svn commit: r337791 - in head: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/asn1 crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/crypto/bn/asm cr...
Jung-uk Kim
jkim at FreeBSD.org
Tue Aug 14 17:48:09 UTC 2018
Author: jkim
Date: Tue Aug 14 17:48:02 2018
New Revision: 337791
URL: https://svnweb.freebsd.org/changeset/base/337791
Log:
Merge OpenSSL 1.0.2p.
Added:
head/crypto/openssl/crypto/bn_int.h
- copied unchanged from r337764, vendor-crypto/openssl/dist-1.0.2/crypto/bn_int.h
head/crypto/openssl/doc/man3/
- copied from r337764, vendor-crypto/openssl/dist-1.0.2/doc/man3/
head/secure/lib/libcrypto/man/X509_cmp_time.3 (contents, props changed)
Modified:
head/crypto/openssl/CHANGES
head/crypto/openssl/CONTRIBUTING
head/crypto/openssl/Configure
head/crypto/openssl/Makefile
head/crypto/openssl/NEWS
head/crypto/openssl/README
head/crypto/openssl/apps/apps.c
head/crypto/openssl/apps/asn1pars.c
head/crypto/openssl/apps/ca.c
head/crypto/openssl/apps/ocsp.c
head/crypto/openssl/apps/passwd.c
head/crypto/openssl/apps/s_apps.h
head/crypto/openssl/apps/s_client.c
head/crypto/openssl/apps/s_server.c
head/crypto/openssl/apps/s_socket.c
head/crypto/openssl/apps/verify.c
head/crypto/openssl/crypto/Makefile
head/crypto/openssl/crypto/asn1/a_bool.c
head/crypto/openssl/crypto/asn1/a_object.c
head/crypto/openssl/crypto/asn1/a_strex.c
head/crypto/openssl/crypto/asn1/ameth_lib.c
head/crypto/openssl/crypto/asn1/asn1.h
head/crypto/openssl/crypto/asn1/asn1_err.c
head/crypto/openssl/crypto/asn1/tasn_enc.c
head/crypto/openssl/crypto/bio/bss_log.c
head/crypto/openssl/crypto/bio/bss_mem.c
head/crypto/openssl/crypto/bn/Makefile
head/crypto/openssl/crypto/bn/asm/armv4-mont.pl
head/crypto/openssl/crypto/bn/asm/ia64-mont.pl
head/crypto/openssl/crypto/bn/asm/mips-mont.pl
head/crypto/openssl/crypto/bn/asm/parisc-mont.pl
head/crypto/openssl/crypto/bn/asm/ppc-mont.pl
head/crypto/openssl/crypto/bn/asm/ppc64-mont.pl
head/crypto/openssl/crypto/bn/asm/rsaz-avx2.pl
head/crypto/openssl/crypto/bn/asm/s390x-mont.pl
head/crypto/openssl/crypto/bn/asm/sparct4-mont.pl
head/crypto/openssl/crypto/bn/asm/sparcv9-mont.pl
head/crypto/openssl/crypto/bn/asm/via-mont.pl
head/crypto/openssl/crypto/bn/asm/vis3-mont.pl
head/crypto/openssl/crypto/bn/asm/x86-mont.pl
head/crypto/openssl/crypto/bn/asm/x86_64-mont.pl
head/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl
head/crypto/openssl/crypto/bn/bn.h
head/crypto/openssl/crypto/bn/bn_div.c
head/crypto/openssl/crypto/bn/bn_exp.c
head/crypto/openssl/crypto/bn/bn_gf2m.c
head/crypto/openssl/crypto/bn/bn_lcl.h
head/crypto/openssl/crypto/bn/bn_lib.c
head/crypto/openssl/crypto/bn/bn_mod.c
head/crypto/openssl/crypto/bn/bn_mont.c
head/crypto/openssl/crypto/bn/bn_sqr.c
head/crypto/openssl/crypto/conf/conf_api.c
head/crypto/openssl/crypto/dh/dh_key.c
head/crypto/openssl/crypto/dh/dh_pmeth.c
head/crypto/openssl/crypto/dsa/dsa.h
head/crypto/openssl/crypto/dsa/dsa_err.c
head/crypto/openssl/crypto/dsa/dsa_gen.c
head/crypto/openssl/crypto/dsa/dsa_ossl.c
head/crypto/openssl/crypto/dsa/dsa_pmeth.c
head/crypto/openssl/crypto/ec/ec_ameth.c
head/crypto/openssl/crypto/ec/ec_lib.c
head/crypto/openssl/crypto/ec/ecp_nistz256.c
head/crypto/openssl/crypto/ecdsa/Makefile
head/crypto/openssl/crypto/ecdsa/ecdsatest.c
head/crypto/openssl/crypto/ecdsa/ecs_ossl.c
head/crypto/openssl/crypto/engine/eng_lib.c
head/crypto/openssl/crypto/engine/tb_asnmth.c
head/crypto/openssl/crypto/o_time.c
head/crypto/openssl/crypto/opensslv.h
head/crypto/openssl/crypto/pem/pem.h
head/crypto/openssl/crypto/pem/pem_lib.c
head/crypto/openssl/crypto/pem/pem_pk8.c
head/crypto/openssl/crypto/pem/pem_pkey.c
head/crypto/openssl/crypto/pem/pvkfmt.c
head/crypto/openssl/crypto/pkcs12/p12_asn.c
head/crypto/openssl/crypto/rsa/Makefile
head/crypto/openssl/crypto/rsa/rsa_eay.c
head/crypto/openssl/crypto/rsa/rsa_gen.c
head/crypto/openssl/crypto/rsa/rsa_oaep.c
head/crypto/openssl/crypto/rsa/rsa_pk1.c
head/crypto/openssl/crypto/rsa/rsa_sign.c
head/crypto/openssl/crypto/rsa/rsa_ssl.c
head/crypto/openssl/crypto/sha/asm/sha1-586.pl
head/crypto/openssl/crypto/sha/asm/sha256-586.pl
head/crypto/openssl/crypto/ui/ui_openssl.c
head/crypto/openssl/crypto/x509/x509_cmp.c
head/crypto/openssl/crypto/x509/x509_lu.c
head/crypto/openssl/crypto/x509/x509_vfy.c
head/crypto/openssl/crypto/x509v3/v3_purp.c
head/crypto/openssl/doc/apps/cms.pod
head/crypto/openssl/doc/apps/config.pod
head/crypto/openssl/doc/apps/genpkey.pod
head/crypto/openssl/doc/apps/s_client.pod
head/crypto/openssl/doc/crypto/BIO_s_fd.pod
head/crypto/openssl/doc/crypto/BN_add.pod
head/crypto/openssl/doc/crypto/BN_bn2bin.pod
head/crypto/openssl/doc/crypto/BN_generate_prime.pod
head/crypto/openssl/doc/crypto/CMS_encrypt.pod
head/crypto/openssl/doc/crypto/CMS_get0_SignerInfos.pod
head/crypto/openssl/doc/crypto/CMS_get1_ReceiptRequest.pod
head/crypto/openssl/doc/crypto/DSA_do_sign.pod
head/crypto/openssl/doc/crypto/DSA_sign.pod
head/crypto/openssl/doc/crypto/OBJ_nid2obj.pod
head/crypto/openssl/doc/crypto/SMIME_read_PKCS7.pod
head/crypto/openssl/doc/crypto/ecdsa.pod
head/crypto/openssl/doc/crypto/pem.pod
head/crypto/openssl/doc/fingerprints.txt
head/crypto/openssl/doc/ssl/SSL_CTX_use_certificate.pod
head/crypto/openssl/doc/ssl/SSL_get_ciphers.pod
head/crypto/openssl/doc/ssl/SSL_get_session.pod
head/crypto/openssl/doc/ssl/SSL_get_version.pod
head/crypto/openssl/doc/ssl/ssl.pod
head/crypto/openssl/ssl/d1_both.c
head/crypto/openssl/ssl/s3_lib.c
head/crypto/openssl/ssl/s3_srvr.c
head/crypto/openssl/ssl/ssl.h
head/crypto/openssl/ssl/ssl_lib.c
head/crypto/openssl/ssl/ssl_locl.h
head/crypto/openssl/ssl/t1_lib.c
head/crypto/openssl/ssl/t1_trce.c
head/crypto/openssl/util/domd
head/secure/lib/libcrypto/Makefile.inc
head/secure/lib/libcrypto/Makefile.man
head/secure/lib/libcrypto/amd64/x86_64-mont.S
head/secure/lib/libcrypto/amd64/x86_64-mont5.S
head/secure/lib/libcrypto/arm/armv4-mont.S
head/secure/lib/libcrypto/i386/x86-mont.S
head/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
head/secure/lib/libcrypto/man/ASN1_STRING_length.3
head/secure/lib/libcrypto/man/ASN1_STRING_new.3
head/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
head/secure/lib/libcrypto/man/ASN1_TIME_set.3
head/secure/lib/libcrypto/man/ASN1_generate_nconf.3
head/secure/lib/libcrypto/man/BIO_ctrl.3
head/secure/lib/libcrypto/man/BIO_f_base64.3
head/secure/lib/libcrypto/man/BIO_f_buffer.3
head/secure/lib/libcrypto/man/BIO_f_cipher.3
head/secure/lib/libcrypto/man/BIO_f_md.3
head/secure/lib/libcrypto/man/BIO_f_null.3
head/secure/lib/libcrypto/man/BIO_f_ssl.3
head/secure/lib/libcrypto/man/BIO_find_type.3
head/secure/lib/libcrypto/man/BIO_new.3
head/secure/lib/libcrypto/man/BIO_new_CMS.3
head/secure/lib/libcrypto/man/BIO_push.3
head/secure/lib/libcrypto/man/BIO_read.3
head/secure/lib/libcrypto/man/BIO_s_accept.3
head/secure/lib/libcrypto/man/BIO_s_bio.3
head/secure/lib/libcrypto/man/BIO_s_connect.3
head/secure/lib/libcrypto/man/BIO_s_fd.3
head/secure/lib/libcrypto/man/BIO_s_file.3
head/secure/lib/libcrypto/man/BIO_s_mem.3
head/secure/lib/libcrypto/man/BIO_s_null.3
head/secure/lib/libcrypto/man/BIO_s_socket.3
head/secure/lib/libcrypto/man/BIO_set_callback.3
head/secure/lib/libcrypto/man/BIO_should_retry.3
head/secure/lib/libcrypto/man/BN_BLINDING_new.3
head/secure/lib/libcrypto/man/BN_CTX_new.3
head/secure/lib/libcrypto/man/BN_CTX_start.3
head/secure/lib/libcrypto/man/BN_add.3
head/secure/lib/libcrypto/man/BN_add_word.3
head/secure/lib/libcrypto/man/BN_bn2bin.3
head/secure/lib/libcrypto/man/BN_cmp.3
head/secure/lib/libcrypto/man/BN_copy.3
head/secure/lib/libcrypto/man/BN_generate_prime.3
head/secure/lib/libcrypto/man/BN_mod_inverse.3
head/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
head/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
head/secure/lib/libcrypto/man/BN_new.3
head/secure/lib/libcrypto/man/BN_num_bytes.3
head/secure/lib/libcrypto/man/BN_rand.3
head/secure/lib/libcrypto/man/BN_set_bit.3
head/secure/lib/libcrypto/man/BN_swap.3
head/secure/lib/libcrypto/man/BN_zero.3
head/secure/lib/libcrypto/man/CMS_add0_cert.3
head/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3
head/secure/lib/libcrypto/man/CMS_add1_signer.3
head/secure/lib/libcrypto/man/CMS_compress.3
head/secure/lib/libcrypto/man/CMS_decrypt.3
head/secure/lib/libcrypto/man/CMS_encrypt.3
head/secure/lib/libcrypto/man/CMS_final.3
head/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3
head/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3
head/secure/lib/libcrypto/man/CMS_get0_type.3
head/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3
head/secure/lib/libcrypto/man/CMS_sign.3
head/secure/lib/libcrypto/man/CMS_sign_receipt.3
head/secure/lib/libcrypto/man/CMS_uncompress.3
head/secure/lib/libcrypto/man/CMS_verify.3
head/secure/lib/libcrypto/man/CMS_verify_receipt.3
head/secure/lib/libcrypto/man/CONF_modules_free.3
head/secure/lib/libcrypto/man/CONF_modules_load_file.3
head/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
head/secure/lib/libcrypto/man/DH_generate_key.3
head/secure/lib/libcrypto/man/DH_generate_parameters.3
head/secure/lib/libcrypto/man/DH_get_ex_new_index.3
head/secure/lib/libcrypto/man/DH_new.3
head/secure/lib/libcrypto/man/DH_set_method.3
head/secure/lib/libcrypto/man/DH_size.3
head/secure/lib/libcrypto/man/DSA_SIG_new.3
head/secure/lib/libcrypto/man/DSA_do_sign.3
head/secure/lib/libcrypto/man/DSA_dup_DH.3
head/secure/lib/libcrypto/man/DSA_generate_key.3
head/secure/lib/libcrypto/man/DSA_generate_parameters.3
head/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
head/secure/lib/libcrypto/man/DSA_new.3
head/secure/lib/libcrypto/man/DSA_set_method.3
head/secure/lib/libcrypto/man/DSA_sign.3
head/secure/lib/libcrypto/man/DSA_size.3
head/secure/lib/libcrypto/man/EC_GFp_simple_method.3
head/secure/lib/libcrypto/man/EC_GROUP_copy.3
head/secure/lib/libcrypto/man/EC_GROUP_new.3
head/secure/lib/libcrypto/man/EC_KEY_new.3
head/secure/lib/libcrypto/man/EC_POINT_add.3
head/secure/lib/libcrypto/man/EC_POINT_new.3
head/secure/lib/libcrypto/man/ERR_GET_LIB.3
head/secure/lib/libcrypto/man/ERR_clear_error.3
head/secure/lib/libcrypto/man/ERR_error_string.3
head/secure/lib/libcrypto/man/ERR_get_error.3
head/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
head/secure/lib/libcrypto/man/ERR_load_strings.3
head/secure/lib/libcrypto/man/ERR_print_errors.3
head/secure/lib/libcrypto/man/ERR_put_error.3
head/secure/lib/libcrypto/man/ERR_remove_state.3
head/secure/lib/libcrypto/man/ERR_set_mark.3
head/secure/lib/libcrypto/man/EVP_BytesToKey.3
head/secure/lib/libcrypto/man/EVP_DigestInit.3
head/secure/lib/libcrypto/man/EVP_DigestSignInit.3
head/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3
head/secure/lib/libcrypto/man/EVP_EncodeInit.3
head/secure/lib/libcrypto/man/EVP_EncryptInit.3
head/secure/lib/libcrypto/man/EVP_OpenInit.3
head/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
head/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3
head/secure/lib/libcrypto/man/EVP_PKEY_cmp.3
head/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3
head/secure/lib/libcrypto/man/EVP_PKEY_derive.3
head/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3
head/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3
head/secure/lib/libcrypto/man/EVP_PKEY_keygen.3
head/secure/lib/libcrypto/man/EVP_PKEY_meth_new.3
head/secure/lib/libcrypto/man/EVP_PKEY_new.3
head/secure/lib/libcrypto/man/EVP_PKEY_print_private.3
head/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
head/secure/lib/libcrypto/man/EVP_PKEY_sign.3
head/secure/lib/libcrypto/man/EVP_PKEY_verify.3
head/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3
head/secure/lib/libcrypto/man/EVP_SealInit.3
head/secure/lib/libcrypto/man/EVP_SignInit.3
head/secure/lib/libcrypto/man/EVP_VerifyInit.3
head/secure/lib/libcrypto/man/OBJ_nid2obj.3
head/secure/lib/libcrypto/man/OPENSSL_Applink.3
head/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
head/secure/lib/libcrypto/man/OPENSSL_config.3
head/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
head/secure/lib/libcrypto/man/OPENSSL_instrument_bus.3
head/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
head/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
head/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3
head/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3
head/secure/lib/libcrypto/man/PKCS12_create.3
head/secure/lib/libcrypto/man/PKCS12_parse.3
head/secure/lib/libcrypto/man/PKCS7_decrypt.3
head/secure/lib/libcrypto/man/PKCS7_encrypt.3
head/secure/lib/libcrypto/man/PKCS7_sign.3
head/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3
head/secure/lib/libcrypto/man/PKCS7_verify.3
head/secure/lib/libcrypto/man/RAND_add.3
head/secure/lib/libcrypto/man/RAND_bytes.3
head/secure/lib/libcrypto/man/RAND_cleanup.3
head/secure/lib/libcrypto/man/RAND_egd.3
head/secure/lib/libcrypto/man/RAND_load_file.3
head/secure/lib/libcrypto/man/RAND_set_rand_method.3
head/secure/lib/libcrypto/man/RSA_blinding_on.3
head/secure/lib/libcrypto/man/RSA_check_key.3
head/secure/lib/libcrypto/man/RSA_generate_key.3
head/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
head/secure/lib/libcrypto/man/RSA_new.3
head/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
head/secure/lib/libcrypto/man/RSA_print.3
head/secure/lib/libcrypto/man/RSA_private_encrypt.3
head/secure/lib/libcrypto/man/RSA_public_encrypt.3
head/secure/lib/libcrypto/man/RSA_set_method.3
head/secure/lib/libcrypto/man/RSA_sign.3
head/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
head/secure/lib/libcrypto/man/RSA_size.3
head/secure/lib/libcrypto/man/SMIME_read_CMS.3
head/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
head/secure/lib/libcrypto/man/SMIME_write_CMS.3
head/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
head/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
head/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
head/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
head/secure/lib/libcrypto/man/X509_NAME_print_ex.3
head/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3
head/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3
head/secure/lib/libcrypto/man/X509_STORE_CTX_new.3
head/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
head/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
head/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
head/secure/lib/libcrypto/man/X509_check_host.3
head/secure/lib/libcrypto/man/X509_check_private_key.3
head/secure/lib/libcrypto/man/X509_new.3
head/secure/lib/libcrypto/man/X509_verify_cert.3
head/secure/lib/libcrypto/man/bio.3
head/secure/lib/libcrypto/man/blowfish.3
head/secure/lib/libcrypto/man/bn.3
head/secure/lib/libcrypto/man/bn_internal.3
head/secure/lib/libcrypto/man/buffer.3
head/secure/lib/libcrypto/man/crypto.3
head/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
head/secure/lib/libcrypto/man/d2i_CMS_ContentInfo.3
head/secure/lib/libcrypto/man/d2i_DHparams.3
head/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
head/secure/lib/libcrypto/man/d2i_ECPKParameters.3
head/secure/lib/libcrypto/man/d2i_ECPrivateKey.3
head/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
head/secure/lib/libcrypto/man/d2i_PrivateKey.3
head/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
head/secure/lib/libcrypto/man/d2i_X509.3
head/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
head/secure/lib/libcrypto/man/d2i_X509_CRL.3
head/secure/lib/libcrypto/man/d2i_X509_NAME.3
head/secure/lib/libcrypto/man/d2i_X509_REQ.3
head/secure/lib/libcrypto/man/d2i_X509_SIG.3
head/secure/lib/libcrypto/man/des.3
head/secure/lib/libcrypto/man/dh.3
head/secure/lib/libcrypto/man/dsa.3
head/secure/lib/libcrypto/man/ec.3
head/secure/lib/libcrypto/man/ecdsa.3
head/secure/lib/libcrypto/man/engine.3
head/secure/lib/libcrypto/man/err.3
head/secure/lib/libcrypto/man/evp.3
head/secure/lib/libcrypto/man/hmac.3
head/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3
head/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3
head/secure/lib/libcrypto/man/lh_stats.3
head/secure/lib/libcrypto/man/lhash.3
head/secure/lib/libcrypto/man/md5.3
head/secure/lib/libcrypto/man/mdc2.3
head/secure/lib/libcrypto/man/pem.3
head/secure/lib/libcrypto/man/rand.3
head/secure/lib/libcrypto/man/rc4.3
head/secure/lib/libcrypto/man/ripemd.3
head/secure/lib/libcrypto/man/rsa.3
head/secure/lib/libcrypto/man/sha.3
head/secure/lib/libcrypto/man/threads.3
head/secure/lib/libcrypto/man/ui.3
head/secure/lib/libcrypto/man/ui_compat.3
head/secure/lib/libcrypto/man/x509.3
head/secure/lib/libssl/Makefile.man
head/secure/lib/libssl/man/SSL_CIPHER_get_name.3
head/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
head/secure/lib/libssl/man/SSL_CONF_CTX_new.3
head/secure/lib/libssl/man/SSL_CONF_CTX_set1_prefix.3
head/secure/lib/libssl/man/SSL_CONF_CTX_set_flags.3
head/secure/lib/libssl/man/SSL_CONF_CTX_set_ssl_ctx.3
head/secure/lib/libssl/man/SSL_CONF_cmd.3
head/secure/lib/libssl/man/SSL_CONF_cmd_argv.3
head/secure/lib/libssl/man/SSL_CTX_add1_chain_cert.3
head/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
head/secure/lib/libssl/man/SSL_CTX_add_session.3
head/secure/lib/libssl/man/SSL_CTX_ctrl.3
head/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
head/secure/lib/libssl/man/SSL_CTX_free.3
head/secure/lib/libssl/man/SSL_CTX_get0_param.3
head/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
head/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
head/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
head/secure/lib/libssl/man/SSL_CTX_new.3
head/secure/lib/libssl/man/SSL_CTX_sess_number.3
head/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
head/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
head/secure/lib/libssl/man/SSL_CTX_sessions.3
head/secure/lib/libssl/man/SSL_CTX_set1_curves.3
head/secure/lib/libssl/man/SSL_CTX_set1_verify_cert_store.3
head/secure/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
head/secure/lib/libssl/man/SSL_CTX_set_cert_cb.3
head/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
head/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
head/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
head/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
head/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
head/secure/lib/libssl/man/SSL_CTX_set_custom_cli_ext.3
head/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
head/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
head/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
head/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
head/secure/lib/libssl/man/SSL_CTX_set_mode.3
head/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
head/secure/lib/libssl/man/SSL_CTX_set_options.3
head/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3
head/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
head/secure/lib/libssl/man/SSL_CTX_set_read_ahead.3
head/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
head/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
head/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
head/secure/lib/libssl/man/SSL_CTX_set_timeout.3
head/secure/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
head/secure/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
head/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
head/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
head/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
head/secure/lib/libssl/man/SSL_CTX_set_verify.3
head/secure/lib/libssl/man/SSL_CTX_use_certificate.3
head/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
head/secure/lib/libssl/man/SSL_CTX_use_serverinfo.3
head/secure/lib/libssl/man/SSL_SESSION_free.3
head/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
head/secure/lib/libssl/man/SSL_SESSION_get_time.3
head/secure/lib/libssl/man/SSL_accept.3
head/secure/lib/libssl/man/SSL_alert_type_string.3
head/secure/lib/libssl/man/SSL_check_chain.3
head/secure/lib/libssl/man/SSL_clear.3
head/secure/lib/libssl/man/SSL_connect.3
head/secure/lib/libssl/man/SSL_do_handshake.3
head/secure/lib/libssl/man/SSL_export_keying_material.3
head/secure/lib/libssl/man/SSL_free.3
head/secure/lib/libssl/man/SSL_get_SSL_CTX.3
head/secure/lib/libssl/man/SSL_get_ciphers.3
head/secure/lib/libssl/man/SSL_get_client_CA_list.3
head/secure/lib/libssl/man/SSL_get_current_cipher.3
head/secure/lib/libssl/man/SSL_get_default_timeout.3
head/secure/lib/libssl/man/SSL_get_error.3
head/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
head/secure/lib/libssl/man/SSL_get_ex_new_index.3
head/secure/lib/libssl/man/SSL_get_fd.3
head/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
head/secure/lib/libssl/man/SSL_get_peer_certificate.3
head/secure/lib/libssl/man/SSL_get_psk_identity.3
head/secure/lib/libssl/man/SSL_get_rbio.3
head/secure/lib/libssl/man/SSL_get_session.3
head/secure/lib/libssl/man/SSL_get_verify_result.3
head/secure/lib/libssl/man/SSL_get_version.3
head/secure/lib/libssl/man/SSL_library_init.3
head/secure/lib/libssl/man/SSL_load_client_CA_file.3
head/secure/lib/libssl/man/SSL_new.3
head/secure/lib/libssl/man/SSL_pending.3
head/secure/lib/libssl/man/SSL_read.3
head/secure/lib/libssl/man/SSL_rstate_string.3
head/secure/lib/libssl/man/SSL_session_reused.3
head/secure/lib/libssl/man/SSL_set_bio.3
head/secure/lib/libssl/man/SSL_set_connect_state.3
head/secure/lib/libssl/man/SSL_set_fd.3
head/secure/lib/libssl/man/SSL_set_session.3
head/secure/lib/libssl/man/SSL_set_shutdown.3
head/secure/lib/libssl/man/SSL_set_verify_result.3
head/secure/lib/libssl/man/SSL_shutdown.3
head/secure/lib/libssl/man/SSL_state_string.3
head/secure/lib/libssl/man/SSL_want.3
head/secure/lib/libssl/man/SSL_write.3
head/secure/lib/libssl/man/d2i_SSL_SESSION.3
head/secure/lib/libssl/man/ssl.3
head/secure/usr.bin/openssl/man/CA.pl.1
head/secure/usr.bin/openssl/man/asn1parse.1
head/secure/usr.bin/openssl/man/ca.1
head/secure/usr.bin/openssl/man/ciphers.1
head/secure/usr.bin/openssl/man/cms.1
head/secure/usr.bin/openssl/man/crl.1
head/secure/usr.bin/openssl/man/crl2pkcs7.1
head/secure/usr.bin/openssl/man/dgst.1
head/secure/usr.bin/openssl/man/dhparam.1
head/secure/usr.bin/openssl/man/dsa.1
head/secure/usr.bin/openssl/man/dsaparam.1
head/secure/usr.bin/openssl/man/ec.1
head/secure/usr.bin/openssl/man/ecparam.1
head/secure/usr.bin/openssl/man/enc.1
head/secure/usr.bin/openssl/man/errstr.1
head/secure/usr.bin/openssl/man/gendsa.1
head/secure/usr.bin/openssl/man/genpkey.1
head/secure/usr.bin/openssl/man/genrsa.1
head/secure/usr.bin/openssl/man/nseq.1
head/secure/usr.bin/openssl/man/ocsp.1
head/secure/usr.bin/openssl/man/openssl.1
head/secure/usr.bin/openssl/man/passwd.1
head/secure/usr.bin/openssl/man/pkcs12.1
head/secure/usr.bin/openssl/man/pkcs7.1
head/secure/usr.bin/openssl/man/pkcs8.1
head/secure/usr.bin/openssl/man/pkey.1
head/secure/usr.bin/openssl/man/pkeyparam.1
head/secure/usr.bin/openssl/man/pkeyutl.1
head/secure/usr.bin/openssl/man/rand.1
head/secure/usr.bin/openssl/man/req.1
head/secure/usr.bin/openssl/man/rsa.1
head/secure/usr.bin/openssl/man/rsautl.1
head/secure/usr.bin/openssl/man/s_client.1
head/secure/usr.bin/openssl/man/s_server.1
head/secure/usr.bin/openssl/man/s_time.1
head/secure/usr.bin/openssl/man/sess_id.1
head/secure/usr.bin/openssl/man/smime.1
head/secure/usr.bin/openssl/man/speed.1
head/secure/usr.bin/openssl/man/spkac.1
head/secure/usr.bin/openssl/man/ts.1
head/secure/usr.bin/openssl/man/tsget.1
head/secure/usr.bin/openssl/man/verify.1
head/secure/usr.bin/openssl/man/version.1
head/secure/usr.bin/openssl/man/x509.1
head/secure/usr.bin/openssl/man/x509v3_config.1
Directory Properties:
head/crypto/openssl/ (props changed)
Modified: head/crypto/openssl/CHANGES
==============================================================================
--- head/crypto/openssl/CHANGES Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/CHANGES Tue Aug 14 17:48:02 2018 (r337791)
@@ -7,6 +7,64 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.0.2o and 1.0.2p [14 Aug 2018]
+
+ *) Client DoS due to large DH parameter
+
+ During key agreement in a TLS handshake using a DH(E) based ciphersuite a
+ malicious server can send a very large prime value to the client. This will
+ cause the client to spend an unreasonably long period of time generating a
+ key for this prime resulting in a hang until the client has finished. This
+ could be exploited in a Denial Of Service attack.
+
+ This issue was reported to OpenSSL on 5th June 2018 by Guido Vranken
+ (CVE-2018-0732)
+ [Guido Vranken]
+
+ *) Cache timing vulnerability in RSA Key Generation
+
+ The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to
+ a cache timing side channel attack. An attacker with sufficient access to
+ mount cache timing attacks during the RSA key generation process could
+ recover the private key.
+
+ This issue was reported to OpenSSL on 4th April 2018 by Alejandro Cabrera
+ Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia.
+ (CVE-2018-0737)
+ [Billy Brumley]
+
+ *) Make EVP_PKEY_asn1_new() a bit stricter about its input. A NULL pem_str
+ parameter is no longer accepted, as it leads to a corrupt table. NULL
+ pem_str is reserved for alias entries only.
+ [Richard Levitte]
+
+ *) Revert blinding in ECDSA sign and instead make problematic addition
+ length-invariant. Switch even to fixed-length Montgomery multiplication.
+ [Andy Polyakov]
+
+ *) Change generating and checking of primes so that the error rate of not
+ being prime depends on the intended use based on the size of the input.
+ For larger primes this will result in more rounds of Miller-Rabin.
+ The maximal error rate for primes with more than 1080 bits is lowered
+ to 2^-128.
+ [Kurt Roeckx, Annie Yousar]
+
+ *) Increase the number of Miller-Rabin rounds for DSA key generating to 64.
+ [Kurt Roeckx]
+
+ *) Add blinding to ECDSA and DSA signatures to protect against side channel
+ attacks discovered by Keegan Ryan (NCC Group).
+ [Matt Caswell]
+
+ *) When unlocking a pass phrase protected PEM file or PKCS#8 container, we
+ now allow empty (zero character) pass phrases.
+ [Richard Levitte]
+
+ *) Certificate time validation (X509_cmp_time) enforces stricter
+ compliance with RFC 5280. Fractional seconds and timezone offsets
+ are no longer allowed.
+ [Emilia Käsper]
+
Changes between 1.0.2n and 1.0.2o [27 Mar 2018]
*) Constructed ASN.1 types with a recursive definition could exceed the stack
Modified: head/crypto/openssl/CONTRIBUTING
==============================================================================
--- head/crypto/openssl/CONTRIBUTING Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/CONTRIBUTING Tue Aug 14 17:48:02 2018 (r337791)
@@ -1,27 +1,27 @@
-HOW TO CONTRIBUTE PATCHES TO OpenSSL
-------------------------------------
+HOW TO CONTRIBUTE TO OpenSSL
+----------------------------
(Please visit https://www.openssl.org/community/getting-started.html for
other ideas about how to contribute.)
-Development is coordinated on the openssl-dev mailing list (see the
-above link or https://mta.openssl.org for information on subscribing).
-If you are unsure as to whether a feature will be useful for the general
-OpenSSL community you might want to discuss it on the openssl-dev mailing
-list first. Someone may be already working on the same thing or there
-may be a good reason as to why that feature isn't implemented.
+Development is done on GitHub, https://github.com/openssl/openssl.
-To submit a patch, make a pull request on GitHub. If you think the patch
-could use feedback from the community, please start a thread on openssl-dev
-to discuss it.
+To request new features or report bugs, please open an issue on GitHub
-Having addressed the following items before the PR will help make the
-acceptance and review process faster:
+To submit a patch, please open a pull request on GitHub. If you are thinking
+of making a large contribution, open an issue for it before starting work,
+to get comments from the community. Someone may be already working on
+the same thing or there may be reasons why that feature isn't implemented.
- 1. Anything other than trivial contributions will require a contributor
- licensing agreement, giving us permission to use your code. See
- https://www.openssl.org/policies/cla.html for details.
+To make it easier to review and accept your pull request, please follow these
+guidelines:
+ 1. Anything other than a trivial contribution requires a Contributor
+ License Agreement (CLA), giving us permission to use your code. See
+ https://www.openssl.org/policies/cla.html for details. If your
+ contribution is too small to require a CLA, put "CLA: trivial" on a
+ line by itself in your commit message body.
+
2. All source files should start with the following text (with
appropriate comment characters at the start of each line and the
year(s) updated):
@@ -34,21 +34,21 @@ acceptance and review process faster:
https://www.openssl.org/source/license.html
3. Patches should be as current as possible; expect to have to rebase
- often. We do not accept merge commits; You will be asked to remove
- them before a patch is considered acceptable.
+ often. We do not accept merge commits, you will have to remove them
+ (usually by rebasing) before it will be acceptable.
4. Patches should follow our coding style (see
- https://www.openssl.org/policies/codingstyle.html) and compile without
- warnings. Where gcc or clang is availble you should use the
+ https://www.openssl.org/policies/codingstyle.html) and compile
+ without warnings. Where gcc or clang is available you should use the
--strict-warnings Configure option. OpenSSL compiles on many varied
- platforms: try to ensure you only use portable features.
- Clean builds via Travis and AppVeyor are expected, and done whenever
- a PR is created or updated.
+ platforms: try to ensure you only use portable features. Clean builds
+ via Travis and AppVeyor are required, and they are started automatically
+ whenever a PR is created or updated.
5. When at all possible, patches should include tests. These can
either be added to an existing test, or completely new. Please see
test/README for information on the test framework.
6. New features or changed functionality must include
- documentation. Please look at the "pod" files in doc/apps, doc/crypto
- and doc/ssl for examples of our style.
+ documentation. Please look at the "pod" files in doc for
+ examples of our style.
Modified: head/crypto/openssl/Configure
==============================================================================
--- head/crypto/openssl/Configure Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/Configure Tue Aug 14 17:48:02 2018 (r337791)
@@ -1173,6 +1173,7 @@ foreach (sort (keys %disabled))
$depflags .= " -DOPENSSL_NO_$ALGO";
}
}
+ if (/^comp$/) { $zlib = 0; }
}
print "\n";
@@ -1671,6 +1672,13 @@ while (<PIPE>) {
}
close(PIPE);
+# Xcode did not handle $cc -M before clang support
+my $cc_as_makedepend = 0;
+if ($predefined{__GNUC__} >= 3 && !(defined($predefined{__APPLE_CC__})
+ && !defined($predefined{__clang__}))) {
+ $cc_as_makedepend = 1;
+}
+
if ($strict_warnings)
{
my $wopt;
@@ -1730,14 +1738,14 @@ while (<IN>)
s/^NM=\s*/NM= \$\(CROSS_COMPILE\)/;
s/^RANLIB=\s*/RANLIB= \$\(CROSS_COMPILE\)/;
s/^RC=\s*/RC= \$\(CROSS_COMPILE\)/;
- s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $predefined{__GNUC__} >= 3;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc_as_makedepend;
}
else {
s/^CC=.*$/CC= $cc/;
s/^AR=\s*ar/AR= $ar/;
s/^RANLIB=.*/RANLIB= $ranlib/;
s/^RC=.*/RC= $windres/;
- s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $predefined{__GNUC__} >= 3;
+ s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc_as_makedepend;
}
s/^CFLAG=.*$/CFLAG= $cflags/;
s/^DEPFLAG=.*$/DEPFLAG=$depflags/;
Modified: head/crypto/openssl/Makefile
==============================================================================
--- head/crypto/openssl/Makefile Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/Makefile Tue Aug 14 17:48:02 2018 (r337791)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.2o
+VERSION=1.0.2p
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Modified: head/crypto/openssl/NEWS
==============================================================================
--- head/crypto/openssl/NEWS Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/NEWS Tue Aug 14 17:48:02 2018 (r337791)
@@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.2o and OpenSSL 1.0.2p [14 Aug 2018]
+
+ o Client DoS due to large DH parameter (CVE-2018-0732)
+ o Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
+
Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018]
o Constructed ASN.1 types with a recursive definition could exceed the
Modified: head/crypto/openssl/README
==============================================================================
--- head/crypto/openssl/README Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/README Tue Aug 14 17:48:02 2018 (r337791)
@@ -1,7 +1,7 @@
- OpenSSL 1.0.2o 27 Mar 2018
+ OpenSSL 1.0.2p 14 Aug 2018
- Copyright (c) 1998-2015 The OpenSSL Project
+ Copyright (c) 1998-2018 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
All rights reserved.
Modified: head/crypto/openssl/apps/apps.c
==============================================================================
--- head/crypto/openssl/apps/apps.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/apps.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -1359,7 +1359,8 @@ int set_name_ex(unsigned long *flags, const char *arg)
};
if (set_multi_opts(flags, arg, ex_tbl) == 0)
return 0;
- if ((*flags & XN_FLAG_SEP_MASK) == 0)
+ if (*flags != XN_FLAG_COMPAT
+ && (*flags & XN_FLAG_SEP_MASK) == 0)
*flags |= XN_FLAG_SEP_CPLUS_SPC;
return 1;
}
Modified: head/crypto/openssl/apps/asn1pars.c
==============================================================================
--- head/crypto/openssl/apps/asn1pars.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/asn1pars.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -295,7 +295,7 @@ int MAIN(int argc, char **argv)
ASN1_TYPE *atmp;
int typ;
j = atoi(sk_OPENSSL_STRING_value(osk, i));
- if (j == 0) {
+ if (j <= 0 || j >= tmplen) {
BIO_printf(bio_err, "'%s' is an invalid number\n",
sk_OPENSSL_STRING_value(osk, i));
continue;
@@ -327,14 +327,14 @@ int MAIN(int argc, char **argv)
num = tmplen;
}
- if (offset >= num) {
- BIO_printf(bio_err, "Error: offset too large\n");
+ if (offset < 0 || offset >= num) {
+ BIO_printf(bio_err, "Error: offset out of range\n");
goto end;
}
num -= offset;
- if ((length == 0) || ((long)length > num))
+ if (length == 0 || length > (unsigned int)num)
length = (unsigned int)num;
if (derout) {
if (BIO_write(derout, str + offset, length) != (int)length) {
Modified: head/crypto/openssl/apps/ca.c
==============================================================================
--- head/crypto/openssl/apps/ca.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/ca.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -1176,10 +1176,13 @@ int MAIN(int argc, char **argv)
if (j > 0) {
total_done++;
BIO_printf(bio_err, "\n");
- if (!BN_add_word(serial, 1))
+ if (!BN_add_word(serial, 1)) {
+ X509_free(x);
goto err;
+ }
if (!sk_X509_push(cert_sk, x)) {
BIO_printf(bio_err, "Memory allocation failure\n");
+ X509_free(x);
goto err;
}
}
Modified: head/crypto/openssl/apps/ocsp.c
==============================================================================
--- head/crypto/openssl/apps/ocsp.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/ocsp.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -787,7 +787,6 @@ int MAIN(int argc, char **argv)
OCSP_response_status_str(i), i);
if (ignore_err)
goto redo_accept;
- ret = 0;
goto end;
}
Modified: head/crypto/openssl/apps/passwd.c
==============================================================================
--- head/crypto/openssl/apps/passwd.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/passwd.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -306,9 +306,9 @@ static char *md5crypt(const char *passwd, const char *
out_buf[0] = '$';
out_buf[1] = 0;
assert(strlen(magic) <= 4); /* "1" or "apr1" */
- strncat(out_buf, magic, 4);
- strncat(out_buf, "$", 1);
- strncat(out_buf, salt, 8);
+ BUF_strlcat(out_buf, magic, sizeof(out_buf));
+ BUF_strlcat(out_buf, "$", sizeof(out_buf));
+ BUF_strlcat(out_buf, salt, sizeof(out_buf));
assert(strlen(out_buf) <= 6 + 8); /* "$apr1$..salt.." */
salt_out = out_buf + 2 + strlen(magic);
salt_len = strlen(salt_out);
Modified: head/crypto/openssl/apps/s_apps.h
==============================================================================
--- head/crypto/openssl/apps/s_apps.h Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/s_apps.h Tue Aug 14 17:48:02 2018 (r337791)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2001 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -152,9 +152,8 @@ typedef fd_mask fd_set;
#define PROTOCOL "tcp"
int do_server(int port, int type, int *ret,
- int (*cb) (char *hostname, int s, int stype,
- unsigned char *context), unsigned char *context,
- int naccept);
+ int (*cb) (int s, int stype, unsigned char *context),
+ unsigned char *context, int naccept);
#ifdef HEADER_X509_H
int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
#endif
Modified: head/crypto/openssl/apps/s_client.c
==============================================================================
--- head/crypto/openssl/apps/s_client.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/s_client.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -337,7 +337,7 @@ static void sc_usage(void)
BIO_printf(bio_err,
" -prexit - print session information even on connection failure\n");
BIO_printf(bio_err,
- " -showcerts - show all certificates in the chain\n");
+ " -showcerts - Show all certificates sent by the server\n");
BIO_printf(bio_err, " -debug - extra output\n");
#ifdef WATT32
BIO_printf(bio_err, " -wdebug - WATT-32 tcp debugging\n");
Modified: head/crypto/openssl/apps/s_server.c
==============================================================================
--- head/crypto/openssl/apps/s_server.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/s_server.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -209,9 +209,9 @@ typedef unsigned int u_int;
#ifndef OPENSSL_NO_RSA
static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int is_export, int keylength);
#endif
-static int sv_body(char *hostname, int s, int stype, unsigned char *context);
-static int www_body(char *hostname, int s, int stype, unsigned char *context);
-static int rev_body(char *hostname, int s, int stype, unsigned char *context);
+static int sv_body(int s, int stype, unsigned char *context);
+static int www_body(int s, int stype, unsigned char *context);
+static int rev_body(int s, int stype, unsigned char *context);
static void close_accept_socket(void);
static void sv_usage(void);
static int init_ssl_connection(SSL *s);
@@ -1087,11 +1087,14 @@ int MAIN(int argc, char *argv[])
char *chCApath = NULL, *chCAfile = NULL;
char *vfyCApath = NULL, *vfyCAfile = NULL;
unsigned char *context = NULL;
+#ifndef OPENSSL_NO_DH
char *dhfile = NULL;
+ int no_dhe = 0;
+#endif
int badop = 0;
int ret = 1;
int build_chain = 0;
- int no_tmp_rsa = 0, no_dhe = 0, no_ecdhe = 0, nocert = 0;
+ int no_tmp_rsa = 0, no_ecdhe = 0, nocert = 0;
int state = 0;
const SSL_METHOD *meth = NULL;
int socket_type = SOCK_STREAM;
@@ -1239,11 +1242,15 @@ int MAIN(int argc, char *argv[])
if (--argc < 1)
goto bad;
s_chain_file = *(++argv);
- } else if (strcmp(*argv, "-dhparam") == 0) {
+ }
+#ifndef OPENSSL_NO_DH
+ else if (strcmp(*argv, "-dhparam") == 0) {
if (--argc < 1)
goto bad;
dhfile = *(++argv);
- } else if (strcmp(*argv, "-dcertform") == 0) {
+ }
+#endif
+ else if (strcmp(*argv, "-dcertform") == 0) {
if (--argc < 1)
goto bad;
s_dcert_format = str2fmt(*(++argv));
@@ -1390,9 +1397,13 @@ int MAIN(int argc, char *argv[])
verify_quiet = 1;
} else if (strcmp(*argv, "-no_tmp_rsa") == 0) {
no_tmp_rsa = 1;
- } else if (strcmp(*argv, "-no_dhe") == 0) {
+ }
+#ifndef OPENSSL_NO_DH
+ else if (strcmp(*argv, "-no_dhe") == 0) {
no_dhe = 1;
- } else if (strcmp(*argv, "-no_ecdhe") == 0) {
+ }
+#endif
+ else if (strcmp(*argv, "-no_ecdhe") == 0) {
no_ecdhe = 1;
} else if (strcmp(*argv, "-no_resume_ephemeral") == 0) {
no_resume_ephemeral = 1;
@@ -2165,7 +2176,7 @@ static void print_stats(BIO *bio, SSL_CTX *ssl_ctx)
SSL_CTX_sess_get_cache_size(ssl_ctx));
}
-static int sv_body(char *hostname, int s, int stype, unsigned char *context)
+static int sv_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
fd_set readfds;
@@ -2780,7 +2791,7 @@ static int load_CA(SSL_CTX *ctx, char *file)
}
#endif
-static int www_body(char *hostname, int s, int stype, unsigned char *context)
+static int www_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
int ret = 1;
@@ -3183,7 +3194,7 @@ static int www_body(char *hostname, int s, int stype,
return (ret);
}
-static int rev_body(char *hostname, int s, int stype, unsigned char *context)
+static int rev_body(int s, int stype, unsigned char *context)
{
char *buf = NULL;
int i;
Modified: head/crypto/openssl/apps/s_socket.c
==============================================================================
--- head/crypto/openssl/apps/s_socket.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/s_socket.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -109,7 +109,7 @@ static int ssl_sock_init(void);
static int init_client_ip(int *sock, unsigned char ip[4], int port, int type);
static int init_server(int *sock, int port, int type);
static int init_server_long(int *sock, int port, char *ip, int type);
-static int do_accept(int acc_sock, int *sock, char **host);
+static int do_accept(int acc_sock, int *sock);
static int host_ip(char *str, unsigned char ip[4]);
# ifdef OPENSSL_SYS_WIN16
@@ -290,12 +290,10 @@ static int init_client_ip(int *sock, unsigned char ip[
}
int do_server(int port, int type, int *ret,
- int (*cb) (char *hostname, int s, int stype,
- unsigned char *context), unsigned char *context,
- int naccept)
+ int (*cb) (int s, int stype, unsigned char *context),
+ unsigned char *context, int naccept)
{
int sock;
- char *name = NULL;
int accept_socket = 0;
int i;
@@ -308,15 +306,13 @@ int do_server(int port, int type, int *ret,
}
for (;;) {
if (type == SOCK_STREAM) {
- if (do_accept(accept_socket, &sock, &name) == 0) {
+ if (do_accept(accept_socket, &sock) == 0) {
SHUTDOWN(accept_socket);
return (0);
}
} else
sock = accept_socket;
- i = (*cb) (name, sock, type, context);
- if (name != NULL)
- OPENSSL_free(name);
+ i = (*cb) (sock, type, context);
if (type == SOCK_STREAM)
SHUTDOWN2(sock);
if (naccept != -1)
@@ -386,30 +382,24 @@ static int init_server(int *sock, int port, int type)
return (init_server_long(sock, port, NULL, type));
}
-static int do_accept(int acc_sock, int *sock, char **host)
+static int do_accept(int acc_sock, int *sock)
{
int ret;
- struct hostent *h1, *h2;
- static struct sockaddr_in from;
- int len;
-/* struct linger ling; */
if (!ssl_sock_init())
- return (0);
+ return 0;
# ifndef OPENSSL_SYS_WINDOWS
redoit:
# endif
- memset((char *)&from, 0, sizeof(from));
- len = sizeof(from);
/*
* Note: under VMS with SOCKETSHR the fourth parameter is currently of
* type (int *) whereas under other systems it is (void *) if you don't
* have a cast it will choke the compiler: if you do have a cast then you
* can either go for (int *) or (void *).
*/
- ret = accept(acc_sock, (struct sockaddr *)&from, (void *)&len);
+ ret = accept(acc_sock, NULL, NULL);
if (ret == INVALID_SOCKET) {
# if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
int i;
@@ -425,56 +415,11 @@ static int do_accept(int acc_sock, int *sock, char **h
fprintf(stderr, "errno=%d ", errno);
perror("accept");
# endif
- return (0);
+ return 0;
}
-/*-
- ling.l_onoff=1;
- ling.l_linger=0;
- i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
- if (i < 0) { perror("linger"); return(0); }
- i=0;
- i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
- if (i < 0) { perror("keepalive"); return(0); }
-*/
-
- if (host == NULL)
- goto end;
-# ifndef BIT_FIELD_LIMITS
- /* I should use WSAAsyncGetHostByName() under windows */
- h1 = gethostbyaddr((char *)&from.sin_addr.s_addr,
- sizeof(from.sin_addr.s_addr), AF_INET);
-# else
- h1 = gethostbyaddr((char *)&from.sin_addr,
- sizeof(struct in_addr), AF_INET);
-# endif
- if (h1 == NULL) {
- BIO_printf(bio_err, "bad gethostbyaddr\n");
- *host = NULL;
- /* return(0); */
- } else {
- if ((*host = (char *)OPENSSL_malloc(strlen(h1->h_name) + 1)) == NULL) {
- perror("OPENSSL_malloc");
- closesocket(ret);
- return (0);
- }
- BUF_strlcpy(*host, h1->h_name, strlen(h1->h_name) + 1);
-
- h2 = GetHostByName(*host);
- if (h2 == NULL) {
- BIO_printf(bio_err, "gethostbyname failure\n");
- closesocket(ret);
- return (0);
- }
- if (h2->h_addrtype != AF_INET) {
- BIO_printf(bio_err, "gethostbyname addr is not AF_INET\n");
- closesocket(ret);
- return (0);
- }
- }
- end:
*sock = ret;
- return (1);
+ return 1;
}
int extract_host_port(char *str, char **host_ptr, unsigned char *ip,
Modified: head/crypto/openssl/apps/verify.c
==============================================================================
--- head/crypto/openssl/apps/verify.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/apps/verify.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -277,6 +277,7 @@ static int check(X509_STORE *ctx, char *file,
X509_STORE_set_flags(ctx, vflags);
if (!X509_STORE_CTX_init(csc, ctx, x, uchain)) {
ERR_print_errors(bio_err);
+ X509_STORE_CTX_free(csc);
goto end;
}
if (tchain)
Modified: head/crypto/openssl/crypto/Makefile
==============================================================================
--- head/crypto/openssl/crypto/Makefile Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/Makefile Tue Aug 14 17:48:02 2018 (r337791)
@@ -46,7 +46,7 @@ SRC= $(LIBSRC)
EXHEADER= crypto.h opensslv.h opensslconf.h ebcdic.h symhacks.h \
ossl_typ.h
HEADER= cryptlib.h buildinf.h md32_common.h o_time.h o_str.h o_dir.h \
- constant_time_locl.h $(EXHEADER)
+ constant_time_locl.h bn_int.h $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
Modified: head/crypto/openssl/crypto/asn1/a_bool.c
==============================================================================
--- head/crypto/openssl/crypto/asn1/a_bool.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/asn1/a_bool.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -63,17 +63,31 @@
int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
{
int r;
- unsigned char *p;
+ unsigned char *p, *allocated = NULL;
r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN);
if (pp == NULL)
return (r);
- p = *pp;
+ if (*pp == NULL) {
+ if ((p = allocated = OPENSSL_malloc(r)) == NULL) {
+ ASN1err(ASN1_F_I2D_ASN1_BOOLEAN, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ } else {
+ p = *pp;
+ }
+
ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL);
- *(p++) = (unsigned char)a;
- *pp = p;
- return (r);
+ *p = (unsigned char)a;
+
+
+ /*
+ * If a new buffer was allocated, just return it back.
+ * If not, return the incremented buffer pointer.
+ */
+ *pp = allocated != NULL ? allocated : p + 1;
+ return r;
}
int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
Modified: head/crypto/openssl/crypto/asn1/a_object.c
==============================================================================
--- head/crypto/openssl/crypto/asn1/a_object.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/asn1/a_object.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -66,7 +66,7 @@
int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
{
- unsigned char *p;
+ unsigned char *p, *allocated = NULL;
int objsize;
if ((a == NULL) || (a->data == NULL))
@@ -76,13 +76,24 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp
if (pp == NULL || objsize == -1)
return objsize;
- p = *pp;
+ if (*pp == NULL) {
+ if ((p = allocated = OPENSSL_malloc(objsize)) == NULL) {
+ ASN1err(ASN1_F_I2D_ASN1_OBJECT, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ } else {
+ p = *pp;
+ }
+
ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
memcpy(p, a->data, a->length);
- p += a->length;
- *pp = p;
- return (objsize);
+ /*
+ * If a new buffer was allocated, just return it back.
+ * If not, return the incremented buffer pointer.
+ */
+ *pp = allocated != NULL ? allocated : p + a->length;
+ return objsize;
}
int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
Modified: head/crypto/openssl/crypto/asn1/a_strex.c
==============================================================================
--- head/crypto/openssl/crypto/asn1/a_strex.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/asn1/a_strex.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -194,18 +194,38 @@ static int do_buf(unsigned char *buf, int buflen,
int type, unsigned char flags, char *quotes, char_io *io_ch,
void *arg)
{
- int i, outlen, len;
+ int i, outlen, len, charwidth;
unsigned char orflags, *p, *q;
unsigned long c;
p = buf;
q = buf + buflen;
outlen = 0;
+ charwidth = type & BUF_TYPE_WIDTH_MASK;
+
+ switch (charwidth) {
+ case 4:
+ if (buflen & 3) {
+ ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
+ return -1;
+ }
+ break;
+ case 2:
+ if (buflen & 1) {
+ ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_BMPSTRING_LENGTH);
+ return -1;
+ }
+ break;
+ default:
+ break;
+ }
+
while (p != q) {
if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
orflags = CHARTYPE_FIRST_ESC_2253;
else
orflags = 0;
- switch (type & BUF_TYPE_WIDTH_MASK) {
+
+ switch (charwidth) {
case 4:
c = ((unsigned long)*p++) << 24;
c |= ((unsigned long)*p++) << 16;
@@ -226,6 +246,7 @@ static int do_buf(unsigned char *buf, int buflen,
i = UTF8_getc(p, buflen, &c);
if (i < 0)
return -1; /* Invalid UTF8String */
+ buflen -= i;
p += i;
break;
default:
Modified: head/crypto/openssl/crypto/asn1/ameth_lib.c
==============================================================================
--- head/crypto/openssl/crypto/asn1/ameth_lib.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/asn1/ameth_lib.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -3,7 +3,7 @@
* 2006.
*/
/* ====================================================================
- * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2006-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -304,6 +304,18 @@ EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int fl
goto err;
} else
ameth->info = NULL;
+
+ /*
+ * One of the following must be true:
+ *
+ * pem_str == NULL AND ASN1_PKEY_ALIAS is set
+ * pem_str != NULL AND ASN1_PKEY_ALIAS is clear
+ *
+ * Anything else is an error and may lead to a corrupt ASN1 method table
+ */
+ if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0)
+ || (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0)))
+ goto err;
if (pem_str) {
ameth->pem_str = BUF_strdup(pem_str);
Modified: head/crypto/openssl/crypto/asn1/asn1.h
==============================================================================
--- head/crypto/openssl/crypto/asn1/asn1.h Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/asn1/asn1.h Tue Aug 14 17:48:02 2018 (r337791)
@@ -1164,6 +1164,7 @@ int SMIME_text(BIO *in, BIO *out);
* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
*/
+
void ERR_load_ASN1_strings(void);
/* Error codes for the ASN1 functions. */
@@ -1264,7 +1265,10 @@ void ERR_load_ASN1_strings(void);
# define ASN1_F_D2I_X509 156
# define ASN1_F_D2I_X509_CINF 157
# define ASN1_F_D2I_X509_PKEY 159
+# define ASN1_F_DO_BUF 221
# define ASN1_F_I2D_ASN1_BIO_STREAM 211
+# define ASN1_F_I2D_ASN1_BOOLEAN 223
+# define ASN1_F_I2D_ASN1_OBJECT 222
# define ASN1_F_I2D_ASN1_SET 188
# define ASN1_F_I2D_ASN1_TIME 160
# define ASN1_F_I2D_DSA_PUBKEY 161
@@ -1414,7 +1418,7 @@ void ERR_load_ASN1_strings(void);
# define ASN1_R_WRONG_TAG 168
# define ASN1_R_WRONG_TYPE 169
-#ifdef __cplusplus
+# ifdef __cplusplus
}
-#endif
+# endif
#endif
Modified: head/crypto/openssl/crypto/asn1/asn1_err.c
==============================================================================
--- head/crypto/openssl/crypto/asn1/asn1_err.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/asn1/asn1_err.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -166,7 +166,10 @@ static ERR_STRING_DATA ASN1_str_functs[] = {
{ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
{ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
{ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
+ {ERR_FUNC(ASN1_F_DO_BUF), "DO_BUF"},
{ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
+ {ERR_FUNC(ASN1_F_I2D_ASN1_BOOLEAN), "i2d_ASN1_BOOLEAN"},
+ {ERR_FUNC(ASN1_F_I2D_ASN1_OBJECT), "i2d_ASN1_OBJECT"},
{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
{ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
Modified: head/crypto/openssl/crypto/asn1/tasn_enc.c
==============================================================================
--- head/crypto/openssl/crypto/asn1/tasn_enc.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/asn1/tasn_enc.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -588,6 +588,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout
otmp = (ASN1_OBJECT *)*pval;
cont = otmp->data;
len = otmp->length;
+ if (cont == NULL || len == 0)
+ return -1;
break;
case V_ASN1_NULL:
Modified: head/crypto/openssl/crypto/bio/bss_log.c
==============================================================================
--- head/crypto/openssl/crypto/bio/bss_log.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/bio/bss_log.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -1,6 +1,6 @@
/* crypto/bio/bss_log.c */
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -242,7 +242,7 @@ static int MS_CALLBACK slg_write(BIO *b, const char *i
if ((buf = (char *)OPENSSL_malloc(inl + 1)) == NULL) {
return (0);
}
- strncpy(buf, in, inl);
+ memcpy(buf, in, inl);
buf[inl] = '\0';
i = 0;
Modified: head/crypto/openssl/crypto/bio/bss_mem.c
==============================================================================
--- head/crypto/openssl/crypto/bio/bss_mem.c Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/bio/bss_mem.c Tue Aug 14 17:48:02 2018 (r337791)
@@ -188,6 +188,8 @@ static int mem_write(BIO *b, const char *in, int inl)
}
BIO_clear_retry_flags(b);
+ if (inl == 0)
+ return 0;
blen = bm->length;
if (BUF_MEM_grow_clean(bm, blen + inl) != (blen + inl))
goto end;
Modified: head/crypto/openssl/crypto/bn/Makefile
==============================================================================
--- head/crypto/openssl/crypto/bn/Makefile Tue Aug 14 17:46:54 2018 (r337790)
+++ head/crypto/openssl/crypto/bn/Makefile Tue Aug 14 17:48:02 2018 (r337791)
@@ -197,21 +197,24 @@ bn_add.o: ../../include/openssl/e_os2.h ../../include/
bn_add.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_add.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_add.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_add.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_add.c bn_lcl.h
+bn_add.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_add.c
+bn_add.o: bn_lcl.h
bn_asm.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_asm.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_asm.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_asm.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_asm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_asm.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_asm.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_asm.c bn_lcl.h
+bn_asm.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_asm.c
+bn_asm.o: bn_lcl.h
bn_blind.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_blind.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_blind.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_blind.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_blind.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_blind.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_blind.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_blind.c bn_lcl.h
+bn_blind.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h
+bn_blind.o: bn_blind.c bn_lcl.h
bn_const.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
bn_const.o: ../../include/openssl/opensslconf.h
bn_const.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
@@ -223,7 +226,8 @@ bn_ctx.o: ../../include/openssl/e_os2.h ../../include/
bn_ctx.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_ctx.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_ctx.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_ctx.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_ctx.c bn_lcl.h
+bn_ctx.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_ctx.c
+bn_ctx.o: bn_lcl.h
bn_depr.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_depr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_depr.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
@@ -231,14 +235,15 @@ bn_depr.o: ../../include/openssl/lhash.h ../../include
bn_depr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_depr.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
bn_depr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-bn_depr.o: ../cryptlib.h bn_depr.c bn_lcl.h
+bn_depr.o: ../bn_int.h ../cryptlib.h bn_depr.c bn_lcl.h
bn_div.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_div.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_div.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_div.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_div.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_div.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_div.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_div.c bn_lcl.h
+bn_div.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_div.c
+bn_div.o: bn_lcl.h
bn_err.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
bn_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
@@ -252,7 +257,7 @@ bn_exp.o: ../../include/openssl/e_os2.h ../../include/
bn_exp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_exp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_exp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
+bn_exp.o: ../../include/openssl/symhacks.h ../bn_int.h ../constant_time_locl.h
bn_exp.o: ../cryptlib.h bn_exp.c bn_lcl.h rsaz_exp.h
bn_exp2.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_exp2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -260,70 +265,80 @@ bn_exp2.o: ../../include/openssl/e_os2.h ../../include
bn_exp2.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_exp2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_exp2.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_exp2.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_exp2.c bn_lcl.h
+bn_exp2.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_exp2.c
+bn_exp2.o: bn_lcl.h
bn_gcd.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_gcd.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_gcd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_gcd.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_gcd.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_gcd.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gcd.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gcd.c bn_lcl.h
+bn_gcd.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_gcd.c
+bn_gcd.o: bn_lcl.h
bn_gf2m.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_gf2m.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_gf2m.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_gf2m.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_gf2m.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_gf2m.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_gf2m.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_gf2m.c bn_lcl.h
+bn_gf2m.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_gf2m.c
+bn_gf2m.o: bn_lcl.h
bn_kron.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_kron.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_kron.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_kron.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_kron.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_kron.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_kron.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_kron.c bn_lcl.h
+bn_kron.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_kron.c
+bn_kron.o: bn_lcl.h
bn_lib.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
bn_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
bn_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
bn_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
bn_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-bn_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h bn_lcl.h bn_lib.c
+bn_lib.o: ../../include/openssl/symhacks.h ../bn_int.h ../cryptlib.h bn_lcl.h
+bn_lib.o: bn_lib.c
bn_mod.o: ../../e_os.h ../../include/openssl/bio.h ../../include/openssl/bn.h
bn_mod.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list