svn commit: r261035 - in vendor-crypto/openssl/dist: . apps crypto crypto/aes/asm crypto/asn1 crypto/bio crypto/bn crypto/bn/asm crypto/buffer crypto/ec crypto/engine crypto/evp crypto/modes crypto...
Jung-uk Kim
jkim at FreeBSD.org
Wed Jan 22 19:27:17 UTC 2014
Author: jkim
Date: Wed Jan 22 19:27:13 2014
New Revision: 261035
URL: http://svnweb.freebsd.org/changeset/base/261035
Log:
Import OpenSSL 1.0.1f.
Approved by: so (delphij), benl (silence)
Modified:
vendor-crypto/openssl/dist/CHANGES
vendor-crypto/openssl/dist/Configure
vendor-crypto/openssl/dist/FREEBSD-Xlist
vendor-crypto/openssl/dist/FREEBSD-upgrade
vendor-crypto/openssl/dist/Makefile
vendor-crypto/openssl/dist/Makefile.org
vendor-crypto/openssl/dist/NEWS
vendor-crypto/openssl/dist/README
vendor-crypto/openssl/dist/apps/Makefile
vendor-crypto/openssl/dist/apps/apps.h
vendor-crypto/openssl/dist/apps/openssl.c
vendor-crypto/openssl/dist/apps/pkcs12.c
vendor-crypto/openssl/dist/config
vendor-crypto/openssl/dist/crypto/Makefile
vendor-crypto/openssl/dist/crypto/aes/asm/aes-parisc.pl
vendor-crypto/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl
vendor-crypto/openssl/dist/crypto/armcap.c
vendor-crypto/openssl/dist/crypto/asn1/a_int.c
vendor-crypto/openssl/dist/crypto/bio/bss_dgram.c
vendor-crypto/openssl/dist/crypto/bn/Makefile
vendor-crypto/openssl/dist/crypto/bn/asm/mips-mont.pl
vendor-crypto/openssl/dist/crypto/bn/asm/mips.pl
vendor-crypto/openssl/dist/crypto/bn/asm/parisc-mont.pl
vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-gf2m.pl
vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl
vendor-crypto/openssl/dist/crypto/bn/bn_nist.c
vendor-crypto/openssl/dist/crypto/buffer/buffer.c
vendor-crypto/openssl/dist/crypto/buffer/buffer.h
vendor-crypto/openssl/dist/crypto/ec/ec_ameth.c
vendor-crypto/openssl/dist/crypto/ec/ec_asn1.c
vendor-crypto/openssl/dist/crypto/ec/ec_lib.c
vendor-crypto/openssl/dist/crypto/engine/eng_rdrand.c
vendor-crypto/openssl/dist/crypto/evp/Makefile
vendor-crypto/openssl/dist/crypto/evp/digest.c
vendor-crypto/openssl/dist/crypto/evp/e_aes.c
vendor-crypto/openssl/dist/crypto/evp/e_aes_cbc_hmac_sha1.c
vendor-crypto/openssl/dist/crypto/evp/e_des3.c
vendor-crypto/openssl/dist/crypto/evp/p5_crpt2.c
vendor-crypto/openssl/dist/crypto/modes/Makefile
vendor-crypto/openssl/dist/crypto/modes/asm/ghash-parisc.pl
vendor-crypto/openssl/dist/crypto/modes/cbc128.c
vendor-crypto/openssl/dist/crypto/modes/ccm128.c
vendor-crypto/openssl/dist/crypto/modes/cts128.c
vendor-crypto/openssl/dist/crypto/modes/gcm128.c
vendor-crypto/openssl/dist/crypto/modes/modes_lcl.h
vendor-crypto/openssl/dist/crypto/opensslv.h
vendor-crypto/openssl/dist/crypto/pariscid.pl
vendor-crypto/openssl/dist/crypto/pem/pem_info.c
vendor-crypto/openssl/dist/crypto/pkcs12/p12_crt.c
vendor-crypto/openssl/dist/crypto/rand/md_rand.c
vendor-crypto/openssl/dist/crypto/rand/rand.h
vendor-crypto/openssl/dist/crypto/rand/rand_err.c
vendor-crypto/openssl/dist/crypto/rand/rand_lib.c
vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-parisc.pl
vendor-crypto/openssl/dist/crypto/rsa/rsa_ameth.c
vendor-crypto/openssl/dist/crypto/rsa/rsa_chk.c
vendor-crypto/openssl/dist/crypto/rsa/rsa_pmeth.c
vendor-crypto/openssl/dist/crypto/sha/Makefile
vendor-crypto/openssl/dist/crypto/sha/asm/sha1-parisc.pl
vendor-crypto/openssl/dist/crypto/sha/asm/sha1-x86_64.pl
vendor-crypto/openssl/dist/crypto/sha/asm/sha512-mips.pl
vendor-crypto/openssl/dist/crypto/sha/asm/sha512-parisc.pl
vendor-crypto/openssl/dist/crypto/sha/sha512.c
vendor-crypto/openssl/dist/crypto/srp/srp_grps.h
vendor-crypto/openssl/dist/crypto/srp/srp_lib.c
vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c
vendor-crypto/openssl/dist/crypto/x509/x_all.c
vendor-crypto/openssl/dist/crypto/x86cpuid.pl
vendor-crypto/openssl/dist/doc/apps/rsa.pod
vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_get_error.pod
vendor-crypto/openssl/dist/doc/crypto/ecdsa.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_client_CA_list.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_options.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_use_psk_identity_hint.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_accept.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_connect.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_do_handshake.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_shutdown.pod
vendor-crypto/openssl/dist/engines/ccgost/gost89.h
vendor-crypto/openssl/dist/ssl/d1_both.c
vendor-crypto/openssl/dist/ssl/d1_clnt.c
vendor-crypto/openssl/dist/ssl/d1_lib.c
vendor-crypto/openssl/dist/ssl/d1_pkt.c
vendor-crypto/openssl/dist/ssl/d1_srvr.c
vendor-crypto/openssl/dist/ssl/s23_clnt.c
vendor-crypto/openssl/dist/ssl/s3_both.c
vendor-crypto/openssl/dist/ssl/s3_clnt.c
vendor-crypto/openssl/dist/ssl/s3_lib.c
vendor-crypto/openssl/dist/ssl/s3_pkt.c
vendor-crypto/openssl/dist/ssl/s3_srvr.c
vendor-crypto/openssl/dist/ssl/ssl.h
vendor-crypto/openssl/dist/ssl/ssl3.h
vendor-crypto/openssl/dist/ssl/ssl_lib.c
vendor-crypto/openssl/dist/ssl/ssl_locl.h
vendor-crypto/openssl/dist/ssl/ssltest.c
vendor-crypto/openssl/dist/ssl/t1_enc.c
vendor-crypto/openssl/dist/ssl/t1_lib.c
vendor-crypto/openssl/dist/util/shlib_wrap.sh
Modified: vendor-crypto/openssl/dist/CHANGES
==============================================================================
--- vendor-crypto/openssl/dist/CHANGES Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/CHANGES Wed Jan 22 19:27:13 2014 (r261035)
@@ -2,9 +2,31 @@
OpenSSL CHANGES
_______________
+ Changes between 1.0.1e and 1.0.1f [6 Jan 2014]
+
+ *) Fix for TLS record tampering bug. A carefully crafted invalid
+ handshake could crash OpenSSL with a NULL pointer exception.
+ Thanks to Anton Johansson for reporting this issues.
+ (CVE-2013-4353)
+
+ *) Keep original DTLS digest and encryption contexts in retransmission
+ structures so we can use the previous session parameters if they need
+ to be resent. (CVE-2013-6450)
+ [Steve Henson]
+
+ *) Add option SSL_OP_SAFARI_ECDHE_ECDSA_BUG (part of SSL_OP_ALL) which
+ avoids preferring ECDHE-ECDSA ciphers when the client appears to be
+ Safari on OS X. Safari on OS X 10.8..10.8.3 advertises support for
+ several ECDHE-ECDSA ciphers, but fails to negotiate them. The bug
+ is fixed in OS X 10.8.4, but Apple have ruled out both hot fixing
+ 10.8..10.8.3 and forcing users to upgrade to 10.8.4 or newer.
+ [Rob Stradling, Adam Langley]
+
Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
- *)
+ *) Correct fix for CVE-2013-0169. The original didn't work on AES-NI
+ supporting platforms or when small records were transferred.
+ [Andy Polyakov, Steve Henson]
Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
@@ -404,6 +426,63 @@
Add command line options to s_client/s_server.
[Steve Henson]
+ Changes between 1.0.0j and 1.0.0k [5 Feb 2013]
+
+ *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+ This addresses the flaw in CBC record processing discovered by
+ Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+ at: http://www.isg.rhul.ac.uk/tls/
+
+ Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+ Security Group at Royal Holloway, University of London
+ (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+ Emilia Käsper for the initial patch.
+ (CVE-2013-0169)
+ [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+ *) Return an error when checking OCSP signatures when key is NULL.
+ This fixes a DoS attack. (CVE-2013-0166)
+ [Steve Henson]
+
+ *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+ the right response is stapled. Also change SSL_get_certificate()
+ so it returns the certificate actually sent.
+ See http://rt.openssl.org/Ticket/Display.html?id=2836.
+ (This is a backport)
+ [Rob Stradling <rob.stradling at comodo.com>]
+
+ *) Fix possible deadlock when decoding public keys.
+ [Steve Henson]
+
+ Changes between 1.0.0i and 1.0.0j [10 May 2012]
+
+ [NB: OpenSSL 1.0.0i and later 1.0.0 patch levels were released after
+ OpenSSL 1.0.1.]
+
+ *) Sanity check record length before skipping explicit IV in DTLS
+ to fix DoS attack.
+
+ Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+ fuzzing as a service testing platform.
+ (CVE-2012-2333)
+ [Steve Henson]
+
+ *) Initialise tkeylen properly when encrypting CMS messages.
+ Thanks to Solar Designer of Openwall for reporting this issue.
+ [Steve Henson]
+
+ Changes between 1.0.0h and 1.0.0i [19 Apr 2012]
+
+ *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+ BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+ in CRYPTO_realloc_clean.
+
+ Thanks to Tavis Ormandy, Google Security Team, for discovering this
+ issue and to Adam Langley <agl at chromium.org> for fixing it.
+ (CVE-2012-2110)
+ [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
Changes between 1.0.0g and 1.0.0h [12 Mar 2012]
*) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
@@ -1394,6 +1473,86 @@
*) Change 'Configure' script to enable Camellia by default.
[NTT]
+ Changes between 0.9.8x and 0.9.8y [5 Feb 2013]
+
+ *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
+
+ This addresses the flaw in CBC record processing discovered by
+ Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
+ at: http://www.isg.rhul.ac.uk/tls/
+
+ Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
+ Security Group at Royal Holloway, University of London
+ (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
+ Emilia Käsper for the initial patch.
+ (CVE-2013-0169)
+ [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
+
+ *) Return an error when checking OCSP signatures when key is NULL.
+ This fixes a DoS attack. (CVE-2013-0166)
+ [Steve Henson]
+
+ *) Call OCSP Stapling callback after ciphersuite has been chosen, so
+ the right response is stapled. Also change SSL_get_certificate()
+ so it returns the certificate actually sent.
+ See http://rt.openssl.org/Ticket/Display.html?id=2836.
+ (This is a backport)
+ [Rob Stradling <rob.stradling at comodo.com>]
+
+ *) Fix possible deadlock when decoding public keys.
+ [Steve Henson]
+
+ Changes between 0.9.8w and 0.9.8x [10 May 2012]
+
+ *) Sanity check record length before skipping explicit IV in DTLS
+ to fix DoS attack.
+
+ Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic
+ fuzzing as a service testing platform.
+ (CVE-2012-2333)
+ [Steve Henson]
+
+ *) Initialise tkeylen properly when encrypting CMS messages.
+ Thanks to Solar Designer of Openwall for reporting this issue.
+ [Steve Henson]
+
+ Changes between 0.9.8v and 0.9.8w [23 Apr 2012]
+
+ *) The fix for CVE-2012-2110 did not take into account that the
+ 'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an
+ int in OpenSSL 0.9.8, making it still vulnerable. Fix by
+ rejecting negative len parameter. (CVE-2012-2131)
+ [Tomas Hoger <thoger at redhat.com>]
+
+ Changes between 0.9.8u and 0.9.8v [19 Apr 2012]
+
+ *) Check for potentially exploitable overflows in asn1_d2i_read_bio
+ BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer
+ in CRYPTO_realloc_clean.
+
+ Thanks to Tavis Ormandy, Google Security Team, for discovering this
+ issue and to Adam Langley <agl at chromium.org> for fixing it.
+ (CVE-2012-2110)
+ [Adam Langley (Google), Tavis Ormandy, Google Security Team]
+
+ Changes between 0.9.8t and 0.9.8u [12 Mar 2012]
+
+ *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness
+ in CMS and PKCS7 code. When RSA decryption fails use a random key for
+ content decryption and always return the same error. Note: this attack
+ needs on average 2^20 messages so it only affects automated senders. The
+ old behaviour can be reenabled in the CMS code by setting the
+ CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where
+ an MMA defence is not necessary.
+ Thanks to Ivan Nestlerode <inestlerode at us.ibm.com> for discovering
+ this issue. (CVE-2012-0884)
+ [Steve Henson]
+
+ *) Fix CVE-2011-4619: make sure we really are receiving a
+ client hello before rejecting multiple SGC restarts. Thanks to
+ Ivan Nestlerode <inestlerode at us.ibm.com> for discovering this bug.
+ [Steve Henson]
+
Changes between 0.9.8s and 0.9.8t [18 Jan 2012]
*) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109.
@@ -1401,7 +1560,7 @@
Development, Cisco Systems, Inc. for discovering this bug and
preparing a fix. (CVE-2012-0050)
[Antonio Martin]
-
+
Changes between 0.9.8r and 0.9.8s [4 Jan 2012]
*) Nadhem Alfardan and Kenny Paterson have discovered an extension
Modified: vendor-crypto/openssl/dist/Configure
==============================================================================
--- vendor-crypto/openssl/dist/Configure Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/Configure Wed Jan 22 19:27:13 2014 (r261035)
@@ -178,7 +178,7 @@ my %table=(
"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
-"debug-bodo", "gcc:$gcc_devteam_warn -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
+"debug-bodo", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
Modified: vendor-crypto/openssl/dist/FREEBSD-Xlist
==============================================================================
--- vendor-crypto/openssl/dist/FREEBSD-Xlist Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/FREEBSD-Xlist Wed Jan 22 19:27:13 2014 (r261035)
@@ -1,11 +1,15 @@
+openssl-*/*.bak
openssl-*/*.com
openssl-*/*.doxy
openssl-*/*.mak
+openssl-*/*.save
openssl-*/*.spec
openssl-*/*/*.bat
openssl-*/*/*.com
+openssl-*/*/*.save
openssl-*/*/*/*.bat
openssl-*/*/*/*.com
+openssl-*/*/*/*.save
openssl-*/INSTALL.DJGPP
openssl-*/INSTALL.MacOS
openssl-*/INSTALL.NW
Modified: vendor-crypto/openssl/dist/FREEBSD-upgrade
==============================================================================
--- vendor-crypto/openssl/dist/FREEBSD-upgrade Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/FREEBSD-upgrade Wed Jan 22 19:27:13 2014 (r261035)
@@ -11,8 +11,8 @@ First, read http://wiki.freebsd.org/Subv
# Xlist
setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist
setenv FSVN "svn+ssh://svn.freebsd.org/base"
-setenv OSSLVER 1.0.1e
-# OSSLTAG format: v1_0_1e
+setenv OSSLVER 1.0.1f
+# OSSLTAG format: v1_0_1f
###setenv OSSLTAG v`echo ${OSSLVER} | tr . _`
Modified: vendor-crypto/openssl/dist/Makefile
==============================================================================
--- vendor-crypto/openssl/dist/Makefile Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/Makefile Wed Jan 22 19:27:13 2014 (r261035)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.1e
+VERSION=1.0.1f
MAJOR=1
MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0
@@ -304,7 +304,8 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_
FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
fi; \
- $(MAKE) -e SHLIBDIRS=crypto build-shared; \
+ $(MAKE) -e SHLIBDIRS=crypto CC=$${CC:-$(CC)} build-shared; \
+ touch -c fips_premain_dso$(EXE_EXT); \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
Modified: vendor-crypto/openssl/dist/Makefile.org
==============================================================================
--- vendor-crypto/openssl/dist/Makefile.org Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/Makefile.org Wed Jan 22 19:27:13 2014 (r261035)
@@ -302,7 +302,8 @@ libcrypto$(SHLIB_EXT): libcrypto.a fips_
FIPSLD_CC="$(CC)"; CC=$(FIPSDIR)/bin/fipsld; \
export CC FIPSLD_CC FIPSLD_LIBCRYPTO; \
fi; \
- $(MAKE) -e SHLIBDIRS=crypto build-shared; \
+ $(MAKE) -e SHLIBDIRS=crypto CC=$${CC:-$(CC)} build-shared; \
+ touch -c fips_premain_dso$(EXE_EXT); \
else \
echo "There's no support for shared libraries on this platform" >&2; \
exit 1; \
Modified: vendor-crypto/openssl/dist/NEWS
==============================================================================
--- vendor-crypto/openssl/dist/NEWS Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/NEWS Wed Jan 22 19:27:13 2014 (r261035)
@@ -5,11 +5,17 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
- Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:
+ Major changes between OpenSSL 1.0.1e and OpenSSL 1.0.1f [6 Jan 2014]
+
+ o Fix for TLS record tampering bug CVE-2013-4353
+ o Fix for TLS version checking bug CVE-2013-6449
+ o Fix for DTLS retransmission bug CVE-2013-6450
+
+ Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e [11 Feb 2013]:
o Corrected fix for CVE-2013-0169
- Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
+ Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d [4 Feb 2013]:
o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
o Include the fips configuration module.
@@ -17,24 +23,24 @@
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
o Fix for TLS AESNI record handling flaw CVE-2012-2686
- Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
+ Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c [10 May 2012]:
o Fix TLS/DTLS record length checking bug CVE-2012-2333
o Don't attempt to use non-FIPS composite ciphers in FIPS mode.
- Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b:
+ Major changes between OpenSSL 1.0.1a and OpenSSL 1.0.1b [26 Apr 2012]:
o Fix compilation error on non-x86 platforms.
o Make FIPS capable OpenSSL ciphers work in non-FIPS mode.
o Fix SSL_OP_NO_TLSv1_1 clash with SSL_OP_ALL in OpenSSL 1.0.0
- Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a:
+ Major changes between OpenSSL 1.0.1 and OpenSSL 1.0.1a [19 Apr 2012]:
o Fix for ASN1 overflow bug CVE-2012-2110
o Workarounds for some servers that hang on long client hellos.
o Fix SEGV in AES code.
- Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1:
+ Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1 [14 Mar 2012]:
o TLS/DTLS heartbeat support.
o SCTP support.
@@ -47,17 +53,30 @@
o Preliminary FIPS capability for unvalidated 2.0 FIPS module.
o SRP support.
- Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h:
+ Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]:
+
+ o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+ o Fix OCSP bad key DoS attack CVE-2013-0166
+
+ Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]:
+
+ o Fix DTLS record length checking bug CVE-2012-2333
+
+ Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]:
+
+ o Fix for ASN1 overflow bug CVE-2012-2110
+
+ Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]:
o Fix for CMS/PKCS#7 MMA CVE-2012-0884
o Corrected fix for CVE-2011-4619
o Various DTLS fixes.
- Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g:
+ Major changes between OpenSSL 1.0.0f and OpenSSL 1.0.0g [18 Jan 2012]:
o Fix for DTLS DoS issue CVE-2012-0050
- Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f:
+ Major changes between OpenSSL 1.0.0e and OpenSSL 1.0.0f [4 Jan 2012]:
o Fix for DTLS plaintext recovery attack CVE-2011-4108
o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
@@ -65,7 +84,7 @@
o Check parameters are not NULL in GOST ENGINE CVE-2012-0027
o Check for malformed RFC3779 data CVE-2011-4577
- Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e:
+ Major changes between OpenSSL 1.0.0d and OpenSSL 1.0.0e [6 Sep 2011]:
o Fix for CRL vulnerability issue CVE-2011-3207
o Fix for ECDH crashes CVE-2011-3210
@@ -73,11 +92,11 @@
o Support ECDH ciphersuites for certificates using SHA2 algorithms.
o Various DTLS fixes.
- Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d:
+ Major changes between OpenSSL 1.0.0c and OpenSSL 1.0.0d [8 Feb 2011]:
o Fix for security issue CVE-2011-0014
- Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c:
+ Major changes between OpenSSL 1.0.0b and OpenSSL 1.0.0c [2 Dec 2010]:
o Fix for security issue CVE-2010-4180
o Fix for CVE-2010-4252
@@ -85,18 +104,18 @@
o Fix various platform compilation issues.
o Corrected fix for security issue CVE-2010-3864.
- Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b:
+ Major changes between OpenSSL 1.0.0a and OpenSSL 1.0.0b [16 Nov 2010]:
o Fix for security issue CVE-2010-3864.
o Fix for CVE-2010-2939
o Fix WIN32 build system for GOST ENGINE.
- Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a:
+ Major changes between OpenSSL 1.0.0 and OpenSSL 1.0.0a [1 Jun 2010]:
o Fix for security issue CVE-2010-1633.
o GOST MAC and CFB fixes.
- Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0:
+ Major changes between OpenSSL 0.9.8n and OpenSSL 1.0.0 [29 Mar 2010]:
o RFC3280 path validation: sufficient to process PKITS tests.
o Integrated support for PVK files and keyblobs.
@@ -119,20 +138,55 @@
o Opaque PRF Input TLS extension support.
o Updated time routines to avoid OS limitations.
- Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r:
+ Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]:
+
+ o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
+ o Fix OCSP bad key DoS attack CVE-2013-0166
+
+ Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]:
+
+ o Fix DTLS record length checking bug CVE-2012-2333
+
+ Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]:
+
+ o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110)
+
+ Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]:
+
+ o Fix for ASN1 overflow bug CVE-2012-2110
+
+ Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]:
+
+ o Fix for CMS/PKCS#7 MMA CVE-2012-0884
+ o Corrected fix for CVE-2011-4619
+ o Various DTLS fixes.
+
+ Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]:
+
+ o Fix for DTLS DoS issue CVE-2012-0050
+
+ Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]:
+
+ o Fix for DTLS plaintext recovery attack CVE-2011-4108
+ o Fix policy check double free error CVE-2011-4109
+ o Clear block padding bytes of SSL 3.0 records CVE-2011-4576
+ o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619
+ o Check for malformed RFC3779 data CVE-2011-4577
+
+ Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]:
o Fix for security issue CVE-2011-0014
- Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q:
+ Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]:
o Fix for security issue CVE-2010-4180
o Fix for CVE-2010-4252
- Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p:
+ Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]:
o Fix for security issue CVE-2010-3864.
- Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
+ Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]:
o Fix for security issue CVE-2010-0742.
o Various DTLS fixes.
@@ -140,12 +194,12 @@
o Fix for no-rc4 compilation.
o Chil ENGINE unload workaround.
- Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n:
+ Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]:
o CFB cipher definition fixes.
o Fix security issues CVE-2010-0740 and CVE-2010-0433.
- Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m:
+ Major changes between OpenSSL 0.9.8l and OpenSSL 0.9.8m [25 Feb 2010]:
o Cipher definition fixes.
o Workaround for slow RAND_poll() on some WIN32 versions.
@@ -157,33 +211,33 @@
o Ticket and SNI coexistence fixes.
o Many fixes to DTLS handling.
- Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l:
+ Major changes between OpenSSL 0.9.8k and OpenSSL 0.9.8l [5 Nov 2009]:
o Temporary work around for CVE-2009-3555: disable renegotiation.
- Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k:
+ Major changes between OpenSSL 0.9.8j and OpenSSL 0.9.8k [25 Mar 2009]:
o Fix various build issues.
o Fix security issues (CVE-2009-0590, CVE-2009-0591, CVE-2009-0789)
- Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j:
+ Major changes between OpenSSL 0.9.8i and OpenSSL 0.9.8j [7 Jan 2009]:
o Fix security issue (CVE-2008-5077)
o Merge FIPS 140-2 branch code.
- Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h:
+ Major changes between OpenSSL 0.9.8g and OpenSSL 0.9.8h [28 May 2008]:
o CryptoAPI ENGINE support.
o Various precautionary measures.
o Fix for bugs affecting certificate request creation.
o Support for local machine keyset attribute in PKCS#12 files.
- Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g:
+ Major changes between OpenSSL 0.9.8f and OpenSSL 0.9.8g [19 Oct 2007]:
o Backport of CMS functionality to 0.9.8.
o Fixes for bugs introduced with 0.9.8f.
- Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f:
+ Major changes between OpenSSL 0.9.8e and OpenSSL 0.9.8f [11 Oct 2007]:
o Add gcc 4.2 support.
o Add support for AES and SSE2 assembly lanugauge optimization
@@ -194,23 +248,23 @@
o RFC4507bis support.
o TLS Extensions support.
- Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e:
+ Major changes between OpenSSL 0.9.8d and OpenSSL 0.9.8e [23 Feb 2007]:
o Various ciphersuite selection fixes.
o RFC3779 support.
- Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d:
+ Major changes between OpenSSL 0.9.8c and OpenSSL 0.9.8d [28 Sep 2006]:
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
o Changes to ciphersuite selection algorithm
- Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c:
+ Major changes between OpenSSL 0.9.8b and OpenSSL 0.9.8c [5 Sep 2006]:
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
o New cipher Camellia
- Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b:
+ Major changes between OpenSSL 0.9.8a and OpenSSL 0.9.8b [4 May 2006]:
o Cipher string fixes.
o Fixes for VC++ 2005.
@@ -220,12 +274,12 @@
o Built in dynamic engine compilation support on Win32.
o Fixes auto dynamic engine loading in Win32.
- Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a:
+ Major changes between OpenSSL 0.9.8 and OpenSSL 0.9.8a [11 Oct 2005]:
o Fix potential SSL 2.0 rollback, CVE-2005-2969
o Extended Windows CE support
- Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8:
+ Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8 [5 Jul 2005]:
o Major work on the BIGNUM library for higher efficiency and to
make operations more streamlined and less contradictory. This
@@ -299,36 +353,36 @@
o Added initial support for Win64.
o Added alternate pkg-config files.
- Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m:
+ Major changes between OpenSSL 0.9.7l and OpenSSL 0.9.7m [23 Feb 2007]:
o FIPS 1.1.1 module linking.
o Various ciphersuite selection fixes.
- Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l:
+ Major changes between OpenSSL 0.9.7k and OpenSSL 0.9.7l [28 Sep 2006]:
o Introduce limits to prevent malicious key DoS (CVE-2006-2940)
o Fix security issues (CVE-2006-2937, CVE-2006-3737, CVE-2006-4343)
- Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k:
+ Major changes between OpenSSL 0.9.7j and OpenSSL 0.9.7k [5 Sep 2006]:
o Fix Daniel Bleichenbacher forged signature attack, CVE-2006-4339
- Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j:
+ Major changes between OpenSSL 0.9.7i and OpenSSL 0.9.7j [4 May 2006]:
o Visual C++ 2005 fixes.
o Update Windows build system for FIPS.
- Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i:
+ Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
- Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h:
+ Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
o Fix SSL 2.0 Rollback, CVE-2005-2969
o Allow use of fixed-length exponent on DSA signing
o Default fixed-window RSA, DSA, DH private-key operations
- Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g:
+ Major changes between OpenSSL 0.9.7f and OpenSSL 0.9.7g [11 Apr 2005]:
o More compilation issues fixed.
o Adaptation to more modern Kerberos API.
@@ -337,7 +391,7 @@
o More constification.
o Added processing of proxy certificates (RFC 3820).
- Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f:
+ Major changes between OpenSSL 0.9.7e and OpenSSL 0.9.7f [22 Mar 2005]:
o Several compilation issues fixed.
o Many memory allocation failure checks added.
@@ -345,12 +399,12 @@
o Mandatory basic checks on certificates.
o Performance improvements.
- Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e:
+ Major changes between OpenSSL 0.9.7d and OpenSSL 0.9.7e [25 Oct 2004]:
o Fix race condition in CRL checking code.
o Fixes to PKCS#7 (S/MIME) code.
- Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d:
+ Major changes between OpenSSL 0.9.7c and OpenSSL 0.9.7d [17 Mar 2004]:
o Security: Fix Kerberos ciphersuite SSL/TLS handshaking bug
o Security: Fix null-pointer assignment in do_change_cipher_spec()
@@ -358,14 +412,14 @@
o Multiple X509 verification fixes
o Speed up HMAC and other operations
- Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c:
+ Major changes between OpenSSL 0.9.7b and OpenSSL 0.9.7c [30 Sep 2003]:
o Security: fix various ASN1 parsing bugs.
o New -ignore_err option to OCSP utility.
o Various interop and bug fixes in S/MIME code.
o SSL/TLS protocol fix for unrequested client certificates.
- Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b:
+ Major changes between OpenSSL 0.9.7a and OpenSSL 0.9.7b [10 Apr 2003]:
o Security: counter the Klima-Pokorny-Rosa extension of
Bleichbacher's attack
@@ -376,7 +430,7 @@
o ASN.1: treat domainComponent correctly.
o Documentation: fixes and additions.
- Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a:
+ Major changes between OpenSSL 0.9.7 and OpenSSL 0.9.7a [19 Feb 2003]:
o Security: Important security related bugfixes.
o Enhanced compatibility with MIT Kerberos.
@@ -387,7 +441,7 @@
o SSL/TLS: now handles manual certificate chain building.
o SSL/TLS: certain session ID malfunctions corrected.
- Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7:
+ Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.7 [30 Dec 2002]:
o New library section OCSP.
o Complete rewrite of ASN1 code.
@@ -433,23 +487,23 @@
o SSL/TLS: add callback to retrieve SSL/TLS messages.
o SSL/TLS: support AES cipher suites (RFC3268).
- Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k:
+ Major changes between OpenSSL 0.9.6j and OpenSSL 0.9.6k [30 Sep 2003]:
o Security: fix various ASN1 parsing bugs.
o SSL/TLS protocol fix for unrequested client certificates.
- Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j:
+ Major changes between OpenSSL 0.9.6i and OpenSSL 0.9.6j [10 Apr 2003]:
o Security: counter the Klima-Pokorny-Rosa extension of
Bleichbacher's attack
o Security: make RSA blinding default.
o Build: shared library support fixes.
- Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i:
+ Major changes between OpenSSL 0.9.6h and OpenSSL 0.9.6i [19 Feb 2003]:
o Important security related bugfixes.
- Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h:
+ Major changes between OpenSSL 0.9.6g and OpenSSL 0.9.6h [5 Dec 2002]:
o New configuration targets for Tandem OSS and A/UX.
o New OIDs for Microsoft attributes.
@@ -463,25 +517,25 @@
o Fixes for smaller building problems.
o Updates of manuals, FAQ and other instructive documents.
- Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g:
+ Major changes between OpenSSL 0.9.6f and OpenSSL 0.9.6g [9 Aug 2002]:
o Important building fixes on Unix.
- Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f:
+ Major changes between OpenSSL 0.9.6e and OpenSSL 0.9.6f [8 Aug 2002]:
o Various important bugfixes.
- Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e:
+ Major changes between OpenSSL 0.9.6d and OpenSSL 0.9.6e [30 Jul 2002]:
o Important security related bugfixes.
o Various SSL/TLS library bugfixes.
- Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d:
+ Major changes between OpenSSL 0.9.6c and OpenSSL 0.9.6d [9 May 2002]:
o Various SSL/TLS library bugfixes.
o Fix DH parameter generation for 'non-standard' generators.
- Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c:
+ Major changes between OpenSSL 0.9.6b and OpenSSL 0.9.6c [21 Dec 2001]:
o Various SSL/TLS library bugfixes.
o BIGNUM library fixes.
@@ -494,7 +548,7 @@
Broadcom and Cryptographic Appliance's keyserver
[in 0.9.6c-engine release].
- Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b:
+ Major changes between OpenSSL 0.9.6a and OpenSSL 0.9.6b [9 Jul 2001]:
o Security fix: PRNG improvements.
o Security fix: RSA OAEP check.
@@ -511,7 +565,7 @@
o Increase default size for BIO buffering filter.
o Compatibility fixes in some scripts.
- Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a:
+ Major changes between OpenSSL 0.9.6 and OpenSSL 0.9.6a [5 Apr 2001]:
o Security fix: change behavior of OpenSSL to avoid using
environment variables when running as root.
@@ -536,7 +590,7 @@
o New function BN_rand_range().
o Add "-rand" option to openssl s_client and s_server.
- Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6:
+ Major changes between OpenSSL 0.9.5a and OpenSSL 0.9.6 [10 Oct 2000]:
o Some documentation for BIO and SSL libraries.
o Enhanced chain verification using key identifiers.
@@ -551,7 +605,7 @@
[1] The support for external crypto devices is currently a separate
distribution. See the file README.ENGINE.
- Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a:
+ Major changes between OpenSSL 0.9.5 and OpenSSL 0.9.5a [1 Apr 2000]:
o Bug fixes for Win32, SuSE Linux, NeXTSTEP and FreeBSD 2.2.8
o Shared library support for HPUX and Solaris-gcc
@@ -560,7 +614,7 @@
o New 'rand' application
o New way to check for existence of algorithms from scripts
- Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5:
+ Major changes between OpenSSL 0.9.4 and OpenSSL 0.9.5 [25 May 2000]:
o S/MIME support in new 'smime' command
o Documentation for the OpenSSL command line application
@@ -596,7 +650,7 @@
o Enhanced support for Alpha Linux
o Experimental MacOS support
- Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4:
+ Major changes between OpenSSL 0.9.3 and OpenSSL 0.9.4 [9 Aug 1999]:
o Transparent support for PKCS#8 format private keys: these are used
by several software packages and are more secure than the standard
@@ -607,7 +661,7 @@
o New pipe-like BIO that allows using the SSL library when actual I/O
must be handled by the application (BIO pair)
- Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3:
+ Major changes between OpenSSL 0.9.2b and OpenSSL 0.9.3 [24 May 1999]:
o Lots of enhancements and cleanups to the Configuration mechanism
o RSA OEAP related fixes
o Added `openssl ca -revoke' option for revoking a certificate
@@ -621,7 +675,7 @@
o Sparc assembler bignum implementation, optimized hash functions
o Option to disable selected ciphers
- Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b:
+ Major changes between OpenSSL 0.9.1c and OpenSSL 0.9.2b [22 Mar 1999]:
o Fixed a security hole related to session resumption
o Fixed RSA encryption routines for the p < q case
o "ALL" in cipher lists now means "everything except NULL ciphers"
@@ -643,7 +697,7 @@
o Lots of memory leak fixes.
o Lots of bug fixes.
- Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c:
+ Major changes between SSLeay 0.9.0b and OpenSSL 0.9.1c [23 Dec 1998]:
o Integration of the popular NO_RSA/NO_DSA patches
o Initial support for compression inside the SSL record layer
o Added BIO proxy and filtering functionality
Modified: vendor-crypto/openssl/dist/README
==============================================================================
--- vendor-crypto/openssl/dist/README Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/README Wed Jan 22 19:27:13 2014 (r261035)
@@ -1,5 +1,5 @@
- OpenSSL 1.0.1e 11 Feb 2013
+ OpenSSL 1.0.1f 6 Jan 2014
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Modified: vendor-crypto/openssl/dist/apps/Makefile
==============================================================================
--- vendor-crypto/openssl/dist/apps/Makefile Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/apps/Makefile Wed Jan 22 19:27:13 2014 (r261035)
@@ -577,14 +577,15 @@ openssl.o: ../include/openssl/objects.h
openssl.o: ../include/openssl/opensslconf.h ../include/openssl/opensslv.h
openssl.o: ../include/openssl/ossl_typ.h ../include/openssl/pem.h
openssl.o: ../include/openssl/pem2.h ../include/openssl/pkcs7.h
-openssl.o: ../include/openssl/pqueue.h ../include/openssl/safestack.h
-openssl.o: ../include/openssl/sha.h ../include/openssl/srtp.h
-openssl.o: ../include/openssl/ssl.h ../include/openssl/ssl2.h
-openssl.o: ../include/openssl/ssl23.h ../include/openssl/ssl3.h
-openssl.o: ../include/openssl/stack.h ../include/openssl/symhacks.h
-openssl.o: ../include/openssl/tls1.h ../include/openssl/txt_db.h
-openssl.o: ../include/openssl/x509.h ../include/openssl/x509_vfy.h
-openssl.o: ../include/openssl/x509v3.h apps.h openssl.c progs.h s_apps.h
+openssl.o: ../include/openssl/pqueue.h ../include/openssl/rand.h
+openssl.o: ../include/openssl/safestack.h ../include/openssl/sha.h
+openssl.o: ../include/openssl/srtp.h ../include/openssl/ssl.h
+openssl.o: ../include/openssl/ssl2.h ../include/openssl/ssl23.h
+openssl.o: ../include/openssl/ssl3.h ../include/openssl/stack.h
+openssl.o: ../include/openssl/symhacks.h ../include/openssl/tls1.h
+openssl.o: ../include/openssl/txt_db.h ../include/openssl/x509.h
+openssl.o: ../include/openssl/x509_vfy.h ../include/openssl/x509v3.h apps.h
+openssl.o: openssl.c progs.h s_apps.h
passwd.o: ../e_os.h ../include/openssl/asn1.h ../include/openssl/bio.h
passwd.o: ../include/openssl/buffer.h ../include/openssl/conf.h
passwd.o: ../include/openssl/crypto.h ../include/openssl/des.h
Modified: vendor-crypto/openssl/dist/apps/apps.h
==============================================================================
--- vendor-crypto/openssl/dist/apps/apps.h Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/apps/apps.h Wed Jan 22 19:27:13 2014 (r261035)
@@ -188,6 +188,7 @@ extern BIO *bio_err;
do { CONF_modules_unload(1); destroy_ui_method(); \
OBJ_cleanup(); EVP_cleanup(); ENGINE_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+ RAND_cleanup(); \
ERR_free_strings(); zlib_cleanup();} while(0)
# else
# define apps_startup() \
@@ -198,6 +199,7 @@ extern BIO *bio_err;
do { CONF_modules_unload(1); destroy_ui_method(); \
OBJ_cleanup(); EVP_cleanup(); \
CRYPTO_cleanup_all_ex_data(); ERR_remove_thread_state(NULL); \
+ RAND_cleanup(); \
ERR_free_strings(); zlib_cleanup(); } while(0)
# endif
#endif
Modified: vendor-crypto/openssl/dist/apps/openssl.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/openssl.c Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/apps/openssl.c Wed Jan 22 19:27:13 2014 (r261035)
@@ -117,6 +117,7 @@
#include "apps.h"
#include <openssl/bio.h>
#include <openssl/crypto.h>
+#include <openssl/rand.h>
#include <openssl/lhash.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
Modified: vendor-crypto/openssl/dist/apps/pkcs12.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/pkcs12.c Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/apps/pkcs12.c Wed Jan 22 19:27:13 2014 (r261035)
@@ -112,7 +112,7 @@ int MAIN(int argc, char **argv)
int maciter = PKCS12_DEFAULT_ITER;
int twopass = 0;
int keytype = 0;
- int cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+ int cert_pbe;
int key_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
int ret = 1;
int macver = 1;
@@ -130,6 +130,13 @@ int MAIN(int argc, char **argv)
apps_startup();
+#ifdef OPENSSL_FIPS
+ if (FIPS_mode())
+ cert_pbe = NID_pbe_WithSHA1And3_Key_TripleDES_CBC;
+ else
+#endif
+ cert_pbe = NID_pbe_WithSHA1And40BitRC2_CBC;
+
enc = EVP_des_ede3_cbc();
if (bio_err == NULL ) bio_err = BIO_new_fp (stderr, BIO_NOCLOSE);
Modified: vendor-crypto/openssl/dist/config
==============================================================================
--- vendor-crypto/openssl/dist/config Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/config Wed Jan 22 19:27:13 2014 (r261035)
@@ -739,7 +739,7 @@ case "$GUESSOS" in
libc=/usr/lib/libc.so
else # OpenBSD
# ld searches for highest libc.so.* and so do we
- libc=`(ls /usr/lib/libc.so.* | tail -1) 2>/dev/null`
+ libc=`(ls /usr/lib/libc.so.* /lib/libc.so.* | tail -1) 2>/dev/null`
fi
case "`(file -L $libc) 2>/dev/null`" in
*ELF*) OUT="BSD-x86-elf" ;;
Modified: vendor-crypto/openssl/dist/crypto/Makefile
==============================================================================
--- vendor-crypto/openssl/dist/crypto/Makefile Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/crypto/Makefile Wed Jan 22 19:27:13 2014 (r261035)
@@ -77,7 +77,9 @@ ia64cpuid.s: ia64cpuid.S; $(CC) $(CFLAGS
ppccpuid.s: ppccpuid.pl; $(PERL) ppccpuid.pl $(PERLASM_SCHEME) $@
pariscid.s: pariscid.pl; $(PERL) pariscid.pl $(PERLASM_SCHEME) $@
alphacpuid.s: alphacpuid.pl
- $(PERL) $< | $(CC) -E - | tee $@ > /dev/null
+ (preproc=/tmp/$$$$.$@; trap "rm $$preproc" INT; \
+ $(PERL) alphacpuid.pl > $$preproc && \
+ $(CC) -E $$preproc > $@ && rm $$preproc)
testapps:
[ -z "$(THIS)" ] || ( if echo $(SDIRS) | fgrep ' des '; \
Modified: vendor-crypto/openssl/dist/crypto/aes/asm/aes-parisc.pl
==============================================================================
--- vendor-crypto/openssl/dist/crypto/aes/asm/aes-parisc.pl Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/crypto/aes/asm/aes-parisc.pl Wed Jan 22 19:27:13 2014 (r261035)
@@ -1015,7 +1015,8 @@ foreach (split("\n",$code)) {
$SIZE_T==4 ? sprintf("extru%s,%d,8,",$1,31-$2)
: sprintf("extrd,u%s,%d,8,",$1,63-$2)/e;
- s/,\*/,/ if ($SIZE_T==4);
+ s/,\*/,/ if ($SIZE_T==4);
+ s/\bbv\b(.*\(%r2\))/bve$1/ if ($SIZE_T==8);
print $_,"\n";
}
close STDOUT;
Modified: vendor-crypto/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl
==============================================================================
--- vendor-crypto/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl Wed Jan 22 19:09:41 2014 (r261034)
+++ vendor-crypto/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl Wed Jan 22 19:27:13 2014 (r261035)
@@ -83,9 +83,9 @@
# Add decryption procedure. Performance in CPU cycles spent to decrypt
# one byte out of 4096-byte buffer with 128-bit key is:
#
-# Core 2 11.0
-# Nehalem 9.16
-# Atom 20.9
+# Core 2 9.83
+# Nehalem 7.74
+# Atom 19.0
#
# November 2011.
#
@@ -456,6 +456,7 @@ sub MixColumns {
# modified to emit output in order suitable for feeding back to aesenc[last]
my @x=@_[0..7];
my @t=@_[8..15];
+my $inv=@_[16]; # optional
$code.=<<___;
pshufd \$0x93, @x[0], @t[0] # x0 <<< 32
pshufd \$0x93, @x[1], @t[1]
@@ -497,7 +498,8 @@ $code.=<<___;
pxor @t[4], @t[0]
pshufd \$0x4E, @x[2], @x[6]
pxor @t[5], @t[1]
-
+___
+$code.=<<___ if (!$inv);
pxor @t[3], @x[4]
pxor @t[7], @x[5]
pxor @t[6], @x[3]
@@ -505,9 +507,20 @@ $code.=<<___;
pxor @t[2], @x[6]
movdqa @t[1], @x[7]
___
+$code.=<<___ if ($inv);
+ pxor @x[4], @t[3]
+ pxor @t[7], @x[5]
+ pxor @x[3], @t[6]
+ movdqa @t[0], @x[3]
+ pxor @t[2], @x[6]
+ movdqa @t[6], @x[2]
+ movdqa @t[1], @x[7]
+ movdqa @x[6], @x[4]
+ movdqa @t[3], @x[6]
+___
}
-sub InvMixColumns {
+sub InvMixColumns_orig {
my @x=@_[0..7];
my @t=@_[8..15];
@@ -661,6 +674,54 @@ $code.=<<___;
___
}
+sub InvMixColumns {
+my @x=@_[0..7];
+my @t=@_[8..15];
+
+# Thanks to Jussi Kivilinna for providing pointer to
+#
+# | 0e 0b 0d 09 | | 02 03 01 01 | | 05 00 04 00 |
+# | 09 0e 0b 0d | = | 01 02 03 01 | x | 00 05 00 04 |
+# | 0d 09 0e 0b | | 01 01 02 03 | | 04 00 05 00 |
+# | 0b 0d 09 0e | | 03 01 01 02 | | 00 04 00 05 |
+
+$code.=<<___;
+ # multiplication by 0x05-0x00-0x04-0x00
+ pshufd \$0x4E, @x[0], @t[0]
+ pshufd \$0x4E, @x[6], @t[6]
+ pxor @x[0], @t[0]
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list