Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2-method

OpenSSL run-checker openssl at openssl.org
Wed Feb 10 01:12:28 UTC 2021


Platform and configuration command:

$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2-method

Commit log since last time:

64954e2f34 Fix race condition & allow operation cache to grow.
11ddbf8459 Add X509_STORE_CTX_verify(), which takes the first untrusted cert as default target
2bb05a9668 PROV: Fix encoding of MDWithRSAEncryption signature AlgorithmID
5682e77dff Fix the cipher_overhead_test
e376242d28 Remove all OPENSSL_NO_XXX from libssl where XXX is a crypto alg
462f4f4bc0 Remove OPENSSL_NO_EC guards from libssl
54e3efff81 Make sure we don't use sigalgs that are not available
306b8e7e19 Add the nist group names as aliases for the normal TLS group names
3de751e7f0 Remove compile time guard checking from ssl3_get_req_cert_type
05b4b85d4b Check for availability of ciphersuites at run time
a763ca1177 Stop disabling TLSv1.3 if ec and dh are disabled
8b1db5d329 Make supported_groups code independent of EC and DH
ddf8f1ce63 Ensure default supported groups works even with no-ec and no-dh
5b64ce89b0 Remove OPENSSL_NO_DH guards from libssl
9ca08f91e9 Makefile template: Allow separate generation of .pod.in -> .pod
b8393eae22 DOCS: Remove the "global" dependency on writing .pod files from .pod.in
388eb0d970 TEST: Add an algorithm ID tester for libcrypto vs provider
93d6132a79 EVP: use evp_pkey_copy_downgraded() in EVP_PKEY_copy_parameters()
93bae03abf dev/release.sh: Fix typo
1e3affbbcd Remove the old DEPRECATEDIN macros
e337b82410 ERR: Rebuild all generated error headers and source files
b14c8465c0 ERR: clean away everything related to _F_ macros from util/mkerr.pl
bbde856619 RSA: properly generate algorithm identifier for RSA-PSS signatures
26372a4d44 provider-signature.pod: Fix formatting.
e60147fe74 Don't make pthreads mutexes recursive.
05f41859dd Switch to BIO_snprintf to avoid missing symbol problems on Windows
76624df15f EVP: Adapt EVP_PKEY_{set1,get1}_encoded_public_key()
d82c7f3dba EVP: Modify the checks in EVP_PKEY_{set,get}_xxx_param() functions
13e85fb321 EVP: Adapt the other EVP_PKEY_set_xxx_param() functions
f4a3799cc4 EVP: Make EVP_PKEY_set_params() increment the dirty count
7dc67708c8 apps/openssl: add -propquery command line option
88444854af x509_vfy.c: Improve coding style and comments all over the file
af4d6c26af Remove a DSA related TODO
08cea586c9 Remove some TODO(OpenSSL1.2) references
a7246ea645 DH/DHX parameter check using pkeyparam
d53b437f99 Allow NULL arg to OPENSSL_sk_{dup,deep_copy} returning empty stack
b91a13f429 run_tests.pl: Improve diagnostics on the use of HARNESS_JOBS
c87bcdbde4 test/recipes: split 81_test_cmp_cli.t, add test using -engine loader_attic
03da39a768 apps/cmp.c: check and exit on engine load error
acfccbd5ee openssl.pod: Add documentation for using the loader_attic engine
8549b97214 Fix a use after free issue when a provider context is being used and isn't cached

Build log ended with (last 100 lines):

        # SSL_accept() failed -1, 1
        # 803122952F7F0000:error:0A000076:SSL routines:tls_choose_sigalg:no suitable signature algorithm:../openssl/ssl/t1_lib.c:3305:
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
        # SSL_connect() failed -1, 1
        # 803122952F7F0000:error:0A000438:SSL routines:dtls1_read_bytes:tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:613:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6577
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 54 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/DprjbcE9rd default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
    # SSL_connect() failed -1, 1
    # 80F1E73D2D7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:975
    # SSL_accept() failed -1, 1
    # 80F1E73D2D7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:947
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
    # SSL_connect() failed -1, 1
    # 80F1E73D2D7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:975
    # SSL_accept() failed -1, 1
    # 80F1E73D2D7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1428
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1506
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
        # SSL_connect() failed -1, 1
        # 80F1E73D2D7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:975
        # SSL_accept() failed -1, 1
        # 80F1E73D2D7F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6577
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 54 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/DprjbcE9rd fips ../../../openssl/test/fips-and-base.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
91-test_pkey_check.t ............... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz_asn1.t ................ ok
99-test_fuzz_asn1parse.t ........... ok
99-test_fuzz_bignum.t .............. ok
99-test_fuzz_bndiv.t ............... ok
99-test_fuzz_client.t .............. ok
99-test_fuzz_cmp.t ................. ok
99-test_fuzz_cms.t ................. ok
99-test_fuzz_conf.t ................ ok
99-test_fuzz_crl.t ................. ok
99-test_fuzz_ct.t .................. ok
99-test_fuzz_server.t .............. ok
99-test_fuzz_x509.t ................ ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 768 Tests: 31 Failed: 3)
  Failed tests:  8, 17, 19
  Non-zero exit status: 3
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=231, Tests=3266, 892 wallclock secs (14.41 usr  1.37 sys + 799.02 cusr 94.42 csys = 909.22 CPU)
Result: FAIL
make[1]: *** [Makefile:3261: _tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2-method'
make: *** [Makefile:3258: tests] Error 2


More information about the openssl-commits mailing list