.01 csys = 739.16 CPU) Result: FAIL Makefile:3189: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3187: recipe for target 'tests' failed make: *** [tests] Error 2 From pauli at openssl.org Thu Oct 22 02:12:53 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 22 Oct 2020 02:12:53 +0000 Subject: [openssl] master update Message-ID: <1603332773.629013.18261.nullmailer@dev.openssl.org> The branch master has been updated via f31ac320012c9aa1540034288ea94f6c80924aa3 (commit) from 0934cf4834059cf2d6e3b7e4106d5e04f50ed7f5 (commit) - Log ----------------------------------------------------------------- commit f31ac320012c9aa1540034288ea94f6c80924aa3 Author: Jeremiah Gowdy Date: Sun Oct 18 14:12:35 2020 -0700 Implement OpenSSL secure memory for Windows Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13172) ----------------------------------------------------------------------- Summary of changes: crypto/mem_sec.c | 50 +++++++++++++++++++++++++++++++++++++++++++++----- e_os.h | 9 +++++---- 2 files changed, 50 insertions(+), 9 deletions(-) diff --git a/crypto/mem_sec.c b/crypto/mem_sec.c index ddc0a370e6..ee3750725c 100644 --- a/crypto/mem_sec.c +++ b/crypto/mem_sec.c @@ -21,11 +21,18 @@ #include #ifndef OPENSSL_NO_SECURE_MEMORY +# if defined(_WIN32) +# include +# endif # include # include -# include +# if defined(OPENSSL_SYS_UNIX) +# include +# endif # include -# include +# if defined(OPENSSL_SYS_UNIX) +# include +# endif # if defined(OPENSSL_SYS_LINUX) # include # if defined(SYS_mlock2) @@ -375,6 +382,10 @@ static int sh_init(size_t size, size_t minsize) size_t i; size_t pgsize; size_t aligned; +#if defined(_WIN32) + DWORD flOldProtect; + SYSTEM_INFO systemInfo; +#endif memset(&sh, 0, sizeof(sh)); @@ -446,15 +457,19 @@ static int sh_init(size_t size, size_t minsize) else pgsize = (size_t)tmppgsize; } +#elif defined(_WIN32) + GetSystemInfo(&systemInfo); + pgsize = (size_t)systemInfo.dwPageSize; #else pgsize = PAGE_SIZE; #endif sh.map_size = pgsize + sh.arena_size + pgsize; -#ifdef MAP_ANON +#if !defined(_WIN32) +# ifdef MAP_ANON sh.map_result = mmap(NULL, sh.map_size, PROT_READ|PROT_WRITE, MAP_ANON|MAP_PRIVATE, -1, 0); -#else +# else { int fd; @@ -465,9 +480,16 @@ static int sh_init(size_t size, size_t minsize) close(fd); } } -#endif +# endif if (sh.map_result == MAP_FAILED) goto err; +#else + sh.map_result = VirtualAlloc(NULL, sh.map_size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE); + + if (sh.map_result == NULL) + goto err; +#endif + sh.arena = (char *)(sh.map_result + pgsize); sh_setbit(sh.arena, 0, sh.bittable); sh_add_to_list(&sh.freelist[0], sh.arena); @@ -475,14 +497,24 @@ static int sh_init(size_t size, size_t minsize) /* Now try to add guard pages and lock into memory. */ ret = 1; +#if !defined(_WIN32) /* Starting guard is already aligned from mmap. */ if (mprotect(sh.map_result, pgsize, PROT_NONE) < 0) ret = 2; +#else + if (VirtualProtect(sh.map_result, pgsize, PAGE_NOACCESS, &flOldProtect) == FALSE) + ret = 2; +#endif /* Ending guard page - need to round up to page boundary */ aligned = (pgsize + sh.arena_size + (pgsize - 1)) & ~(pgsize - 1); +#if !defined(_WIN32) if (mprotect(sh.map_result + aligned, pgsize, PROT_NONE) < 0) ret = 2; +#else + if (VirtualProtect(sh.map_result + aligned, pgsize, PAGE_NOACCESS, &flOldProtect) == FALSE) + ret = 2; +#endif #if defined(OPENSSL_SYS_LINUX) && defined(MLOCK_ONFAULT) && defined(SYS_mlock2) if (syscall(SYS_mlock2, sh.arena, sh.arena_size, MLOCK_ONFAULT) < 0) { @@ -493,6 +525,9 @@ static int sh_init(size_t size, size_t minsize) ret = 2; } } +#elif defined(_WIN32) + if (VirtualLock(sh.arena, sh.arena_size) == FALSE) + ret = 2; #else if (mlock(sh.arena, sh.arena_size) < 0) ret = 2; @@ -514,8 +549,13 @@ static void sh_done(void) OPENSSL_free(sh.freelist); OPENSSL_free(sh.bittable); OPENSSL_free(sh.bitmalloc); +#if !defined(_WIN32) if (sh.map_result != MAP_FAILED && sh.map_size) munmap(sh.map_result, sh.map_size); +#else + if (sh.map_result != NULL && sh.map_size) + VirtualFree(sh.map_result, 0, MEM_RELEASE); +#endif memset(&sh, 0, sizeof(sh)); } diff --git a/e_os.h b/e_os.h index 979be9b2b1..3e7a13f94d 100644 --- a/e_os.h +++ b/e_os.h @@ -359,10 +359,11 @@ inline int nssgetpid(); # ifndef OPENSSL_NO_SECURE_MEMORY /* unistd.h defines _POSIX_VERSION */ -# if defined(OPENSSL_SYS_UNIX) \ - && ( (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L) \ - || defined(__sun) || defined(__hpux) || defined(__sgi) \ - || defined(__osf__) ) +# if (defined(OPENSSL_SYS_UNIX) \ + && ( (defined(_POSIX_VERSION) && _POSIX_VERSION >= 200112L) \ + || defined(__sun) || defined(__hpux) || defined(__sgi) \ + || defined(__osf__) )) \ + || defined(_WIN32) /* secure memory is implemented */ # else # define OPENSSL_NO_SECURE_MEMORY From pauli at openssl.org Thu Oct 22 02:15:03 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 22 Oct 2020 02:15:03 +0000 Subject: [openssl] master update Message-ID: <1603332903.773646.19760.nullmailer@dev.openssl.org> The branch master has been updated via b78c777ee3038920064f5c2e3eb2a4f66a35119d (commit) from f31ac320012c9aa1540034288ea94f6c80924aa3 (commit) - Log ----------------------------------------------------------------- commit b78c777ee3038920064f5c2e3eb2a4f66a35119d Author: Richard Levitte Date: Tue Oct 20 11:56:22 2020 +0200 APPS: Implement load_keyparams() to load key parameters 'openssl dsaparam' is affected as an obvious usage example. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13191) ----------------------------------------------------------------------- Summary of changes: apps/cmp.c | 2 +- apps/dsaparam.c | 14 ++++++-------- apps/include/apps.h | 2 ++ apps/lib/apps.c | 38 +++++++++++++++++++++++++++++++------- doc/man1/openssl-dsaparam.pod.in | 2 +- 5 files changed, 41 insertions(+), 17 deletions(-) diff --git a/apps/cmp.c b/apps/cmp.c index e52eff3c28..a30c9f1684 100644 --- a/apps/cmp.c +++ b/apps/cmp.c @@ -724,7 +724,7 @@ static int load_cert_certs(const char *uri, return ret; } pass_string = get_passwd(pass, desc); - ret = load_key_certs_crls(uri, 0, pass_string, desc, NULL, NULL, + ret = load_key_certs_crls(uri, 0, pass_string, desc, NULL, NULL, NULL, pcert, pcerts, NULL, NULL); clear_free(pass_string); diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 5fd906a069..7e374eb6ad 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -66,7 +66,7 @@ const OPTIONS dsaparam_options[] = { int dsaparam_main(int argc, char **argv) { ENGINE *e = NULL; - BIO *in = NULL, *out = NULL; + BIO *out = NULL; EVP_PKEY *params = NULL, *pkey = NULL; EVP_PKEY_CTX *ctx = NULL; int numbits = -1, num = 0, genkey = 0; @@ -140,9 +140,6 @@ int dsaparam_main(int argc, char **argv) } private = genkey ? 1 : 0; - in = bio_open_default(infile, 'r', informat); - if (in == NULL) - goto end; out = bio_open_owner(outfile, outformat, private); if (out == NULL) goto end; @@ -181,10 +178,12 @@ int dsaparam_main(int argc, char **argv) BIO_printf(bio_err, "Error, DSA key generation failed\n"); goto end; } - } else if (informat == FORMAT_ASN1) { - params = d2i_KeyParams_bio(EVP_PKEY_DSA, NULL, in); } else { - params = PEM_read_bio_Parameters(in, NULL); + params = load_keyparams(infile, 1, "DSA parameters"); + if (!EVP_PKEY_is_a(params, "DSA")) { + EVP_PKEY_free(params); + params = NULL; + } } if (params == NULL) { BIO_printf(bio_err, "Error, unable to load DSA parameters\n"); @@ -276,7 +275,6 @@ int dsaparam_main(int argc, char **argv) end: if (ret != 0) ERR_print_errors(bio_err); - BIO_free(in); BIO_free_all(out); EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); diff --git a/apps/include/apps.h b/apps/include/apps.h index 195f226910..8bb92e07db 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -116,6 +116,7 @@ EVP_PKEY *load_key(const char *uri, int format, int maybe_stdin, const char *pass, ENGINE *e, const char *desc); EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin, const char *pass, ENGINE *e, const char *desc); +EVP_PKEY *load_keyparams(const char *uri, int maybe_stdin, const char *desc); int load_certs(const char *uri, STACK_OF(X509) **certs, const char *pass, const char *desc); int load_crls(const char *uri, STACK_OF(X509_CRL) **crls, @@ -123,6 +124,7 @@ int load_crls(const char *uri, STACK_OF(X509_CRL) **crls, int load_key_certs_crls(const char *uri, int maybe_stdin, const char *pass, const char *desc, EVP_PKEY **ppkey, EVP_PKEY **ppubkey, + EVP_PKEY **pparams, X509 **pcert, STACK_OF(X509) **pcerts, X509_CRL **pcrl, STACK_OF(X509_CRL) **pcrls); int load_key_cert_crl(const char *uri, int maybe_stdin, diff --git a/apps/lib/apps.c b/apps/lib/apps.c index d90ef6a192..d100ce42dd 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -476,7 +476,7 @@ X509 *load_cert_pass(const char *uri, int maybe_stdin, if (desc == NULL) desc = "certificate"; (void)load_key_certs_crls(uri, maybe_stdin, pass, desc, - NULL, NULL, &cert, NULL, NULL, NULL); + NULL, NULL, NULL, &cert, NULL, NULL, NULL); if (cert == NULL) { BIO_printf(bio_err, "Unable to load %s\n", desc); ERR_print_errors(bio_err); @@ -492,7 +492,7 @@ X509_CRL *load_crl(const char *uri, int format, const char *desc) if (desc == NULL) desc = "CRL"; (void)load_key_certs_crls(uri, 0, NULL, desc, - NULL, NULL, NULL, NULL, &crl, NULL); + NULL, NULL, NULL, NULL, NULL, &crl, NULL); if (crl == NULL) { BIO_printf(bio_err, "Unable to load %s\n", desc); ERR_print_errors(bio_err); @@ -559,7 +559,7 @@ EVP_PKEY *load_key(const char *uri, int format, int may_stdin, } } else { (void)load_key_certs_crls(uri, may_stdin, pass, desc, - &pkey, NULL, NULL, NULL, NULL, NULL); + &pkey, NULL, NULL, NULL, NULL, NULL, NULL); } if (pkey == NULL) { @@ -589,7 +589,7 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin, } } else { (void)load_key_certs_crls(uri, maybe_stdin, pass, desc, - NULL, &pkey, NULL, NULL, NULL, NULL); + NULL, &pkey, NULL, NULL, NULL, NULL, NULL); } if (pkey == NULL) { BIO_printf(bio_err, "Unable to load %s\n", desc); @@ -598,6 +598,22 @@ EVP_PKEY *load_pubkey(const char *uri, int format, int maybe_stdin, return pkey; } +EVP_PKEY *load_keyparams(const char *uri, int maybe_stdin, const char *desc) +{ + EVP_PKEY *params = NULL; + + if (desc == NULL) + desc = "key parameters"; + + (void)load_key_certs_crls(uri, maybe_stdin, NULL, desc, + NULL, NULL, ¶ms, NULL, NULL, NULL, NULL); + if (params == NULL) { + BIO_printf(bio_err, "Unable to load %s\n", desc); + ERR_print_errors(bio_err); + } + return params; +} + void app_bail_out(char *fmt, ...) { va_list args; @@ -627,7 +643,7 @@ int load_certs(const char *uri, STACK_OF(X509) **certs, const char *pass, const char *desc) { int was_NULL = *certs == NULL; - int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, + int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, NULL, NULL, certs, NULL, NULL); if (!ret && was_NULL) { @@ -645,7 +661,7 @@ int load_crls(const char *uri, STACK_OF(X509_CRL) **crls, const char *pass, const char *desc) { int was_NULL = *crls == NULL; - int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, + int ret = load_key_certs_crls(uri, 0, pass, desc, NULL, NULL, NULL, NULL, NULL, NULL, crls); if (!ret && was_NULL) { @@ -671,6 +687,7 @@ int load_crls(const char *uri, STACK_OF(X509_CRL) **crls, int load_key_certs_crls(const char *uri, int maybe_stdin, const char *pass, const char *desc, EVP_PKEY **ppkey, EVP_PKEY **ppubkey, + EVP_PKEY **pparams, X509 **pcert, STACK_OF(X509) **pcerts, X509_CRL **pcrl, STACK_OF(X509_CRL) **pcrls) { @@ -761,6 +778,10 @@ int load_key_certs_crls(const char *uri, int maybe_stdin, if (ppubkey != NULL && *ppubkey == NULL) ok = ((*ppubkey = OSSL_STORE_INFO_get1_PUBKEY(info)) != NULL); break; + case OSSL_STORE_INFO_PARAMS: + if (pparams != NULL && *pparams == NULL) + ok = ((*pparams = OSSL_STORE_INFO_get1_PARAMS(info)) != NULL); + break; case OSSL_STORE_INFO_CERT: if (pcert != NULL && *pcert == NULL) ok = (*pcert = OSSL_STORE_INFO_get1_CERT(info)) != NULL; @@ -794,8 +815,11 @@ int load_key_certs_crls(const char *uri, int maybe_stdin, if (failed == NULL) { int any = 0; - if (ppkey != NULL && *ppkey == NULL) { + if ((ppkey != NULL && *ppkey == NULL) + || (ppubkey != NULL && *ppubkey == NULL)) { failed = "key"; + } else if (pparams != NULL && *pparams == NULL) { + failed = "params"; } else if ((pcert != NULL || pcerts != NULL) && ncerts == 0) { if (pcert == NULL) any = 1; diff --git a/doc/man1/openssl-dsaparam.pod.in b/doc/man1/openssl-dsaparam.pod.in index 0e6e6cb6de..d7431b0507 100644 --- a/doc/man1/openssl-dsaparam.pod.in +++ b/doc/man1/openssl-dsaparam.pod.in @@ -40,7 +40,7 @@ Print out a usage message. =item B<-inform> B|B, B<-outform> B|B -The input and formats; the default is B. +This option has become obsolete. See L for details. Parameters are a sequence of Bs: B

, B, and B. From pauli at openssl.org Thu Oct 22 02:17:29 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 22 Oct 2020 02:17:29 +0000 Subject: [openssl] master update Message-ID: <1603333049.064101.4761.nullmailer@dev.openssl.org> The branch master has been updated via a135948ddaa4deff369cfaeb768efd603649f4de (commit) from b78c777ee3038920064f5c2e3eb2a4f66a35119d (commit) - Log ----------------------------------------------------------------- commit a135948ddaa4deff369cfaeb768efd603649f4de Author: Romain Geissler Date: Fri Oct 2 00:07:32 2020 +0000 Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) This tries to fix the following link errors on aarch64 when using OpenSSL 3.0.0 alpha 6, compiling it with "no-shared" and -fPIC in CFLAGS, then trying to use the resulting OpenSSL static libraries in the build of elfutils, which embed libcrypto.a into libdebuginfo.so, which hides all symbols (except the libdebuginfod ones) by default: /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha1-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha1-armv8.o): in function `sha1_block_data_order': (.text+0x0): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-chacha-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-chacha-armv8.o): in function `ChaCha20_ctr32': (.text+0x6c): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha256-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha256-armv8.o): in function `sha256_block_data_order': (.text+0x0): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha512-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha512-armv8.o): in function `sha512_block_data_order': (.text+0x0): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o): in function `poly1305_init': (.text+0x14): dangerous relocation: unsupported relocation /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o): in function `poly1305_emit_neon': (.text+0x8e4): relocation truncated to fit: R_AARCH64_CONDBR19 against symbol `poly1305_emit' defined in .text section in /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o) In poly1305-armv8.pl, hide symbols the same way they are hidden in poly1305-x86_64.pl. Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13056) ----------------------------------------------------------------------- Summary of changes: crypto/chacha/asm/chacha-armv8.pl | 1 + crypto/poly1305/asm/poly1305-armv8.pl | 6 +++++- crypto/sha/asm/sha1-armv8.pl | 4 +--- crypto/sha/asm/sha512-armv8.pl | 7 +------ 4 files changed, 8 insertions(+), 10 deletions(-) diff --git a/crypto/chacha/asm/chacha-armv8.pl b/crypto/chacha/asm/chacha-armv8.pl index 41503f03f0..dcdc4a04e3 100755 --- a/crypto/chacha/asm/chacha-armv8.pl +++ b/crypto/chacha/asm/chacha-armv8.pl @@ -135,6 +135,7 @@ $code.=<<___; #ifndef __KERNEL__ # include "arm_arch.h" .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P #endif .text diff --git a/crypto/poly1305/asm/poly1305-armv8.pl b/crypto/poly1305/asm/poly1305-armv8.pl index d2d31fcc27..d2d875ad6c 100755 --- a/crypto/poly1305/asm/poly1305-armv8.pl +++ b/crypto/poly1305/asm/poly1305-armv8.pl @@ -61,10 +61,14 @@ $code.=<<___; // forward "declarations" are required for Apple .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P +.globl poly1305_init +.hidden poly1305_init .globl poly1305_blocks +.hidden poly1305_blocks .globl poly1305_emit +.hidden poly1305_emit -.globl poly1305_init .type poly1305_init,%function .align 5 poly1305_init: diff --git a/crypto/sha/asm/sha1-armv8.pl b/crypto/sha/asm/sha1-armv8.pl index 97ffac1fb9..cdea8845af 100644 --- a/crypto/sha/asm/sha1-armv8.pl +++ b/crypto/sha/asm/sha1-armv8.pl @@ -178,6 +178,7 @@ $code.=<<___; #ifndef __KERNEL__ # include "arm_arch.h" .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P #endif .text @@ -323,9 +324,6 @@ $code.=<<___; .long 0xca62c1d6,0xca62c1d6,0xca62c1d6,0xca62c1d6 //K_60_79 .asciz "SHA1 block transform for ARMv8, CRYPTOGAMS by " .align 2 -#if !defined(__KERNELL__) && !defined(_WIN64) -.comm OPENSSL_armcap_P,4,4 -#endif ___ }}} diff --git a/crypto/sha/asm/sha512-armv8.pl b/crypto/sha/asm/sha512-armv8.pl index 9c15496eb0..6bcff0b7d3 100644 --- a/crypto/sha/asm/sha512-armv8.pl +++ b/crypto/sha/asm/sha512-armv8.pl @@ -193,6 +193,7 @@ $code.=<<___; #ifndef __KERNEL__ # include "arm_arch.h" .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P #endif .text @@ -829,12 +830,6 @@ $code.=<<___; ___ } -$code.=<<___; -#if !defined(__KERNEL__) && !defined(_WIN64) -.comm OPENSSL_armcap_P,4,4 -#endif -___ - { my %opcode = ( "sha256h" => 0x5e004000, "sha256h2" => 0x5e005000, "sha256su0" => 0x5e282800, "sha256su1" => 0x5e006000 ); From no-reply at appveyor.com Thu Oct 22 02:18:50 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 02:18:50 +0000 Subject: Build completed: openssl master.37632 Message-ID: <20201022021850.1.C522350BFF282EF8@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Thu Oct 22 02:28:02 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 22 Oct 2020 02:28:02 +0000 Subject: [openssl] master update Message-ID: <1603333682.723932.10669.nullmailer@dev.openssl.org> The branch master has been updated via 3d914185b7830a5530b31d3430c9cc16835aeb02 (commit) from a135948ddaa4deff369cfaeb768efd603649f4de (commit) - Log ----------------------------------------------------------------- commit 3d914185b7830a5530b31d3430c9cc16835aeb02 Author: Nicola Tuveri Date: Wed Oct 21 01:02:04 2020 +0300 Constify OSSL_FUNC_keymgmt_has() The keydata argument of OSSL_FUNC_keymgmt_has() should be read-only. Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13200) ----------------------------------------------------------------------- Summary of changes: doc/man7/provider-keymgmt.pod | 2 +- include/openssl/core_dispatch.h | 2 +- providers/implementations/keymgmt/dh_kmgmt.c | 4 ++-- providers/implementations/keymgmt/dsa_kmgmt.c | 4 ++-- providers/implementations/keymgmt/ec_kmgmt.c | 4 ++-- providers/implementations/keymgmt/ecx_kmgmt.c | 4 ++-- providers/implementations/keymgmt/kdf_legacy_kmgmt.c | 2 +- providers/implementations/keymgmt/mac_legacy_kmgmt.c | 4 ++-- providers/implementations/keymgmt/rsa_kmgmt.c | 4 ++-- test/tls-provider.c | 4 ++-- 10 files changed, 17 insertions(+), 17 deletions(-) diff --git a/doc/man7/provider-keymgmt.pod b/doc/man7/provider-keymgmt.pod index fdb1bf7794..ae3dd265a8 100644 --- a/doc/man7/provider-keymgmt.pod +++ b/doc/man7/provider-keymgmt.pod @@ -36,7 +36,7 @@ provider-keymgmt - The KEYMGMT library E-E provider functions const OSSL_PARAM *OSSL_FUNC_keymgmt_settable_params(void *provctx); /* Key object content checks */ - int OSSL_FUNC_keymgmt_has(void *keydata, int selection); + int OSSL_FUNC_keymgmt_has(const void *keydata, int selection); int OSSL_FUNC_keymgmt_match(const void *keydata1, const void *keydata2, int selection); diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 249d5e2506..11eadd3334 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -530,7 +530,7 @@ OSSL_CORE_MAKE_FUNC(const char *, keymgmt_query_operation_name, /* Key checks - key data content checks */ # define OSSL_FUNC_KEYMGMT_HAS 21 -OSSL_CORE_MAKE_FUNC(int, keymgmt_has, (void *keydata, int selection)) +OSSL_CORE_MAKE_FUNC(int, keymgmt_has, (const void *keydata, int selection)) /* Key checks - validation */ # define OSSL_FUNC_KEYMGMT_VALIDATE 22 diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index 73164672f8..b944d3cd99 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -143,9 +143,9 @@ static void dh_freedata(void *keydata) DH_free(keydata); } -static int dh_has(void *keydata, int selection) +static int dh_has(const void *keydata, int selection) { - DH *dh = keydata; + const DH *dh = keydata; int ok = 0; if (ossl_prov_is_running() && dh != NULL) { diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 0fe6760856..9ade336cdf 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -121,9 +121,9 @@ static void dsa_freedata(void *keydata) DSA_free(keydata); } -static int dsa_has(void *keydata, int selection) +static int dsa_has(const void *keydata, int selection) { - DSA *dsa = keydata; + const DSA *dsa = keydata; int ok = 0; if (ossl_prov_is_running() && dsa != NULL) { diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index b96d0ea538..9d76e1ceed 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -246,9 +246,9 @@ void ec_freedata(void *keydata) } static -int ec_has(void *keydata, int selection) +int ec_has(const void *keydata, int selection) { - EC_KEY *ec = keydata; + const EC_KEY *ec = keydata; int ok = 0; if (ossl_prov_is_running() && ec != NULL) { diff --git a/providers/implementations/keymgmt/ecx_kmgmt.c b/providers/implementations/keymgmt/ecx_kmgmt.c index 16ffc3126c..3dccbaf880 100644 --- a/providers/implementations/keymgmt/ecx_kmgmt.c +++ b/providers/implementations/keymgmt/ecx_kmgmt.c @@ -113,9 +113,9 @@ static void *ed448_new_key(void *provctx) NULL); } -static int ecx_has(void *keydata, int selection) +static int ecx_has(const void *keydata, int selection) { - ECX_KEY *key = keydata; + const ECX_KEY *key = keydata; int ok = 0; if (ossl_prov_is_running() && key != NULL) { diff --git a/providers/implementations/keymgmt/kdf_legacy_kmgmt.c b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c index f7f8f479af..7d788343fe 100644 --- a/providers/implementations/keymgmt/kdf_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/kdf_legacy_kmgmt.c @@ -91,7 +91,7 @@ static void kdf_freedata(void *kdfdata) kdf_data_free(kdfdata); } -static int kdf_has(void *keydata, int selection) +static int kdf_has(const void *keydata, int selection) { return 0; } diff --git a/providers/implementations/keymgmt/mac_legacy_kmgmt.c b/providers/implementations/keymgmt/mac_legacy_kmgmt.c index 969b266c68..196d3516ed 100644 --- a/providers/implementations/keymgmt/mac_legacy_kmgmt.c +++ b/providers/implementations/keymgmt/mac_legacy_kmgmt.c @@ -131,9 +131,9 @@ static void mac_free(void *mackey) mac_key_free(mackey); } -static int mac_has(void *keydata, int selection) +static int mac_has(const void *keydata, int selection) { - MAC_KEY *key = keydata; + const MAC_KEY *key = keydata; int ok = 0; if (ossl_prov_is_running() && key != NULL) { diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index 8c45758ff7..a37288a8b1 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -108,9 +108,9 @@ static void rsa_freedata(void *keydata) RSA_free(keydata); } -static int rsa_has(void *keydata, int selection) +static int rsa_has(const void *keydata, int selection) { - RSA *rsa = keydata; + const RSA *rsa = keydata; int ok = 0; if (rsa != NULL && ossl_prov_is_running()) { diff --git a/test/tls-provider.c b/test/tls-provider.c index d3188d0c20..184b926881 100644 --- a/test/tls-provider.c +++ b/test/tls-provider.c @@ -418,9 +418,9 @@ static void xor_freedata(void *keydata) OPENSSL_free(keydata); } -static int xor_has(void *vkey, int selection) +static int xor_has(const void *vkey, int selection) { - XORKEY *key = vkey; + const XORKEY *key = vkey; int ok = 0; if (key != NULL) { From builds at travis-ci.com Thu Oct 22 03:33:21 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 03:33:21 +0000 Subject: Still Failing: openssl/openssl#38163 (master - f31ac32) In-Reply-To: Message-ID: <5f90fd80ebde0_13fec123982b0303413@travis-pro-tasks-55b8db76d5-pvw2w.mail> Build Update for openssl/openssl ------------------------------------- Build: #38163 Status: Still Failing Duration: 1 hr, 19 mins, and 9 secs Commit: f31ac32 (master) Author: Jeremiah Gowdy Message: Implement OpenSSL secure memory for Windows Reviewed-by: Matt Caswell Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13172) View the changeset: https://github.com/openssl/openssl/compare/0934cf483405...f31ac320012c View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191567061?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 22 04:25:02 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 04:25:02 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1603340702.213205.18455.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/srptest-bin-srptest.d.tmp -MT test/srptest-bin-srptest.o -c -o test/srptest-bin-srptest.o ../openssl/test/srptest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" chmod a+x apps/tsget.pl rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21573: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3123: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Thu Oct 22 04:29:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 04:29:27 +0000 Subject: Build failed: openssl master.37636 Message-ID: <20201022042927.1.D015B795E543CB87@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 22 04:41:25 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 04:41:25 +0000 Subject: Still Failing: openssl/openssl#38164 (master - b78c777) In-Reply-To: Message-ID: <5f910d7586676_13fe6572a9900997cc@travis-pro-tasks-575775f548-8w6md.mail> Build Update for openssl/openssl ------------------------------------- Build: #38164 Status: Still Failing Duration: 1 hr, 31 mins, and 0 secs Commit: b78c777 (master) Author: Richard Levitte Message: APPS: Implement load_keyparams() to load key parameters 'openssl dsaparam' is affected as an obvious usage example. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13191) View the changeset: https://github.com/openssl/openssl/compare/f31ac320012c...b78c777ee303 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191567185?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 22 05:44:27 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 05:44:27 +0000 Subject: Still Failing: openssl/openssl#38165 (master - a135948) In-Reply-To: Message-ID: <5f911c3ae1b82_13ff9f82a9234103520@travis-pro-tasks-575775f548-5tl4x.mail> Build Update for openssl/openssl ------------------------------------- Build: #38165 Status: Still Failing Duration: 1 hr, 28 mins, and 2 secs Commit: a135948 (master) Author: Romain Geissler Message: Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) This tries to fix the following link errors on aarch64 when using OpenSSL 3.0.0 alpha 6, compiling it with "no-shared" and -fPIC in CFLAGS, then trying to use the resulting OpenSSL static libraries in the build of elfutils, which embed libcrypto.a into libdebuginfo.so, which hides all symbols (except the libdebuginfod ones) by default: /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha1-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha1-armv8.o): in function `sha1_block_data_order': (.text+0x0): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-chacha-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-chacha-armv8.o): in function `ChaCha20_ctr32': (.text+0x6c): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha256-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha256-armv8.o): in function `sha256_block_data_order': (.text+0x0): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha512-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-sha512-armv8.o): in function `sha512_block_data_order': (.text+0x0): dangerous relocation: unsupported relocation /opt/1A/toolchain/aarch64-v4.0.86/lib/gcc/aarch64-1a-linux-gnu/8.4.1/../../../../aarch64-1a-linux-gnu/bin/ld: /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o): relocation R_AARCH64_ADR_PREL_PG_HI21 against symbol `OPENSSL_armcap_P' which may bind externally can not be used when making a shared object; recompile with -fPIC /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o): in function `poly1305_init': (.text+0x14): dangerous relocation: unsupported relocation /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o): in function `poly1305_emit_neon': (.text+0x8e4): relocation truncated to fit: R_AARCH64_CONDBR19 against symbol `poly1305_emit' defined in .text section in /workdir/build/build-pack/build-pack-temporary-static-dependencies/install/lib/libcrypto.a(libcrypto-lib-poly1305-armv8.o) In poly1305-armv8.pl, hide symbols the same way they are hidden in poly1305-x86_64.pl. Reviewed-by: Kurt Roeckx Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13056) View the changeset: https://github.com/openssl/openssl/compare/b78c777ee303...a135948ddaa4 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191567336?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 22 06:39:00 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 06:39:00 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1603348740.205090.4069.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C070F53D377F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C050E6A9207F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C050E6A9207F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C000F812057F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C000F812057F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 682 wallclock secs (14.20 usr 1.35 sys + 614.47 cusr 59.69 csys = 689.71 CPU) Result: FAIL Makefile:3139: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3137: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 22 06:54:13 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 06:54:13 +0000 Subject: Still Failing: openssl/openssl#38166 (master - 3d91418) In-Reply-To: Message-ID: <5f912c94b6640_13fe6574482483775b6@travis-pro-tasks-575775f548-8w6md.mail> Build Update for openssl/openssl ------------------------------------- Build: #38166 Status: Still Failing Duration: 1 hr, 33 mins, and 15 secs Commit: 3d91418 (master) Author: Nicola Tuveri Message: Constify OSSL_FUNC_keymgmt_has() The keydata argument of OSSL_FUNC_keymgmt_has() should be read-only. Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13200) View the changeset: https://github.com/openssl/openssl/compare/a135948ddaa4...3d914185b783 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191567996?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 22 07:01:39 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 07:01:39 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1603350099.370114.24374.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 726 wallclock secs (13.58 usr 1.49 sys + 645.29 cusr 63.86 csys = 724.22 CPU) Result: FAIL Makefile:3191: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3189: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 22 07:23:22 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 07:23:22 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-dh Message-ID: <1603351402.530783.12447.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dh Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable From no-reply at appveyor.com Thu Oct 22 07:28:42 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 07:28:42 +0000 Subject: Build completed: openssl master.37637 Message-ID: <20201022072842.1.023E14481798B02E@appveyor.com> An HTML attachment was scrubbed... URL: From shane.lontis at oracle.com Thu Oct 22 10:44:23 2020 From: shane.lontis at oracle.com (shane.lontis at oracle.com) Date: Thu, 22 Oct 2020 10:44:23 +0000 Subject: [openssl] master update Message-ID: <1603363463.113790.12354.nullmailer@dev.openssl.org> The branch master has been updated via 42445046354a4ac7671143600e888c6b230e56ff (commit) from 3d914185b7830a5530b31d3430c9cc16835aeb02 (commit) - Log ----------------------------------------------------------------- commit 42445046354a4ac7671143600e888c6b230e56ff Author: Shane Lontis Date: Wed Oct 21 10:57:52 2020 +1000 Remove ossl_prov_util_nid_to_name() This removes a TODO. This function is not needed since any place that needs to do the conversion normally has a special case name2nid table. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13202) ----------------------------------------------------------------------- Summary of changes: doc/internal/man3/ossl_prov_util_nid_to_name.pod | 35 --------- providers/common/build.info | 2 +- providers/common/include/prov/providercommon.h | 2 - providers/common/nid_to_name.c | 21 ----- providers/fips/fipsprov.c | 98 ------------------------ 5 files changed, 1 insertion(+), 157 deletions(-) delete mode 100644 doc/internal/man3/ossl_prov_util_nid_to_name.pod delete mode 100644 providers/common/nid_to_name.c diff --git a/doc/internal/man3/ossl_prov_util_nid_to_name.pod b/doc/internal/man3/ossl_prov_util_nid_to_name.pod deleted file mode 100644 index 31eec076c5..0000000000 --- a/doc/internal/man3/ossl_prov_util_nid_to_name.pod +++ /dev/null @@ -1,35 +0,0 @@ -=pod - -=head1 NAME - -ossl_prov_util_nid_to_name -- provider utility functions - -=head1 SYNOPSIS - - #include "prov/providercommon.h" - - const char *ossl_prov_util_nid_to_name(int nid); - -=head1 DESCRIPTION - -The ossl_prov_util_nid_to_name() returns the name of an algorithm given a NID -in the I parameter. For the default and legacy providers it is equivalent -to calling OBJ_nid2sn(). The FIPS provider does not have the object database -code available to it (because that code relies on the ASN.1 code), so this -function is a static lookup of all known FIPS algorithm NIDs. - -=head1 RETURN VALUES - -Returns a pointer to the algorithm name, or NULL on error. - -=head1 COPYRIGHT - -Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. - -Licensed under the Apache License 2.0 (the "License"). You may not use -this file except in compliance with the License. You can obtain a copy -in the file LICENSE in the source distribution or at -L. - -=cut diff --git a/providers/common/build.info b/providers/common/build.info index 2179b2a0f8..b6d56682a9 100644 --- a/providers/common/build.info +++ b/providers/common/build.info @@ -3,5 +3,5 @@ SUBDIRS=der SOURCE[../libcommon.a]=provider_err.c provider_ctx.c $FIPSCOMMON=provider_util.c capabilities.c bio_prov.c digest_to_nid.c\ securitycheck.c -SOURCE[../libnonfips.a]=$FIPSCOMMON nid_to_name.c securitycheck_default.c +SOURCE[../libnonfips.a]=$FIPSCOMMON securitycheck_default.c SOURCE[../libfips.a]=$FIPSCOMMON securitycheck_fips.c diff --git a/providers/common/include/prov/providercommon.h b/providers/common/include/prov/providercommon.h index 622fe1977e..33bd8bd732 100644 --- a/providers/common/include/prov/providercommon.h +++ b/providers/common/include/prov/providercommon.h @@ -12,8 +12,6 @@ const OSSL_CORE_HANDLE *FIPS_get_core_handle(OSSL_LIB_CTX *ctx); -const char *ossl_prov_util_nid_to_name(int nid); - int ossl_cipher_capable_aes_cbc_hmac_sha1(void); int ossl_cipher_capable_aes_cbc_hmac_sha256(void); diff --git a/providers/common/nid_to_name.c b/providers/common/nid_to_name.c deleted file mode 100644 index af2a7cbc6a..0000000000 --- a/providers/common/nid_to_name.c +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright 2019 The OpenSSL Project Authors. All Rights Reserved. - * - * Licensed under the Apache License 2.0 (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html - */ - -#include -#include "prov/providercommon.h" - -/* - * The FIPS provider has its own version of this in fipsprov.c because it does - * not have OBJ_nid2sn(); - */ -const char *ossl_prov_util_nid_to_name(int nid) -{ - return OBJ_nid2sn(nid); -} - diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c index 93b5dede67..a4e6601071 100644 --- a/providers/fips/fipsprov.c +++ b/providers/fips/fipsprov.c @@ -10,7 +10,6 @@ #include #include #include -#include /* NIDs used by ossl_prov_util_nid_to_name() */ #include #include /* RAND_get0_public() */ #include "internal/cryptlib.h" @@ -184,103 +183,6 @@ static int fips_self_test(void *provctx) return SELF_TEST_post(&selftest_params, 1) ? 1 : 0; } -/* FIPS specific version of the function of the same name in provlib.c */ -/* TODO(3.0) - Is this function needed ? */ -const char *ossl_prov_util_nid_to_name(int nid) -{ - /* We don't have OBJ_nid2n() in FIPS_MODULE so we have an explicit list */ - - switch (nid) { - /* Digests */ - case NID_sha1: - return "SHA1"; - case NID_sha224: - return "SHA-224"; - case NID_sha256: - return "SHA-256"; - case NID_sha384: - return "SHA-384"; - case NID_sha512: - return "SHA-512"; - case NID_sha512_224: - return "SHA-512/224"; - case NID_sha512_256: - return "SHA-512/256"; - case NID_sha3_224: - return "SHA3-224"; - case NID_sha3_256: - return "SHA3-256"; - case NID_sha3_384: - return "SHA3-384"; - case NID_sha3_512: - return "SHA3-512"; - - /* Ciphers */ - case NID_aes_256_ecb: - return "AES-256-ECB"; - case NID_aes_192_ecb: - return "AES-192-ECB"; - case NID_aes_128_ecb: - return "AES-128-ECB"; - case NID_aes_256_cbc: - return "AES-256-CBC"; - case NID_aes_192_cbc: - return "AES-192-CBC"; - case NID_aes_128_cbc: - return "AES-128-CBC"; - case NID_aes_256_ctr: - return "AES-256-CTR"; - case NID_aes_192_ctr: - return "AES-192-CTR"; - case NID_aes_128_ctr: - return "AES-128-CTR"; - case NID_aes_256_xts: - return "AES-256-XTS"; - case NID_aes_128_xts: - return "AES-128-XTS"; - case NID_aes_256_gcm: - return "AES-256-GCM"; - case NID_aes_192_gcm: - return "AES-192-GCM"; - case NID_aes_128_gcm: - return "AES-128-GCM"; - case NID_aes_256_ccm: - return "AES-256-CCM"; - case NID_aes_192_ccm: - return "AES-192-CCM"; - case NID_aes_128_ccm: - return "AES-128-CCM"; - case NID_id_aes256_wrap: - return "AES-256-WRAP"; - case NID_id_aes192_wrap: - return "AES-192-WRAP"; - case NID_id_aes128_wrap: - return "AES-128-WRAP"; - case NID_id_aes256_wrap_pad: - return "AES-256-WRAP-PAD"; - case NID_id_aes192_wrap_pad: - return "AES-192-WRAP-PAD"; - case NID_id_aes128_wrap_pad: - return "AES-128-WRAP-PAD"; - case NID_des_ede3_ecb: - return "DES-EDE3"; - case NID_des_ede3_cbc: - return "DES-EDE3-CBC"; - case NID_aes_256_cbc_hmac_sha256: - return "AES-256-CBC-HMAC-SHA256"; - case NID_aes_128_cbc_hmac_sha256: - return "AES-128-CBC-HMAC-SHA256"; - case NID_aes_256_cbc_hmac_sha1: - return "AES-256-CBC-HMAC-SHA1"; - case NID_aes_128_cbc_hmac_sha1: - return "AES-128-CBC-HMAC-SHA1"; - default: - break; - } - - return NULL; -} - /* * For the algorithm names, we use the following formula for our primary * names: From shane.lontis at oracle.com Thu Oct 22 10:49:17 2020 From: shane.lontis at oracle.com (shane.lontis at oracle.com) Date: Thu, 22 Oct 2020 10:49:17 +0000 Subject: [openssl] master update Message-ID: <1603363757.976015.32396.nullmailer@dev.openssl.org> The branch master has been updated via a49d0a491c659aacabadc957ab11c738db03a734 (commit) via 1ba21239ddbd1b18a3676efaa8dd9402e1468818 (commit) via 90a2576b9bbb327141df0bd244830b462fcaeee6 (commit) from 42445046354a4ac7671143600e888c6b230e56ff (commit) - Log ----------------------------------------------------------------- commit a49d0a491c659aacabadc957ab11c738db03a734 Author: Shane Lontis Date: Tue Oct 13 14:33:01 2020 +1000 Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13116) commit 1ba21239ddbd1b18a3676efaa8dd9402e1468818 Author: Shane Lontis Date: Tue Oct 13 14:30:12 2020 +1000 Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13116) commit 90a2576b9bbb327141df0bd244830b462fcaeee6 Author: Shane Lontis Date: Tue Oct 13 14:22:17 2020 +1000 Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). Fixes #11320 Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13116) ----------------------------------------------------------------------- Summary of changes: apps/fipsinstall.c | 2 +- crypto/evp/kdf_lib.c | 4 ++-- crypto/evp/mac_lib.c | 4 ++-- doc/man3/EVP_KDF.pod | 18 +++++++++--------- doc/man3/EVP_MAC.pod | 9 ++++----- doc/man7/EVP_KDF-HKDF.pod | 6 +++--- doc/man7/EVP_KDF-KB.pod | 2 +- doc/man7/EVP_KDF-KRB5KDF.pod | 4 ++-- doc/man7/EVP_KDF-SS.pod | 2 +- doc/man7/EVP_KDF-SSHKDF.pod | 4 ++-- doc/man7/EVP_KDF-X942.pod | 2 +- doc/man7/EVP_KDF-X963.pod | 2 +- doc/man7/EVP_MAC-BLAKE2.pod | 2 +- doc/man7/EVP_MAC-CMAC.pod | 2 +- doc/man7/EVP_MAC-GMAC.pod | 2 +- doc/man7/EVP_MAC-HMAC.pod | 2 +- doc/man7/EVP_MAC-KMAC.pod | 2 +- doc/man7/EVP_MAC-Poly1305.pod | 2 +- doc/man7/EVP_MAC-Siphash.pod | 2 +- include/openssl/evp.h | 2 +- include/openssl/kdf.h | 4 ++-- providers/implementations/kdfs/kbkdf.c | 2 +- providers/implementations/kdfs/sskdf.c | 2 +- providers/implementations/kdfs/tls1_prf.c | 2 +- ssl/t1_lib.c | 2 +- util/libcrypto.num | 6 +++--- 26 files changed, 46 insertions(+), 47 deletions(-) diff --git a/apps/fipsinstall.c b/apps/fipsinstall.c index cb78489eef..d1cda24941 100644 --- a/apps/fipsinstall.c +++ b/apps/fipsinstall.c @@ -80,7 +80,7 @@ static int do_mac(EVP_MAC_CTX *ctx, unsigned char *tmp, BIO *in, if (!EVP_MAC_init(ctx)) goto err; - if (EVP_MAC_size(ctx) > outsz) + if (EVP_MAC_CTX_get_mac_size(ctx) > outsz) goto end; while ((i = BIO_read(in, (char *)tmp, BUFSIZE)) != 0) { if (i < 0 || !EVP_MAC_update(ctx, tmp, i)) diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c index 9ccaec8cc1..7a3e9d681c 100644 --- a/crypto/evp/kdf_lib.c +++ b/crypto/evp/kdf_lib.c @@ -110,7 +110,7 @@ const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx) return ctx->meth; } -void EVP_KDF_reset(EVP_KDF_CTX *ctx) +void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx) { if (ctx == NULL) return; @@ -119,7 +119,7 @@ void EVP_KDF_reset(EVP_KDF_CTX *ctx) ctx->meth->reset(ctx->data); } -size_t EVP_KDF_size(EVP_KDF_CTX *ctx) +size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx) { OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; size_t s; diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c index d76ffedcb8..ac8bfb150c 100644 --- a/crypto/evp/mac_lib.c +++ b/crypto/evp/mac_lib.c @@ -82,7 +82,7 @@ EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx) return ctx->meth; } -size_t EVP_MAC_size(EVP_MAC_CTX *ctx) +size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx) { size_t sz = 0; @@ -124,7 +124,7 @@ int EVP_MAC_final(EVP_MAC_CTX *ctx, if (out != NULL) res = ctx->meth->final(ctx->data, out, &l, outsize); else - l = EVP_MAC_size(ctx); + l = EVP_MAC_CTX_get_mac_size(ctx); if (outl != NULL) *outl = l; return res; diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod index 3dba50cdb6..103eafe8c1 100644 --- a/doc/man3/EVP_KDF.pod +++ b/doc/man3/EVP_KDF.pod @@ -4,8 +4,8 @@ EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref, EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup, -EVP_KDF_reset, EVP_KDF_derive, -EVP_KDF_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a, +EVP_KDF_CTX_reset, EVP_KDF_derive, +EVP_KDF_CTX_get_kdf_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a, EVP_KDF_number, EVP_KDF_name, EVP_KDF_names_do_all, EVP_KDF_CTX_get_params, EVP_KDF_CTX_set_params, EVP_KDF_do_all_provided, EVP_KDF_get_params, EVP_KDF_gettable_ctx_params, EVP_KDF_settable_ctx_params, @@ -22,8 +22,8 @@ EVP_KDF_gettable_params - EVP KDF routines const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx); EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src); - void EVP_KDF_reset(EVP_KDF_CTX *ctx); - size_t EVP_KDF_size(EVP_KDF_CTX *ctx); + void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx); + size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx); int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); int EVP_KDF_up_ref(EVP_KDF *kdf); void EVP_KDF_free(EVP_KDF *kdf); @@ -93,13 +93,13 @@ I. =head2 Computing functions -EVP_KDF_reset() resets the context to the default state as if the context +EVP_KDF_CTX_reset() resets the context to the default state as if the context had just been created. EVP_KDF_derive() derives I bytes of key material and places it in the I buffer. If the algorithm produces a fixed amount of output then an error will occur unless the I parameter is equal to that output size, -as returned by EVP_KDF_size(). +as returned by EVP_KDF_CTX_get_kdf_size(). EVP_KDF_get_params() retrieves details about the implementation I. @@ -133,7 +133,7 @@ See L for the use of B as parameter descriptor. =head2 Information functions -EVP_KDF_size() returns the output size if the algorithm produces a fixed amount +EVP_KDF_CTX_get_kdf_size() returns the output size if the algorithm produces a fixed amount of output and B otherwise. If an error occurs then 0 is returned. For some algorithms an error may result if input parameters necessary to calculate a fixed output size have not yet been supplied. @@ -245,9 +245,9 @@ EVP_KDF_up_ref() returns 1 on success, 0 on error. EVP_KDF_CTX_new() returns either the newly allocated B structure or NULL if an error occurred. -EVP_KDF_CTX_free() and EVP_KDF_reset() do not return a value. +EVP_KDF_CTX_free() and EVP_KDF_CTX_reset() do not return a value. -EVP_KDF_size() returns the output size. B is returned to indicate +EVP_KDF_CTX_get_kdf_size() returns the output size. B is returned to indicate that the algorithm produces a variable amount of output; 0 to indicate failure. EVP_KDF_name() returns the name of the KDF, or NULL on error. diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod index 87f2518754..455d154cee 100644 --- a/doc/man3/EVP_MAC.pod +++ b/doc/man3/EVP_MAC.pod @@ -7,7 +7,7 @@ EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_name, EVP_MAC_names_do_all, EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params, EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup, EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params, -EVP_MAC_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, +EVP_MAC_CTX_get_mac_size, EVP_MAC_init, EVP_MAC_update, EVP_MAC_final, EVP_MAC_gettable_ctx_params, EVP_MAC_settable_ctx_params, EVP_MAC_do_all_provided - EVP MAC routines @@ -38,7 +38,7 @@ EVP_MAC_do_all_provided - EVP MAC routines int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); - size_t EVP_MAC_size(EVP_MAC_CTX *ctx); + size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx); int EVP_MAC_init(EVP_MAC_CTX *ctx); int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen); int EVP_MAC_final(EVP_MAC_CTX *ctx, @@ -162,7 +162,7 @@ See L for the use of B as parameter descriptor. =head2 Information functions -EVP_MAC_size() returns the MAC output size for the given context. +EVP_MAC_CTX_get_mac_size() returns the MAC output size for the given context. EVP_MAC_is_a() checks if the given I is an implementation of an algorithm that's identifiable with I. @@ -303,8 +303,7 @@ success, 0 on error. EVP_MAC_init(), EVP_MAC_update(), and EVP_MAC_final() return 1 on success, 0 on error. -EVP_MAC_size() returns the expected output size, or 0 if it isn't -set. +EVP_MAC_CTX_get_mac_size() returns the expected output size, or 0 if it isn't set. If it isn't set, a call to EVP_MAC_init() should get it set. EVP_MAC_do_all_provided() returns nothing at all. diff --git a/doc/man7/EVP_KDF-HKDF.pod b/doc/man7/EVP_KDF-HKDF.pod index a8bb5dacd9..830bf90e92 100644 --- a/doc/man7/EVP_KDF-HKDF.pod +++ b/doc/man7/EVP_KDF-HKDF.pod @@ -64,7 +64,7 @@ derived otherwise an error will occur. In this mode calling L will just perform the extract operation. The value returned will be the intermediate fixed-length pseudorandom key K. The I parameter must match the size of K, which can be looked -up by calling EVP_KDF_size() after setting the mode and digest. +up by calling EVP_KDF_CTX_get_kdf_size() after setting the mode and digest. The digest, key and salt values must be set before a key is derived otherwise an error will occur. @@ -93,7 +93,7 @@ The output length of an HKDF expand operation is specified via the I parameter to the L function. When using EVP_KDF_HKDF_MODE_EXTRACT_ONLY the I parameter must equal the size of the intermediate fixed-length pseudorandom key otherwise an error will occur. -For that mode, the fixed output size can be looked up by calling EVP_KDF_size() +For that mode, the fixed output size can be looked up by calling EVP_KDF_CTX_get_kdf_size() after setting the mode and digest on the B. =head1 EXAMPLES @@ -137,7 +137,7 @@ RFC 5869 L, L, L, -L, +L, L, L, L diff --git a/doc/man7/EVP_KDF-KB.pod b/doc/man7/EVP_KDF-KB.pod index 0a84e925d9..fdaa483e77 100644 --- a/doc/man7/EVP_KDF-KB.pod +++ b/doc/man7/EVP_KDF-KB.pod @@ -137,7 +137,7 @@ NIST SP800-108, IETF RFC 6803, IETF RFC 8009. L, L, -L, +L, L, L diff --git a/doc/man7/EVP_KDF-KRB5KDF.pod b/doc/man7/EVP_KDF-KRB5KDF.pod index 62f941c3ca..8d730d40b8 100644 --- a/doc/man7/EVP_KDF-KRB5KDF.pod +++ b/doc/man7/EVP_KDF-KRB5KDF.pod @@ -51,7 +51,7 @@ parameter to the L function, and MUST match the key length for the chosen cipher or an error is returned. Moreover, the constant's length must not exceed the block size of the cipher. Since the KRB5KDF output length depends on the chosen cipher, calling -L to obtain the requisite length returns the correct length +L to obtain the requisite length returns the correct length only after the cipher is set. Prior to that B is returned. The caller must allocate a buffer of the correct length for the chosen cipher, and pass that buffer to the L function along @@ -98,7 +98,7 @@ RFC 3961 L, L, L, -L, +L, L, L diff --git a/doc/man7/EVP_KDF-SS.pod b/doc/man7/EVP_KDF-SS.pod index e64417388f..088ffe0ea7 100644 --- a/doc/man7/EVP_KDF-SS.pod +++ b/doc/man7/EVP_KDF-SS.pod @@ -176,7 +176,7 @@ L, L, L, L, -L, +L, L, L diff --git a/doc/man7/EVP_KDF-SSHKDF.pod b/doc/man7/EVP_KDF-SSHKDF.pod index e91858c051..454bb6b699 100644 --- a/doc/man7/EVP_KDF-SSHKDF.pod +++ b/doc/man7/EVP_KDF-SSHKDF.pod @@ -91,7 +91,7 @@ A context for SSHKDF can be obtained by calling: The output length of the SSHKDF derivation is specified via the I parameter to the L function. -Since the SSHKDF output length is variable, calling L +Since the SSHKDF output length is variable, calling L to obtain the requisite length is not meaningful. The caller must allocate a buffer of the desired length, and pass that buffer to the L function along with the desired length. @@ -142,7 +142,7 @@ L, L, L, L, -L, +L, L, L diff --git a/doc/man7/EVP_KDF-X942.pod b/doc/man7/EVP_KDF-X942.pod index e607212b28..70da41437b 100644 --- a/doc/man7/EVP_KDF-X942.pod +++ b/doc/man7/EVP_KDF-X942.pod @@ -102,7 +102,7 @@ L, L, L, L, -L, +L, L, L diff --git a/doc/man7/EVP_KDF-X963.pod b/doc/man7/EVP_KDF-X963.pod index 93ec14c837..b814fe5b47 100644 --- a/doc/man7/EVP_KDF-X963.pod +++ b/doc/man7/EVP_KDF-X963.pod @@ -91,7 +91,7 @@ L, L, L, L, -L, +L, L, L diff --git a/doc/man7/EVP_MAC-BLAKE2.pod b/doc/man7/EVP_MAC-BLAKE2.pod index 90b065340d..51bac880b5 100644 --- a/doc/man7/EVP_MAC-BLAKE2.pod +++ b/doc/man7/EVP_MAC-BLAKE2.pod @@ -29,7 +29,7 @@ L. All these parameters can be set with EVP_MAC_CTX_set_params(). Furthermore, the "size" parameter can be retrieved with -EVP_MAC_CTX_get_params(), or with EVP_MAC_size(). +EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_mac_size(). The length of the "size" parameter should not exceed that of a B. =over 4 diff --git a/doc/man7/EVP_MAC-CMAC.pod b/doc/man7/EVP_MAC-CMAC.pod index c210d693ce..4d05919b8f 100644 --- a/doc/man7/EVP_MAC-CMAC.pod +++ b/doc/man7/EVP_MAC-CMAC.pod @@ -45,7 +45,7 @@ EVP_MAC_CTX_get_params(): =back -The "size" parameter can also be retrieved with with EVP_MAC_size(). +The "size" parameter can also be retrieved with with EVP_MAC_CTX_get_mac_size(). The length of the "size" parameter is equal to that of an B. =head1 SEE ALSO diff --git a/doc/man7/EVP_MAC-GMAC.pod b/doc/man7/EVP_MAC-GMAC.pod index 7c9477c215..d662e7d5d2 100644 --- a/doc/man7/EVP_MAC-GMAC.pod +++ b/doc/man7/EVP_MAC-GMAC.pod @@ -47,7 +47,7 @@ EVP_MAC_CTX_get_params(): =back -The "size" parameter can also be retrieved with EVP_MAC_size(). +The "size" parameter can also be retrieved with EVP_MAC_CTX_get_mac_size(). The length of the "size" parameter is equal to that of an B. =head1 SEE ALSO diff --git a/doc/man7/EVP_MAC-HMAC.pod b/doc/man7/EVP_MAC-HMAC.pod index 45ccd17211..94bac8dbcf 100644 --- a/doc/man7/EVP_MAC-HMAC.pod +++ b/doc/man7/EVP_MAC-HMAC.pod @@ -51,7 +51,7 @@ EVP_MAC_CTX_get_params(): =back -The "size" parameter can also be retrieved with EVP_MAC_size(). +The "size" parameter can also be retrieved with EVP_MAC_CTX_get_mac_size(). The length of the "size" parameter is equal to that of an B. =head1 SEE ALSO diff --git a/doc/man7/EVP_MAC-KMAC.pod b/doc/man7/EVP_MAC-KMAC.pod index df7ac1ddf6..245d998e4a 100644 --- a/doc/man7/EVP_MAC-KMAC.pod +++ b/doc/man7/EVP_MAC-KMAC.pod @@ -29,7 +29,7 @@ L. All these parameters can be set with EVP_MAC_CTX_set_params(). Furthermore, the "size" parameter can be retrieved with -EVP_MAC_CTX_get_params(), or with EVP_MAC_size(). +EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_mac_size(). The length of the "size" parameter should not exceed that of a B. =over 4 diff --git a/doc/man7/EVP_MAC-Poly1305.pod b/doc/man7/EVP_MAC-Poly1305.pod index da9953a1d5..8a0989ab71 100644 --- a/doc/man7/EVP_MAC-Poly1305.pod +++ b/doc/man7/EVP_MAC-Poly1305.pod @@ -41,7 +41,7 @@ EVP_MAC_CTX_get_params(): =back -The "size" parameter can also be retrieved with with EVP_MAC_size(). +The "size" parameter can also be retrieved with with EVP_MAC_CTX_get_mac_size(). The length of the "size" parameter should not exceed that of an B. =head1 SEE ALSO diff --git a/doc/man7/EVP_MAC-Siphash.pod b/doc/man7/EVP_MAC-Siphash.pod index 8b610c4383..d0a4226ae5 100644 --- a/doc/man7/EVP_MAC-Siphash.pod +++ b/doc/man7/EVP_MAC-Siphash.pod @@ -27,7 +27,7 @@ L. All these parameters can be set with EVP_MAC_CTX_set_params(). Furthermore, the "size" parameter can be retrieved with -EVP_MAC_CTX_get_params(), or with EVP_MAC_size(). +EVP_MAC_CTX_get_params(), or with EVP_MAC_CTX_get_mac_size(). The length of the "size" parameter should not exceed that of a B. =over 4 diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 7c36e78ce1..b2b87f2ab4 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -1105,7 +1105,7 @@ EVP_MAC *EVP_MAC_CTX_mac(EVP_MAC_CTX *ctx); int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[]); int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[]); -size_t EVP_MAC_size(EVP_MAC_CTX *ctx); +size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx); int EVP_MAC_init(EVP_MAC_CTX *ctx); int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen); int EVP_MAC_final(EVP_MAC_CTX *ctx, diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h index 96521922ed..7f89f75270 100644 --- a/include/openssl/kdf.h +++ b/include/openssl/kdf.h @@ -39,8 +39,8 @@ const char *EVP_KDF_name(const EVP_KDF *kdf); const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf); const EVP_KDF *EVP_KDF_CTX_kdf(EVP_KDF_CTX *ctx); -void EVP_KDF_reset(EVP_KDF_CTX *ctx); -size_t EVP_KDF_size(EVP_KDF_CTX *ctx); +void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx); +size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx); int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen); int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[]); int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[]); diff --git a/providers/implementations/kdfs/kbkdf.c b/providers/implementations/kdfs/kbkdf.c index cf3b90c19c..74a694e8ea 100644 --- a/providers/implementations/kdfs/kbkdf.c +++ b/providers/implementations/kdfs/kbkdf.c @@ -218,7 +218,7 @@ static int kbkdf_derive(void *vctx, unsigned char *key, size_t keylen) return 0; } - h = EVP_MAC_size(ctx->ctx_init); + h = EVP_MAC_CTX_get_mac_size(ctx->ctx_init); if (h == 0) goto done; if (ctx->iv_len != 0 && ctx->iv_len != h) { diff --git a/providers/implementations/kdfs/sskdf.c b/providers/implementations/kdfs/sskdf.c index 6cfde97842..84711dde27 100644 --- a/providers/implementations/kdfs/sskdf.c +++ b/providers/implementations/kdfs/sskdf.c @@ -246,7 +246,7 @@ static int SSKDF_mac_kdm(EVP_MAC_CTX *ctx_init, if (!EVP_MAC_init(ctx_init)) goto end; - out_len = EVP_MAC_size(ctx_init); /* output size */ + out_len = EVP_MAC_CTX_get_mac_size(ctx_init); /* output size */ if (out_len <= 0) goto end; len = derived_key_len; diff --git a/providers/implementations/kdfs/tls1_prf.c b/providers/implementations/kdfs/tls1_prf.c index 315971a96e..aba08068ca 100644 --- a/providers/implementations/kdfs/tls1_prf.c +++ b/providers/implementations/kdfs/tls1_prf.c @@ -296,7 +296,7 @@ static int tls1_prf_P_hash(EVP_MAC_CTX *ctx_init, goto err; if (!EVP_MAC_init(ctx_init)) goto err; - chunk = EVP_MAC_size(ctx_init); + chunk = EVP_MAC_CTX_get_mac_size(ctx_init); if (chunk == 0) goto err; /* A(0) = seed */ diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c index 1971a8e0bc..8836069097 100644 --- a/ssl/t1_lib.c +++ b/ssl/t1_lib.c @@ -3461,7 +3461,7 @@ int ssl_hmac_final(SSL_HMAC *ctx, unsigned char *md, size_t *len, size_t ssl_hmac_size(const SSL_HMAC *ctx) { if (ctx->ctx != NULL) - return EVP_MAC_size(ctx->ctx); + return EVP_MAC_CTX_get_mac_size(ctx->ctx); #ifndef OPENSSL_NO_DEPRECATED_3_0 if (ctx->old_ctx != NULL) return ssl_hmac_old_size(ctx); diff --git a/util/libcrypto.num b/util/libcrypto.num index 0e8d3953c8..3d3edf9356 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4410,7 +4410,7 @@ EVP_MAC_CTX_new ? 3_0_0 EXIST::FUNCTION: EVP_MAC_CTX_free ? 3_0_0 EXIST::FUNCTION: EVP_MAC_CTX_dup ? 3_0_0 EXIST::FUNCTION: EVP_MAC_CTX_mac ? 3_0_0 EXIST::FUNCTION: -EVP_MAC_size ? 3_0_0 EXIST::FUNCTION: +EVP_MAC_CTX_get_mac_size ? 3_0_0 EXIST::FUNCTION: EVP_MAC_init ? 3_0_0 EXIST::FUNCTION: EVP_MAC_update ? 3_0_0 EXIST::FUNCTION: EVP_MAC_final ? 3_0_0 EXIST::FUNCTION: @@ -4438,8 +4438,8 @@ ASYNC_WAIT_CTX_set_status ? 3_0_0 EXIST::FUNCTION: ASYNC_WAIT_CTX_get_status ? 3_0_0 EXIST::FUNCTION: ERR_load_ESS_strings ? 3_0_0 EXIST::FUNCTION: EVP_KDF_CTX_free ? 3_0_0 EXIST::FUNCTION: -EVP_KDF_reset ? 3_0_0 EXIST::FUNCTION: -EVP_KDF_size ? 3_0_0 EXIST::FUNCTION: +EVP_KDF_CTX_reset ? 3_0_0 EXIST::FUNCTION: +EVP_KDF_CTX_get_kdf_size ? 3_0_0 EXIST::FUNCTION: EVP_KDF_derive ? 3_0_0 EXIST::FUNCTION: EVP_KDF_name ? 3_0_0 EXIST::FUNCTION: EC_GROUP_get0_field ? 3_0_0 EXIST::FUNCTION:EC From openssl at openssl.org Thu Oct 22 10:50:50 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 10:50:50 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1603363850.970413.13719.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 716 wallclock secs (10.70 usr 1.12 sys + 653.34 cusr 62.21 csys = 727.37 CPU) Result: FAIL Makefile:3138: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3136: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 22 11:44:36 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 11:44:36 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1603367076.784378.12101.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 725 wallclock secs (13.78 usr 1.26 sys + 654.84 cusr 65.69 csys = 735.57 CPU) Result: FAIL Makefile:3214: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3212: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 22 12:08:27 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 12:08:27 +0000 Subject: Still Failing: openssl/openssl#38169 (master - 4244504) In-Reply-To: Message-ID: <5f91763b68171_13f841504da983778fb@travis-pro-tasks-fdfd444-gwb45.mail> Build Update for openssl/openssl ------------------------------------- Build: #38169 Status: Still Failing Duration: 1 hr, 22 mins, and 33 secs Commit: 4244504 (master) Author: Shane Lontis Message: Remove ossl_prov_util_nid_to_name() This removes a TODO. This function is not needed since any place that needs to do the conversion normally has a special case name2nid table. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13202) View the changeset: https://github.com/openssl/openssl/compare/3d914185b783...42445046354a View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191618571?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pauli at openssl.org Thu Oct 22 12:27:37 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 22 Oct 2020 12:27:37 +0000 Subject: [openssl] master update Message-ID: <1603369657.457509.8562.nullmailer@dev.openssl.org> The branch master has been updated via fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854 (commit) from a49d0a491c659aacabadc957ab11c738db03a734 (commit) - Log ----------------------------------------------------------------- commit fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854 Author: Pauli Date: Wed Oct 21 14:30:31 2020 +1000 enc: change the text to reference `-list` instead of the deprecated `-ciphers` Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13204) ----------------------------------------------------------------------- Summary of changes: doc/man1/openssl-enc.pod.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/man1/openssl-enc.pod.in b/doc/man1/openssl-enc.pod.in index 954b17e778..27da1c70aa 100644 --- a/doc/man1/openssl-enc.pod.in +++ b/doc/man1/openssl-enc.pod.in @@ -256,7 +256,7 @@ Blowfish and RC5 algorithms use a 128 bit key. Note that some of these ciphers can be disabled at compile time and some are available only if an appropriate engine is configured in the configuration file. The output when invoking this command -with the B<-ciphers> option (that is C) is +with the B<-list> option (that is C) is a list of ciphers, supported by your version of OpenSSL, including ones provided by configured engines. From pauli at openssl.org Thu Oct 22 12:35:51 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Thu, 22 Oct 2020 12:35:51 +0000 Subject: [openssl] master update Message-ID: <1603370151.459270.29815.nullmailer@dev.openssl.org> The branch master has been updated via 85209c07459b1c6007e0fc550f40c05deec78531 (commit) from fc1ccdffe96bc9d32f4287c31f7ff99f9dd37854 (commit) - Log ----------------------------------------------------------------- commit 85209c07459b1c6007e0fc550f40c05deec78531 Author: Pauli Date: Tue Oct 20 22:15:10 2020 +1000 Remove EVP_aes_(128|192|256)_siv functions Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13195) ----------------------------------------------------------------------- Summary of changes: crypto/evp/c_allc.c | 5 --- crypto/evp/e_aes.c | 111 ------------------------------------------------- include/openssl/evp.h | 5 --- util/libcrypto.num | 3 -- util/missingcrypto.txt | 3 -- 5 files changed, 127 deletions(-) diff --git a/crypto/evp/c_allc.c b/crypto/evp/c_allc.c index df8e5a5bcb..6c50501b62 100644 --- a/crypto/evp/c_allc.c +++ b/crypto/evp/c_allc.c @@ -190,11 +190,6 @@ void openssl_add_all_ciphers_int(void) EVP_add_cipher(EVP_aes_256_cbc_hmac_sha1()); EVP_add_cipher(EVP_aes_128_cbc_hmac_sha256()); EVP_add_cipher(EVP_aes_256_cbc_hmac_sha256()); -#ifndef OPENSSL_NO_SIV - EVP_add_cipher(EVP_aes_128_siv()); - EVP_add_cipher(EVP_aes_192_siv()); - EVP_add_cipher(EVP_aes_256_siv()); -#endif #ifndef OPENSSL_NO_ARIA EVP_add_cipher(EVP_aria_128_ecb()); EVP_add_cipher(EVP_aria_128_cbc()); diff --git a/crypto/evp/e_aes.c b/crypto/evp/e_aes.c index 08abd5fb09..96ee5d1403 100644 --- a/crypto/evp/e_aes.c +++ b/crypto/evp/e_aes.c @@ -4002,114 +4002,3 @@ BLOCK_CIPHER_custom(NID_aes, 192, 16, 12, ocb, OCB, BLOCK_CIPHER_custom(NID_aes, 256, 16, 12, ocb, OCB, EVP_CIPH_FLAG_AEAD_CIPHER | CUSTOM_FLAGS) #endif /* OPENSSL_NO_OCB */ - -/* AES-SIV mode */ -#ifndef OPENSSL_NO_SIV - -typedef SIV128_CONTEXT EVP_AES_SIV_CTX; - -#define aesni_siv_init_key aes_siv_init_key -static int aes_siv_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, - const unsigned char *iv, int enc) -{ - const EVP_CIPHER *ctr; - const EVP_CIPHER *cbc; - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx); - int klen = EVP_CIPHER_CTX_key_length(ctx) / 2; - - if (key == NULL) - return 1; - - switch (klen) { - case 16: - cbc = EVP_aes_128_cbc(); - ctr = EVP_aes_128_ctr(); - break; - case 24: - cbc = EVP_aes_192_cbc(); - ctr = EVP_aes_192_ctr(); - break; - case 32: - cbc = EVP_aes_256_cbc(); - ctr = EVP_aes_256_ctr(); - break; - default: - return 0; - } - - /* klen is the length of the underlying cipher, not the input key, - which should be twice as long */ - return CRYPTO_siv128_init(sctx, key, klen, cbc, ctr, NULL, NULL); -} - -#define aesni_siv_cipher aes_siv_cipher -static int aes_siv_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, - const unsigned char *in, size_t len) -{ - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, ctx); - - /* EncryptFinal or DecryptFinal */ - if (in == NULL) - return CRYPTO_siv128_finish(sctx); - - /* Deal with associated data */ - if (out == NULL) - return CRYPTO_siv128_aad(sctx, in, len); - - if (EVP_CIPHER_CTX_encrypting(ctx)) - return CRYPTO_siv128_encrypt(sctx, in, out, len); - - return CRYPTO_siv128_decrypt(sctx, in, out, len); -} - -#define aesni_siv_cleanup aes_siv_cleanup -static int aes_siv_cleanup(EVP_CIPHER_CTX *c) -{ - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c); - - return CRYPTO_siv128_cleanup(sctx); -} - - -#define aesni_siv_ctrl aes_siv_ctrl -static int aes_siv_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr) -{ - SIV128_CONTEXT *sctx = EVP_C_DATA(SIV128_CONTEXT, c); - SIV128_CONTEXT *sctx_out; - - switch (type) { - case EVP_CTRL_INIT: - return CRYPTO_siv128_cleanup(sctx); - - case EVP_CTRL_SET_SPEED: - return CRYPTO_siv128_speed(sctx, arg); - - case EVP_CTRL_AEAD_SET_TAG: - if (!EVP_CIPHER_CTX_encrypting(c)) - return CRYPTO_siv128_set_tag(sctx, ptr, arg); - return 1; - - case EVP_CTRL_AEAD_GET_TAG: - if (!EVP_CIPHER_CTX_encrypting(c)) - return 0; - return CRYPTO_siv128_get_tag(sctx, ptr, arg); - - case EVP_CTRL_COPY: - sctx_out = EVP_C_DATA(SIV128_CONTEXT, (EVP_CIPHER_CTX*)ptr); - return CRYPTO_siv128_copy_ctx(sctx_out, sctx); - - default: - return -1; - - } -} - -#define SIV_FLAGS (EVP_CIPH_FLAG_AEAD_CIPHER | EVP_CIPH_FLAG_DEFAULT_ASN1 \ - | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ - | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CUSTOM_COPY \ - | EVP_CIPH_CTRL_INIT) - -BLOCK_CIPHER_custom(NID_aes, 128, 1, 0, siv, SIV, SIV_FLAGS) -BLOCK_CIPHER_custom(NID_aes, 192, 1, 0, siv, SIV, SIV_FLAGS) -BLOCK_CIPHER_custom(NID_aes, 256, 1, 0, siv, SIV, SIV_FLAGS) -#endif diff --git a/include/openssl/evp.h b/include/openssl/evp.h index b2b87f2ab4..4472bcf50e 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -950,11 +950,6 @@ const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha256(void); const EVP_CIPHER *EVP_aes_256_cbc_hmac_sha256(void); -# ifndef OPENSSL_NO_SIV -const EVP_CIPHER *EVP_aes_128_siv(void); -const EVP_CIPHER *EVP_aes_192_siv(void); -const EVP_CIPHER *EVP_aes_256_siv(void); -# endif # ifndef OPENSSL_NO_ARIA const EVP_CIPHER *EVP_aria_128_ecb(void); const EVP_CIPHER *EVP_aria_128_cbc(void); diff --git a/util/libcrypto.num b/util/libcrypto.num index 3d3edf9356..3573058dc9 100644 --- a/util/libcrypto.num +++ b/util/libcrypto.num @@ -4427,9 +4427,6 @@ OPENSSL_version_minor ? 3_0_0 EXIST::FUNCTION: OPENSSL_version_patch ? 3_0_0 EXIST::FUNCTION: OPENSSL_version_pre_release ? 3_0_0 EXIST::FUNCTION: OPENSSL_version_build_metadata ? 3_0_0 EXIST::FUNCTION: -EVP_aes_128_siv ? 3_0_0 EXIST::FUNCTION:SIV -EVP_aes_192_siv ? 3_0_0 EXIST::FUNCTION:SIV -EVP_aes_256_siv ? 3_0_0 EXIST::FUNCTION:SIV OPENSSL_INIT_set_config_filename ? 3_0_0 EXIST::FUNCTION:STDIO OPENSSL_INIT_set_config_file_flags ? 3_0_0 EXIST::FUNCTION:STDIO ASYNC_WAIT_CTX_get_callback ? 3_0_0 EXIST::FUNCTION: diff --git a/util/missingcrypto.txt b/util/missingcrypto.txt index f2b91e2587..71c0d5002b 100644 --- a/util/missingcrypto.txt +++ b/util/missingcrypto.txt @@ -700,9 +700,6 @@ EVP_PKEY_save_parameters(3) EVP_add_alg_module(3) EVP_add_cipher(3) EVP_add_digest(3) -EVP_aes_128_siv(3) -EVP_aes_192_siv(3) -EVP_aes_256_siv(3) EVP_get_pw_prompt(3) EVP_hex2ctrl(3) EVP_read_pw_string(3) From builds at travis-ci.com Thu Oct 22 13:28:13 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 13:28:13 +0000 Subject: Still Failing: openssl/openssl#38170 (master - a49d0a4) In-Reply-To: Message-ID: <5f9188ed91a06_13fd8078b035c17009e@travis-pro-tasks-6bcc44c976-2vfj4.mail> Build Update for openssl/openssl ------------------------------------- Build: #38170 Status: Still Failing Duration: 1 hr, 42 mins, and 38 secs Commit: a49d0a4 (master) Author: Shane Lontis Message: Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13116) View the changeset: https://github.com/openssl/openssl/compare/42445046354a...a49d0a491c65 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191619132?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 22 14:44:10 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 14:44:10 +0000 Subject: Still Failing: openssl/openssl#38171 (master - fc1ccdf) In-Reply-To: Message-ID: <5f919ab9916f7_13fd8078b026c4293af@travis-pro-tasks-6bcc44c976-2vfj4.mail> Build Update for openssl/openssl ------------------------------------- Build: #38171 Status: Still Failing Duration: 1 hr, 37 mins, and 38 secs Commit: fc1ccdf (master) Author: Pauli Message: enc: change the text to reference `-list` instead of the deprecated `-ciphers` Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13204) View the changeset: https://github.com/openssl/openssl/compare/a49d0a491c65...fc1ccdffe96b View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191676793?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 22 15:17:50 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 15:17:50 +0000 Subject: Build failed: openssl master.37643 Message-ID: <20201022151750.1.725C8D87B1BABBD6@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 22 15:58:30 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 22 Oct 2020 15:58:30 +0000 Subject: Still Failing: openssl/openssl#38172 (master - 85209c0) In-Reply-To: Message-ID: <5f91ac2579c9b_13fd80913989c6702ec@travis-pro-tasks-6bcc44c976-2vfj4.mail> Build Update for openssl/openssl ------------------------------------- Build: #38172 Status: Still Failing Duration: 1 hr, 43 mins, and 31 secs Commit: 85209c0 (master) Author: Pauli Message: Remove EVP_aes_(128|192|256)_siv functions Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13195) View the changeset: https://github.com/openssl/openssl/compare/fc1ccdffe96b...85209c07459b View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/191677926?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 22 16:41:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 16:41:27 +0000 Subject: Build completed: openssl master.37644 Message-ID: <20201022164127.1.C722816EA66D6329@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 22 18:01:33 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 18:01:33 +0000 Subject: Build failed: openssl master.37645 Message-ID: <20201022180133.1.1A0B0F49DC5B9537@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 22 19:09:25 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 19:09:25 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1603393765.924381.16354.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 753 wallclock secs (13.22 usr 1.43 sys + 643.62 cusr 61.97 csys = 720.24 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 22 21:25:21 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 22 Oct 2020 21:25:21 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1603401921.400797.10248.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 609 wallclock secs (10.03 usr 1.41 sys + 543.54 cusr 55.05 csys = 610.03 CPU) Result: FAIL Makefile:2418: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2416: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 22 22:18:34 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 22:18:34 +0000 Subject: Build failed: openssl master.37646 Message-ID: <20201022221834.1.43F6007BD4DE6E1F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 22 23:53:09 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 22 Oct 2020 23:53:09 +0000 Subject: Build failed: openssl master.37647 Message-ID: <20201022235309.1.097D511B0503C104@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 23 00:54:32 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 00:54:32 +0000 Subject: Build failed: openssl master.37648 Message-ID: <20201023005432.1.1026819DF0B72B8C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 23 02:11:35 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 02:11:35 +0000 Subject: Build completed: openssl master.37649 Message-ID: <20201023021135.1.55121796331A0F7F@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 23 03:06:23 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 03:06:23 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1603422383.144428.1533.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4305: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3164: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Fri Oct 23 03:51:43 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 03:51:43 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1603425103.608846.8736.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C0E0B4FA507F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 755 wallclock secs (14.31 usr 1.46 sys + 677.19 cusr 66.49 csys = 759.45 CPU) Result: FAIL Makefile:3184: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3182: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 23 05:56:03 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 05:56:03 +0000 Subject: Build failed: openssl master.37650 Message-ID: <20201023055603.1.9159E6475FE1D080@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 23 07:43:21 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 07:43:21 +0000 Subject: Build completed: openssl master.37651 Message-ID: <20201023074321.1.3C02F1E063EBBDC8@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 23 07:50:31 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 07:50:31 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1603439431.376769.11130.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4293: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3152: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Fri Oct 23 11:26:17 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 11:26:17 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1603452377.763586.20489.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 40E737CB2E7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40772A3D087F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40772A3D087F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1577 wallclock secs (14.75 usr 1.42 sys + 1467.43 cusr 100.39 csys = 1583.99 CPU) Result: FAIL Makefile:3195: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3193: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 23 11:49:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 11:49:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1603453753.466274.8357.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 761 wallclock secs (13.60 usr 1.32 sys + 649.16 cusr 67.30 csys = 731.38 CPU) Result: FAIL Makefile:3189: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3187: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 23 14:25:59 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 14:25:59 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1603463159.357420.22029.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 744 wallclock secs (13.40 usr 1.33 sys + 675.70 cusr 67.02 csys = 757.45 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From nic.tuv at gmail.com Fri Oct 23 15:11:13 2020 From: nic.tuv at gmail.com (nic.tuv at gmail.com) Date: Fri, 23 Oct 2020 15:11:13 +0000 Subject: [openssl] master update Message-ID: <1603465873.447249.11362.nullmailer@dev.openssl.org> The branch master has been updated via d1fb6b481b1d70932a1435f83eae10cc68edbe36 (commit) from 85209c07459b1c6007e0fc550f40c05deec78531 (commit) - Log ----------------------------------------------------------------- commit d1fb6b481b1d70932a1435f83eae10cc68edbe36 Author: Nicola Tuveri Date: Wed Oct 21 01:38:44 2020 +0300 Constify OSSL_FUNC_keymgmt_validate() The keydata argument of OSSL_FUNC_keymgmt_validate() should be read-only. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13201) ----------------------------------------------------------------------- Summary of changes: crypto/dh/dh_check.c | 2 +- crypto/dh/dh_key.c | 14 +++++++++++--- doc/man7/provider-keymgmt.pod | 2 +- include/crypto/dh.h | 4 ++-- include/openssl/core_dispatch.h | 2 +- providers/implementations/keymgmt/dh_kmgmt.c | 8 ++++---- providers/implementations/keymgmt/dsa_kmgmt.c | 10 +++++----- providers/implementations/keymgmt/ec_kmgmt.c | 4 ++-- providers/implementations/keymgmt/rsa_kmgmt.c | 4 ++-- 9 files changed, 29 insertions(+), 21 deletions(-) diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index ce8c6f7185..8fa9a43637 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -281,7 +281,7 @@ err: * FFC pairwise check from SP800-56A R3. * Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency */ -int dh_check_pairwise(DH *dh) +int dh_check_pairwise(const DH *dh) { int ret = 0; BN_CTX *ctx = NULL; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 8d9c72d65c..90802633a6 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -182,7 +182,7 @@ int DH_generate_key(DH *dh) #endif } -int dh_generate_public_key(BN_CTX *ctx, DH *dh, const BIGNUM *priv_key, +int dh_generate_public_key(BN_CTX *ctx, const DH *dh, const BIGNUM *priv_key, BIGNUM *pub_key) { int ret = 0; @@ -193,8 +193,16 @@ int dh_generate_public_key(BN_CTX *ctx, DH *dh, const BIGNUM *priv_key, return 0; if (dh->flags & DH_FLAG_CACHE_MONT_P) { - mont = BN_MONT_CTX_set_locked(&dh->method_mont_p, - dh->lock, dh->params.p, ctx); + /* + * We take the input DH as const, but we lie, because in some cases we + * want to get a hold of its Montgomery context. + * + * We cast to remove the const qualifier in this case, it should be + * fine... + */ + BN_MONT_CTX **pmont = (BN_MONT_CTX **)&dh->method_mont_p; + + mont = BN_MONT_CTX_set_locked(pmont, dh->lock, dh->params.p, ctx); if (mont == NULL) goto err; } diff --git a/doc/man7/provider-keymgmt.pod b/doc/man7/provider-keymgmt.pod index ae3dd265a8..0095da00ca 100644 --- a/doc/man7/provider-keymgmt.pod +++ b/doc/man7/provider-keymgmt.pod @@ -54,7 +54,7 @@ provider-keymgmt - The KEYMGMT library E-E provider functions int OSSL_FUNC_keymgmt_copy(void *keydata_to, const void *keydata_from, int selection); /* Key object validation */ - int OSSL_FUNC_keymgmt_validate(void *keydata, int selection); + int OSSL_FUNC_keymgmt_validate(const void *keydata, int selection); =head1 DESCRIPTION diff --git a/include/crypto/dh.h b/include/crypto/dh.h index 4dbd0c582c..0bd6516e3f 100644 --- a/include/crypto/dh.h +++ b/include/crypto/dh.h @@ -17,7 +17,7 @@ DH *dh_new_ex(OSSL_LIB_CTX *libctx); int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits, BN_GENCB *cb); -int dh_generate_public_key(BN_CTX *ctx, DH *dh, const BIGNUM *priv_key, +int dh_generate_public_key(BN_CTX *ctx, const DH *dh, const BIGNUM *priv_key, BIGNUM *pub_key); int dh_get_named_group_uid_from_size(int pbits); const char *dh_gen_type_id2name(int id); @@ -32,7 +32,7 @@ int dh_key_todata(DH *dh, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); int dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret); int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret); -int dh_check_pairwise(DH *dh); +int dh_check_pairwise(const DH *dh); const DH_METHOD *dh_get_method(const DH *dh); diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 11eadd3334..3b0cf3d3ed 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -534,7 +534,7 @@ OSSL_CORE_MAKE_FUNC(int, keymgmt_has, (const void *keydata, int selection)) /* Key checks - validation */ # define OSSL_FUNC_KEYMGMT_VALIDATE 22 -OSSL_CORE_MAKE_FUNC(int, keymgmt_validate, (void *keydata, int selection)) +OSSL_CORE_MAKE_FUNC(int, keymgmt_validate, (const void *keydata, int selection)) /* Key checks - matching */ # define OSSL_FUNC_KEYMGMT_MATCH 23 diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c index b944d3cd99..d8ca4cc9dd 100644 --- a/providers/implementations/keymgmt/dh_kmgmt.c +++ b/providers/implementations/keymgmt/dh_kmgmt.c @@ -363,7 +363,7 @@ static int dh_set_params(void *key, const OSSL_PARAM params[]) return 1; } -static int dh_validate_public(DH *dh) +static int dh_validate_public(const DH *dh) { const BIGNUM *pub_key = NULL; @@ -373,7 +373,7 @@ static int dh_validate_public(DH *dh) return DH_check_pub_key_ex(dh, pub_key); } -static int dh_validate_private(DH *dh) +static int dh_validate_private(const DH *dh) { int status = 0; const BIGNUM *priv_key = NULL; @@ -384,9 +384,9 @@ static int dh_validate_private(DH *dh) return dh_check_priv_key(dh, priv_key, &status);; } -static int dh_validate(void *keydata, int selection) +static int dh_validate(const void *keydata, int selection) { - DH *dh = keydata; + const DH *dh = keydata; int ok = 0; if (!ossl_prov_is_running()) diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c index 9ade336cdf..c3f178d34c 100644 --- a/providers/implementations/keymgmt/dsa_kmgmt.c +++ b/providers/implementations/keymgmt/dsa_kmgmt.c @@ -305,14 +305,14 @@ static const OSSL_PARAM *dsa_gettable_params(void *provctx) return dsa_params; } -static int dsa_validate_domparams(DSA *dsa) +static int dsa_validate_domparams(const DSA *dsa) { int status = 0; return dsa_check_params(dsa, &status); } -static int dsa_validate_public(DSA *dsa) +static int dsa_validate_public(const DSA *dsa) { int status = 0; const BIGNUM *pub_key = NULL; @@ -323,7 +323,7 @@ static int dsa_validate_public(DSA *dsa) return dsa_check_pub_key(dsa, pub_key, &status); } -static int dsa_validate_private(DSA *dsa) +static int dsa_validate_private(const DSA *dsa) { int status = 0; const BIGNUM *priv_key = NULL; @@ -334,9 +334,9 @@ static int dsa_validate_private(DSA *dsa) return dsa_check_priv_key(dsa, priv_key, &status); } -static int dsa_validate(void *keydata, int selection) +static int dsa_validate(const void *keydata, int selection) { - DSA *dsa = keydata; + const DSA *dsa = keydata; int ok = 0; if (!ossl_prov_is_running()) diff --git a/providers/implementations/keymgmt/ec_kmgmt.c b/providers/implementations/keymgmt/ec_kmgmt.c index 9d76e1ceed..7e3fadc580 100644 --- a/providers/implementations/keymgmt/ec_kmgmt.c +++ b/providers/implementations/keymgmt/ec_kmgmt.c @@ -785,9 +785,9 @@ const OSSL_PARAM *sm2_settable_params(ossl_unused void *provctx) #endif static -int ec_validate(void *keydata, int selection) +int ec_validate(const void *keydata, int selection) { - EC_KEY *eck = keydata; + const EC_KEY *eck = keydata; int ok = 0; BN_CTX *ctx = NULL; diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index a37288a8b1..feee131328 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -357,9 +357,9 @@ static const OSSL_PARAM *rsa_gettable_params(void *provctx) return rsa_params; } -static int rsa_validate(void *keydata, int selection) +static int rsa_validate(const void *keydata, int selection) { - RSA *rsa = keydata; + const RSA *rsa = keydata; int ok = 0; if (!ossl_prov_is_running()) From no-reply at appveyor.com Fri Oct 23 15:51:12 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 15:51:12 +0000 Subject: Build failed: openssl master.37654 Message-ID: <20201023155112.1.01BF8D89A6B06994@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 23 17:00:22 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 17:00:22 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1603472422.421863.28564.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C060A409EA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C060A409EA7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C060A409EA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/BmbIWu7Uv8 default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070FED59B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070FED59B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070FED59B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070FED59B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070FED59B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070FED59B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/BmbIWu7Uv8 fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 745 wallclock secs (14.38 usr 1.46 sys + 669.97 cusr 67.88 csys = 753.69 CPU) Result: FAIL Makefile:3197: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3195: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Fri Oct 23 18:50:33 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 23 Oct 2020 18:50:33 +0000 Subject: Still Failing: openssl/openssl#38186 (master - d1fb6b4) In-Reply-To: Message-ID: <5f9325f982f1d_13ff0121c9fac3183b3@travis-pro-tasks-d87466995-54xvv.mail> Build Update for openssl/openssl ------------------------------------- Build: #38186 Status: Still Failing Duration: 1 hr, 27 mins, and 14 secs Commit: d1fb6b4 (master) Author: Nicola Tuveri Message: Constify OSSL_FUNC_keymgmt_validate() The keydata argument of OSSL_FUNC_keymgmt_validate() should be read-only. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13201) View the changeset: https://github.com/openssl/openssl/compare/85209c07459b...d1fb6b481b1d View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/192106493?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 23 19:14:12 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 19:14:12 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1603480452.049834.19732.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C08083A1267F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C08083A1267F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C08083A1267F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/oWu5Wk1Hm8 default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F0CE730B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F0CE730B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F0CE730B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F0CE730B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F0CE730B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F0CE730B7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/oWu5Wk1Hm8 fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 739 wallclock secs (14.16 usr 1.40 sys + 664.74 cusr 67.83 csys = 748.13 CPU) Result: FAIL Makefile:3190: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3188: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 23 19:58:37 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 23 Oct 2020 19:58:37 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1603483117.723293.25537.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: 0934cf4834 Unexport internal MSBLOB and PVK functions 8300a8742b Work around Windows ftell() bug as per Microsoft engineering's suggestion 0a737e16b2 Deprecate EVP_PKEY_set1_tls_encodedpoint() 3795b2a302 Document EVP_PKEY_set1_encoded_public_key() 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 6a13c9c984 resolve defects: reverse_inull; row[DB_exp_date] referenced before checking ec5059c3ef Fix Aes-xts potential failure on aarch64 6be235a092 Prefix crlNumber output with 0x. 1dc5128577 Fix no-dh ea7277fd2e TEST: fix the DH tests to reproduce the priv_len settings ee55a20727 DH: have DH_set_length() increment the dirty count. 0ba71d6a63 DH: make the private key length importable / exportable Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F06B9DD37F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F06B9DD37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0F06B9DD37F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0F06B9DD37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/zH6z_zEZ50 default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0808F94567F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0808F94567F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0808F94567F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0808F94567F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/zH6z_zEZ50 fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 714 wallclock secs (12.86 usr 1.25 sys + 640.76 cusr 65.06 csys = 719.93 CPU) Result: FAIL Makefile:3216: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3214: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 23 19:58:41 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 19:58:41 +0000 Subject: Build failed: openssl master.37658 Message-ID: <20201023195841.1.5902DE4F16F8B94E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 23 21:04:34 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 21:04:34 +0000 Subject: Build failed: openssl master.37659 Message-ID: <20201023210434.1.461FECAE5B9886F6@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 23 22:09:54 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 23 Oct 2020 22:09:54 +0000 Subject: Build completed: openssl master.37660 Message-ID: <20201023220954.1.5D06DDCD442E6264@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 24 00:48:08 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 24 Oct 2020 00:48:08 +0000 Subject: Build failed: openssl master.37663 Message-ID: <20201024004808.1.DFB560154B04A9F0@appveyor.com> An HTML attachment was scrubbed... URL: From pauli at openssl.org Sat Oct 24 11:14:40 2020 From: pauli at openssl.org (Dr. Paul Dale) Date: Sat, 24 Oct 2020 11:14:40 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1603538080.988784.5768.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via d741debb320bf54e8575d35603a44d4eb40fa1f9 (commit) from b11aa831cfe09befe3fb3229ca46a4a59352de34 (commit) - Log ----------------------------------------------------------------- commit d741debb320bf54e8575d35603a44d4eb40fa1f9 Author: Romain Geissler Date: Fri Oct 2 00:07:32 2020 +0000 Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) Cherry-pick of https://github.com/openssl/openssl/pull/13056 for branch 1.1.1. Tested against the release 1.1.1h Reviewed-by: Tomas Mraz Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13218) ----------------------------------------------------------------------- Summary of changes: crypto/chacha/asm/chacha-armv8.pl | 1 + crypto/poly1305/asm/poly1305-armv8.pl | 6 +++++- crypto/sha/asm/sha1-armv8.pl | 2 +- crypto/sha/asm/sha512-armv8.pl | 7 +------ 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/crypto/chacha/asm/chacha-armv8.pl b/crypto/chacha/asm/chacha-armv8.pl index 2265574729..84c9801480 100755 --- a/crypto/chacha/asm/chacha-armv8.pl +++ b/crypto/chacha/asm/chacha-armv8.pl @@ -125,6 +125,7 @@ $code.=<<___; .text .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P .align 5 .Lsigma: diff --git a/crypto/poly1305/asm/poly1305-armv8.pl b/crypto/poly1305/asm/poly1305-armv8.pl index 9bfee27595..d07494bd18 100755 --- a/crypto/poly1305/asm/poly1305-armv8.pl +++ b/crypto/poly1305/asm/poly1305-armv8.pl @@ -57,10 +57,14 @@ $code.=<<___; // forward "declarations" are required for Apple .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P +.globl poly1305_init +.hidden poly1305_init .globl poly1305_blocks +.hidden poly1305_blocks .globl poly1305_emit +.hidden poly1305_emit -.globl poly1305_init .type poly1305_init,%function .align 5 poly1305_init: diff --git a/crypto/sha/asm/sha1-armv8.pl b/crypto/sha/asm/sha1-armv8.pl index aa44feb9c7..557cabc018 100644 --- a/crypto/sha/asm/sha1-armv8.pl +++ b/crypto/sha/asm/sha1-armv8.pl @@ -176,6 +176,7 @@ $code.=<<___; .text .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P .globl sha1_block_data_order .type sha1_block_data_order,%function .align 6 @@ -329,7 +330,6 @@ $code.=<<___; #endif .asciz "SHA1 block transform for ARMv8, CRYPTOGAMS by " .align 2 -.comm OPENSSL_armcap_P,4,4 ___ }}} diff --git a/crypto/sha/asm/sha512-armv8.pl b/crypto/sha/asm/sha512-armv8.pl index 07dcba42dc..3188c905ea 100644 --- a/crypto/sha/asm/sha512-armv8.pl +++ b/crypto/sha/asm/sha512-armv8.pl @@ -193,6 +193,7 @@ $code.=<<___; .text .extern OPENSSL_armcap_P +.hidden OPENSSL_armcap_P .globl $func .type $func,%function .align 6 @@ -840,12 +841,6 @@ $code.=<<___; ___ } -$code.=<<___; -#ifndef __KERNEL__ -.comm OPENSSL_armcap_P,4,4 -#endif -___ - { my %opcode = ( "sha256h" => 0x5e004000, "sha256h2" => 0x5e005000, "sha256su0" => 0x5e282800, "sha256su1" => 0x5e006000 ); From no-reply at appveyor.com Sat Oct 24 12:21:35 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 24 Oct 2020 12:21:35 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37664 Message-ID: <20201024122135.1.EA9B972DF02D19FA@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 24 16:58:08 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 24 Oct 2020 16:58:08 +0000 Subject: Build failed: openssl master.37666 Message-ID: <20201024165808.1.39C2E4FD1CAE9DE0@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 24 19:08:20 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 24 Oct 2020 19:08:20 +0000 Subject: Build failed: openssl master.37669 Message-ID: <20201024190820.1.601AF4B6CCB066D7@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Sat Oct 24 21:50:10 2020 From: no-reply at appveyor.com (AppVeyor) Date: Sat, 24 Oct 2020 21:50:10 +0000 Subject: Build failed: openssl master.37671 Message-ID: <20201024215010.1.8061CC383A3D740D@appveyor.com> An HTML attachment was scrubbed... URL: From scan-admin at coverity.com Sun Oct 25 07:52:07 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 25 Oct 2020 07:52:07 +0000 (UTC) Subject: Coverity Scan: Analysis completed for OpenSSL-1.0.2 Message-ID: <5f952ea735bf1_233cee2af71179af585560@prd-scan-dashboard-0.mail> Your request for analysis of OpenSSL-1.0.2 has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7Hlun-2FGpeF2rhqKLKnzox0Gkw-3D-3DROkl_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeEf3Pk4v6FTbeciJLw0oEsVGPHQTkTmuGCZ-2FaeVlooH7O2zbzJEA-2Bi-2FY2hWx3AJFXtM-2FewrtJE34rxGygpTgjnzGDgQjZ4jSaSlkibrT-2BUMIWijmyludK7wraHDh7CfYbFNTAIIeUkhPEn8t-2FSuC09rtVEssnZK0s2j98knEGmxGxD8XT06mnSeG3YgqB-2BhgCU-3D Build ID: 347371 Analysis Summary: New defects found: 0 Defects eliminated: 0 From scan-admin at coverity.com Sun Oct 25 07:54:51 2020 From: scan-admin at coverity.com (scan-admin at coverity.com) Date: Sun, 25 Oct 2020 07:54:51 +0000 (UTC) Subject: Coverity Scan: Analysis completed for openssl/openssl Message-ID: <5f952f4a9fe34_233e7c2af71179af5855c5@prd-scan-dashboard-0.mail> Your request for analysis of openssl/openssl has been completed successfully. The results are available at https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoN-2BQSVjTtaSz8wS4wOr7HlekBtV1P4YRtWclMVkCdvAA-3D-3Do2x0_MulOTlHne1IxTRELXXnGni8d68xSVF-2BUCe3a7Ux-2BjeHB7Lrdgzwo4UVfb5dUajyUkTSSCxNgkxTddlFk5Wo73VaF0JshCeboxy-2FFUpSq-2BS4AZ7eXhLT9f4pJhz5Ub11sn35t3lQRd4vq8gywSZSyrOdGnBgtDoj0X-2BZ4oWmD9H3uBVoqcXPmGiQfOWA7bPHUYaRvKr-2Fgfk8BUksuViTkFEOrIioFyeK1nZVEb9-2B25X4-3D Build ID: 347370 Analysis Summary: New defects found: 0 Defects eliminated: 0 From openssl at openssl.org Sun Oct 25 23:49:12 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sun, 25 Oct 2020 23:49:12 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1603669752.554731.21412.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80D714994D7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80879E661D7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80879E661D7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1387 wallclock secs (12.16 usr 1.46 sys + 1208.48 cusr 161.69 csys = 1383.79 CPU) Result: FAIL Makefile:2549: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2547: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 26 00:58:50 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 00:58:50 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm Message-ID: <1603673930.104087.10941.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): 60-test_x509_time.t ................ ok 61-test_bio_prefix.t ............... ok 65-test_cmp_asn.t .................. ok 65-test_cmp_client.t ............... ok 65-test_cmp_ctx.t .................. ok 65-test_cmp_hdr.t .................. ok 65-test_cmp_msg.t .................. ok 65-test_cmp_protect.t .............. ok 65-test_cmp_server.t ............... ok 65-test_cmp_status.t ............... ok 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok Makefile:3171: recipe for target '_tests' failed make[1]: *** [_tests] Terminated Makefile:3169: recipe for target 'tests' failed make: *** [tests] Terminated From openssl at openssl.org Mon Oct 26 01:45:36 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 01:45:36 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1603676736.048881.28823.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 738 wallclock secs (14.52 usr 1.48 sys + 662.54 cusr 66.36 csys = 744.90 CPU) Result: FAIL Makefile:3197: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3195: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 26 04:25:48 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 04:25:48 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1603686348.134190.24650.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/srptest-bin-srptest.d.tmp -MT test/srptest-bin-srptest.o -c -o test/srptest-bin-srptest.o ../openssl/test/srptest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o chmod a+x apps/tsget.pl ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21582: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3133: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From matthias.st.pierre at ncp-e.com Mon Oct 26 05:25:23 2020 From: matthias.st.pierre at ncp-e.com (matthias.st.pierre at ncp-e.com) Date: Mon, 26 Oct 2020 05:25:23 +0000 Subject: [openssl] master update Message-ID: <1603689923.780583.2087.nullmailer@dev.openssl.org> The branch master has been updated via b6120b5f5442c3ddd081a9378ec89b888c3bb0fe (commit) from d1fb6b481b1d70932a1435f83eae10cc68edbe36 (commit) - Log ----------------------------------------------------------------- commit b6120b5f5442c3ddd081a9378ec89b888c3bb0fe Author: Kan Date: Mon Sep 21 00:27:29 2020 +0800 Add parentheses to fix PCLINT Info:773 Fixes #7930 CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Shane Lontis Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/12927) ----------------------------------------------------------------------- Summary of changes: include/openssl/ssl.h.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/openssl/ssl.h.in b/include/openssl/ssl.h.in index edcd9819fa..8a86e2d24f 100644 --- a/include/openssl/ssl.h.in +++ b/include/openssl/ssl.h.in @@ -681,7 +681,7 @@ __owur int SRP_Calc_A_param(SSL *s); # endif /* 100k max cert list */ -# define SSL_MAX_CERT_LIST_DEFAULT 1024*100 +# define SSL_MAX_CERT_LIST_DEFAULT (1024*100) # define SSL_SESSION_CACHE_MAX_SIZE_DEFAULT (1024*20) From openssl at openssl.org Mon Oct 26 06:37:20 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 06:37:20 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1603694240.634502.10558.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0B06E0E7F7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C030C034B87F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C030C034B87F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0501170ED7F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0501170ED7F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 686 wallclock secs (14.12 usr 1.18 sys + 617.52 cusr 58.15 csys = 690.97 CPU) Result: FAIL Makefile:3135: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3133: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Mon Oct 26 06:59:51 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 06:59:51 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1603695591.902892.30651.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 727 wallclock secs (14.09 usr 1.44 sys + 637.67 cusr 67.07 csys = 720.27 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Mon Oct 26 07:15:52 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 26 Oct 2020 07:15:52 +0000 Subject: Still Failing: openssl/openssl#38210 (master - b6120b5) In-Reply-To: Message-ID: <5f9677a862b76_13fcf95cac2a01573bf@travis-pro-tasks-67d6cdc977-bz9mp.mail> Build Update for openssl/openssl ------------------------------------- Build: #38210 Status: Still Failing Duration: 1 hr, 26 mins, and 3 secs Commit: b6120b5 (master) Author: Kan Message: Add parentheses to fix PCLINT Info:773 Fixes #7930 CLA: trivial Reviewed-by: Richard Levitte Reviewed-by: Shane Lontis Reviewed-by: Matthias St. Pierre (Merged from https://github.com/openssl/openssl/pull/12927) View the changeset: https://github.com/openssl/openssl/compare/d1fb6b481b1d...b6120b5f5442 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/192671739?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 26 07:23:55 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 07:23:55 +0000 Subject: Build failed: openssl master.37682 Message-ID: <20201026072355.1.399B76F2914F36AF@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Mon Oct 26 08:44:35 2020 From: levitte at openssl.org (Richard Levitte) Date: Mon, 26 Oct 2020 08:44:35 +0000 Subject: [openssl] master update Message-ID: <1603701875.572097.6467.nullmailer@dev.openssl.org> The branch master has been updated via 22dddfb925da8775eaf4ee8c377da41e6535afe1 (commit) from b6120b5f5442c3ddd081a9378ec89b888c3bb0fe (commit) - Log ----------------------------------------------------------------- commit 22dddfb925da8775eaf4ee8c377da41e6535afe1 Author: Richard Levitte Date: Sat Oct 24 16:31:57 2020 +0200 APPS: Remove the format argument where it's not used Also, restore a behaviour change, where load_cert() would look at stdin when the input file name is NULL, and make sure to call load_cert_pass() with a corresponding argument where load_cert() was used in OpenSSL 1.1.1. Fixes #13235 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13236) ----------------------------------------------------------------------- Summary of changes: apps/ca.c | 7 ++++--- apps/cms.c | 15 ++++++--------- apps/crl.c | 4 ++-- apps/include/apps.h | 5 ++--- apps/lib/apps.c | 4 ++-- apps/lib/s_cb.c | 3 +-- apps/ocsp.c | 10 ++++------ apps/pkeyutl.c | 2 +- apps/rsautl.c | 2 +- apps/s_client.c | 4 ++-- apps/s_server.c | 11 +++++------ apps/smime.c | 8 +++----- apps/verify.c | 2 +- apps/x509.c | 4 ++-- 14 files changed, 36 insertions(+), 45 deletions(-) diff --git a/apps/ca.c b/apps/ca.c index 00078f90d4..b2866f63d6 100755 --- a/apps/ca.c +++ b/apps/ca.c @@ -591,7 +591,7 @@ end_of_options: && (certfile = lookup_conf(conf, section, ENV_CERTIFICATE)) == NULL) goto end; - x509 = load_cert_pass(certfile, certformat, passin, "CA certificate"); + x509 = load_cert_pass(certfile, 1, passin, "CA certificate"); if (x509 == NULL) goto end; @@ -1269,7 +1269,7 @@ end_of_options: } else { X509 *revcert; - revcert = load_cert_pass(infile, certformat, passin, + revcert = load_cert_pass(infile, 1, passin, "certificate to be revoked"); if (revcert == NULL) goto end; @@ -1404,7 +1404,8 @@ static int certify_cert(X509 **xret, const char *infile, int certformat, EVP_PKEY *pktmp = NULL; int ok = -1, i; - if ((template_cert = load_cert_pass(infile, certformat, passin, "template certificate")) == NULL) + if ((template_cert = load_cert_pass(infile, 1, passin, + "template certificate")) == NULL) goto end; if (verbose) X509_print(bio_err, template_cert); diff --git a/apps/cms.c b/apps/cms.c index 4589a24f06..f9adc9a52c 100644 --- a/apps/cms.c +++ b/apps/cms.c @@ -616,8 +616,7 @@ int cms_main(int argc, char **argv) if (operation == SMIME_ENCRYPT) { if (encerts == NULL && (encerts = sk_X509_new_null()) == NULL) goto end; - cert = load_cert(opt_arg(), FORMAT_UNDEF, - "recipient certificate file"); + cert = load_cert(opt_arg(), "recipient certificate file"); if (cert == NULL) goto end; sk_X509_push(encerts, cert); @@ -809,8 +808,7 @@ int cms_main(int argc, char **argv) if ((encerts = sk_X509_new_null()) == NULL) goto end; while (*argv) { - if ((cert = load_cert(*argv, FORMAT_UNDEF, - "recipient certificate file")) == NULL) + if ((cert = load_cert(*argv, "recipient certificate file")) == NULL) goto end; sk_X509_push(encerts, cert); cert = NULL; @@ -826,7 +824,7 @@ int cms_main(int argc, char **argv) } if (recipfile != NULL && (operation == SMIME_DECRYPT)) { - if ((recip = load_cert(recipfile, FORMAT_UNDEF, + if ((recip = load_cert(recipfile, "recipient certificate file")) == NULL) { ERR_print_errors(bio_err); goto end; @@ -834,7 +832,7 @@ int cms_main(int argc, char **argv) } if (originatorfile != NULL) { - if ((originator = load_cert(originatorfile, FORMAT_UNDEF, + if ((originator = load_cert(originatorfile, "originator certificate file")) == NULL) { ERR_print_errors(bio_err); goto end; @@ -842,7 +840,7 @@ int cms_main(int argc, char **argv) } if (operation == SMIME_SIGN_RECEIPT) { - if ((signer = load_cert(signerfile, FORMAT_UNDEF, + if ((signer = load_cert(signerfile, "receipt signer certificate file")) == NULL) { ERR_print_errors(bio_err); goto end; @@ -1049,8 +1047,7 @@ int cms_main(int argc, char **argv) signerfile = sk_OPENSSL_STRING_value(sksigners, i); keyfile = sk_OPENSSL_STRING_value(skkeys, i); - signer = load_cert(signerfile, FORMAT_UNDEF, - "signer certificate"); + signer = load_cert(signerfile, "signer certificate"); if (signer == NULL) { ret = 2; goto end; diff --git a/apps/crl.c b/apps/crl.c index 4cb1bcc2c3..680c0ee128 100644 --- a/apps/crl.c +++ b/apps/crl.c @@ -205,7 +205,7 @@ int crl_main(int argc, char **argv) if (argc != 0) goto opthelp; - x = load_crl(infile, informat, "CRL"); + x = load_crl(infile, "CRL"); if (x == NULL) goto end; @@ -250,7 +250,7 @@ int crl_main(int argc, char **argv) BIO_puts(bio_err, "Missing CRL signing key\n"); goto end; } - newcrl = load_crl(crldiff, informat, "other CRL"); + newcrl = load_crl(crldiff, "other CRL"); if (!newcrl) goto end; pkey = load_key(keyfile, keyformat, 0, NULL, NULL, "CRL signing key"); diff --git a/apps/include/apps.h b/apps/include/apps.h index 8bb92e07db..17e01336ab 100644 --- a/apps/include/apps.h +++ b/apps/include/apps.h @@ -107,9 +107,8 @@ int add_oid_section(CONF *conf); X509_REQ *load_csr(const char *file, int format, const char *desc); X509 *load_cert_pass(const char *uri, int maybe_stdin, const char *pass, const char *desc); -/* the format parameter is meanwhile not needed anymore and thus ignored */ -#define load_cert(uri, format, desc) load_cert_pass(uri, 0, NULL, desc) -X509_CRL *load_crl(const char *uri, int format, const char *desc); +#define load_cert(uri, desc) load_cert_pass(uri, 1, NULL, desc) +X509_CRL *load_crl(const char *uri, const char *desc); void cleanse(char *str); void clear_free(char *str); EVP_PKEY *load_key(const char *uri, int format, int maybe_stdin, diff --git a/apps/lib/apps.c b/apps/lib/apps.c index d100ce42dd..9efc5f9eb1 100644 --- a/apps/lib/apps.c +++ b/apps/lib/apps.c @@ -485,7 +485,7 @@ X509 *load_cert_pass(const char *uri, int maybe_stdin, } /* the format parameter is meanwhile not needed anymore and thus ignored */ -X509_CRL *load_crl(const char *uri, int format, const char *desc) +X509_CRL *load_crl(const char *uri, const char *desc) { X509_CRL *crl = NULL; @@ -1915,7 +1915,7 @@ static X509_CRL *load_crl_crldp(STACK_OF(DIST_POINT) *crldp) DIST_POINT *dp = sk_DIST_POINT_value(crldp, i); urlptr = get_dp_url(dp); if (urlptr) - return load_crl(urlptr, FORMAT_HTTP, "CRL via CDP"); + return load_crl(urlptr, "CRL via CDP"); } return NULL; } diff --git a/apps/lib/s_cb.c b/apps/lib/s_cb.c index 142659d05e..a15e4e9d35 100644 --- a/apps/lib/s_cb.c +++ b/apps/lib/s_cb.c @@ -1041,8 +1041,7 @@ int load_excert(SSL_EXCERT **pexc) BIO_printf(bio_err, "Missing filename\n"); return 0; } - exc->cert = load_cert(exc->certfile, exc->certform, - "Server Certificate"); + exc->cert = load_cert(exc->certfile, "Server Certificate"); if (exc->cert == NULL) return 0; if (exc->keyfile != NULL) { diff --git a/apps/ocsp.c b/apps/ocsp.c index 4d01e99c15..174f237340 100644 --- a/apps/ocsp.c +++ b/apps/ocsp.c @@ -405,8 +405,7 @@ int ocsp_main(int argc, char **argv) path = opt_arg(); break; case OPT_ISSUER: - issuer = load_cert(opt_arg(), FORMAT_UNDEF, - "issuer certificate"); + issuer = load_cert(opt_arg(), "issuer certificate"); if (issuer == NULL) goto end; if (issuers == NULL) { @@ -418,7 +417,7 @@ int ocsp_main(int argc, char **argv) break; case OPT_CERT: X509_free(cert); - cert = load_cert(opt_arg(), FORMAT_UNDEF, "certificate"); + cert = load_cert(opt_arg(), "certificate"); if (cert == NULL) goto end; if (cert_id_md == NULL) @@ -562,8 +561,7 @@ int ocsp_main(int argc, char **argv) if (rsignfile != NULL) { if (rkeyfile == NULL) rkeyfile = rsignfile; - rsigner = load_cert(rsignfile, FORMAT_UNDEF, - "responder certificate"); + rsigner = load_cert(rsignfile, "responder certificate"); if (rsigner == NULL) { BIO_printf(bio_err, "Error loading responder certificate\n"); goto end; @@ -659,7 +657,7 @@ redo_accept: if (signfile != NULL) { if (keyfile == NULL) keyfile = signfile; - signer = load_cert(signfile, FORMAT_UNDEF, "signer certificate"); + signer = load_cert(signfile, "signer certificate"); if (signer == NULL) { BIO_printf(bio_err, "Error loading signer certificate\n"); goto end; diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index f7449503b9..3146b1f684 100644 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -540,7 +540,7 @@ static EVP_PKEY_CTX *init_ctx(const char *kdfalg, int *pkeysize, break; case KEY_CERT: - x = load_cert(keyfile, FORMAT_UNDEF, "Certificate"); + x = load_cert(keyfile, "Certificate"); if (x) { pkey = X509_get_pubkey(x); X509_free(x); diff --git a/apps/rsautl.c b/apps/rsautl.c index 49d9fcfea4..9b5456cb89 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -197,7 +197,7 @@ int rsautl_main(int argc, char **argv) break; case KEY_CERT: - x = load_cert(keyfile, FORMAT_UNDEF, "Certificate"); + x = load_cert(keyfile, "Certificate"); if (x) { pkey = X509_get_pubkey(x); X509_free(x); diff --git a/apps/s_client.c b/apps/s_client.c index 512ac0547b..98f034f112 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -1731,7 +1731,7 @@ int s_client_main(int argc, char **argv) } if (cert_file != NULL) { - cert = load_cert_pass(cert_file, cert_format, pass, "client certificate"); + cert = load_cert_pass(cert_file, 1, pass, "client certificate"); if (cert == NULL) goto end; } @@ -1743,7 +1743,7 @@ int s_client_main(int argc, char **argv) if (crl_file != NULL) { X509_CRL *crl; - crl = load_crl(crl_file, crl_format, "CRL"); + crl = load_crl(crl_file, "CRL"); if (crl == NULL) goto end; crls = sk_X509_CRL_new_null(); diff --git a/apps/s_server.c b/apps/s_server.c index dee38584c4..cd76ababe0 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1744,8 +1744,7 @@ int s_server_main(int argc, char *argv[]) if (s_key == NULL) goto end; - s_cert = load_cert_pass(s_cert_file, s_cert_format, pass, - "server certificate"); + s_cert = load_cert_pass(s_cert_file, 1, pass, "server certificate"); if (s_cert == NULL) goto end; @@ -1761,7 +1760,7 @@ int s_server_main(int argc, char *argv[]) if (s_key2 == NULL) goto end; - s_cert2 = load_cert_pass(s_cert_file2, s_cert_format, pass, + s_cert2 = load_cert_pass(s_cert_file2, 1, pass, "second server certificate"); if (s_cert2 == NULL) @@ -1784,7 +1783,7 @@ int s_server_main(int argc, char *argv[]) if (crl_file != NULL) { X509_CRL *crl; - crl = load_crl(crl_file, crl_format, "CRL"); + crl = load_crl(crl_file, "CRL"); if (crl == NULL) goto end; crls = sk_X509_CRL_new_null(); @@ -1806,8 +1805,8 @@ int s_server_main(int argc, char *argv[]) if (s_dkey == NULL) goto end; - s_dcert = load_cert_pass(s_dcert_file, s_dcert_format, dpass, - "second server certificate"); + s_dcert = load_cert_pass(s_dcert_file, 1, dpass, + "second server certificate"); if (s_dcert == NULL) { ERR_print_errors(bio_err); diff --git a/apps/smime.c b/apps/smime.c index 89dc0eac96..f0ac6ed99c 100644 --- a/apps/smime.c +++ b/apps/smime.c @@ -435,8 +435,7 @@ int smime_main(int argc, char **argv) if (encerts == NULL) goto end; while (*argv != NULL) { - cert = load_cert(*argv, FORMAT_UNDEF, - "recipient certificate file"); + cert = load_cert(*argv, "recipient certificate file"); if (cert == NULL) goto end; sk_X509_push(encerts, cert); @@ -453,7 +452,7 @@ int smime_main(int argc, char **argv) } if (recipfile != NULL && (operation == SMIME_DECRYPT)) { - if ((recip = load_cert(recipfile, FORMAT_UNDEF, + if ((recip = load_cert(recipfile, "recipient certificate file")) == NULL) { ERR_print_errors(bio_err); goto end; @@ -568,8 +567,7 @@ int smime_main(int argc, char **argv) for (i = 0; i < sk_OPENSSL_STRING_num(sksigners); i++) { signerfile = sk_OPENSSL_STRING_value(sksigners, i); keyfile = sk_OPENSSL_STRING_value(skkeys, i); - signer = load_cert(signerfile, FORMAT_UNDEF, - "signer certificate"); + signer = load_cert(signerfile, "signer certificate"); if (signer == NULL) goto end; key = load_key(keyfile, keyform, 0, passin, e, "signing key"); diff --git a/apps/verify.c b/apps/verify.c index 3d4e7d4060..9a226f0360 100644 --- a/apps/verify.c +++ b/apps/verify.c @@ -250,7 +250,7 @@ static int check(X509_STORE *ctx, const char *file, STACK_OF(X509) *chain = NULL; int num_untrusted; - x = load_cert(file, FORMAT_UNDEF, "certificate file"); + x = load_cert(file, "certificate file"); if (x == NULL) goto end; diff --git a/apps/x509.c b/apps/x509.c index 509d6e8741..8f9b7c8e40 100644 --- a/apps/x509.c +++ b/apps/x509.c @@ -629,7 +629,7 @@ int x509_main(int argc, char **argv) if (!X509_set_pubkey(x, fkey != NULL ? fkey : X509_REQ_get0_pubkey(req))) goto end; } else { - x = load_cert_pass(infile, FORMAT_UNDEF, passin, "certificate"); + x = load_cert_pass(infile, 1, passin, "certificate"); if (x == NULL) goto end; if (fkey != NULL && !X509_set_pubkey(x, fkey)) @@ -639,7 +639,7 @@ int x509_main(int argc, char **argv) } if (CA_flag) { - xca = load_cert_pass(CAfile, CAformat, passin, "CA certificate"); + xca = load_cert_pass(CAfile, 1, passin, "CA certificate"); if (xca == NULL) goto end; } From builds at travis-ci.com Mon Oct 26 10:08:04 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 26 Oct 2020 10:08:04 +0000 Subject: Still Failing: openssl/openssl#38211 (master - 22dddfb) In-Reply-To: Message-ID: <5f96a003c492c_13ff136aad4f04061b0@travis-pro-tasks-574d89d56f-xvrkf.mail> Build Update for openssl/openssl ------------------------------------- Build: #38211 Status: Still Failing Duration: 1 hr, 22 mins, and 4 secs Commit: 22dddfb (master) Author: Richard Levitte Message: APPS: Remove the format argument where it's not used Also, restore a behaviour change, where load_cert() would look at stdin when the input file name is NULL, and make sure to call load_cert_pass() with a corresponding argument where load_cert() was used in OpenSSL 1.1.1. Fixes #13235 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13236) View the changeset: https://github.com/openssl/openssl/compare/b6120b5f5442...22dddfb925da View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/192688398?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 26 10:48:36 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 10:48:36 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1603709316.568913.20056.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 699 wallclock secs (10.88 usr 1.22 sys + 636.94 cusr 63.29 csys = 712.33 CPU) Result: FAIL Makefile:3130: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3128: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 26 10:49:56 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 10:49:56 +0000 Subject: Build failed: openssl master.37683 Message-ID: <20201026104956.1.BC50F06DCCC86856@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 26 11:43:04 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 11:43:04 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1603712584.266112.18576.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 722 wallclock secs (13.95 usr 1.26 sys + 650.95 cusr 66.52 csys = 732.68 CPU) Result: FAIL Makefile:3211: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3209: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 26 12:30:22 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 12:30:22 +0000 Subject: Build failed: openssl master.37686 Message-ID: <20201026123022.1.E177066E246B8A84@appveyor.com> An HTML attachment was scrubbed... URL: From tmraz at fedoraproject.org Mon Oct 26 13:07:25 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Mon, 26 Oct 2020 13:07:25 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1603717645.407013.22034.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 2e06150e3928daa06d5ff70c32bffad8088ebe58 (commit) from d741debb320bf54e8575d35603a44d4eb40fa1f9 (commit) - Log ----------------------------------------------------------------- commit 2e06150e3928daa06d5ff70c32bffad8088ebe58 Author: Andr? Klitzing Date: Wed Mar 18 16:04:06 2020 +0100 Allow to continue on UNABLE_TO_VERIFY_LEAF_SIGNATURE This unifies the behaviour of a single certificate with an unknown CA certificate with a self-signed certificate. The user callback can mask that error to retrieve additional error information. So the user application can decide to abort the connection instead to be forced by openssl. This change in behaviour is backward compatible as user callbacks who don't want to ignore UNABLE_TO_VERIFY_LEAF_SIGNATURE will still abort the connection by default. CLA: trivial Fixes #11297 Reviewed-by: David von Oheimb Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/11359) ----------------------------------------------------------------------- Summary of changes: crypto/x509/x509_vfy.c | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 801055f5a0..ffa8d637ff 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -1750,9 +1750,15 @@ static int internal_verify(X509_STORE_CTX *ctx) xs = xi; goto check_cert; } - if (n <= 0) - return verify_cb_cert(ctx, xi, 0, - X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE); + if (n <= 0) { + if (!verify_cb_cert(ctx, xi, 0, + X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE)) + return 0; + + xs = xi; + goto check_cert; + } + n--; ctx->error_depth = n; xs = sk_X509_value(ctx->chain, n); From no-reply at appveyor.com Mon Oct 26 13:37:59 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 13:37:59 +0000 Subject: Build completed: openssl master.37687 Message-ID: <20201026133759.1.FB7008A1E45B5295@appveyor.com> An HTML attachment was scrubbed... URL: From kaduk at mit.edu Mon Oct 26 16:19:44 2020 From: kaduk at mit.edu (kaduk at mit.edu) Date: Mon, 26 Oct 2020 16:19:44 +0000 Subject: [openssl] master update Message-ID: <1603729184.696798.10970.nullmailer@dev.openssl.org> The branch master has been updated via 47b422c90aec6e3d1de38110d67e17133d086051 (commit) from 22dddfb925da8775eaf4ee8c377da41e6535afe1 (commit) - Log ----------------------------------------------------------------- commit 47b422c90aec6e3d1de38110d67e17133d086051 Author: Matt Caswell Date: Thu Oct 22 13:53:27 2020 +0100 Ensure we raise SSLfatal on error We were missing a call to SSLfatal. A comment claimed that we had already called it - but that is incorrect. Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13229) ----------------------------------------------------------------------- Summary of changes: ssl/statem/statem_srvr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 81cea6db37..033a640edd 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2588,7 +2588,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) s->s3.tmp.pkey = ssl_generate_pkey(s, pkdhp); if (s->s3.tmp.pkey == NULL) { - /* SSLfatal() already called */ + SSLfatal(s, SSL_AD_INTERNAL_ERROR, 0, ERR_R_INTERNAL_ERROR); goto err; } From kaduk at mit.edu Mon Oct 26 16:31:28 2020 From: kaduk at mit.edu (kaduk at mit.edu) Date: Mon, 26 Oct 2020 16:31:28 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1603729888.142761.14239.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 8979ffee95043baffa51887b1d43d9b07f9fae1b (commit) from 2e06150e3928daa06d5ff70c32bffad8088ebe58 (commit) - Log ----------------------------------------------------------------- commit 8979ffee95043baffa51887b1d43d9b07f9fae1b Author: Matt Caswell Date: Thu Oct 22 13:53:27 2020 +0100 Ensure we raise SSLfatal on error We were missing a call to SSLfatal. A comment claimed that we had already called it - but that is incorrect. Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13230) ----------------------------------------------------------------------- Summary of changes: ssl/statem/statem_srvr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c index 14cb27e6db..cf45a40ce4 100644 --- a/ssl/statem/statem_srvr.c +++ b/ssl/statem/statem_srvr.c @@ -2577,7 +2577,7 @@ int tls_construct_server_key_exchange(SSL *s, WPACKET *pkt) s->s3->tmp.pkey = ssl_generate_pkey(pkdhp); if (s->s3->tmp.pkey == NULL) { - /* SSLfatal() already called */ + SSLfatal(s, SSL_AD_INTERNAL_ERROR, 0, ERR_R_INTERNAL_ERROR); goto err; } From no-reply at appveyor.com Mon Oct 26 16:35:03 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 16:35:03 +0000 Subject: Build failed: openssl master.37691 Message-ID: <20201026163503.1.672769B0D54D70BA@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Mon Oct 26 18:27:13 2020 From: builds at travis-ci.com (Travis CI) Date: Mon, 26 Oct 2020 18:27:13 +0000 Subject: Still Failing: openssl/openssl#38220 (master - 47b422c) In-Reply-To: Message-ID: <5f971501973e5_13f820e7e058440894f@travis-pro-tasks-5fb44b6cd8-6kpwv.mail> Build Update for openssl/openssl ------------------------------------- Build: #38220 Status: Still Failing Duration: 1 hr, 20 mins, and 46 secs Commit: 47b422c (master) Author: Matt Caswell Message: Ensure we raise SSLfatal on error We were missing a call to SSLfatal. A comment claimed that we had already called it - but that is incorrect. Reviewed-by: Ben Kaduk (Merged from https://github.com/openssl/openssl/pull/13229) View the changeset: https://github.com/openssl/openssl/compare/22dddfb925da...47b422c90aec View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/192855089?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 26 18:48:46 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 18:48:46 +0000 Subject: Build failed: openssl master.37692 Message-ID: <20201026184846.1.6A5541CF15E9BBB9@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 26 19:12:48 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 19:12:48 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1603739568.436076.21653.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 721 wallclock secs (12.92 usr 1.43 sys + 619.08 cusr 56.84 csys = 690.27 CPU) Result: FAIL Makefile:3191: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3189: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 26 20:09:04 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 20:09:04 +0000 Subject: Build completed: openssl OpenSSL_1_1_1-stable.37693 Message-ID: <20201026200904.1.4EE6199D8C2BA6D9@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Mon Oct 26 21:27:17 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Mon, 26 Oct 2020 21:27:17 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1603747637.900959.15705.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 590 wallclock secs ( 9.88 usr 1.29 sys + 524.03 cusr 55.40 csys = 590.60 CPU) Result: FAIL Makefile:2412: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2410: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Mon Oct 26 22:23:25 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 22:23:25 +0000 Subject: Build failed: openssl master.37697 Message-ID: <20201026222325.1.B6C1717CB5B62034@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 26 22:42:13 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 22:42:13 +0000 Subject: Build failed: openssl master.37698 Message-ID: <20201026224213.1.7C0A62FF4A704403@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Mon Oct 26 23:49:13 2020 From: no-reply at appveyor.com (AppVeyor) Date: Mon, 26 Oct 2020 23:49:13 +0000 Subject: Build completed: openssl master.37699 Message-ID: <20201026234913.1.91BD2272DA8934B6@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 27 02:57:00 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 02:57:00 +0000 Subject: Build failed: openssl master.37701 Message-ID: <20201027025700.1.43B1BD23DD0C9BEB@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 27 03:08:21 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 03:08:21 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1603768101.092424.6885.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4298: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3157: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Tue Oct 27 03:53:18 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 03:53:18 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1603770798.866543.14022.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C020BD58737F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 726 wallclock secs (14.18 usr 1.39 sys + 652.88 cusr 67.85 csys = 736.30 CPU) Result: FAIL Makefile:3184: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3182: recipe for target 'tests' failed make: *** [tests] Error 2 From shane.lontis at oracle.com Tue Oct 27 05:34:57 2020 From: shane.lontis at oracle.com (shane.lontis at oracle.com) Date: Tue, 27 Oct 2020 05:34:57 +0000 Subject: [openssl] master update Message-ID: <1603776897.472864.9549.nullmailer@dev.openssl.org> The branch master has been updated via 5723a8ec514930c7c49d080cd7a2b17a8f8c7afa (commit) from 47b422c90aec6e3d1de38110d67e17133d086051 (commit) - Log ----------------------------------------------------------------- commit 5723a8ec514930c7c49d080cd7a2b17a8f8c7afa Author: Shane Lontis Date: Thu Oct 22 11:07:58 2020 +1000 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' cipher_hw_generic_##mode has been renamed to ossl_cipher_hw_generic_##mode. There were a few missing renames for t4 in .inc files. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13213) ----------------------------------------------------------------------- Summary of changes: providers/implementations/ciphers/cipher_aes_hw_t4.inc | 2 +- providers/implementations/ciphers/cipher_camellia_hw_t4.inc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/providers/implementations/ciphers/cipher_aes_hw_t4.inc b/providers/implementations/ciphers/cipher_aes_hw_t4.inc index 07b65789f1..60bee09842 100644 --- a/providers/implementations/ciphers/cipher_aes_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_aes_hw_t4.inc @@ -88,7 +88,7 @@ static int cipher_hw_aes_t4_initkey(PROV_CIPHER_CTX *dat, #define PROV_CIPHER_HW_declare(mode) \ static const PROV_CIPHER_HW aes_t4_##mode = { \ cipher_hw_aes_t4_initkey, \ - cipher_hw_generic_##mode, \ + ossl_cipher_hw_generic_##mode, \ cipher_hw_aes_copyctx \ }; #define PROV_CIPHER_HW_select(mode) \ diff --git a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc index 96e5e20dbc..803ffa7b7d 100644 --- a/providers/implementations/ciphers/cipher_camellia_hw_t4.inc +++ b/providers/implementations/ciphers/cipher_camellia_hw_t4.inc @@ -76,7 +76,7 @@ static int cipher_hw_camellia_t4_initkey(PROV_CIPHER_CTX *dat, #define PROV_CIPHER_HW_declare(mode) \ static const PROV_CIPHER_HW t4_camellia_##mode = { \ cipher_hw_camellia_t4_initkey, \ - cipher_hw_generic_##mode, \ + ossl_cipher_hw_generic_##mode, \ cipher_hw_camellia_copyctx \ }; #define PROV_CIPHER_HW_select(mode) \ From builds at travis-ci.com Tue Oct 27 06:56:13 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 27 Oct 2020 06:56:13 +0000 Subject: Still Failing: openssl/openssl#38229 (master - 5723a8e) In-Reply-To: Message-ID: <5f97c48d6333_13f7e06dad0e02935ef@travis-pro-tasks-66d4d7685-q7vcq.mail> Build Update for openssl/openssl ------------------------------------- Build: #38229 Status: Still Failing Duration: 1 hr, 19 mins, and 50 secs Commit: 5723a8e (master) Author: Shane Lontis Message: Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' cipher_hw_generic_##mode has been renamed to ossl_cipher_hw_generic_##mode. There were a few missing renames for t4 in .inc files. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13213) View the changeset: https://github.com/openssl/openssl/compare/47b422c90aec...5723a8ec5149 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/193087766?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 27 07:33:16 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 07:33:16 +0000 Subject: Build failed: openssl master.37702 Message-ID: <20201027073316.1.D094C773E354AF38@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 27 07:49:58 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 07:49:58 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1603784998.357787.16332.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4292: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3151: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Tue Oct 27 08:40:19 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 08:40:19 +0000 Subject: Build completed: openssl master.37703 Message-ID: <20201027084019.1.AC09378A5EF9E312@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Oct 27 09:17:54 2020 From: levitte at openssl.org (Richard Levitte) Date: Tue, 27 Oct 2020 09:17:54 +0000 Subject: [openssl] master update Message-ID: <1603790274.090361.20444.nullmailer@dev.openssl.org> The branch master has been updated via 09803e9ce3a8a555e7014ebd11b4c80f9d300cf0 (commit) from 5723a8ec514930c7c49d080cd7a2b17a8f8c7afa (commit) - Log ----------------------------------------------------------------- commit 09803e9ce3a8a555e7014ebd11b4c80f9d300cf0 Author: Richard Levitte Date: Fri Oct 23 03:05:49 2020 +0200 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. Fixes #13221 Fixes #12743 Fixes #12078 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/13225) ----------------------------------------------------------------------- Summary of changes: configdata.pm.in | 2 +- util/dofile.pl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/configdata.pm.in b/configdata.pm.in index 71627b48ef..279b8f75c9 100644 --- a/configdata.pm.in +++ b/configdata.pm.in @@ -121,7 +121,7 @@ unless (caller) { use OpenSSL::fallback '{- sourcefile('external', 'perl', 'MODULES.txt') -}'; use OpenSSL::Template; - my $prepend = <<"_____"; + my $prepend = <<'_____'; use File::Spec::Functions; use lib '{- sourcedir('util', 'perl') -}'; use lib '{- sourcedir('Configurations') -}'; diff --git a/util/dofile.pl b/util/dofile.pl index 9453127d93..d1ed1e4098 100644 --- a/util/dofile.pl +++ b/util/dofile.pl @@ -71,7 +71,7 @@ sub errorcallback { my $prepend = <<"_____"; use File::Spec::Functions; -use lib "$FindBin::Bin/../Configurations"; +use lib '$FindBin::Bin/../Configurations'; use lib '$config{builddir}'; use platform; _____ From builds at travis-ci.com Tue Oct 27 10:39:02 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 27 Oct 2020 10:39:02 +0000 Subject: Still Failing: openssl/openssl#38231 (master - 09803e9) In-Reply-To: Message-ID: <5f97f8c618b54_13fb3d91abec8336678@travis-pro-tasks-5bf9d8d855-jbfss.mail> Build Update for openssl/openssl ------------------------------------- Build: #38231 Status: Still Failing Duration: 1 hr, 19 mins, and 49 secs Commit: 09803e9 (master) Author: Richard Levitte Message: configdata.pm.in, util/dofile.pl: Make a HERE document stricter. Fixes #13221 Fixes #12743 Fixes #12078 Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/13225) View the changeset: https://github.com/openssl/openssl/compare/5723a8ec5149...09803e9ce3a8 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/193132497?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 27 11:19:48 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 11:19:48 +0000 Subject: Build failed: openssl master.37704 Message-ID: <20201027111948.1.3825E6A76AD2E1CB@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 27 11:28:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 11:28:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1603798093.829001.29081.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 40D776B3237F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40E742263B7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40E742263B7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1572 wallclock secs (14.94 usr 1.43 sys + 1466.86 cusr 99.72 csys = 1582.95 CPU) Result: FAIL Makefile:3194: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3192: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 27 11:50:32 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 11:50:32 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1603799432.227833.16850.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 728 wallclock secs (12.94 usr 1.10 sys + 629.07 cusr 56.73 csys = 699.84 CPU) Result: FAIL Makefile:3199: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3197: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 27 12:26:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 12:26:27 +0000 Subject: Build completed: openssl master.37705 Message-ID: <20201027122627.1.DCD48CBBA719FCD8@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Tue Oct 27 14:14:05 2020 From: levitte at openssl.org (Richard Levitte) Date: Tue, 27 Oct 2020 14:14:05 +0000 Subject: [openssl] master update Message-ID: <1603808045.390461.13328.nullmailer@dev.openssl.org> The branch master has been updated via 28e1d588f14404d480cc2bd38827ecd587625643 (commit) from 09803e9ce3a8a555e7014ebd11b4c80f9d300cf0 (commit) - Log ----------------------------------------------------------------- commit 28e1d588f14404d480cc2bd38827ecd587625643 Author: Richard Levitte Date: Thu Oct 15 07:14:16 2020 +0200 DH: stop setting the private key length arbitrarily The private key length is supposed to be a user settable parameter. We do check if it's set or not, and if not, we do apply defaults. Fixes #12071 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13140) ----------------------------------------------------------------------- Summary of changes: crypto/dh/dh_backend.c | 2 +- crypto/dh/dh_key.c | 5 ++++- crypto/dh/dh_lib.c | 13 ------------- 3 files changed, 5 insertions(+), 15 deletions(-) diff --git a/crypto/dh/dh_backend.c b/crypto/dh/dh_backend.c index 1ce29e652d..cc8d064c4e 100644 --- a/crypto/dh/dh_backend.c +++ b/crypto/dh/dh_backend.c @@ -30,7 +30,7 @@ static int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]) ret = ossl_ffc_params_fromdata(ffc, params); if (ret) - dh_cache_named_group(dh); /* This increments dh->dirt_cnt */ + dh_cache_named_group(dh); /* This increments dh->dirty_cnt */ return ret; } diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 90802633a6..930b33a33b 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -277,7 +277,10 @@ static int generate_key(DH *dh) goto err; #else if (dh->params.q == NULL) { - /* secret exponent length */ + /* secret exponent length, must satisfy 2^(l-1) <= p */ + if (dh->length != 0 + && dh->length >= BN_num_bits(dh->params.p)) + goto err; l = dh->length ? dh->length : BN_num_bits(dh->params.p) - 1; if (!BN_priv_rand_ex(priv_key, l, BN_RAND_TOP_ONE, BN_RAND_BOTTOM_ANY, ctx)) diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 6280472ade..207e7b06c6 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -219,18 +219,6 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) ossl_ffc_params_set0_pqg(&dh->params, p, q, g); dh_cache_named_group(dh); - if (q != NULL) - dh->length = BN_num_bits(q); - /* - * Check if this is a named group. If it finds a named group then the - * 'q' and 'length' value are either already set or are set by the - * call. - */ - if (DH_get_nid(dh) == NID_undef) { - /* If its not a named group then set the 'length' if q is not NULL */ - if (q != NULL) - dh->length = BN_num_bits(q); - } dh->dirty_cnt++; return 1; } @@ -264,7 +252,6 @@ int DH_set0_key(DH *dh, BIGNUM *pub_key, BIGNUM *priv_key) if (priv_key != NULL) { BN_clear_free(dh->priv_key); dh->priv_key = priv_key; - dh->length = BN_num_bits(priv_key); } dh->dirty_cnt++; From openssl at openssl.org Tue Oct 27 14:27:33 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 14:27:33 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1603808853.144207.30532.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 716 wallclock secs (13.53 usr 1.30 sys + 650.13 cusr 66.23 csys = 731.19 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Tue Oct 27 15:36:18 2020 From: builds at travis-ci.com (Travis CI) Date: Tue, 27 Oct 2020 15:36:18 +0000 Subject: Still Failing: openssl/openssl#38234 (master - 28e1d58) In-Reply-To: Message-ID: <5f983e719986d_13fd1f72ac19c90354@travis-pro-tasks-765c45bd75-xnmw4.mail> Build Update for openssl/openssl ------------------------------------- Build: #38234 Status: Still Failing Duration: 1 hr, 20 mins, and 48 secs Commit: 28e1d58 (master) Author: Richard Levitte Message: DH: stop setting the private key length arbitrarily The private key length is supposed to be a user settable parameter. We do check if it's set or not, and if not, we do apply defaults. Fixes #12071 Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13140) View the changeset: https://github.com/openssl/openssl/compare/09803e9ce3a8...28e1d588f144 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/193462450?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 27 16:46:07 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 16:46:07 +0000 Subject: Build failed: openssl master.37707 Message-ID: <20201027164607.1.ACD5AB3E4DC0E90C@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 27 17:00:16 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 17:00:16 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1603818016.430971.4998.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D0FE1ED97F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0D0FE1ED97F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0D0FE1ED97F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/1SBFYnETUF default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0307716337F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0307716337F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0307716337F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0307716337F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0307716337F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0307716337F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/1SBFYnETUF fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 729 wallclock secs (13.59 usr 1.23 sys + 659.06 cusr 67.33 csys = 741.21 CPU) Result: FAIL Makefile:3182: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3180: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 27 18:04:05 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 18:04:05 +0000 Subject: Build completed: openssl master.37708 Message-ID: <20201027180405.1.06C32119F822C7B2@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 27 18:25:42 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 18:25:42 +0000 Subject: Build failed: openssl master.37709 Message-ID: <20201027182542.1.2F26F02AFAAE2B39@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Tue Oct 27 18:43:49 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 18:43:49 +0000 Subject: Build failed: openssl master.37710 Message-ID: <20201027184349.1.8E475610D9B578AF@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 27 19:12:50 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 19:12:50 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1603825970.668322.28456.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0203088077F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0203088077F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0203088077F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/zDSWbdEhbS default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090E3AA547F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090E3AA547F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090E3AA547F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090E3AA547F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C090E3AA547F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C090E3AA547F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/zDSWbdEhbS fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 726 wallclock secs (13.43 usr 1.23 sys + 655.87 cusr 67.76 csys = 738.29 CPU) Result: FAIL Makefile:3176: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3174: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Tue Oct 27 19:53:30 2020 From: no-reply at appveyor.com (AppVeyor) Date: Tue, 27 Oct 2020 19:53:30 +0000 Subject: Build completed: openssl master.37711 Message-ID: <20201027195330.1.E2F58D7355C19FB8@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Tue Oct 27 19:53:48 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 19:53:48 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1603828428.334044.1865.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: d1fb6b481b Constify OSSL_FUNC_keymgmt_validate() 85209c0745 Remove EVP_aes_(128|192|256)_siv functions fc1ccdffe9 enc: change the text to reference `-list` instead of the deprecated `-ciphers` a49d0a491c Rename EVP_KDF_reset() to EVP_KDF_CTX_reset(). 1ba21239dd Rename EVP_KDF_size() to EVP_KDF_CTX_get_kdf_size(). 90a2576b9b Rename EVP_MAC_size() to EVP_MAC_CTX_get_mac_size(). 4244504635 Remove ossl_prov_util_nid_to_name() 3d914185b7 Constify OSSL_FUNC_keymgmt_has() a135948dda Fix aarch64 static linking into shared libraries (see issue #10842 and pull request #11464) b78c777ee3 APPS: Implement load_keyparams() to load key parameters f31ac32001 Implement OpenSSL secure memory for Windows Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0401776D87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0401776D87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0401776D87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0401776D87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/KVWiJywq1s default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C080AFBF4C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C080AFBF4C7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C080AFBF4C7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C080AFBF4C7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/KVWiJywq1s fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 610 wallclock secs (11.00 usr 1.04 sys + 548.58 cusr 55.86 csys = 616.48 CPU) Result: FAIL Makefile:3184: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3182: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Tue Oct 27 23:49:29 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Tue, 27 Oct 2020 23:49:29 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1603842569.977162.13740.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 80C7DAD2997F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80C74B45507F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80C74B45507F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1424 wallclock secs (12.62 usr 1.56 sys + 1234.55 cusr 166.76 csys = 1415.49 CPU) Result: FAIL Makefile:2549: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2547: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 28 00:59:08 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 00:59:08 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-asm Message-ID: <1603846748.669721.3424.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): 60-test_x509_dup_cert.t ............ ok 60-test_x509_store.t ............... ok 60-test_x509_time.t ................ ok 61-test_bio_prefix.t ............... ok 65-test_cmp_asn.t .................. ok 65-test_cmp_client.t ............... ok 65-test_cmp_ctx.t .................. ok 65-test_cmp_hdr.t .................. ok 65-test_cmp_msg.t .................. ok 65-test_cmp_protect.t .............. ok 65-test_cmp_server.t ............... ok 65-test_cmp_status.t ............... ok 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok Makefile:3197: recipe for target '_tests' failed make[1]: *** [_tests] Terminated From openssl at openssl.org Wed Oct 28 01:46:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 01:46:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1603849573.706712.21278.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 717 wallclock secs (14.01 usr 1.44 sys + 641.30 cusr 68.09 csys = 724.84 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 28 04:26:19 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 04:26:19 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1603859179.453067.17085.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" chmod a+x apps/tsget.pl rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-eddsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-eddsa.o -c -o providers/implementations/signature/libimplementations-lib-eddsa.o ../openssl/providers/implementations/signature/eddsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. Makefile:21581: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3132: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Wed Oct 28 06:39:56 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 06:39:56 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1603867196.304155.3118.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0D07CD6E47F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C090EA54E97F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C090EA54E97F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0E0976C537F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0E0976C537F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 686 wallclock secs (13.65 usr 1.41 sys + 617.75 cusr 57.25 csys = 690.06 CPU) Result: FAIL Makefile:3130: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3128: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Wed Oct 28 07:02:51 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 07:02:51 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1603868571.310004.24390.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 745 wallclock secs (14.36 usr 1.53 sys + 655.23 cusr 68.00 csys = 739.12 CPU) Result: FAIL Makefile:3198: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3196: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 28 07:21:16 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 07:21:16 +0000 Subject: Build failed: openssl master.37715 Message-ID: <20201028072116.1.968D9E6BA81376BF@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 28 10:47:20 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 10:47:20 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1603882040.809636.12501.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 694 wallclock secs (11.04 usr 1.11 sys + 633.67 cusr 61.70 csys = 707.52 CPU) Result: FAIL Makefile:3162: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3160: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 28 10:51:23 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 10:51:23 +0000 Subject: Build completed: openssl master.37716 Message-ID: <20201028105123.1.B9919C67FB69F8F0@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 28 11:10:23 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 11:10:23 +0000 Subject: Build failed: openssl master.37718 Message-ID: <20201028111023.1.D369279C15AA3D48@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 28 11:41:21 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 11:41:21 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1603885281.293674.11131.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 721 wallclock secs (14.30 usr 1.36 sys + 646.64 cusr 66.29 csys = 728.59 CPU) Result: FAIL Makefile:3208: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3206: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 28 12:15:29 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 12:15:29 +0000 Subject: Build completed: openssl master.37719 Message-ID: <20201028121529.1.C37B2567C8860C94@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 28 13:02:43 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 13:02:43 +0000 Subject: Build failed: openssl master.37720 Message-ID: <20201028130243.1.C4C42FA6E1B554DA@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 28 13:50:36 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 13:50:36 +0000 Subject: Build failed: openssl master.37721 Message-ID: <20201028135036.1.F288E128B52A9F2F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 28 15:22:04 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 15:22:04 +0000 Subject: Build failed: openssl master.37722 Message-ID: <20201028152204.1.FD24B58CCF7DB210@appveyor.com> An HTML attachment was scrubbed... URL: From levitte at openssl.org Wed Oct 28 16:19:22 2020 From: levitte at openssl.org (Richard Levitte) Date: Wed, 28 Oct 2020 16:19:22 +0000 Subject: [openssl] master update Message-ID: <1603901962.146133.31324.nullmailer@dev.openssl.org> The branch master has been updated via 648cf9249e6ec60e0af50d5d903e05244b837cb0 (commit) from 28e1d588f14404d480cc2bd38827ecd587625643 (commit) - Log ----------------------------------------------------------------- commit 648cf9249e6ec60e0af50d5d903e05244b837cb0 Author: Randall S. Becker Date: Sat Oct 24 17:58:27 2020 -0400 Rewrite the HPE NonStop Notes file in Markdown with more explanations. CLA: Permission is granted by the author to the OpenSSL team to use these modifications. Fixes #13237 Signed-off-by: Randall S. Becker Reviewed-by: Matthias St. Pierre Reviewed-by: Dmitry Belyavskiy Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13238) ----------------------------------------------------------------------- Summary of changes: NOTES-NONSTOP.md | 183 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ NOTES.HPNS | 42 ------------- 2 files changed, 183 insertions(+), 42 deletions(-) create mode 100644 NOTES-NONSTOP.md delete mode 100644 NOTES.HPNS diff --git a/NOTES-NONSTOP.md b/NOTES-NONSTOP.md new file mode 100644 index 0000000000..0ad09bae8d --- /dev/null +++ b/NOTES-NONSTOP.md @@ -0,0 +1,183 @@ +NOTES FOR THE HPE NONSTOP PLATFORM +============================== + +Requirement details +------------------- + +In addition to the requirements and instructions listed +in [INSTALL.md](INSTALL.md), the following are required as well: + + * The TNS/X platform supports hardware randomization. + Specify the `--with-rand-seed=rdcpu` option to the `./Configure` script. + This is recommended but not required. `egd` is supported at 3.0 but cannot + be used if FIPS is selected. + * The TNS/E platform does not support hardware randomization, so + specify the `--with-rand-seed=egd` option to the `./Configure` script. + +About c99 compiler +------------------ + +The c99 compiler is required for building OpenSSL from source. While c11 +may work, it has not been broadly tested. c99 is the only compiler +prerequisite needed to build OpenSSL 3.0 on this platform. You should also +have the FLOSS package installed on your system. The ITUGLIB FLOSS package +is the only FLOSS variant that has been broadly tested. + +Threading Models +---------------- + +OpenSSL can be built using unthreaded, POSIX User Threads (PUT), or Standard +POSIX Threads (SPT). Select the following build configuration for each on +the TNS/X (L-Series) platform: + + * `nonstop-nsx` or default will select an unthreaded build. + * `nonstop-nsx_put` selects the PUT build. + * `nonstop-nsx_64_put` selects the 64 bit file length PUT build. + * `nonstop-nsx_spt_floss` selects the SPT build with FLOSS. FLOSS is + required for SPT builds because of a known hang when using SPT on its own. + +### TNS/E Considerations + +The TNS/E platform is build using the same set of builds specifying `nse` +instead of `nsx` in the set above. + +You cannot build for TNS/E for FIPS, so you must specify the `no-fips` +option to `./Configure` + +About Prefix and OpenSSLDir +--------------------------- + +Because there are many potential builds that must co-exist on any given +NonStop node, managing the location of your build distribution is crucial. +Keep each destination separate and distinct. Mixing any mode described in +this document can cause application instability. The recommended approach +is to specify the OpenSSL version and threading model in your configuration +options, and keeping your memory and float options consistent, for example: + + * For 1.1 `--prefix=/usr/local-ssl1.1 --openssldir=/usr/local-ssl1.1/ssl` + * For 1.1 PUT `--prefix=/usr/local-ssl1.1_put --openssldir=/usr/local-ssl1.1_put/ssl` + * For 3.0 `--prefix=/usr/local-ssl3.0 --openssldir=/usr/local-ssl3.0/ssl` + * For 3.0 PUT `--prefix=/usr/local-ssl3.0_put --openssldir=/usr/local-ssl3.0_put/ssl` + +Use the `_RLD_LIB_PATH` environment variable in OSS to select the appropriate +directory containing `libcrypto.so` and `libssl.so`. In GUARDIAN, use the +`=_RLD_LIB_PATH` search define to locate the GUARDIAN subvolume where OpenSSL +is installed. + +Float Considerations +-------------------- + +OpenSSL is built using IEEE Float mode by default. If you need a different +IEEE mode, create a new configuration specifying `tfloat-x86-64` (for Tandem +Float) or `nfloat-x86-64` (for Neutral Float). + +Memory Models +------------- + +The current OpenSSL default memory model uses the default platform address +model. If you need a different address model, you must specify the appropriate +c99 options for compile (`CFLAGS`) and linkers (`LDFLAGS`). + +Cross Compiling with NSDEE +-------------------------- + +**Note:** None of these builds have been tested by the platform maintainer and are +supplied for historical value. Please submit a Pull Request to OpenSSL should +these need to be adjusted. + +If you are attempting to build OpenSSL with NSDEE, you will need to specify +the following variables. The following set of compiler defines are required: + + # COMP_ROOT must be a full path for the build system (e.g. windows) + COMP_ROOT=$(cygpath -w /path/to/comp_root) + # CC must be executable by your shell + CC=/path/to/c99 + +### Optional Build Variables + + DBGFLAG="--debug" + CIPHENABLES="enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-rc4" + +### Internal Known TNS/X to TNS/E Cross Compile Variables + +The following definition is required if you are building on TNS/X for TNS/E +and have access to a TNS/E machine on your EXPAND network - with an example +node named `\CS3`: + + SYSTEMLIBS="-L/E/cs3/usr/local/lib" + +Version Procedure (VPROC) Considerations +---------------------------------------- + +If you require a VPROC entry for platform version identification, use the +following variables: + +### For Itanium + + OPENSSL_VPROC_PREFIX=T0085H06 + +### For x86 + + OPENSSL_VPROC_PREFIX=T0085L01 + +### Common Definition + + export OPENSSL_VPROC=${OPENSSL_VPROC_PREFIX}_$( + . VERSION.dat + if [ -n "$PRE_RELEASE_TAG" ]; then + PRE_RELEASE_TAG="-$PRE_RELEASE_TAG" + fi + echo "$MAJOR.$MINOR.$PATCH$PRE_RELEASE_TAG$BUILD_METADATA" |\ + sed -e 's/[-.+]/_/g' + ) + +Example Configure Targets +------------------------- + +For OSS targets, the main DLL names will be `libssl.so` and `libcrypto.so`. +For GUARDIAN targets, DLL names will be `ssl` and `crypto`. The following +assumes that your PWD is set according to your installation standards. + + ./Configure nonstop-nsx --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=rdcpu ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nsx_g --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=rdcpu ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nsx_put --prefix=${PWD} \ + --openssldir=${PWD}/ssl threads "-D_REENTRANT" \ + --with-rand-seed=rdcpu ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nsx_spt_floss --prefix=${PWD} \ + --openssldir=${PWD}/ssl threads "-D_REENTRANT" \ + --with-rand-seed=rdcpu ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nsx_64 --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=rdcpu ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nsx_64_put --prefix=${PWD} \ + --openssldir=${PWD}/ssl threads "-D_REENTRANT" \ + --with-rand-seed=rdcpu ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nsx_g_tandem --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=rdcpu ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + + ./Configure nonstop-nse --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nse_g --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nse_put --prefix=${PWD} \ + --openssldir=${PWD}/ssl threads "-D_REENTRANT" \ + --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nse_spt_floss --prefix=${PWD} \ + --openssldir=${PWD}/ssl threads "-D_REENTRANT" \ + --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nse_64 --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nse_64_put --prefix=${PWD} \ + --openssldir=${PWD}/ssl threads "-D_REENTRANT" + --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} + ./Configure nonstop-nse_g_tandem --prefix=${PWD} \ + --openssldir=${PWD}/ssl no-threads \ + --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} diff --git a/NOTES.HPNS b/NOTES.HPNS deleted file mode 100644 index 359f18b3a8..0000000000 --- a/NOTES.HPNS +++ /dev/null @@ -1,42 +0,0 @@ -## Probably have to be set: -# COMP_ROOT=$(cygpath -w /path/to/comp_rooot) # must be path format for system (ie windows) -# CC=/path/to/c99 # must be executable by shell - -## Optionally -# DBGFLAG="--debug" -# CIPHENABLES="enable-ssl3 enable-ssl3-method enable-weak-ssl-ciphers enable-rc4" -# onplatform cross compile (nsx->nsi): SYSTEMLIBS="-L/E/cs3/usr/local/lib" -## VPROC -## For Itanium: -# OPENSSL_VPROC_PREFIX=T0085H06 -## For X86: -# OPENSSL_VPROC_PREFIX=T0085L01 -# export OPENSSL_VPROC=${OPENSSL_VPROC_PREFIX}_$(cat include/openssl/opensslv.h |\ -# sed -n -e 's/^ *# *define *OPENSSL_VERSION_TEXT[^"]*"\([^"]*\)"/\1/p' |\ -# sed -e 's/[. ]/_/g' -e 's/[.-]/_/g' |\ -# grep -v fips \ -# ) - -## Current Configure targets -# Guardian targets' libraries will have so-names 'ssl' and 'crypto' -./Configure nonstop-nsx --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nsx_g --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nsx_put --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine threads "-D_REENTRANT" --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nsx_spt --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine threads "-D_REENTRANT" --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nsx_64 --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nsx_64_put --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine threads "-D_REENTRANT" --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nsx_g_tandem --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} - -./Configure nonstop-nse --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nse_g --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nse_put --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine threads "-D_REENTRANT" --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nse_spt --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine threads "-D_REENTRANT" --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nse_64 --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nse_64_put --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine threads "-D_REENTRANT" --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} -./Configure nonstop-nse_g_tandem --prefix=${PWD}/install --openssldir=${PWD}/install no-dynamic-engine no-threads --with-rand-seed=egd ${CIPHENABLES} ${DBGFLAG} ${SYSTEMLIBS} - -## Build loop: -# Configure <...> -# Make -# ... -# Make install From builds at travis-ci.com Wed Oct 28 17:41:08 2020 From: builds at travis-ci.com (Travis CI) Date: Wed, 28 Oct 2020 17:41:08 +0000 Subject: Still Failing: openssl/openssl#38250 (master - 648cf92) In-Reply-To: Message-ID: <5f99ad34802f2_13fbf86598668263848@travis-pro-tasks-55cf747455-xjsjf.mail> Build Update for openssl/openssl ------------------------------------- Build: #38250 Status: Still Failing Duration: 1 hr, 19 mins, and 55 secs Commit: 648cf92 (master) Author: Randall S. Becker Message: Rewrite the HPE NonStop Notes file in Markdown with more explanations. CLA: Permission is granted by the author to the OpenSSL team to use these modifications. Fixes #13237 Signed-off-by: Randall S. Becker Reviewed-by: Matthias St. Pierre Reviewed-by: Dmitry Belyavskiy Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13238) View the changeset: https://github.com/openssl/openssl/compare/28e1d588f144...648cf9249e6e View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/194786970?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 28 18:50:37 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 18:50:37 +0000 Subject: Build failed: openssl master.37723 Message-ID: <20201028185037.1.AF742E00E9C7D83C@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 28 19:14:22 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 19:14:22 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1603912462.693823.13782.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 774 wallclock secs (14.27 usr 1.43 sys + 658.42 cusr 67.87 csys = 741.99 CPU) Result: FAIL Makefile:3191: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3189: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 28 20:28:11 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 20:28:11 +0000 Subject: Build failed: openssl master.37727 Message-ID: <20201028202811.1.EF703F5D678F84F3@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Wed Oct 28 21:21:08 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Wed, 28 Oct 2020 21:21:08 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1603920068.568809.8088.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 577 wallclock secs ( 8.98 usr 1.31 sys + 516.40 cusr 52.57 csys = 579.26 CPU) Result: FAIL Makefile:2410: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2408: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Wed Oct 28 21:37:14 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 21:37:14 +0000 Subject: Build completed: openssl master.37728 Message-ID: <20201028213714.1.F1B93A025B2AA0E2@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Wed Oct 28 22:47:30 2020 From: no-reply at appveyor.com (AppVeyor) Date: Wed, 28 Oct 2020 22:47:30 +0000 Subject: Build failed: openssl master.37729 Message-ID: <20201028224730.1.2D8ECDC10AAD4F5E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 29 01:59:19 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 29 Oct 2020 01:59:19 +0000 Subject: Build completed: openssl master.37730 Message-ID: <20201029015919.1.0CF29DFF21CC863A@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 29 03:06:59 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 03:06:59 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1603940819.796550.31882.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4286: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3145: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Thu Oct 29 03:52:18 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 03:52:18 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1603943538.903336.6631.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C0F0EF42847F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 754 wallclock secs (14.76 usr 1.41 sys + 674.60 cusr 69.12 csys = 759.89 CPU) Result: FAIL Makefile:3194: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3192: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 29 06:37:30 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 29 Oct 2020 06:37:30 +0000 Subject: Build failed: openssl master.37732 Message-ID: <20201029063730.1.C8673DBEDB4CFD98@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 29 07:22:37 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 29 Oct 2020 07:22:37 +0000 Subject: Build failed: openssl master.37733 Message-ID: <20201029072237.1.243FE5529593CE69@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 29 07:46:58 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 07:46:58 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1603957618.297174.8867.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4281: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3140: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Thu Oct 29 09:41:23 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 29 Oct 2020 09:41:23 +0000 Subject: Build completed: openssl master.37734 Message-ID: <20201029094123.1.05C5AA9F0241E1D7@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 29 11:24:58 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 11:24:58 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1603970698.902772.17846.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 4027D921F37F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40B72D26047F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40B72D26047F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1602 wallclock secs (14.47 usr 1.40 sys + 1499.53 cusr 97.36 csys = 1612.76 CPU) Result: FAIL Makefile:3206: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3204: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 29 11:48:16 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 11:48:16 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1603972096.167558.5686.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 789 wallclock secs (14.46 usr 1.53 sys + 670.57 cusr 68.34 csys = 754.90 CPU) Result: FAIL Makefile:3186: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3184: recipe for target 'tests' failed make: *** [tests] Error 2 From beldmit at gmail.com Thu Oct 29 13:39:00 2020 From: beldmit at gmail.com (beldmit at gmail.com) Date: Thu, 29 Oct 2020 13:39:00 +0000 Subject: [openssl] master update Message-ID: <1603978740.586866.20103.nullmailer@dev.openssl.org> The branch master has been updated via 728d03b576f360e72bbddc7e751433575430af3b (commit) from 648cf9249e6ec60e0af50d5d903e05244b837cb0 (commit) - Log ----------------------------------------------------------------- commit 728d03b576f360e72bbddc7e751433575430af3b Author: Pauli Date: Wed Oct 28 19:35:38 2020 +1000 afalg: add a NULL pointer check Fixes #13260 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13261) ----------------------------------------------------------------------- Summary of changes: engines/e_afalg.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/engines/e_afalg.c b/engines/e_afalg.c index 3b48ffb360..24a1aa900c 100644 --- a/engines/e_afalg.c +++ b/engines/e_afalg.c @@ -681,6 +681,9 @@ static cbc_handles *get_cipher_handle(int nid) static const EVP_CIPHER *afalg_aes_cbc(int nid) { cbc_handles *cipher_handle = get_cipher_handle(nid); + + if (cipher_handle == NULL) + return NULL; if (cipher_handle->_hidden == NULL && ((cipher_handle->_hidden = EVP_CIPHER_meth_new(nid, From openssl at openssl.org Thu Oct 29 14:24:54 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 14:24:54 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1603981494.770774.19692.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 720 wallclock secs (13.91 usr 1.40 sys + 650.68 cusr 64.41 csys = 730.40 CPU) Result: FAIL Makefile:3186: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3184: recipe for target 'tests' failed make: *** [tests] Error 2 From builds at travis-ci.com Thu Oct 29 15:17:57 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 29 Oct 2020 15:17:57 +0000 Subject: Still Failing: openssl/openssl#38263 (master - 728d03b) In-Reply-To: Message-ID: <5f9add247e0f3_13fbf20fa95f035152a@travis-pro-tasks-57cc7cc98d-sjfsb.mail> Build Update for openssl/openssl ------------------------------------- Build: #38263 Status: Still Failing Duration: 1 hr, 22 mins, and 44 secs Commit: 728d03b (master) Author: Pauli Message: afalg: add a NULL pointer check Fixes #13260 Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13261) View the changeset: https://github.com/openssl/openssl/compare/648cf9249e6e...728d03b576f3 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/195658938?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Thu Oct 29 16:17:52 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 29 Oct 2020 16:17:52 +0000 Subject: Build failed: openssl master.37736 Message-ID: <20201029161752.1.B1E5FBD6240435E7@appveyor.com> An HTML attachment was scrubbed... URL: From tmraz at fedoraproject.org Thu Oct 29 16:19:44 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Thu, 29 Oct 2020 16:19:44 +0000 Subject: [openssl] master update Message-ID: <1603988384.987613.1785.nullmailer@dev.openssl.org> The branch master has been updated via fcf6e9d056162d5af64c6f7209388a5c3be2ce57 (commit) from 728d03b576f360e72bbddc7e751433575430af3b (commit) - Log ----------------------------------------------------------------- commit fcf6e9d056162d5af64c6f7209388a5c3be2ce57 Author: Ard Biesheuvel Date: Tue Oct 27 18:02:40 2020 +0100 crypto/poly1305/asm: fix armv8 pointer authentication PAC pointer authentication signs the return address against the value of the stack pointer, to prevent stack overrun exploits from corrupting the control flow. However, this requires that the AUTIASP is issued with SP holding the same value as it held when the PAC value was generated. The Poly1305 armv8 code got this wrong, resulting in crashes on PAC capable hardware. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13256) ----------------------------------------------------------------------- Summary of changes: crypto/poly1305/asm/poly1305-armv8.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/poly1305/asm/poly1305-armv8.pl b/crypto/poly1305/asm/poly1305-armv8.pl index d2d875ad6c..113a2151b6 100755 --- a/crypto/poly1305/asm/poly1305-armv8.pl +++ b/crypto/poly1305/asm/poly1305-armv8.pl @@ -866,8 +866,8 @@ poly1305_blocks_neon: st1 {$ACC4}[0],[$ctx] .Lno_data_neon: - .inst 0xd50323bf // autiasp ldr x29,[sp],#80 + .inst 0xd50323bf // autiasp ret .size poly1305_blocks_neon,.-poly1305_blocks_neon From tmraz at fedoraproject.org Thu Oct 29 16:20:29 2020 From: tmraz at fedoraproject.org (tmraz at fedoraproject.org) Date: Thu, 29 Oct 2020 16:20:29 +0000 Subject: [openssl] OpenSSL_1_1_1-stable update Message-ID: <1603988429.299823.2904.nullmailer@dev.openssl.org> The branch OpenSSL_1_1_1-stable has been updated via 5795acffd8706e1cb584284ee5bb3a30986d0e75 (commit) from 8979ffee95043baffa51887b1d43d9b07f9fae1b (commit) - Log ----------------------------------------------------------------- commit 5795acffd8706e1cb584284ee5bb3a30986d0e75 Author: Ard Biesheuvel Date: Tue Oct 27 18:02:40 2020 +0100 crypto/poly1305/asm: fix armv8 pointer authentication PAC pointer authentication signs the return address against the value of the stack pointer, to prevent stack overrun exploits from corrupting the control flow. However, this requires that the AUTIASP is issued with SP holding the same value as it held when the PAC value was generated. The Poly1305 armv8 code got this wrong, resulting in crashes on PAC capable hardware. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13256) (cherry picked from commit fcf6e9d056162d5af64c6f7209388a5c3be2ce57) ----------------------------------------------------------------------- Summary of changes: crypto/poly1305/asm/poly1305-armv8.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/poly1305/asm/poly1305-armv8.pl b/crypto/poly1305/asm/poly1305-armv8.pl index d07494bd18..2a42b64a92 100755 --- a/crypto/poly1305/asm/poly1305-armv8.pl +++ b/crypto/poly1305/asm/poly1305-armv8.pl @@ -864,8 +864,8 @@ poly1305_blocks_neon: st1 {$ACC4}[0],[$ctx] .Lno_data_neon: - .inst 0xd50323bf // autiasp ldr x29,[sp],#80 + .inst 0xd50323bf // autiasp ret .size poly1305_blocks_neon,.-poly1305_blocks_neon From openssl at openssl.org Thu Oct 29 16:59:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 16:59:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1603990753.582354.26189.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A039B6137F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A039B6137F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A039B6137F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/cTSOI7JNg0 default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A0F201887F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A0F201887F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A0F201887F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A0F201887F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A0F201887F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A0F201887F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/cTSOI7JNg0 fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 746 wallclock secs (14.33 usr 1.32 sys + 669.30 cusr 68.01 csys = 752.96 CPU) Result: FAIL Makefile:3181: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3179: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Thu Oct 29 17:37:56 2020 From: no-reply at appveyor.com (AppVeyor) Date: Thu, 29 Oct 2020 17:37:56 +0000 Subject: Build completed: openssl master.37737 Message-ID: <20201029173756.1.D71C8524115DAB8A@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Thu Oct 29 18:26:30 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 29 Oct 2020 18:26:30 +0000 Subject: Still Failing: openssl/openssl#38267 (master - fcf6e9d) In-Reply-To: Message-ID: <5f9b0955ebfa0_13fe6374ac6286260cd@travis-pro-tasks-5c7dc97886-wwrzv.mail> Build Update for openssl/openssl ------------------------------------- Build: #38267 Status: Still Failing Duration: 1 hr, 20 mins, and 40 secs Commit: fcf6e9d (master) Author: Ard Biesheuvel Message: crypto/poly1305/asm: fix armv8 pointer authentication PAC pointer authentication signs the return address against the value of the stack pointer, to prevent stack overrun exploits from corrupting the control flow. However, this requires that the AUTIASP is issued with SP holding the same value as it held when the PAC value was generated. The Poly1305 armv8 code got this wrong, resulting in crashes on PAC capable hardware. Reviewed-by: Paul Dale Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/13256) View the changeset: https://github.com/openssl/openssl/compare/728d03b576f3...fcf6e9d05616 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/195873675?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 29 19:12:41 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 19:12:41 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1603998761.518088.17548.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E093C2457F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E093C2457F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E093C2457F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/UeZl1u8jj7 default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070B44E957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070B44E957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070B44E957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070B44E957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C070B44E957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C070B44E957F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/UeZl1u8jj7 fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 738 wallclock secs (13.95 usr 1.41 sys + 661.67 cusr 69.26 csys = 746.29 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Thu Oct 29 19:57:00 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 19:57:00 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1604001420.447752.23449.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: 28e1d588f1 DH: stop setting the private key length arbitrarily 09803e9ce3 configdata.pm.in, util/dofile.pl: Make a HERE document stricter. 5723a8ec51 Fix sparc t4 build error 'undefined symbol: cipher_hw_generic_cbc' 47b422c90a Ensure we raise SSLfatal on error 22dddfb925 APPS: Remove the format argument where it's not used b6120b5f54 Add parentheses to fix PCLINT Info:773 Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0B0E4D6B87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0B0E4D6B87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0B0E4D6B87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0B0E4D6B87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/kF7UeyB8Qr default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0204107A37F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0204107A37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0204107A37F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0204107A37F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/kF7UeyB8Qr fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 698 wallclock secs (12.49 usr 1.40 sys + 622.90 cusr 65.61 csys = 702.40 CPU) Result: FAIL Makefile:3187: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3185: recipe for target 'tests' failed make: *** [tests] Error 2 From kaduk at mit.edu Thu Oct 29 20:24:20 2020 From: kaduk at mit.edu (kaduk at mit.edu) Date: Thu, 29 Oct 2020 20:24:20 +0000 Subject: [openssl] master update Message-ID: <1604003060.398386.3532.nullmailer@dev.openssl.org> The branch master has been updated via 231849bc9ca69dfd3adf40821421d8e2d804d8e8 (commit) from fcf6e9d056162d5af64c6f7209388a5c3be2ce57 (commit) - Log ----------------------------------------------------------------- commit 231849bc9ca69dfd3adf40821421d8e2d804d8e8 Author: Benjamin Kaduk Date: Sun Sep 27 15:01:12 2020 -0700 Unify ssl3_get_cipher_by_std_name() implementation The handling for the SCSVs was the same as for regular ciphers; just merge them into the same table-driven handler. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13010) ----------------------------------------------------------------------- Summary of changes: ssl/s3_lib.c | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c index 1fd424a52e..073fae49b0 100644 --- a/ssl/s3_lib.c +++ b/ssl/s3_lib.c @@ -4122,9 +4122,10 @@ const SSL_CIPHER *ssl3_get_cipher_by_id(uint32_t id) const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname) { - SSL_CIPHER *c = NULL, *tbl; - SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers}; - size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS}; + SSL_CIPHER *tbl; + SSL_CIPHER *alltabs[] = {tls13_ciphers, ssl3_ciphers, ssl3_scsvs}; + size_t i, j, tblsize[] = {TLS13_NUM_CIPHERS, SSL3_NUM_CIPHERS, + SSL3_NUM_SCSVS}; /* this is not efficient, necessary to optimize this? */ for (j = 0; j < OSSL_NELEM(alltabs); j++) { @@ -4136,16 +4137,7 @@ const SSL_CIPHER *ssl3_get_cipher_by_std_name(const char *stdname) } } } - if (c == NULL) { - tbl = ssl3_scsvs; - for (i = 0; i < SSL3_NUM_SCSVS; i++, tbl++) { - if (strcmp(stdname, tbl->stdname) == 0) { - c = tbl; - break; - } - } - } - return c; + return NULL; } /* From builds at travis-ci.com Thu Oct 29 22:48:18 2020 From: builds at travis-ci.com (Travis CI) Date: Thu, 29 Oct 2020 22:48:18 +0000 Subject: Still Failing: openssl/openssl#38275 (master - 231849b) In-Reply-To: Message-ID: <5f9b46b249b60_13f80eb68ffa0430560@travis-pro-tasks-84675c8dcb-mf2br.mail> Build Update for openssl/openssl ------------------------------------- Build: #38275 Status: Still Failing Duration: 1 hr, 25 mins, and 11 secs Commit: 231849b (master) Author: Benjamin Kaduk Message: Unify ssl3_get_cipher_by_std_name() implementation The handling for the SCSVs was the same as for regular ciphers; just merge them into the same table-driven handler. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13010) View the changeset: https://github.com/openssl/openssl/compare/fcf6e9d05616...231849bc9ca6 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/196151895?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu Oct 29 23:48:52 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Thu, 29 Oct 2020 23:48:52 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Message-ID: <1604015332.869708.2719.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-asan no-shared -DOPENSSL_SMALL_FOOTPRINT Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 8027FF372A7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80B7BD96797F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 80B7BD96797F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3177, 1412 wallclock secs (12.64 usr 1.47 sys + 1230.14 cusr 164.35 csys = 1408.60 CPU) Result: FAIL Makefile:2558: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-asan' Makefile:2556: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 30 00:56:57 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 00:56:57 +0000 Subject: SUCCESSFUL build of OpenSSL branch master with options -d --strict-warnings no-asm Message-ID: <1604019417.636395.24750.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-asm Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. From openssl at openssl.org Fri Oct 30 01:43:54 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 01:43:54 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-autoerrinit Message-ID: <1604022234.274953.10040.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-autoerrinit Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 729 wallclock secs (14.16 usr 1.42 sys + 653.18 cusr 66.31 csys = 735.07 CPU) Result: FAIL Makefile:3205: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-autoerrinit' Makefile:3203: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 30 03:50:38 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 03:50:38 +0000 Subject: Build failed: openssl master.37748 Message-ID: <20201030035038.1.6EF01DA6D767B7D3@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 04:17:25 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 04:17:25 +0000 Subject: Build failed: openssl OpenSSL_1_1_1-stable.37749 Message-ID: <20201030041725.1.DB733021A38845B3@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 30 04:20:02 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 04:20:02 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-cms Message-ID: <1604031602.626197.6006.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-cms Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.d.tmp -MT test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o -c -o test/ssl_cert_table_internal_test-bin-ssl_cert_table_internal_test.o ../openssl/test/ssl_cert_table_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_ctx_test-bin-ssl_ctx_test.d.tmp -MT test/ssl_ctx_test-bin-ssl_ctx_test.o -c -o test/ssl_ctx_test-bin-ssl_ctx_test.o ../openssl/test/ssl_ctx_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-handshake_helper.d.tmp -MT test/ssl_test-bin-handshake_helper.o -c -o test/ssl_test-bin-handshake_helper.o ../openssl/test/handshake_helper.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test.d.tmp -MT test/ssl_test-bin-ssl_test.o -c -o test/ssl_test-bin-ssl_test.o ../openssl/test/ssl_test.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test-bin-ssl_test_ctx.o -c -o test/ssl_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx.o ../openssl/test/ssl_test_ctx.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssl_test_ctx_test-bin-ssl_test_ctx_test.d.tmp -MT test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o -c -o test/ssl_test_ctx_test-bin-ssl_test_ctx_test.o ../openssl/test/ssl_test_ctx_test.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-filterprov.d.tmp -MT test/sslapitest-bin-filterprov.o -c -o test/sslapitest-bin-filterprov.o ../openssl/test/filterprov.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-sslapitest.d.tmp -MT test/sslapitest-bin-sslapitest.o -c -o test/sslapitest-bin-sslapitest.o ../openssl/test/sslapitest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-ssltestlib.d.tmp -MT test/sslapitest-bin-ssltestlib.o -c -o test/sslapitest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I. -I../openssl/include -I../openssl/apps/include -I../openssl -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslapitest-bin-tls-provider.d.tmp -MT test/sslapitest-bin-tls-provider.o -c -o test/sslapitest-bin-tls-provider.o ../openssl/test/tls-provider.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-sslbuffertest.d.tmp -MT test/sslbuffertest-bin-sslbuffertest.o -c -o test/sslbuffertest-bin-sslbuffertest.o ../openssl/test/sslbuffertest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslbuffertest-bin-ssltestlib.d.tmp -MT test/sslbuffertest-bin-ssltestlib.o -c -o test/sslbuffertest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-sslcorrupttest.d.tmp -MT test/sslcorrupttest-bin-sslcorrupttest.o -c -o test/sslcorrupttest-bin-sslcorrupttest.o ../openssl/test/sslcorrupttest.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sslcorrupttest-bin-ssltestlib.d.tmp -MT test/sslcorrupttest-bin-ssltestlib.o -c -o test/sslcorrupttest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/ssltest_old-bin-ssltest_old.d.tmp -MT test/ssltest_old-bin-ssltest_old.o -c -o test/ssltest_old-bin-ssltest_old.o ../openssl/test/ssltest_old.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/stack_test-bin-stack_test.d.tmp -MT test/stack_test-bin-stack_test.o -c -o test/stack_test-bin-stack_test.o ../openssl/test/stack_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/sysdefaulttest-bin-sysdefaulttest.d.tmp -MT test/sysdefaulttest-bin-sysdefaulttest.o -c -o test/sysdefaulttest-bin-sysdefaulttest.o ../openssl/test/sysdefaulttest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/test_test-bin-test_test.d.tmp -MT test/test_test-bin-test_test.o -c -o test/test_test-bin-test_test.o ../openssl/test/test_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/threadstest-bin-threadstest.d.tmp -MT test/threadstest-bin-threadstest.o -c -o test/threadstest-bin-threadstest.o ../openssl/test/threadstest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/time_offset_test-bin-time_offset_test.d.tmp -MT test/time_offset_test-bin-time_offset_test.o -c -o test/time_offset_test-bin-time_offset_test.o ../openssl/test/time_offset_test.c clang -I. -Iinclude -I../openssl -I../openssl/include -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-ssltestlib.d.tmp -MT test/tls13ccstest-bin-ssltestlib.o -c -o test/tls13ccstest-bin-ssltestlib.o ../openssl/test/ssltestlib.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13ccstest-bin-tls13ccstest.d.tmp -MT test/tls13ccstest-bin-tls13ccstest.o -c -o test/tls13ccstest-bin-tls13ccstest.o ../openssl/test/tls13ccstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13encryptiontest-bin-tls13encryptiontest.d.tmp -MT test/tls13encryptiontest-bin-tls13encryptiontest.o -c -o test/tls13encryptiontest-bin-tls13encryptiontest.o ../openssl/test/tls13encryptiontest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/tls13secretstest-bin-packet.d.tmp -MT crypto/tls13secretstest-bin-packet.o -c -o crypto/tls13secretstest-bin-packet.o ../openssl/crypto/packet.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF ssl/tls13secretstest-bin-tls13_enc.d.tmp -MT ssl/tls13secretstest-bin-tls13_enc.o -c -o ssl/tls13secretstest-bin-tls13_enc.o ../openssl/ssl/tls13_enc.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -DOPENSSL_NO_KTLS -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/tls13secretstest-bin-tls13secretstest.d.tmp -MT test/tls13secretstest-bin-tls13secretstest.o -c -o test/tls13secretstest-bin-tls13secretstest.o ../openssl/test/tls13secretstest.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/uitest-bin-apps_ui.d.tmp -MT apps/lib/uitest-bin-apps_ui.o -c -o apps/lib/uitest-bin-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/uitest-bin-uitest.d.tmp -MT test/uitest-bin-uitest.o -c -o test/uitest-bin-uitest.o ../openssl/test/uitest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3ext-bin-v3ext.d.tmp -MT test/v3ext-bin-v3ext.o -c -o test/v3ext-bin-v3ext.o ../openssl/test/v3ext.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/v3nametest-bin-v3nametest.d.tmp -MT test/v3nametest-bin-v3nametest.o -c -o test/v3nametest-bin-v3nametest.o ../openssl/test/v3nametest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/verify_extra_test-bin-verify_extra_test.d.tmp -MT test/verify_extra_test-bin-verify_extra_test.o -c -o test/verify_extra_test-bin-verify_extra_test.o ../openssl/test/verify_extra_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/versions-bin-versions.d.tmp -MT test/versions-bin-versions.o -c -o test/versions-bin-versions.o ../openssl/test/versions.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/wpackettest-bin-wpackettest.d.tmp -MT test/wpackettest-bin-wpackettest.o -c -o test/wpackettest-bin-wpackettest.o ../openssl/test/wpackettest.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.d.tmp -MT test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o -c -o test/x509_check_cert_pkey_test-bin-x509_check_cert_pkey_test.o ../openssl/test/x509_check_cert_pkey_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_dup_cert_test-bin-x509_dup_cert_test.d.tmp -MT test/x509_dup_cert_test-bin-x509_dup_cert_test.o -c -o test/x509_dup_cert_test-bin-x509_dup_cert_test.o ../openssl/test/x509_dup_cert_test.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_internal_test-bin-x509_internal_test.d.tmp -MT test/x509_internal_test-bin-x509_internal_test.o -c -o test/x509_internal_test-bin-x509_internal_test.o ../openssl/test/x509_internal_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509_time_test-bin-x509_time_test.d.tmp -MT test/x509_time_test-bin-x509_time_test.o -c -o test/x509_time_test-bin-x509_time_test.o ../openssl/test/x509_time_test.c clang -Iinclude -Iapps/include -I../openssl/include -I../openssl/apps/include -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_BUILDING_OPENSSL -MMD -MF test/x509aux-bin-x509aux.d.tmp -MT test/x509aux-bin-x509aux.o -c -o test/x509aux-bin-x509aux.o ../openssl/test/x509aux.c /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/CA.pl.in > "apps/CA.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/apps/tsget.in > "apps/tsget.pl" /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/tools/c_rehash.in > "tools/c_rehash" chmod a+x apps/CA.pl /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" \ "-oMakefile" ../openssl/util/shlib_wrap.sh.in > "util/shlib_wrap.sh" rm -f apps/libapps.a ar qc apps/libapps.a apps/lib/libapps-lib-app_params.o apps/lib/libapps-lib-app_provider.o apps/lib/libapps-lib-app_rand.o apps/lib/libapps-lib-app_x509.o apps/lib/libapps-lib-apps.o apps/lib/libapps-lib-apps_ui.o apps/lib/libapps-lib-columns.o apps/lib/libapps-lib-engine.o apps/lib/libapps-lib-fmt.o apps/lib/libapps-lib-http_server.o apps/lib/libapps-lib-names.o apps/lib/libapps-lib-opt.o apps/lib/libapps-lib-s_cb.o apps/lib/libapps-lib-s_socket.o ranlib apps/libapps.a || echo Never mind. chmod a+x apps/tsget.pl clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aes-x86_64.o crypto/aes/aes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-mb-x86_64.o crypto/aes/aesni-mb-x86_64.s chmod a+x tools/c_rehash clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha1-x86_64.o crypto/aes/aesni-sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-sha256-x86_64.o crypto/aes/aesni-sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-aesni-x86_64.o crypto/aes/aesni-x86_64.s chmod a+x util/shlib_wrap.sh clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-bsaes-x86_64.o crypto/aes/bsaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/aes/libcrypto-lib-vpaes-x86_64.o crypto/aes/vpaes-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-avx2.o crypto/bn/rsaz-avx2.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-rsaz-x86_64.o crypto/bn/rsaz-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-gf2m.o crypto/bn/x86_64-gf2m.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont.o crypto/bn/x86_64-mont.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/bn/libcrypto-lib-x86_64-mont5.o crypto/bn/x86_64-mont5.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/camellia/libcrypto-lib-cmll-x86_64.o crypto/camellia/cmll-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/chacha/libcrypto-lib-chacha-x86_64.o crypto/chacha/chacha-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-ecp_nistz256-x86_64.o crypto/ec/ecp_nistz256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/ec/libcrypto-lib-x25519-x86_64.o crypto/ec/x25519-x86_64.s clang -Icrypto -I. -Iinclude -Iproviders/common/include -Iproviders/implementations/include -I../openssl -I../openssl/include -I../openssl/providers/common/include -I../openssl/providers/implementations/include -DAES_ASM -DBSAES_ASM -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o crypto/libcrypto-lib-cversion.o ../openssl/crypto/cversion.c clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/libcrypto-lib-x86_64cpuid.o crypto/x86_64cpuid.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/md5/libcrypto-lib-md5-x86_64.o crypto/md5/md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-aesni-gcm-x86_64.o crypto/modes/aesni-gcm-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/modes/libcrypto-lib-ghash-x86_64.o crypto/modes/ghash-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/poly1305/libcrypto-lib-poly1305-x86_64.o crypto/poly1305/poly1305-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-md5-x86_64.o crypto/rc4/rc4-md5-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/rc4/libcrypto-lib-rc4-x86_64.o crypto/rc4/rc4-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-keccak1600-x86_64.o crypto/sha/keccak1600-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-mb-x86_64.o crypto/sha/sha1-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha1-x86_64.o crypto/sha/sha1-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-mb-x86_64.o crypto/sha/sha256-mb-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha256-x86_64.o crypto/sha/sha256-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/sha/libcrypto-lib-sha512-x86_64.o crypto/sha/sha512-x86_64.s clang -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -c -o crypto/whrlpool/libcrypto-lib-wp-x86_64.o crypto/whrlpool/wp-x86_64.s clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/encode_decode/libimplementations-lib-encode_key2any.d.tmp -MT providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o -c -o providers/implementations/encode_decode/libimplementations-lib-encode_key2any.o ../openssl/providers/implementations/encode_decode/encode_key2any.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/kdfs/libimplementations-lib-x942kdf.d.tmp -MT providers/implementations/kdfs/libimplementations-lib-x942kdf.o -c -o providers/implementations/kdfs/libimplementations-lib-x942kdf.o ../openssl/providers/implementations/kdfs/x942kdf.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-dsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-dsa.o -c -o providers/implementations/signature/libimplementations-lib-dsa.o ../openssl/providers/implementations/signature/dsa.c clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-ecdsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-ecdsa.o -c -o providers/implementations/signature/libimplementations-lib-ecdsa.o ../openssl/providers/implementations/signature/ecdsa.c ../openssl/providers/implementations/kdfs/x942kdf.c:458:21: error: no previous extern declaration for non-static variable 'ossl_kdf_x942_kdf_functions' [-Werror,-Wmissing-variable-declarations] const OSSL_DISPATCH ossl_kdf_x942_kdf_functions[] = { ^ 1 error generated. clang -Iproviders/common/include/prov -I. -Icrypto -Iinclude -Iproviders/implementations/include -Iproviders/common/include -I../openssl -I../openssl/crypto -I../openssl/include -I../openssl/providers/implementations/include -I../openssl/providers/common/include -DAES_ASM -DBSAES_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF providers/implementations/signature/libimplementations-lib-eddsa.d.tmp -MT providers/implementations/signature/libimplementations-lib-eddsa.o -c -o providers/implementations/signature/libimplementations-lib-eddsa.o ../openssl/providers/implementations/signature/eddsa.c Makefile:21563: recipe for target 'providers/implementations/kdfs/libimplementations-lib-x942kdf.o' failed make[1]: *** [providers/implementations/kdfs/libimplementations-lib-x942kdf.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-cms' Makefile:3114: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From no-reply at appveyor.com Fri Oct 30 05:10:30 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 05:10:30 +0000 Subject: Build failed: openssl master.37750 Message-ID: <20201030051030.1.BAB8D81427C57B3C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 05:54:21 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 05:54:21 +0000 Subject: Build failed: openssl master.37751 Message-ID: <20201030055421.1.6EDEF42F810B903F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 06:29:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 06:29:27 +0000 Subject: Build failed: openssl master.37752 Message-ID: <20201030062927.1.5343C5FD53144F5C@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 30 06:29:38 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 06:29:38 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-des Message-ID: <1604039378.435963.23948.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-des Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ Could not read private key for CMP client certificate from signer.p12 C0E05EDA357F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:DES-EDE3-CBC Unable to load private key for CMP client certificate cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 1 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C0300FB1FE7E0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C0300FB1FE7E0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # setup_client_ctx:../openssl/apps/cmp.c:1881:CMP warning: -subject '/C=AU/ST=Some-State/O=Internet Widgits Pty Ltd/CN=leaf' given, which overrides the subject of '../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem' in KUR # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 1 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. Could not open file or uri for loading CMP client certificate (optionally with chain) from ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem C03005A0127F0000:error::STORE routines:ossl_store_get0_loader_int:unregistered scheme:../openssl/crypto/store/store_register.c:240:scheme=file C03005A0127F0000:error::system library:file_open:No such file or directory:../openssl/providers/implementations/storemgmt/file_store.c:277:calling stat(../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem) cmp_main:../openssl/apps/cmp.c:2818:CMP error: cannot set up CMP context # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -subject option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -oldcert option is empty string, resetting option # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -secret option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert ../../../../../no-des/util/wrap.pl ../../../../../no-des/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-des/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-des/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-des/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 1 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ # Looks like you failed 31 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-des/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 30-test_evp.t (Wstat: 768 Tests: 88 Failed: 3) Failed tests: 12, 36, 69 Non-zero exit status: 3 30-test_evp_kdf.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3443, 694 wallclock secs (14.21 usr 1.36 sys + 622.64 cusr 59.88 csys = 698.09 CPU) Result: FAIL Makefile:3142: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-des' Makefile:3140: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 30 06:52:37 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 06:52:37 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dgram Message-ID: <1604040757.430979.11627.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dgram Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 734 wallclock secs (13.98 usr 1.39 sys + 647.40 cusr 65.82 csys = 728.59 CPU) Result: FAIL Makefile:3180: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dgram' Makefile:3178: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 30 08:11:00 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 08:11:00 +0000 Subject: Build failed: openssl master.37753 Message-ID: <20201030081100.1.1E38D07B5D3E074F@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 09:42:38 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 09:42:38 +0000 Subject: Build failed: openssl master.37754 Message-ID: <20201030094238.1.CF2E7FA9F7F33DF0@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 30 10:44:45 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 10:44:45 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-engine Message-ID: <1604054685.382703.1143.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-engine Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testx509.pem => 1 not ok 409 - Checking that -certs returns 1 object on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 1 object on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 205. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -certs -noout ../../../../openssl/test/testcrl.pem => 1 not ok 410 - Checking that -certs returns 0 objects on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -certs returns 0 objects on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 208. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testx509.pem => 1 not ok 411 - Checking that -crls returns 0 objects on a certificate file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 0 objects on a certificate file' # at ../openssl/test/recipes/90-test_store.t line 212. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -crls -noout ../../../../openssl/test/testcrl.pem => 1 not ok 412 - Checking that -crls returns 1 object on a CRL file # ------------------------------------------------------------------------------ # Failed test 'Checking that -crls returns 1 object on a CRL file' # at ../openssl/test/recipes/90-test_store.t line 215. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 413 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 226. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 414 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 229. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 415 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 233. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=AU/ST=QLD/CN=SSLeay\/rsa test cert' rehash => 1 not ok 416 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 236. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -certs -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 417 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 239. storeutl: Unknown message digest: engine storeutl: Use -help for summary. ../../../util/wrap.pl ../../../apps/openssl storeutl -engine loader_attic -noout -crls -subject '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority' rehash => 1 not ok 418 # ------------------------------------------------------------------------------ # Failed test at ../openssl/test/recipes/90-test_store.t line 243. # Looks like you failed 157 tests of 418.90-test_store.t .................... Dubious, test returned 157 (wstat 40192, 0x9d00) Failed 157/418 subtests 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_store.t (Wstat: 40192 Tests: 418 Failed: 157) Failed tests: 216-220, 222-226, 228-232, 234-238, 240-244 246-248, 250-252, 254-256, 258-260, 262-264 266-268, 270-272, 274-276, 278-280, 282-284 286-288, 290-292, 294-296, 298-300, 302-304 306-308, 310-312, 314-316, 318-320, 322-324 326-328, 330-332, 334-336, 338-340, 342-344 346-348, 350-352, 354-356, 358-360, 362-364 366-368, 370-372, 374-376, 378-380, 382-384 386-388, 390-392, 394-396, 398-402, 405-407 409-418 Non-zero exit status: 157 Files=212, Tests=3400, 718 wallclock secs (11.18 usr 1.38 sys + 654.78 cusr 61.83 csys = 729.17 CPU) Result: FAIL Makefile:3134: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-engine' Makefile:3132: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Fri Oct 30 11:37:15 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 11:37:15 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-err Message-ID: <1604057835.872889.32643.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-err Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): 65-test_cmp_vfy.t .................. ok 66-test_ossl_store.t ............... ok 70-test_asyncio.t .................. ok 70-test_bad_dtls.t ................. ok 70-test_clienthello.t .............. ok 70-test_comp.t ..................... ok 70-test_key_share.t ................ ok 70-test_packet.t ................... ok 70-test_recordlen.t ................ ok 70-test_renegotiation.t ............ ok 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 04-test_err.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3455, 722 wallclock secs (13.80 usr 1.36 sys + 649.65 cusr 65.38 csys = 730.19 CPU) Result: FAIL Makefile:3188: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-err' Makefile:3186: recipe for target 'tests' failed make: *** [tests] Error 2 From levitte at openssl.org Fri Oct 30 12:08:34 2020 From: levitte at openssl.org (Richard Levitte) Date: Fri, 30 Oct 2020 12:08:34 +0000 Subject: [openssl] master update Message-ID: <1604059714.990606.2356.nullmailer@dev.openssl.org> The branch master has been updated via f79289389edef63b76c6c2a3042435dda7d42dfd (commit) from 231849bc9ca69dfd3adf40821421d8e2d804d8e8 (commit) - Log ----------------------------------------------------------------- commit f79289389edef63b76c6c2a3042435dda7d42dfd Author: Richard Levitte Date: Wed Oct 28 19:15:40 2020 +0100 test/recipes/15-test_gendh.t: don't try DER params There is no option to output DH params in DER form. -outform doesn't apply to -genparam with 'openssl genpkey', and it shouldn't. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13266) ----------------------------------------------------------------------- Summary of changes: doc/man1/openssl-genpkey.pod.in | 4 +++- test/recipes/15-test_gendh.t | 20 +++++--------------- 2 files changed, 8 insertions(+), 16 deletions(-) diff --git a/doc/man1/openssl-genpkey.pod.in b/doc/man1/openssl-genpkey.pod.in index f3937400b7..de947ecd77 100644 --- a/doc/man1/openssl-genpkey.pod.in +++ b/doc/man1/openssl-genpkey.pod.in @@ -47,9 +47,11 @@ standard output is used. =item B<-outform> B|B -The output format; the default is B. +The output format, except when B<-genparam> is given; the default is B. See L for details. +When B<-genparam> is given, B<-outform> is ignored. + =item B<-pass> I The output file password source. For more information about the format of I diff --git a/test/recipes/15-test_gendh.t b/test/recipes/15-test_gendh.t index e4e5fb837d..c87ae0d89c 100644 --- a/test/recipes/15-test_gendh.t +++ b/test/recipes/15-test_gendh.t @@ -18,7 +18,7 @@ setup("test_gendh"); plan skip_all => "This test is unsupported in a no-dh build" if disabled("dh"); -plan tests => 13; +plan tests => 12; ok(run(app([ 'openssl', 'genpkey', '-genparam', '-algorithm', 'DH', @@ -54,28 +54,18 @@ ok(run(app([ 'openssl', 'genpkey', '-genparam', '-algorithm', 'DH', '-pkeyopt', 'gindex:1', '-pkeyopt', 'type:fips186_4', - '-out', 'dhgen.pem'])), + '-out', 'dhgen.pem' ])), "genpkey DH params fips186_4 PEM"); -ok(run(app([ 'openssl', 'genpkey', '-genparam', - '-algorithm', 'DH', - '-pkeyopt', 'gindex:1', - '-pkeyopt', 'pbits:2048', - '-pkeyopt', 'qbits:256', - '-pkeyopt', 'type:fips186_4', - '-outform', 'DER', - '-out', 'dhgen.der'])), - "genpkey DH params fips186_4 DER"); - # The seed and counter should be the ones generated from the param generation # Just put some dummy ones in to show it works. ok(run(app([ 'openssl', 'genpkey', - '-paramfile', 'dhgen.der', + '-paramfile', 'dhgen.pem', '-pkeyopt', 'gindex:1', '-pkeyopt', 'hexseed:0102030405060708090A0B0C0D0E0F1011121314', '-pkeyopt', 'pcounter:25', - '-text'])), - "genpkey DH fips186_4 with DER params"); + '-text' ])), + "genpkey DH fips186_4 with PEM params"); ok(!run(app([ 'openssl', 'genpkey', '-algorithm', 'DH'])), From levitte at openssl.org Fri Oct 30 12:11:30 2020 From: levitte at openssl.org (Richard Levitte) Date: Fri, 30 Oct 2020 12:11:30 +0000 Subject: [openssl] master update Message-ID: <1604059890.726042.8987.nullmailer@dev.openssl.org> The branch master has been updated via 140eee2b3b3090107aea2d09ab10eb737fb1e5bb (commit) from f79289389edef63b76c6c2a3042435dda7d42dfd (commit) - Log ----------------------------------------------------------------- commit 140eee2b3b3090107aea2d09ab10eb737fb1e5bb Author: Richard Levitte Date: Fri Oct 9 13:02:58 2020 +0200 Add easy to digest selector macros for EVP_PKEYs These are meant to be used with functions like OSSL_ENCODER_CTX_new_by_EVP_PKEY() The OSSL_ENCODER_CTX_new_by_EVP_PKEY() manual is also expanded on the topics of output types and selections. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13189) ----------------------------------------------------------------------- Summary of changes: crypto/asn1/i2d_pr.c | 4 +- crypto/evp/p_lib.c | 13 ++--- crypto/pem/pem_local.h | 8 ++-- crypto/x509/x_pubkey.c | 9 ++-- doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod | 69 ++++++++++++++++++++++++++- include/openssl/evp.h | 8 ++++ 6 files changed, 86 insertions(+), 25 deletions(-) diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c index 80cfde9a22..7185abef45 100644 --- a/crypto/asn1/i2d_pr.c +++ b/crypto/asn1/i2d_pr.c @@ -34,9 +34,7 @@ int i2d_PrivateKey(const EVP_PKEY *a, unsigned char **pp) if (evp_pkey_is_provided(a)) { /* |*pp| is unbounded, so we need an upper limit */ size_t length = INT_MAX; - /* The private key includes everything */ - int selection = - OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | OSSL_KEYMGMT_SELECT_KEYPAIR; + int selection = EVP_PKEY_KEYPAIR; int ret = -1; OSSL_ENCODER_CTX *ctx; diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c index 1ec36d6cbc..4eeb95e413 100644 --- a/crypto/evp/p_lib.c +++ b/crypto/evp/p_lib.c @@ -1209,10 +1209,7 @@ static int print_pkey(const EVP_PKEY *pkey, BIO *out, int indent, int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) { - return print_pkey(pkey, out, indent, - OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS - | OSSL_KEYMGMT_SELECT_PUBLIC_KEY, - NULL, NULL, + return print_pkey(pkey, out, indent, EVP_PKEY_PUBLIC_KEY, NULL, NULL, (pkey->ameth != NULL ? pkey->ameth->pub_print : NULL), pctx); } @@ -1220,10 +1217,7 @@ int EVP_PKEY_print_public(BIO *out, const EVP_PKEY *pkey, int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) { - return print_pkey(pkey, out, indent, - OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS - | OSSL_KEYMGMT_SELECT_KEYPAIR, - NULL, NULL, + return print_pkey(pkey, out, indent, EVP_PKEY_KEYPAIR, NULL, NULL, (pkey->ameth != NULL ? pkey->ameth->priv_print : NULL), pctx); } @@ -1231,8 +1225,7 @@ int EVP_PKEY_print_private(BIO *out, const EVP_PKEY *pkey, int EVP_PKEY_print_params(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx) { - return print_pkey(pkey, out, indent, OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS, - NULL, NULL, + return print_pkey(pkey, out, indent, EVP_PKEY_KEY_PARAMETERS, NULL, NULL, (pkey->ameth != NULL ? pkey->ameth->param_print : NULL), pctx); } diff --git a/crypto/pem/pem_local.h b/crypto/pem/pem_local.h index 39dc462e54..f9575d4988 100644 --- a/crypto/pem/pem_local.h +++ b/crypto/pem/pem_local.h @@ -28,11 +28,9 @@ * decoding operation can return an object that contains what libcrypto * expects. */ -# define PEM_SELECTION_PUBKEY \ - (OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY) -# define PEM_SELECTION_PrivateKey \ - (OSSL_KEYMGMT_SELECT_ALL_PARAMETERS | OSSL_KEYMGMT_SELECT_KEYPAIR) -# define PEM_SELECTION_Parameters OSSL_KEYMGMT_SELECT_ALL_PARAMETERS +# define PEM_SELECTION_PUBKEY EVP_PKEY_PUBLIC_KEY +# define PEM_SELECTION_PrivateKey EVP_PKEY_KEYPAIR +# define PEM_SELECTION_Parameters EVP_PKEY_KEY_PARAMETERS /* Alternative IMPLEMENT macros for provided encoders */ diff --git a/crypto/x509/x_pubkey.c b/crypto/x509/x_pubkey.c index 7d39254685..b7dd04838c 100644 --- a/crypto/x509/x_pubkey.c +++ b/crypto/x509/x_pubkey.c @@ -103,10 +103,8 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkprov); unsigned char *der = NULL; size_t derlen = 0; - int selection = (OSSL_KEYMGMT_SELECT_PUBLIC_KEY - | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS); OSSL_ENCODER_CTX *ectx = - OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, "DER", selection, + OSSL_ENCODER_CTX_new_by_EVP_PKEY(pkey, "DER", EVP_PKEY_PUBLIC_KEY, libctx, NULL); if (OSSL_ENCODER_to_data(ectx, &der, &derlen)) { @@ -310,10 +308,9 @@ int i2d_PUBKEY(const EVP_PKEY *a, unsigned char **pp) } else if (a->keymgmt != NULL) { const OSSL_PROVIDER *pkprov = EVP_KEYMGMT_provider(a->keymgmt); OSSL_LIB_CTX *libctx = ossl_provider_libctx(pkprov); - int selection = (OSSL_KEYMGMT_SELECT_PUBLIC_KEY - | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS); OSSL_ENCODER_CTX *ctx = - OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, "DER", selection, libctx, NULL); + OSSL_ENCODER_CTX_new_by_EVP_PKEY(a, "DER", EVP_PKEY_PUBLIC_KEY, + libctx, NULL); BIO *out = BIO_new(BIO_s_mem()); BUF_MEM *buf = NULL; diff --git a/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod b/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod index b47dc453f8..f90d13d551 100644 --- a/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod +++ b/doc/man3/OSSL_ENCODER_CTX_new_by_EVP_PKEY.pod @@ -39,7 +39,11 @@ OSSL_ENCODER_CTX_set_passphrase_ui OSSL_ENCODER_CTX_new_by_EVP_PKEY() is a utility function that creates a B, finds all applicable encoder implementations and sets them up, so almost all the caller has to do next is call functions like -L. +L. I determines the final output +encoding, and I can be used to select what parts of the I +should be included in the output. I is further discussed in +L below, and I is further described in +L. Internally, OSSL_ENCODER_CTX_new_by_EVP_PKEY() uses the names from the L implementation associated with I to build a list of @@ -75,6 +79,69 @@ implementation can use to prompt for a pass phrase, giving the caller the choice of prefered pass phrase callback form. These are called indirectly, through an internal B function. +=head2 Output types + +The possible B output types depends on the available +implementations. + +OpenSSL has built in implementations for the following output types: + +=over 4 + +=item C + +The output is a human readable description of the key. +L, L and +L use this for their output. + +=item C + +The output is the DER encoding of the I of the I. + +=item C + +The output is the I of the I in PEM format. + +=back + +=head2 Selections + +=begin comment + +These constants should really be documented among the EVP manuals, but this +will have to do for now. + +=end comment + +The following constants can be used for standard I: + +=over 4 + +=item B + +Indicates that only the key parameters should be included in the output. +Where it matters, the data type in the output will indicate that the data is +parameters, not a key. + +=item B + +Indicates that the public key and eventual key parameters will be included +in the output. Where it matters, the data type in the output will indicate +that the data is a public key. + +=item B + +Indicates that the private key, the public key and eventual key parameters +should be included in the output. Where it matters, the data type in the +output will indicate that the data is a private key. + +=back + +These are only indications, the encoder implementations are free to +determine what makes sense to include in the output, and this may depend on +the desired output. For example, an EC key in a PKCS#8 structure doesn't +usually include the public key. + =head1 RETURN VALUES OSSL_ENCODER_CTX_new_by_EVP_PKEY() returns a pointer to a diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 4472bcf50e..ba13960d6a 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -75,6 +75,14 @@ /* Special indicator that the object is uniquely provider side */ # define EVP_PKEY_KEYMGMT -1 +/* Easy to use macros for EVP_PKEY related selections */ +# define EVP_PKEY_KEY_PARAMETERS \ + ( OSSL_KEYMGMT_SELECT_ALL_PARAMETERS ) +# define EVP_PKEY_PUBLIC_KEY \ + ( EVP_PKEY_KEY_PARAMETERS | OSSL_KEYMGMT_SELECT_PUBLIC_KEY ) +# define EVP_PKEY_KEYPAIR \ + ( EVP_PKEY_PUBLIC_KEY | OSSL_KEYMGMT_SELECT_PRIVATE_KEY ) + #ifdef __cplusplus extern "C" { #endif From no-reply at appveyor.com Fri Oct 30 12:51:42 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 12:51:42 +0000 Subject: Build failed: openssl master.37755 Message-ID: <20201030125142.1.7A50C09DBEB1AF01@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 13:30:18 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 13:30:18 +0000 Subject: Build failed: openssl master.37757 Message-ID: <20201030133018.1.D121A449187FF68C@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 13:41:12 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 13:41:12 +0000 Subject: Build failed: openssl master.37758 Message-ID: <20201030134112.1.B24FFFB97DC0D2F1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 14:04:29 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 14:04:29 +0000 Subject: Build failed: openssl master.37759 Message-ID: <20201030140429.1.C944E56A0B8E2AF6@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 30 14:21:24 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 30 Oct 2020 14:21:24 +0000 Subject: Still Failing: openssl/openssl#38283 (master - f792893) In-Reply-To: Message-ID: <5f9c216455f5_13ff7e4e3dbc41860ab@travis-pro-tasks-9d9bfddd5-l84gc.mail> Build Update for openssl/openssl ------------------------------------- Build: #38283 Status: Still Failing Duration: 1 hr, 21 mins, and 36 secs Commit: f792893 (master) Author: Richard Levitte Message: test/recipes/15-test_gendh.t: don't try DER params There is no option to output DH params in DER form. -outform doesn't apply to -genparam with 'openssl genpkey', and it shouldn't. Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13266) View the changeset: https://github.com/openssl/openssl/compare/231849bc9ca6...f79289389ede View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/196377835?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 14:38:13 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 14:38:13 +0000 Subject: Build failed: openssl master.37760 Message-ID: <20201030143813.1.C05764A316E954F8@appveyor.com> An HTML attachment was scrubbed... URL: From matt at openssl.org Fri Oct 30 14:51:57 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 30 Oct 2020 14:51:57 +0000 Subject: [openssl] master update Message-ID: <1604069517.703353.4880.nullmailer@dev.openssl.org> The branch master has been updated via e82f45982cf1660d3287332d3d70bf5b01de1fd1 (commit) from 140eee2b3b3090107aea2d09ab10eb737fb1e5bb (commit) - Log ----------------------------------------------------------------- commit e82f45982cf1660d3287332d3d70bf5b01de1fd1 Author: Matt Caswell Date: Thu Oct 29 12:46:28 2020 +0000 Fix some missed usage of DEFINE_LHASH_OF() PR#12860 fixed issues with the Lhash code. It replaced usage of DEFINE_LHASH_OF() in the public headers. Unfortunately it missed a couple of instances. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13274) ----------------------------------------------------------------------- Summary of changes: .gitignore | 1 + build.info | 2 ++ include/openssl/{lhash.h => lhash.h.in} | 23 ++++++++--------------- 3 files changed, 11 insertions(+), 15 deletions(-) rename include/openssl/{lhash.h => lhash.h.in} (97%) diff --git a/.gitignore b/.gitignore index 8795a2c5dd..7a07450106 100644 --- a/.gitignore +++ b/.gitignore @@ -35,6 +35,7 @@ /include/openssl/err.h /include/openssl/ess.h /include/openssl/fipskey.h +/include/openssl/lhash.h /include/openssl/ocsp.h /include/openssl/opensslv.h /include/openssl/pkcs12.h diff --git a/build.info b/build.info index dc239a706d..44ecee35cb 100644 --- a/build.info +++ b/build.info @@ -26,6 +26,7 @@ DEPEND[]=include/openssl/asn1.h \ include/openssl/err.h \ include/openssl/ess.h \ include/openssl/fipskey.h \ + include/openssl/lhash.h \ include/openssl/opensslv.h \ include/openssl/ocsp.h \ include/openssl/pkcs12.h \ @@ -53,6 +54,7 @@ GENERATE[include/openssl/ct.h]=include/openssl/ct.h.in GENERATE[include/openssl/err.h]=include/openssl/err.h.in GENERATE[include/openssl/ess.h]=include/openssl/ess.h.in GENERATE[include/openssl/fipskey.h]=include/openssl/fipskey.h.in +GENERATE[include/openssl/lhash.h]=include/openssl/lhash.h.in GENERATE[include/openssl/ocsp.h]=include/openssl/ocsp.h.in GENERATE[include/openssl/opensslv.h]=include/openssl/opensslv.h.in GENERATE[include/openssl/pkcs12.h]=include/openssl/pkcs12.h.in diff --git a/include/openssl/lhash.h b/include/openssl/lhash.h.in similarity index 97% rename from include/openssl/lhash.h rename to include/openssl/lhash.h.in index ccdd3a60ee..571dce43ea 100644 --- a/include/openssl/lhash.h +++ b/include/openssl/lhash.h.in @@ -7,6 +7,10 @@ * https://www.openssl.org/source/license.html */ +{- +use OpenSSL::stackhash qw(generate_lhash_macros); +-} + /* * Header for dynamic hash table routines Author - Eric Young */ @@ -240,21 +244,10 @@ void OPENSSL_LH_node_usage_stats_bio(const OPENSSL_LHASH *lh, BIO *out); } \ LHASH_OF(type) -DEFINE_LHASH_OF(OPENSSL_STRING); -# ifdef _MSC_VER -/* - * push and pop this warning: - * warning C4090: 'function': different 'const' qualifiers - */ -# pragma warning (push) -# pragma warning (disable: 4090) -# endif - -DEFINE_LHASH_OF(OPENSSL_CSTRING); - -# ifdef _MSC_VER -# pragma warning (pop) -# endif +{- + generate_lhash_macros("OPENSSL_STRING") + .generate_lhash_macros("OPENSSL_CSTRING"); +-} #ifdef __cplusplus } From matt at openssl.org Fri Oct 30 15:06:24 2020 From: matt at openssl.org (Matt Caswell) Date: Fri, 30 Oct 2020 15:06:24 +0000 Subject: [openssl] master update Message-ID: <1604070384.248420.9424.nullmailer@dev.openssl.org> The branch master has been updated via 62a3614372b8171d2f9f9e20aee07ab3002949bd (commit) from e82f45982cf1660d3287332d3d70bf5b01de1fd1 (commit) - Log ----------------------------------------------------------------- commit 62a3614372b8171d2f9f9e20aee07ab3002949bd Author: Matt Caswell Date: Fri Oct 23 14:26:48 2020 +0100 Allow empty deprecation macros to be passed as macro arguments The OSSL_DEPRECATEDIN_3_0 macro introduced in PR #13074 is intended to be passed as a parameter to the various PEM declaration macros. However, in some cases OSSL_DEPRECATEDIN_3_0 is defined to be empty, and it is not allowed to pass empty macro arguments in C90. Therefore we ensure these macros are always defined. In the case where they were empty previously we use a no-op value instead. Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13227) ----------------------------------------------------------------------- Summary of changes: include/openssl/macros.h | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/include/openssl/macros.h b/include/openssl/macros.h index 24fad673bd..87cfde4920 100644 --- a/include/openssl/macros.h +++ b/include/openssl/macros.h @@ -69,10 +69,13 @@ # endif # endif -/* Still not defined? Then define empty macros */ +/* + * Still not defined? Then define no-op macros. This means these macros + * are unsuitable for use in a typedef. + */ # ifndef OSSL_DEPRECATED -# define OSSL_DEPRECATED(since) -# define OSSL_DEPRECATED_FOR(since, message) +# define OSSL_DEPRECATED(since) extern +# define OSSL_DEPRECATED_FOR(since, message) extern # endif /* From builds at travis-ci.com Fri Oct 30 15:44:51 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 30 Oct 2020 15:44:51 +0000 Subject: Still Failing: openssl/openssl#38284 (master - 140eee2) In-Reply-To: Message-ID: <5f9c34f2b0559_13ff7efdeb8503368e2@travis-pro-tasks-9d9bfddd5-l84gc.mail> Build Update for openssl/openssl ------------------------------------- Build: #38284 Status: Still Failing Duration: 21 mins and 40 secs Commit: 140eee2 (master) Author: Richard Levitte Message: Add easy to digest selector macros for EVP_PKEYs These are meant to be used with functions like OSSL_ENCODER_CTX_new_by_EVP_PKEY() The OSSL_ENCODER_CTX_new_by_EVP_PKEY() manual is also expanded on the topics of output types and selections. Reviewed-by: Shane Lontis (Merged from https://github.com/openssl/openssl/pull/13189) View the changeset: https://github.com/openssl/openssl/compare/f79289389ede...140eee2b3b30 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/196378152?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 15:45:27 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 15:45:27 +0000 Subject: Build failed: openssl master.37762 Message-ID: <20201030154527.1.20501DD0B1FD1BF1@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 16:27:17 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 16:27:17 +0000 Subject: Build failed: openssl master.37763 Message-ID: <20201030162717.1.14117EA0104449C4@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 17:02:25 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 17:02:25 +0000 Subject: Build failed: openssl master.37764 Message-ID: <20201030170225.1.A1304A4E84CF7513@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 17:26:16 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 17:26:16 +0000 Subject: Build failed: openssl master.37765 Message-ID: <20201030172616.1.77F9737FA089BE70@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 17:52:44 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 17:52:44 +0000 Subject: Build failed: openssl master.37766 Message-ID: <20201030175244.1.0BA55DE0DC7EF57E@appveyor.com> An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 18:28:58 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 18:28:58 +0000 Subject: Build failed: openssl master.37767 Message-ID: <20201030182858.1.E91FC62DE6B202F0@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 30 18:56:56 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 30 Oct 2020 18:56:56 +0000 Subject: Still Failing: openssl/openssl#38288 (master - e82f459) In-Reply-To: Message-ID: <5f9c61f5e9b7f_13f8cb799afb02938a0@travis-pro-tasks-84696cb96c-bwjkj.mail> Build Update for openssl/openssl ------------------------------------- Build: #38288 Status: Still Failing Duration: 37 mins and 54 secs Commit: e82f459 (master) Author: Matt Caswell Message: Fix some missed usage of DEFINE_LHASH_OF() PR#12860 fixed issues with the Lhash code. It replaced usage of DEFINE_LHASH_OF() in the public headers. Unfortunately it missed a couple of instances. Reviewed-by: Paul Dale Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/13274) View the changeset: https://github.com/openssl/openssl/compare/140eee2b3b30...e82f45982cf1 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/196414473?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 30 19:06:55 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 19:06:55 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui-console Message-ID: <1604084815.101922.2964.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui-console Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui-console/util/wrap.pl ../../../../../no-ui-console/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui-console/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui-console/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 784 wallclock secs (14.24 usr 1.36 sys + 666.20 cusr 68.42 csys = 750.22 CPU) Result: FAIL Makefile:3196: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui-console' Makefile:3194: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 30 19:08:23 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 19:08:23 +0000 Subject: Build failed: openssl master.37768 Message-ID: <20201030190823.1.B5C9FC016E2E9C00@appveyor.com> An HTML attachment was scrubbed... URL: From beldmit at gmail.com Fri Oct 30 19:39:23 2020 From: beldmit at gmail.com (beldmit at gmail.com) Date: Fri, 30 Oct 2020 19:39:23 +0000 Subject: [openssl] master update Message-ID: <1604086763.415620.21792.nullmailer@dev.openssl.org> The branch master has been updated via 908cf7cefbb2a4c2a8ea1dd4798d1e689db6e3ed (commit) from 62a3614372b8171d2f9f9e20aee07ab3002949bd (commit) - Log ----------------------------------------------------------------- commit 908cf7cefbb2a4c2a8ea1dd4798d1e689db6e3ed Author: jwalch Date: Thu Oct 29 10:52:52 2020 -0400 Patch leak in EVP_PKEY2PKCS8() error path Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13278) ----------------------------------------------------------------------- Summary of changes: crypto/evp/evp_pkey.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c index 9e7c978656..b5a8f1cd72 100644 --- a/crypto/evp/evp_pkey.c +++ b/crypto/evp/evp_pkey.c @@ -78,7 +78,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey) /* Force a key downgrade if that's possible */ /* TODO(3.0) Is there a better way for provider-native keys? */ if (EVP_PKEY_get0(pkey) == NULL) - return NULL; + goto error; if (pkey->ameth) { if (pkey->ameth->priv_encode) { From no-reply at appveyor.com Fri Oct 30 19:50:12 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 19:50:12 +0000 Subject: Build failed: openssl master.37771 Message-ID: <20201030195012.1.4FD4051E6810F698@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Fri Oct 30 20:11:55 2020 From: builds at travis-ci.com (Travis CI) Date: Fri, 30 Oct 2020 20:11:55 +0000 Subject: Still Failing: openssl/openssl#38289 (master - 62a3614) In-Reply-To: Message-ID: <5f9c738a85c69_13f8cbf7d1adc40051@travis-pro-tasks-84696cb96c-bwjkj.mail> Build Update for openssl/openssl ------------------------------------- Build: #38289 Status: Still Failing Duration: 53 mins and 35 secs Commit: 62a3614 (master) Author: Matt Caswell Message: Allow empty deprecation macros to be passed as macro arguments The OSSL_DEPRECATEDIN_3_0 macro introduced in PR #13074 is intended to be passed as a parameter to the various PEM declaration macros. However, in some cases OSSL_DEPRECATEDIN_3_0 is defined to be empty, and it is not allowed to pass empty macro arguments in C90. Therefore we ensure these macros are always defined. In the case where they were empty previously we use a no-op value instead. Reviewed-by: Richard Levitte Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/13227) View the changeset: https://github.com/openssl/openssl/compare/e82f45982cf1...62a3614372b8 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/196421207?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From no-reply at appveyor.com Fri Oct 30 20:37:09 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 20:37:09 +0000 Subject: Build failed: openssl master.37772 Message-ID: <20201030203709.1.D85470A92D62A910@appveyor.com> An HTML attachment was scrubbed... URL: From openssl at openssl.org Fri Oct 30 21:22:48 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Fri, 30 Oct 2020 21:22:48 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d enable-fuzz-afl no-shared no-module Message-ID: <1604092968.787253.28269.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=afl-clang-fast ../openssl/config -d enable-fuzz-afl no-shared no-module Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock credentials' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cert "" -key "" -keypass "" -unprotected_requests => 0 not ok 38 - unprotected request # ------------------------------------------------------------------------------ # Failed test 'unprotected request' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 3 tests of 38. not ok 5 - CMP app CLI Mock credentials # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 0 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo1.pem -out_trusted root.crt => 0 not ok 43 - popo RAVERIFIED # ------------------------------------------------------------------------------ # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo -1 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo5.pem -out_trusted root.crt => 0 not ok 47 - popo NONE # ------------------------------------------------------------------------------ # Failed test 'popo NONE' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # cmp_main:../openssl/apps/cmp.c:2665:CMP info: using OpenSSL configuration file '../Mock/test.cnf' # opt_str:../openssl/apps/cmp.c:2263:CMP warning: argument of -proxy option is empty string, resetting option # warn_cert_msg:../openssl/apps/cmp.c:690:CMP warning: certificate from 'trusted.crt' with subject '/O=openssl_cmp' is not a CA cert # setup_client_ctx:../openssl/apps/cmp.c:1980:CMP info: will contact http://127.0.0.1:1700/pkix/ # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending IR # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received IP # send_receive_check:../openssl/crypto/cmp/cmp_client.c:166:CMP info: sending CERTCONF # send_receive_check:../openssl/crypto/cmp/cmp_client.c:184:CMP info: received PKICONF # save_free_certs:../openssl/apps/cmp.c:2030:CMP info: received 1 enrolled certificate(s), saving to file '../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem' ../../../../../enable-fuzz-afl/util/wrap.pl ../../../../../enable-fuzz-afl/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -popo 2 -certout ../../../../../enable-fuzz-afl/test-runs/test_cmp_cli/test.certout_popo6.pem -out_trusted root.crt => 0 not ok 48 - popo KEYENC not supported # ------------------------------------------------------------------------------ # Looks like you failed 3 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/enable-fuzz-afl/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 3 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 3 (wstat 768, 0x300) Failed 3/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: GOST support is disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ skipped: Test only supported in a shared build 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 768 Tests: 7 Failed: 3) Failed tests: 4-5, 7 Non-zero exit status: 3 Files=212, Tests=3042, 604 wallclock secs (10.30 usr 1.45 sys + 537.73 cusr 54.77 csys = 604.25 CPU) Result: FAIL Makefile:2411: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-fuzz-afl' Makefile:2409: recipe for target 'tests' failed make: *** [tests] Error 2 From no-reply at appveyor.com Fri Oct 30 23:48:25 2020 From: no-reply at appveyor.com (AppVeyor) Date: Fri, 30 Oct 2020 23:48:25 +0000 Subject: Build completed: openssl master.37773 Message-ID: <20201030234825.1.4F52962C77D9F018@appveyor.com> An HTML attachment was scrubbed... URL: From builds at travis-ci.com Sat Oct 31 00:36:38 2020 From: builds at travis-ci.com (Travis CI) Date: Sat, 31 Oct 2020 00:36:38 +0000 Subject: Still Failing: openssl/openssl#38299 (master - 908cf7c) In-Reply-To: Message-ID: <5f9cb19616d34_13ffd5c94dd4484743@travis-pro-tasks-6dd8554b86-zvrsm.mail> Build Update for openssl/openssl ------------------------------------- Build: #38299 Status: Still Failing Duration: 1 hr, 22 mins, and 48 secs Commit: 908cf7c (master) Author: jwalch Message: Patch leak in EVP_PKEY2PKCS8() error path Reviewed-by: Tomas Mraz Reviewed-by: Matt Caswell Reviewed-by: Dmitry Belyavskiy (Merged from https://github.com/openssl/openssl/pull/13278) View the changeset: https://github.com/openssl/openssl/compare/62a3614372b8...908cf7cefbb2 View the full build log and details: https://travis-ci.com/github/openssl/openssl/builds/196715797?utm_medium=notification&utm_source=email -- You can unsubscribe from build emails from the openssl/openssl repository going to https://travis-ci.com/account/preferences/unsubscribe?repository=13885459&utm_medium=notification&utm_source=email. Or unsubscribe from *all* email updating your settings at https://travis-ci.com/account/preferences/unsubscribe?utm_medium=notification&utm_source=email. Or configure specific recipients for build notifications in your .travis.yml file. See https://docs.travis-ci.com/user/notifications. -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Sat Oct 31 03:08:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 03:08:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-posix-io Message-ID: <1604113693.409522.19461.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-posix-io Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' make[1]: Entering directory '/home/openssl/run-checker/no-posix-io' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4293: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-posix-io' Makefile:3152: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Sat Oct 31 03:51:57 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 03:51:57 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-rc2 Message-ID: <1604116317.266424.26478.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-rc2 Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): 70-test_servername.t ............... ok 70-test_sslcbcpadding.t ............ ok 70-test_sslcertstatus.t ............ ok 70-test_sslextension.t ............. ok 70-test_sslmessages.t .............. ok 70-test_sslrecords.t ............... ok 70-test_sslsessiontick.t ........... ok 70-test_sslsigalgs.t ............... ok 70-test_sslsignature.t ............. ok 70-test_sslskewith0p.t ............. ok 70-test_sslversions.t .............. ok 70-test_sslvertol.t ................ ok 70-test_tls13alerts.t .............. ok 70-test_tls13cookie.t .............. ok 70-test_tls13downgrade.t ........... ok 70-test_tls13hrr.t ................. ok 70-test_tls13kexmodes.t ............ ok 70-test_tls13messages.t ............ ok 70-test_tls13psk.t ................. ok 70-test_tlsextms.t ................. ok 70-test_verify_extra.t ............. ok 70-test_wpacket.t .................. ok 71-test_ssl_ctx.t .................. ok 80-test_ca.t ....................... ok 80-test_cipherbytes.t .............. ok 80-test_cipherlist.t ............... ok 80-test_ciphername.t ............... ok # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... ok 80-test_dtls_mtu.t ................. ok 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok Could not read any certificates from -in file from ../../../openssl/test/certs/v3-certs-RC2.p12 C0E028CCEB7F0000:error::digital envelope routines:EVP_PBE_CipherInit:unknown cipher:../openssl/crypto/evp/evp_pbe.c:116:RC2-40-CBC ../../util/wrap.pl ../../apps/openssl pkcs12 -export -in ../../../openssl/test/certs/v3-certs-RC2.p12 -passin 'pass:v3-certs' -provider default -provider legacy -nokeys -passout 'pass:v3-certs' -descert -out tmp.p12 => 1 not ok 5 - test_pkcs12_passcert # ------------------------------------------------------------------------------ # Failed test 'test_pkcs12_passcert' # at ../openssl/test/recipes/80-test_pkcs12.t line 93. # Looks like you failed 1 test of 5.80-test_pkcs12.t ................... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/5 subtests 80-test_ssl_new.t .................. ok 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_pkcs12.t (Wstat: 256 Tests: 5 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3567, 731 wallclock secs (14.25 usr 1.36 sys + 655.92 cusr 66.93 csys = 738.46 CPU) Result: FAIL Makefile:3176: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-rc2' Makefile:3174: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 31 07:48:56 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 07:48:56 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-sock Message-ID: <1604130536.350960.29256.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-sock Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dhparam.pod.in > doc/man1/openssl-dhparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsa.pod.in > doc/man1/openssl-dsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-dsaparam.pod.in > doc/man1/openssl-dsaparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ec.pod.in > doc/man1/openssl-ec.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ecparam.pod.in > doc/man1/openssl-ecparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-enc.pod.in > doc/man1/openssl-enc.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-engine.pod.in > doc/man1/openssl-engine.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-errstr.pod.in > doc/man1/openssl-errstr.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-fipsinstall.pod.in > doc/man1/openssl-fipsinstall.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-gendsa.pod.in > doc/man1/openssl-gendsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genpkey.pod.in > doc/man1/openssl-genpkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-genrsa.pod.in > doc/man1/openssl-genrsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-info.pod.in > doc/man1/openssl-info.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-kdf.pod.in > doc/man1/openssl-kdf.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-list.pod.in > doc/man1/openssl-list.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-mac.pod.in > doc/man1/openssl-mac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-nseq.pod.in > doc/man1/openssl-nseq.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ocsp.pod.in > doc/man1/openssl-ocsp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-passwd.pod.in > doc/man1/openssl-passwd.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs12.pod.in > doc/man1/openssl-pkcs12.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs7.pod.in > doc/man1/openssl-pkcs7.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkcs8.pod.in > doc/man1/openssl-pkcs8.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkey.pod.in > doc/man1/openssl-pkey.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyparam.pod.in > doc/man1/openssl-pkeyparam.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-pkeyutl.pod.in > doc/man1/openssl-pkeyutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-prime.pod.in > doc/man1/openssl-prime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rand.pod.in > doc/man1/openssl-rand.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rehash.pod.in > doc/man1/openssl-rehash.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-req.pod.in > doc/man1/openssl-req.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsa.pod.in > doc/man1/openssl-rsa.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-rsautl.pod.in > doc/man1/openssl-rsautl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_client.pod.in > doc/man1/openssl-s_client.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_server.pod.in > doc/man1/openssl-s_server.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-s_time.pod.in > doc/man1/openssl-s_time.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-sess_id.pod.in > doc/man1/openssl-sess_id.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-smime.pod.in > doc/man1/openssl-smime.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-speed.pod.in > doc/man1/openssl-speed.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-spkac.pod.in > doc/man1/openssl-spkac.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-srp.pod.in > doc/man1/openssl-srp.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-storeutl.pod.in > doc/man1/openssl-storeutl.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-ts.pod.in > doc/man1/openssl-ts.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-verify.pod.in > doc/man1/openssl-verify.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-version.pod.in > doc/man1/openssl-version.pod /usr/bin/perl "-I." "-I../openssl/doc" -Mconfigdata -Mperlvars "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man1/openssl-x509.pod.in > doc/man1/openssl-x509.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/doc/man7/openssl_user_macros.pod.in > doc/man7/openssl_user_macros.pod /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/bn_conf.h.in > include/crypto/bn_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/crypto/dso_conf.h.in > include/crypto/dso_conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1.h.in > include/openssl/asn1.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/asn1t.h.in > include/openssl/asn1t.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/bio.h.in > include/openssl/bio.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cmp.h.in > include/openssl/cmp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/cms.h.in > include/openssl/cms.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/conf.h.in > include/openssl/conf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/configuration.h.in > include/openssl/configuration.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crmf.h.in > include/openssl/crmf.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/crypto.h.in > include/openssl/crypto.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ct.h.in > include/openssl/ct.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/err.h.in > include/openssl/err.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ess.h.in > include/openssl/ess.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/fipskey.h.in > include/openssl/fipskey.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ocsp.h.in > include/openssl/ocsp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/opensslv.h.in > include/openssl/opensslv.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs12.h.in > include/openssl/pkcs12.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/pkcs7.h.in > include/openssl/pkcs7.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/safestack.h.in > include/openssl/safestack.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/srp.h.in > include/openssl/srp.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ssl.h.in > include/openssl/ssl.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/ui.h.in > include/openssl/ui.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509.h.in > include/openssl/x509.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509_vfy.h.in > include/openssl/x509_vfy.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/include/openssl/x509v3.h.in > include/openssl/x509v3.h /usr/bin/perl "-I." -Mconfigdata "../openssl/util/dofile.pl" "-oMakefile" ../openssl/test/provider_internal_test.cnf.in > test/provider_internal_test.cnf make depend && make _build_sw make[1]: Entering directory '/home/openssl/run-checker/no-sock' make[1]: Leaving directory '/home/openssl/run-checker/no-sock' make[1]: Entering directory '/home/openssl/run-checker/no-sock' clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_params.d.tmp -MT apps/lib/libapps-lib-app_params.o -c -o apps/lib/libapps-lib-app_params.o ../openssl/apps/lib/app_params.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_provider.d.tmp -MT apps/lib/libapps-lib-app_provider.o -c -o apps/lib/libapps-lib-app_provider.o ../openssl/apps/lib/app_provider.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_rand.d.tmp -MT apps/lib/libapps-lib-app_rand.o -c -o apps/lib/libapps-lib-app_rand.o ../openssl/apps/lib/app_rand.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-app_x509.d.tmp -MT apps/lib/libapps-lib-app_x509.o -c -o apps/lib/libapps-lib-app_x509.o ../openssl/apps/lib/app_x509.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps.d.tmp -MT apps/lib/libapps-lib-apps.o -c -o apps/lib/libapps-lib-apps.o ../openssl/apps/lib/apps.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-apps_ui.d.tmp -MT apps/lib/libapps-lib-apps_ui.o -c -o apps/lib/libapps-lib-apps_ui.o ../openssl/apps/lib/apps_ui.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-columns.d.tmp -MT apps/lib/libapps-lib-columns.o -c -o apps/lib/libapps-lib-columns.o ../openssl/apps/lib/columns.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-engine.d.tmp -MT apps/lib/libapps-lib-engine.o -c -o apps/lib/libapps-lib-engine.o ../openssl/apps/lib/engine.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-fmt.d.tmp -MT apps/lib/libapps-lib-fmt.o -c -o apps/lib/libapps-lib-fmt.o ../openssl/apps/lib/fmt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-http_server.d.tmp -MT apps/lib/libapps-lib-http_server.o -c -o apps/lib/libapps-lib-http_server.o ../openssl/apps/lib/http_server.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-names.d.tmp -MT apps/lib/libapps-lib-names.o -c -o apps/lib/libapps-lib-names.o ../openssl/apps/lib/names.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-opt.d.tmp -MT apps/lib/libapps-lib-opt.o -c -o apps/lib/libapps-lib-opt.o ../openssl/apps/lib/opt.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_cb.d.tmp -MT apps/lib/libapps-lib-s_cb.o -c -o apps/lib/libapps-lib-s_cb.o ../openssl/apps/lib/s_cb.c clang -I. -Iinclude -Iapps/include -I../openssl -I../openssl/include -I../openssl/apps/include -fPIC -pthread -m64 -Wa,--noexecstack -Qunused-arguments -Wall -O0 -g -DDEBUG_UNUSED -DPEDANTIC -pedantic -Wno-long-long -Wall -Wextra -Wno-unused-parameter -Wno-missing-field-initializers -Wswitch -Wsign-compare -Wshadow -Wformat -Wtype-limits -Wundef -Werror -Wmissing-prototypes -Wstrict-prototypes -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers -Wmissing-variable-declarations -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSLDIR="\"/usr/local/ssl\"" -DENGINESDIR="\"/usr/local/lib/engines-3\"" -DMODULESDIR="\"/usr/local/lib/ossl-modules\"" -DOPENSSL_BUILDING_OPENSSL -MMD -MF apps/lib/libapps-lib-s_socket.d.tmp -MT apps/lib/libapps-lib-s_socket.o -c -o apps/lib/libapps-lib-s_socket.o ../openssl/apps/lib/s_socket.c ../openssl/apps/lib/http_server.c:33:5: error: no previous extern declaration for non-static variable 'multi' [-Werror,-Wmissing-variable-declarations] int multi = 0; /* run multiple responder processes */ ^ 1 error generated. Makefile:4304: recipe for target 'apps/lib/libapps-lib-http_server.o' failed make[1]: *** [apps/lib/libapps-lib-http_server.o] Error 1 make[1]: *** Waiting for unfinished jobs.... make[1]: Leaving directory '/home/openssl/run-checker/no-sock' Makefile:3163: recipe for target 'build_sw' failed make: *** [build_sw] Error 2 From openssl at openssl.org Sat Oct 31 11:26:32 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 11:26:32 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Message-ID: <1604143592.792539.5760.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings enable-ubsan -DPEDANTIC -DOPENSSL_SMALL_FOOTPRINT -fno-sanitize=alignment Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # Server sent alert unexpected_message but client received no alert. # 4017685D8C7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_srvr.c:314: not ok 9 - iteration 9 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 25-cipher.cnf.default default => 1 not ok 6 - running ssl_test 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 2 tests of 9. not ok 26 - Test configuration 25-cipher.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #2, ECDHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40B738497F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 3 - iteration 3 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/sslcorrupttest.c:197 # Starting #3, DHE-RSA-CHACHA20-POLY1305 # ERROR: (int) 'SSL_get_error(clientssl, 0) == SSL_ERROR_WANT_READ' failed @ ../openssl/test/ssltestlib.c:1032 # [1] compared to [2] # ERROR: (bool) 'create_ssl_connection(server, client, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslcorrupttest.c:227 # false # 40B738497F7F0000:error::SSL routines::unexpected message:../openssl/ssl/statem/statem_clnt.c:396: not ok 4 - iteration 4 # ------------------------------------------------------------------------------ not ok 1 - test_ssl_corrupt # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslcorrupttest ../../../openssl/apps/server.pem ../../../openssl/apps/server.pem => 1 not ok 1 - running sslcorrupttest # ------------------------------------------------------------------------------ # Failed test 'running sslcorrupttest' # at ../openssl/test/recipes/80-test_sslcorrupt.t line 19. # Looks like you failed 1 test of 1.80-test_sslcorrupt.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls_mtu.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 26 Non-zero exit status: 1 80-test_sslcorrupt.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 Files=212, Tests=3592, 1576 wallclock secs (14.69 usr 1.46 sys + 1475.27 cusr 97.80 csys = 1589.22 CPU) Result: FAIL Makefile:3197: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/enable-ubsan' Makefile:3195: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 31 11:49:29 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 11:49:29 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-ui Message-ID: <1604144969.211752.26062.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-ui Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # Failed test 'p10cr csr non-existing file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd p10cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_p10cr4.pem -out_trusted root.crt -csr empty.txt => 139 not ok 78 - p10cr csr empty file # ------------------------------------------------------------------------------ # Failed test 'p10cr csr empty file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd ir -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_revreason.pem -out_trusted root.crt -revreason 5 => 139 not ok 79 - ir + ignored revocation # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd cr -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_cr.pem -out_trusted root.crt => 139 not ok 82 - cr # ------------------------------------------------------------------------------ # Failed test 'cr' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt => 139 not ok 83 - kur explicit options # ------------------------------------------------------------------------------ # Failed test 'kur explicit options' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -subject "" -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur_minimal.pem -oldcert "" -server '127.0.0.1:1700' -cert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -key new.key -extracerts issuing.crt -secret "" => 139 not ok 84 - kur minimal options # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey dir/ -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur2.pem -out_trusted root.crt -oldcert ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_newkey.pem -server '127.0.0.1:1700' => 139 not ok 86 - kur newkey is directory # ------------------------------------------------------------------------------ ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur5.pem -out_trusted root.crt -oldcert dir/ -server '127.0.0.1:1700' => 139 not ok 89 - kur oldcert is directory # ------------------------------------------------------------------------------ # Failed test 'kur oldcert is directory' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur6.pem -out_trusted root.crt -oldcert idontexist -server '127.0.0.1:1700' => 139 not ok 90 - kur oldcert not existing # ------------------------------------------------------------------------------ # Failed test 'kur oldcert not existing' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur7.pem -out_trusted root.crt -oldcert empty.txt -server '127.0.0.1:1700' => 139 not ok 91 - kur empty oldcert file # ------------------------------------------------------------------------------ # Failed test 'kur empty oldcert file' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. ../../../../../no-ui/util/wrap.pl ../../../../../no-ui/apps/openssl cmp -config ../Mock/test.cnf -section 'Mock enrollment' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.cert.pem -proxy '' -no_proxy 127.0.0.1 -cmd kur -newkey new.key -newkeypass 'pass:' -certout ../../../../../no-ui/test-runs/test_cmp_cli/test.certout_kur8.pem -out_trusted root.crt -cert "" -server '127.0.0.1:1700' => 139 not ok 92 - kur without cert and oldcert # ------------------------------------------------------------------------------ # Failed test 'kur without cert and oldcert' # at ../openssl/test/recipes/81-test_cmp_cli.t line 183. # Looks like you failed 66 tests of 92. not ok 7 - CMP app CLI Mock enrollment # ------------------------------------------------------------------------------ # # Failed test 'CMP app CLI Mock enrollment # ' # at /home/openssl/run-checker/no-ui/../openssl/util/perl/OpenSSL/Test.pm line 1335. # Looks like you failed 5 tests of 7.81-test_cmp_cli.t .................. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/7 subtests 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 81-test_cmp_cli.t (Wstat: 1280 Tests: 7 Failed: 5) Failed tests: 3-7 Non-zero exit status: 5 Files=212, Tests=3592, 763 wallclock secs (13.88 usr 1.50 sys + 654.46 cusr 66.10 csys = 735.94 CPU) Result: FAIL Makefile:3205: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-ui' Makefile:3203: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 31 14:26:37 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 14:26:37 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls Message-ID: <1604154397.249272.7247.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # 80-test_cms.t ...................... ok 80-test_cmsapi.t ................... ok 80-test_ct.t ....................... ok 80-test_dane.t ..................... ok 80-test_dtls.t ..................... skipped: No DTLS protocols are supported by this OpenSSL build 80-test_dtls_mtu.t ................. skipped: test_dtls_mtu needs DTLS and PSK support enabled 80-test_dtlsv1listen.t ............. ok 80-test_http.t ..................... ok 80-test_ocsp.t ..................... ok 80-test_pkcs12.t ................... ok # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 7 - iteration 7 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 8 - iteration 8 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 9 - iteration 9 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 10 - iteration 10 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 11 - iteration 11 # ------------------------------------------------------------------------------ # ERROR: (ptr) 'server_ctx != NULL' failed @ ../openssl/test/ssl_test.c:475 # 0x0 not ok 12 - iteration 12 # ------------------------------------------------------------------------------ not ok 1 - test_handshake # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/ssl_test 04-client_auth.cnf.fips fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 9 - running ssl_test 04-client_auth.cnf # ------------------------------------------------------------------------------ # Failed test 'running ssl_test 04-client_auth.cnf' # at ../openssl/test/recipes/80-test_ssl_new.t line 173. # Looks like you failed 1 test of 9. not ok 5 - Test configuration 04-client_auth.cnf # ------------------------------------------------------------------------------ # Looks like you failed 1 test of 31.80-test_ssl_new.t .................. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/31 subtests 80-test_ssl_old.t .................. ok 80-test_ssl_test_ctx.t ............. ok 80-test_sslcorrupt.t ............... ok 80-test_tsa.t ...................... ok 80-test_x509aux.t .................. ok # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... ok 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok 90-test_sslapi.t ................... ok 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_ssl_new.t (Wstat: 256 Tests: 31 Failed: 1) Failed test: 5 Non-zero exit status: 1 Files=212, Tests=3589, 729 wallclock secs (13.42 usr 1.21 sys + 660.85 cusr 65.89 csys = 741.37 CPU) Result: FAIL Makefile:3194: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls' Makefile:3192: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 31 17:00:13 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 17:00:13 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2 Message-ID: <1604163613.150479.13729.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2 Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C09011D67F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C09011D67F7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C09011D67F7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/pnP8zlyP9h default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A09E8FEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A09E8FEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A09E8FEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A09E8FEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0A09E8FEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0A09E8FEE7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/pnP8zlyP9h fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 730 wallclock secs (13.69 usr 1.21 sys + 659.56 cusr 67.72 csys = 742.18 CPU) Result: FAIL Makefile:3205: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2' Makefile:3203: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 31 19:12:08 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 19:12:08 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method Message-ID: <1604171528.909625.4869.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0009748DA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0009748DA7F0000:error::SSL routines::no suitable signature algorithm:../openssl/ssl/t1_lib.c:3330: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0009748DA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:618:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/wYU9RzQH6Q default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E04868297F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E04868297F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:843 # false not ok 3 - test_large_message_dtls # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E04868297F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E04868297F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1324 # false # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1402 # false not ok 4 - test_cleanse_plaintext # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0E04868297F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0E04868297F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:123:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6451 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ not ok 53 - test_ssl_pending # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/wYU9RzQH6Q fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. ok 90-test_tls13encryption.t .......... ok 90-test_tls13secrets.t ............. ok 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 80-test_dtls.t (Wstat: 256 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 1 80-test_ssl_new.t (Wstat: 1024 Tests: 31 Failed: 4) Failed tests: 5, 8, 17, 19 Non-zero exit status: 4 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3591, 743 wallclock secs (13.87 usr 1.41 sys + 670.41 cusr 67.64 csys = 753.33 CPU) Result: FAIL Makefile:3194: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method' Makefile:3192: recipe for target 'tests' failed make: *** [tests] Error 2 From openssl at openssl.org Sat Oct 31 19:56:11 2020 From: openssl at openssl.org (OpenSSL run-checker) Date: Sat, 31 Oct 2020 19:56:11 +0000 Subject: Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-tls1_3 Message-ID: <1604174171.400095.10781.nullmailer@run.openssl.org> Platform and configuration command: $ uname -a Linux run 4.15.0-106-generic #107-Ubuntu SMP Thu Jun 4 11:27:52 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-tls1_3 Commit log since last time: 231849bc9c Unify ssl3_get_cipher_by_std_name() implementation fcf6e9d056 crypto/poly1305/asm: fix armv8 pointer authentication 728d03b576 afalg: add a NULL pointer check 648cf9249e Rewrite the HPE NonStop Notes file in Markdown with more explanations. Build log ended with (last 100 lines): # 81-test_cmp_cli.t .................. ok 90-test_asn1_time.t ................ ok 90-test_async.t .................... ok 90-test_bio_enc.t .................. ok 90-test_bio_memleak.t .............. ok 90-test_constant_time.t ............ ok 90-test_fatalerr.t ................. ok 90-test_gmdiff.t ................... ok 90-test_gost.t ..................... skipped: TLSv1.3 or TLSv1.2 are disabled in this OpenSSL build 90-test_ige.t ...................... ok 90-test_includes.t ................. ok 90-test_memleak.t .................. ok 90-test_overhead.t ................. ok 90-test_secmem.t ................... ok 90-test_shlibload.t ................ ok 90-test_srp.t ...................... ok # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05077F3B87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05077F3B87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C05077F3B87F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C05077F3B87F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/927JlmwXxE default ../../../openssl/test/default.cnf => 1 not ok 1 - running sslapitest # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0406AC9CA7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0406AC9CA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 2 - iteration 2 # ------------------------------------------------------------------------------ # INFO: @ ../openssl/test/ssltestlib.c:964 # SSL_accept() failed -1, 1 # C0406AC9CA7F0000:error::SSL routines::no suitable digest algorithm:../openssl/ssl/s3_enc.c:413: # INFO: @ ../openssl/test/ssltestlib.c:946 # SSL_connect() failed -1, 1 # C0406AC9CA7F0000:error::SSL routines::tlsv1 alert internal error:../openssl/ssl/record/rec_layer_s3.c:1615:SSL alert number 80 # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:7907 # false not ok 3 - iteration 3 # ------------------------------------------------------------------------------ not ok 37 - test_sigalgs_available # ------------------------------------------------------------------------------ ../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/927JlmwXxE fips ../../../openssl/test/fips-and-base.cnf => 1 not ok 3 - running sslapitest # ------------------------------------------------------------------------------ # Failed test 'running sslapitest' # at ../openssl/test/recipes/90-test_sslapi.t line 45. # Looks like you failed 2 tests of 3.90-test_sslapi.t ................... Dubious, test returned 2 (wstat 512, 0x200) Failed 2/3 subtests 90-test_sslbuffers.t ............... ok 90-test_store.t .................... ok 90-test_sysdefault.t ............... ok 90-test_threads.t .................. ok 90-test_time_offset.t .............. ok 90-test_tls13ccs.t ................. skipped: test_tls13ccs is not supported in this build 90-test_tls13encryption.t .......... skipped: tls13encryption is not supported in this build 90-test_tls13secrets.t ............. skipped: tls13secrets is not supported in this build 90-test_v3name.t ................... ok 95-test_external_boringssl.t ....... skipped: No external tests in this configuration 95-test_external_gost_engine.t ..... skipped: No external tests in this configuration 95-test_external_krb5.t ............ skipped: No external tests in this configuration 95-test_external_pyca.t ............ skipped: No external tests in this configuration 99-test_ecstress.t ................. ok 99-test_fuzz.t ..................... ok Test Summary Report ------------------- 90-test_sslapi.t (Wstat: 512 Tests: 3 Failed: 2) Failed tests: 1, 3 Non-zero exit status: 2 Files=212, Tests=3513, 693 wallclock secs (12.33 usr 1.37 sys + 622.25 cusr 63.64 csys = 699.59 CPU) Result: FAIL Makefile:3187: recipe for target '_tests' failed make[1]: *** [_tests] Error 1 make[1]: Leaving directory '/home/openssl/run-checker/no-tls1_3' Makefile:3185: recipe for target 'tests' failed make: *** [tests] Error 2