Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dtls1_2

OpenSSL run-checker openssl at openssl.org
Wed Mar 10 01:08:15 UTC 2021


Platform and configuration command:

$ uname -a
Linux run 5.4.0-65-generic #73-Ubuntu SMP Mon Jan 18 17:25:17 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
$ CC=clang ../openssl/config -d --strict-warnings no-dtls1_2

Commit log since last time:

a2c911c2d0 Restore GOST macros compatibility with 1.1.1
9293046fb4 apps/x509.c: Rename -signkey to -key for consistency with the req app
2de5d3b87a HTTP: Fix BIO_mem_d2i() on NULL mem input
676d879cb2 http_local.h: Remove unused declaration of HTTP_sendreq_bio()
73e6e3e03e Simplify OCSP_sendreq_bio()
0dca5ede0d Make more use of X509_add_certs(); minor related code & comments cleanup
9b9d24f033 OCSP_resp_find_status.pod: Complete the RETURN VALUES section
f477cdfadd crypto/ocsp/ocsp_cl.c: coding style improvements
29ce1066bc Update the demos/README file because it is really old. New demos should provide best practice for API use. Add demonstration for computing a SHA3-512 digest - digest/EVP_MD_demo
a7a041c230 CI external tests: separate each external test into its own phase
1ddea35bd4 CI external test: for now run only the krb5 and gost_engine tests
ec69d5c9a8 gost_engine test: further cleanups and fixes
b414c8118d gost_engine test: Run also perl and tcl tests
996d2693e2 CI: add job with external tests
c3a85d3d17 DOCS: Document OSSL_STORE_INFO_PUBKEY in doc/man3/OSSL_STORE_INFO.pod
c2ec2bb7c1 Make provider provider_init thread safe, and flag checking/setting too
d60a8e0a23 Make ossl_provider_disable_fallback_loading() thread safe
2f17e978a0 test/threadstest.c: Add a test to load providers concurrently
8c631cfaa1 ecx_set_priv_key: Try to obtain libctx from the pkey's keymgmt
2ad5bbe320 bn_ctx.c: Remove TODO 3.0 related to tracing in FIPS module
20cca4db9c ecx_set_priv_key: Remove TODO 3.0 related to setting libctx
22cd04143b do_sigver_init: Remove fallback for missing provider implementations.
0be6cf0c7e Remove some of the TODO 3.0 in crypto/evp related to legacy support.
bffe3ae7b8 crypto/param_build_set.c: Remove irrelevant TODO 3.0
f40fa7b9ad crypto/ppccap.c: Remove useless TODO 3.0
946bdd12a0 include/crypto: Remove TODOs that are irrelevant for 3.0
9522f0a6a9 include/internal: Remove TODOs that are irrelevant for 3.0
2c8a740a9f test/x509: Test for issuer being overwritten when printing.
39a61e69b8 OSSL_STORE: restore diagnostics on decrypt error; provide password hints
e3a2ba7547 crypto: rename error flags in internal structures
33ac7b324b Add a new test recipe to verify the generated test fipsmodule.cnf
c9b0214ede Fix the perl code to get FIPSMODULENAME
e25b4db754 TEST: Remove the build of fipsmodule.cnf from test recipes
e9d74dbd36 APPS: Modify 'fipsinstall' to output all notifications on stderr
05869bba7f Make 'tests' depend on a generated 'providers/fipsmodule.cnf'
79f47ef507 build.info: Make it possible to use compiled programs as generators
3f399e3787 build.info: Add the possibility to add dependencies on raw targets
8593ff00cc DOCS: Fix provider-mac.pod and the docs of our implementations
cb54d1b9d7 doc: add a note to the RAND_get0_ calls indicating how to set the DRBG type.
f21afe6360 ossl_rsa_sp800_56b_check_public: Be more lenient with small keys
87994aa847 rand: remove FIPS mode conditional code.
fb67126ea8 EVP_PKEY_CTX_get/settable_params: pass provider operation context
4e4ae84056 Fix NULL access in ssl_build_cert_chain() when ctx is NULL.
81f9af3460 Remove todos in decode_der2key.c and decode_ms2key.c
77b03f0e8f Improve error reporting in key exchange provider implementations
f5c629a00a Remove unused MAX_TLS_MAC_SIZE define
fffb67343e Remove todos in providers/implementations/include/prov
8d05a65256 Resolve TODOs in signature implementations.
f378755d62 statem_lib.c: Remove TODOs that are unnecessary
5e2f580d4a test_ssl_new: X448, X25519, and EdDSA are supported with fips
21b7dfa8ad evp_extra_test2: Remove TODO 3.0
b3c155b83c evp_extra_test: Remove TODO comment as setting the curve is mandatory
d36a5dd05e Fix a copy&paste error in evp_extra_test
d7d8e2c894 Fix compiling error on arm
025c0f5289 openssl-cmp.pod.in: replace the term 'verify' by the more correct 'validate'
dd5fa5f5af CMP: On NULL-DN subject or issuer input omit field in cert template
e1f946630f test: use the new set public and private together call
740582cfaf test: add utility function to set the fake random callback on both the public and private instances
fccdb61aee test: update ECDSA and SM2 internal tests in line with the fake_random change
5a11de50a4 test: update test_random to create real contexts instead of sharing one
0647162f6a make update
bed963d58d Fix build of /dev/crypto engine with no-dynamic-engine option
b0aae91324 Remove RSA SSLv23 padding mode
d546e8e267 Generalize schmeme parsing of OSSL_HTTP_parse_url() to OSSL_parse_url()
7932982b88 OSSL_HTTP_parse_url(): Handle any userinfo, query, and fragment components

Build log ended with (last 100 lines):

        # false
        # OPENSSL_TEST_RAND_ORDER=1615337835
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    # OPENSSL_TEST_RAND_ORDER=1615337835
    not ok 56 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/ZMnAgsYWxX default ../../../openssl/test/default.cnf => 1
not ok 1 - running sslapitest
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
    # SSL_connect() failed -1, 1
    # 80D14A7DD07F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:975
    # SSL_accept() failed -1, 1
    # 80D14A7DD07F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:999
    # false
    # OPENSSL_TEST_RAND_ORDER=1615337848
    not ok 3 - test_large_message_dtls
# ------------------------------------------------------------------------------
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
    # SSL_connect() failed -1, 1
    # 80D14A7DD07F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # INFO:  @ ../openssl/test/helpers/ssltestlib.c:975
    # SSL_accept() failed -1, 1
    # 80D14A7DD07F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
    # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:1480
    # false
    # ERROR: (bool) 'execute_cleanse_plaintext(DTLS_server_method(), DTLS_client_method(), DTLS1_VERSION, 0) == true' failed @ ../openssl/test/sslapitest.c:1558
    # false
    # OPENSSL_TEST_RAND_ORDER=1615337848
    not ok 4 - test_cleanse_plaintext
# ------------------------------------------------------------------------------
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:957
        # SSL_connect() failed -1, 1
        # 80D14A7DD07F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
        # INFO:  @ ../openssl/test/helpers/ssltestlib.c:975
        # SSL_accept() failed -1, 1
        # 80D14A7DD07F0000:error:0A000129:SSL routines:tls_setup_handshake:no suitable digest algorithm:../openssl/ssl/statem/statem_lib.c:121:The max supported SSL/TLS version needs the MD5-SHA1 digest but it is not available in the loaded providers. Use (D)TLSv1.2 or above, or load different providers
        # ERROR: (bool) 'create_ssl_connection(serverssl, clientssl, SSL_ERROR_NONE) == true' failed @ ../openssl/test/sslapitest.c:6629
        # false
        # OPENSSL_TEST_RAND_ORDER=1615337848
        not ok 2 - iteration 2
# ------------------------------------------------------------------------------
    # OPENSSL_TEST_RAND_ORDER=1615337848
    not ok 56 - test_ssl_pending
# ------------------------------------------------------------------------------
../../util/wrap.pl ../../test/sslapitest ../../../openssl/test/certs ../../../openssl/test/recipes/90-test_sslapi_data/passwd.txt /tmp/ZMnAgsYWxX fips ../../../openssl/test/fips-and-base.cnf => 1
not ok 2 - running sslapitest
# ------------------------------------------------------------------------------
#   Failed test 'running sslapitest'
#   at ../openssl/test/recipes/90-test_sslapi.t line 38.
# Looks like you failed 2 tests of 2.90-test_sslapi.t ................... 
Dubious, test returned 2 (wstat 512, 0x200)
Failed 2/2 subtests 
90-test_sslbuffers.t ............... ok
90-test_store.t .................... ok
90-test_sysdefault.t ............... ok
90-test_threads.t .................. ok
90-test_time_offset.t .............. ok
90-test_tls13ccs.t ................. ok
90-test_tls13encryption.t .......... ok
90-test_tls13secrets.t ............. ok
90-test_v3name.t ................... ok
91-test_pkey_check.t ............... ok
95-test_external_boringssl.t ....... skipped: No external tests in this configuration
95-test_external_gost_engine.t ..... skipped: No external tests in this configuration
95-test_external_krb5.t ............ skipped: No external tests in this configuration
95-test_external_pyca.t ............ skipped: No external tests in this configuration
99-test_ecstress.t ................. ok
99-test_fuzz_asn1.t ................ ok
99-test_fuzz_asn1parse.t ........... ok
99-test_fuzz_bignum.t .............. ok
99-test_fuzz_bndiv.t ............... ok
99-test_fuzz_client.t .............. ok
99-test_fuzz_cmp.t ................. ok
99-test_fuzz_cms.t ................. ok
99-test_fuzz_conf.t ................ ok
99-test_fuzz_crl.t ................. ok
99-test_fuzz_ct.t .................. ok
99-test_fuzz_server.t .............. ok
99-test_fuzz_x509.t ................ ok

Test Summary Report
-------------------
80-test_dtls.t                   (Wstat: 256 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 1
80-test_ssl_new.t                (Wstat: 768 Tests: 30 Failed: 3)
  Failed tests:  7, 16, 18
  Non-zero exit status: 3
90-test_sslapi.t                 (Wstat: 512 Tests: 2 Failed: 2)
  Failed tests:  1-2
  Non-zero exit status: 2
Files=233, Tests=3281, 1008 wallclock secs (14.40 usr  1.29 sys + 919.10 cusr 88.60 csys = 1023.39 CPU)
Result: FAIL
make[1]: *** [Makefile:3272: _tests] Error 1
make[1]: Leaving directory '/home/openssl/run-checker/no-dtls1_2'
make: *** [Makefile:3269: tests] Error 2


More information about the openssl-commits mailing list