Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2

OpenSSL run-checker openssl at openssl.org
Fri Jan 15 21:48:19 UTC 2021


Platform and configuration command:

$ uname -a
Linux run 5.4.0-52-generic #57-Ubuntu SMP Thu Oct 15 10:57:00 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

8bc5b0a570 chacha20: Properly reinitialize the cipher context with NULL key
2ed63033e4 x509v3.h.in: Deprecate CTX_TEST and replace it by X509V3_CTX_TEST
04a1b3fa7b apps/req.c: Make sure -verify option takes effect also with -x509
0ae8d4ca9e apps/req.c: Cosmetic improvements of code and documentation
73b1d24c1a crypto/x509: Rename v3_{skey,skid}.c, v3_{akey,akid}.c, v3_{alt,san}.c
b65c5ec8f5 apps/req.c: Add -copy_extensions option for use with -x509; default: none
41e597a01d Add X509V3_set_issuer_pkey, needed for AKID of self-issued not self-signed cert
ea9fd333d1 apps/req.c: make -subj work with -x509; clean up related code
7836f949c2 X509_PUBKEY_set(): Fix error reporting
855c68163b apps/lib/opt.c: Fix error message on unknown option/digest
f0a057dd53 Add tests for (non-)default SKID and AKID inclusion by apps/{req,x509,ca}.c
6ad957f127 apps/req.c: add -CA and -CAkey options; improve code and doc
1579594383 APPS: Allow OPENSSL_CONF to be empty, not loading a config file
ec2bfb7d23 apps/{req,x509,ca}.c Make sure certs have SKID and AKID X.509 extensions by default
f2a0458731 X509_cmp(): Fix comparison in case x509v3_cache_extensions() failed to due to invalid cert
3339606a38 d2i_X509(): Make deallocation behavior consistent with d2i_X509_AUX()
48116c2d0f Fix incorrect use of BN_CTX API
1dccccf333 Fix enable-weak-ssl-ciphers
4dd009180a x509_vfy.c: Fix a regression in find_issuer()
0cbb3602f5 Make PEM_X509_INFO_read_bio_ex() conservative on the error queue
0b7368dda0 TEST: move cert, key, and CSR loading aux functions to new testutil/load.c
bf973d0697 Add X509_NAME_hash_ex() to be able to check if it failed due to unsupported SHA1
5a2d0ef36f Clean away extraneous library specific FETCH_FAILED reason codes
d6d42cda5f Use centralized fetching errors
0d11846e4b Remove duplicate GENERATE declarations for .pod files
2497e2e7db Configure: warn about duplicate GENERATE declarations in build.info files
5e16ac142e Configure: clean away perl syntax faults
507f83800f Configure: Check all SOURCE declarations, to ensure consistency
b209835364 v3_ocsp.c: fix indentation of include directives
3ddf44ea5a Close /dev/crypto file descriptor after CRIOGET ioctl().
678cae0295 APPS: Print help also on -h and --h; print high-level help when no cmd given
3372039252 APPS: Fix confusion between program and app/command name used in diagnostic/help output
046a7aaa5e apps/pkey.c: Forther improve user guidance, also on non-sensical option combinations
1f7643e86e apps/pkey.c: Re-order help output and option documentation
475d10028e apps/pkey.c: Make clear that -passout is not supported for DER output
400e2acfe0 apps.c: Fix crash in case uri arg of IS_HTTP or IS_HTTPS is NULL

Build log ended with (last 100 lines):

        # SSL_accept() failed -1, 1
        # 8011A82D337F0000:error:0A000076:SSL routines:tls_choose_sigalg:no suitable signature algorithm:../openssl/ssl/t1_lib.c:3308:
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:942
        # SSL_connect() failed -1, 1
        # 8011A82D337F0000:error:0A000438:SSL routines:dtls1_read_bytes:tlsv1 alert internal error:../openssl/ssl/record/rec_layer_d1.c:613:SSL alert number 80
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6482
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/fxSmPBPIEM default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:942
    # SSL_connect() failed -1, 1
    # 80B10764687F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:960
    # SSL_accept() failed -1, 1
    # 80B10764687F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:852
    # false
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:942
    # SSL_connect() failed -1, 1
    # 80B10764687F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:960
    # SSL_accept() failed -1, 1
    # 80B10764687F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1333
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1411
    # false
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:942
        # SSL_connect() failed -1, 1
        # 80B10764687F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:960
        # SSL_accept() failed -1, 1
        # 80B10764687F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6482
        # false
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    not ok 53 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/fxSmPBPIEM fips ../../../openssl/test/fips-and-base.cnf => 1
not ok 3 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 45.
# Looks like you failed 2 tests of 3.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/3 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
91-test_pkey_check.t ............... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz_asn1.t ................ ok
99-test_fuzz_asn1parse.t ........... ok
99-test_fuzz_bignum.t .............. ok
99-test_fuzz_bndiv.t ............... ok
99-test_fuzz_client.t .............. ok
99-test_fuzz_cmp.t ................. ok
99-test_fuzz_cms.t ................. ok
99-test_fuzz_conf.t ................ ok
99-test_fuzz_crl.t ................. ok
99-test_fuzz_ct.t .................. ok
99-test_fuzz_server.t .............. ok
99-test_fuzz_x509.t ................ ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 768 Tests: 31 Failed: 3)
  Failed tests:  8, 17, 19
  Non-zero exit status: 3
90-test_sslapi.t                 (Wstat: 512 Tests: 3 Failed: 2)
  Failed tests:  1, 3
  Non-zero exit status: 2
Files=228, Tests=3592, 927 wallclock secs (14.36 usr  1.29 sys + 834.34 cusr 89.14 csys = 939.13 CPU)
Result: FAIL
make[1]: *** [Makefile:3261: _tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
make: *** [Makefile:3258: tests] Error 2


More information about the openssl-commits mailing list