svn commit: r325335 - in stable/11: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/aes crypto/openssl/crypto/aes/asm crypto/openssl/crypto/asn1 crypto/openssl/crypto...
Jung-uk Kim
jkim at FreeBSD.org
Thu Nov 2 18:22:59 UTC 2017
Author: jkim
Date: Thu Nov 2 18:22:53 2017
New Revision: 325335
URL: https://svnweb.freebsd.org/changeset/base/325335
Log:
MFC: r318899
Merge OpenSSL 1.0.2l.
Added:
stable/11/crypto/openssl/doc/man3/
- copied from r318899, head/crypto/openssl/doc/man3/
stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
- copied unchanged from r318899, head/secure/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
Modified:
stable/11/crypto/openssl/CHANGES
stable/11/crypto/openssl/Configure
stable/11/crypto/openssl/LICENSE
stable/11/crypto/openssl/Makefile
stable/11/crypto/openssl/Makefile.org
stable/11/crypto/openssl/NEWS
stable/11/crypto/openssl/README
stable/11/crypto/openssl/apps/ca.c
stable/11/crypto/openssl/apps/dhparam.c
stable/11/crypto/openssl/apps/enc.c
stable/11/crypto/openssl/apps/engine.c
stable/11/crypto/openssl/apps/pkeyutl.c
stable/11/crypto/openssl/apps/prime.c
stable/11/crypto/openssl/apps/progs.h
stable/11/crypto/openssl/apps/progs.pl
stable/11/crypto/openssl/apps/req.c
stable/11/crypto/openssl/apps/s_client.c
stable/11/crypto/openssl/apps/s_server.c
stable/11/crypto/openssl/apps/srp.c
stable/11/crypto/openssl/appveyor.yml
stable/11/crypto/openssl/config
stable/11/crypto/openssl/crypto/aes/Makefile
stable/11/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl
stable/11/crypto/openssl/crypto/aes/asm/aesni-sha256-x86_64.pl
stable/11/crypto/openssl/crypto/aes/asm/bsaes-armv7.pl
stable/11/crypto/openssl/crypto/asn1/a_bitstr.c
stable/11/crypto/openssl/crypto/asn1/a_digest.c
stable/11/crypto/openssl/crypto/asn1/a_gentm.c
stable/11/crypto/openssl/crypto/asn1/a_strnid.c
stable/11/crypto/openssl/crypto/asn1/a_time.c
stable/11/crypto/openssl/crypto/asn1/a_utctm.c
stable/11/crypto/openssl/crypto/asn1/f_enum.c
stable/11/crypto/openssl/crypto/asn1/f_int.c
stable/11/crypto/openssl/crypto/asn1/tasn_dec.c
stable/11/crypto/openssl/crypto/asn1/tasn_new.c
stable/11/crypto/openssl/crypto/asn1/x_long.c
stable/11/crypto/openssl/crypto/asn1/x_name.c
stable/11/crypto/openssl/crypto/bio/b_print.c
stable/11/crypto/openssl/crypto/bio/bio_cb.c
stable/11/crypto/openssl/crypto/bio/bss_file.c
stable/11/crypto/openssl/crypto/bn/Makefile
stable/11/crypto/openssl/crypto/bn/asm/sparcv9-mont.pl
stable/11/crypto/openssl/crypto/bn/bn_prime.c
stable/11/crypto/openssl/crypto/bn/bn_prime.h
stable/11/crypto/openssl/crypto/bn/bn_prime.pl
stable/11/crypto/openssl/crypto/bn/bn_print.c
stable/11/crypto/openssl/crypto/comp/c_rle.c
stable/11/crypto/openssl/crypto/conf/conf.h
stable/11/crypto/openssl/crypto/conf/conf_def.c
stable/11/crypto/openssl/crypto/conf/conf_err.c
stable/11/crypto/openssl/crypto/des/Makefile
stable/11/crypto/openssl/crypto/des/set_key.c
stable/11/crypto/openssl/crypto/dh/dh.h
stable/11/crypto/openssl/crypto/ec/ec_ameth.c
stable/11/crypto/openssl/crypto/ec/ec_asn1.c
stable/11/crypto/openssl/crypto/ec/ec_mult.c
stable/11/crypto/openssl/crypto/ec/eck_prn.c
stable/11/crypto/openssl/crypto/engine/eng_cryptodev.c
stable/11/crypto/openssl/crypto/err/err.c
stable/11/crypto/openssl/crypto/err/err.h
stable/11/crypto/openssl/crypto/evp/e_aes.c
stable/11/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c
stable/11/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c
stable/11/crypto/openssl/crypto/evp/e_des3.c
stable/11/crypto/openssl/crypto/evp/evp_enc.c
stable/11/crypto/openssl/crypto/evp/pmeth_lib.c
stable/11/crypto/openssl/crypto/ex_data.c
stable/11/crypto/openssl/crypto/hmac/hm_pmeth.c
stable/11/crypto/openssl/crypto/md5/Makefile
stable/11/crypto/openssl/crypto/mem.c
stable/11/crypto/openssl/crypto/modes/Makefile
stable/11/crypto/openssl/crypto/o_dir.c
stable/11/crypto/openssl/crypto/o_time.c
stable/11/crypto/openssl/crypto/opensslv.h
stable/11/crypto/openssl/crypto/perlasm/x86_64-xlate.pl
stable/11/crypto/openssl/crypto/pkcs12/p12_mutl.c
stable/11/crypto/openssl/crypto/ppccap.c
stable/11/crypto/openssl/crypto/rand/md_rand.c
stable/11/crypto/openssl/crypto/rc4/Makefile
stable/11/crypto/openssl/crypto/rsa/rsa_pmeth.c
stable/11/crypto/openssl/crypto/rsa/rsa_pss.c
stable/11/crypto/openssl/crypto/sha/Makefile
stable/11/crypto/openssl/crypto/srp/srp_vfy.c
stable/11/crypto/openssl/crypto/txt_db/txt_db.c
stable/11/crypto/openssl/crypto/ui/ui_lib.c
stable/11/crypto/openssl/crypto/x509/x509_lu.c
stable/11/crypto/openssl/crypto/x509v3/v3_alt.c
stable/11/crypto/openssl/crypto/x509v3/v3_cpols.c
stable/11/crypto/openssl/crypto/x509v3/v3_info.c
stable/11/crypto/openssl/crypto/x509v3/v3_purp.c
stable/11/crypto/openssl/crypto/x86_64cpuid.pl
stable/11/crypto/openssl/crypto/x86cpuid.pl
stable/11/crypto/openssl/doc/apps/ciphers.pod
stable/11/crypto/openssl/doc/apps/config.pod
stable/11/crypto/openssl/doc/apps/genrsa.pod
stable/11/crypto/openssl/doc/apps/req.pod
stable/11/crypto/openssl/doc/apps/s_client.pod
stable/11/crypto/openssl/doc/apps/s_server.pod
stable/11/crypto/openssl/doc/crypto/EVP_EncryptInit.pod
stable/11/crypto/openssl/doc/crypto/RSA_private_encrypt.pod
stable/11/crypto/openssl/doc/crypto/RSA_public_encrypt.pod
stable/11/crypto/openssl/doc/crypto/X509_STORE_CTX_new.pod
stable/11/crypto/openssl/doc/crypto/des.pod
stable/11/crypto/openssl/ssl/d1_both.c
stable/11/crypto/openssl/ssl/d1_clnt.c
stable/11/crypto/openssl/ssl/d1_pkt.c
stable/11/crypto/openssl/ssl/d1_srvr.c
stable/11/crypto/openssl/ssl/s23_clnt.c
stable/11/crypto/openssl/ssl/s23_srvr.c
stable/11/crypto/openssl/ssl/s3_clnt.c
stable/11/crypto/openssl/ssl/s3_enc.c
stable/11/crypto/openssl/ssl/s3_lib.c
stable/11/crypto/openssl/ssl/s3_pkt.c
stable/11/crypto/openssl/ssl/s3_srvr.c
stable/11/crypto/openssl/ssl/ssl_cert.c
stable/11/crypto/openssl/ssl/ssl_ciph.c
stable/11/crypto/openssl/ssl/ssl_lib.c
stable/11/crypto/openssl/ssl/ssl_locl.h
stable/11/crypto/openssl/ssl/ssl_rsa.c
stable/11/crypto/openssl/ssl/ssl_sess.c
stable/11/crypto/openssl/ssl/ssltest.c
stable/11/crypto/openssl/ssl/t1_ext.c
stable/11/crypto/openssl/ssl/t1_lib.c
stable/11/crypto/openssl/util/domd
stable/11/crypto/openssl/util/mk1mf.pl
stable/11/secure/lib/libcrypto/Makefile.inc
stable/11/secure/lib/libcrypto/Makefile.man
stable/11/secure/lib/libcrypto/amd64/aesni-sha1-x86_64.S
stable/11/secure/lib/libcrypto/amd64/aesni-sha256-x86_64.S
stable/11/secure/lib/libcrypto/amd64/x86_64cpuid.S
stable/11/secure/lib/libcrypto/arm/bsaes-armv7.S
stable/11/secure/lib/libcrypto/i386/x86cpuid.S
stable/11/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
stable/11/secure/lib/libcrypto/man/ASN1_STRING_length.3
stable/11/secure/lib/libcrypto/man/ASN1_STRING_new.3
stable/11/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
stable/11/secure/lib/libcrypto/man/ASN1_TIME_set.3
stable/11/secure/lib/libcrypto/man/ASN1_generate_nconf.3
stable/11/secure/lib/libcrypto/man/BIO_ctrl.3
stable/11/secure/lib/libcrypto/man/BIO_f_base64.3
stable/11/secure/lib/libcrypto/man/BIO_f_buffer.3
stable/11/secure/lib/libcrypto/man/BIO_f_cipher.3
stable/11/secure/lib/libcrypto/man/BIO_f_md.3
stable/11/secure/lib/libcrypto/man/BIO_f_null.3
stable/11/secure/lib/libcrypto/man/BIO_f_ssl.3
stable/11/secure/lib/libcrypto/man/BIO_find_type.3
stable/11/secure/lib/libcrypto/man/BIO_new.3
stable/11/secure/lib/libcrypto/man/BIO_new_CMS.3
stable/11/secure/lib/libcrypto/man/BIO_push.3
stable/11/secure/lib/libcrypto/man/BIO_read.3
stable/11/secure/lib/libcrypto/man/BIO_s_accept.3
stable/11/secure/lib/libcrypto/man/BIO_s_bio.3
stable/11/secure/lib/libcrypto/man/BIO_s_connect.3
stable/11/secure/lib/libcrypto/man/BIO_s_fd.3
stable/11/secure/lib/libcrypto/man/BIO_s_file.3
stable/11/secure/lib/libcrypto/man/BIO_s_mem.3
stable/11/secure/lib/libcrypto/man/BIO_s_null.3
stable/11/secure/lib/libcrypto/man/BIO_s_socket.3
stable/11/secure/lib/libcrypto/man/BIO_set_callback.3
stable/11/secure/lib/libcrypto/man/BIO_should_retry.3
stable/11/secure/lib/libcrypto/man/BN_BLINDING_new.3
stable/11/secure/lib/libcrypto/man/BN_CTX_new.3
stable/11/secure/lib/libcrypto/man/BN_CTX_start.3
stable/11/secure/lib/libcrypto/man/BN_add.3
stable/11/secure/lib/libcrypto/man/BN_add_word.3
stable/11/secure/lib/libcrypto/man/BN_bn2bin.3
stable/11/secure/lib/libcrypto/man/BN_cmp.3
stable/11/secure/lib/libcrypto/man/BN_copy.3
stable/11/secure/lib/libcrypto/man/BN_generate_prime.3
stable/11/secure/lib/libcrypto/man/BN_mod_inverse.3
stable/11/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
stable/11/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
stable/11/secure/lib/libcrypto/man/BN_new.3
stable/11/secure/lib/libcrypto/man/BN_num_bytes.3
stable/11/secure/lib/libcrypto/man/BN_rand.3
stable/11/secure/lib/libcrypto/man/BN_set_bit.3
stable/11/secure/lib/libcrypto/man/BN_swap.3
stable/11/secure/lib/libcrypto/man/BN_zero.3
stable/11/secure/lib/libcrypto/man/CMS_add0_cert.3
stable/11/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3
stable/11/secure/lib/libcrypto/man/CMS_add1_signer.3
stable/11/secure/lib/libcrypto/man/CMS_compress.3
stable/11/secure/lib/libcrypto/man/CMS_decrypt.3
stable/11/secure/lib/libcrypto/man/CMS_encrypt.3
stable/11/secure/lib/libcrypto/man/CMS_final.3
stable/11/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3
stable/11/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3
stable/11/secure/lib/libcrypto/man/CMS_get0_type.3
stable/11/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3
stable/11/secure/lib/libcrypto/man/CMS_sign.3
stable/11/secure/lib/libcrypto/man/CMS_sign_receipt.3
stable/11/secure/lib/libcrypto/man/CMS_uncompress.3
stable/11/secure/lib/libcrypto/man/CMS_verify.3
stable/11/secure/lib/libcrypto/man/CMS_verify_receipt.3
stable/11/secure/lib/libcrypto/man/CONF_modules_free.3
stable/11/secure/lib/libcrypto/man/CONF_modules_load_file.3
stable/11/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
stable/11/secure/lib/libcrypto/man/DH_generate_key.3
stable/11/secure/lib/libcrypto/man/DH_generate_parameters.3
stable/11/secure/lib/libcrypto/man/DH_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/DH_new.3
stable/11/secure/lib/libcrypto/man/DH_set_method.3
stable/11/secure/lib/libcrypto/man/DH_size.3
stable/11/secure/lib/libcrypto/man/DSA_SIG_new.3
stable/11/secure/lib/libcrypto/man/DSA_do_sign.3
stable/11/secure/lib/libcrypto/man/DSA_dup_DH.3
stable/11/secure/lib/libcrypto/man/DSA_generate_key.3
stable/11/secure/lib/libcrypto/man/DSA_generate_parameters.3
stable/11/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/DSA_new.3
stable/11/secure/lib/libcrypto/man/DSA_set_method.3
stable/11/secure/lib/libcrypto/man/DSA_sign.3
stable/11/secure/lib/libcrypto/man/DSA_size.3
stable/11/secure/lib/libcrypto/man/EC_GFp_simple_method.3
stable/11/secure/lib/libcrypto/man/EC_GROUP_copy.3
stable/11/secure/lib/libcrypto/man/EC_GROUP_new.3
stable/11/secure/lib/libcrypto/man/EC_KEY_new.3
stable/11/secure/lib/libcrypto/man/EC_POINT_add.3
stable/11/secure/lib/libcrypto/man/EC_POINT_new.3
stable/11/secure/lib/libcrypto/man/ERR_GET_LIB.3
stable/11/secure/lib/libcrypto/man/ERR_clear_error.3
stable/11/secure/lib/libcrypto/man/ERR_error_string.3
stable/11/secure/lib/libcrypto/man/ERR_get_error.3
stable/11/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
stable/11/secure/lib/libcrypto/man/ERR_load_strings.3
stable/11/secure/lib/libcrypto/man/ERR_print_errors.3
stable/11/secure/lib/libcrypto/man/ERR_put_error.3
stable/11/secure/lib/libcrypto/man/ERR_remove_state.3
stable/11/secure/lib/libcrypto/man/ERR_set_mark.3
stable/11/secure/lib/libcrypto/man/EVP_BytesToKey.3
stable/11/secure/lib/libcrypto/man/EVP_DigestInit.3
stable/11/secure/lib/libcrypto/man/EVP_DigestSignInit.3
stable/11/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3
stable/11/secure/lib/libcrypto/man/EVP_EncodeInit.3
stable/11/secure/lib/libcrypto/man/EVP_EncryptInit.3
stable/11/secure/lib/libcrypto/man/EVP_OpenInit.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_cmp.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_derive.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_keygen.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_new.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_print_private.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_sign.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_verify.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3
stable/11/secure/lib/libcrypto/man/EVP_SealInit.3
stable/11/secure/lib/libcrypto/man/EVP_SignInit.3
stable/11/secure/lib/libcrypto/man/EVP_VerifyInit.3
stable/11/secure/lib/libcrypto/man/OBJ_nid2obj.3
stable/11/secure/lib/libcrypto/man/OPENSSL_Applink.3
stable/11/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
stable/11/secure/lib/libcrypto/man/OPENSSL_config.3
stable/11/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
stable/11/secure/lib/libcrypto/man/OPENSSL_instrument_bus.3
stable/11/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
stable/11/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
stable/11/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3
stable/11/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3
stable/11/secure/lib/libcrypto/man/PKCS12_create.3
stable/11/secure/lib/libcrypto/man/PKCS12_parse.3
stable/11/secure/lib/libcrypto/man/PKCS7_decrypt.3
stable/11/secure/lib/libcrypto/man/PKCS7_encrypt.3
stable/11/secure/lib/libcrypto/man/PKCS7_sign.3
stable/11/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3
stable/11/secure/lib/libcrypto/man/PKCS7_verify.3
stable/11/secure/lib/libcrypto/man/RAND_add.3
stable/11/secure/lib/libcrypto/man/RAND_bytes.3
stable/11/secure/lib/libcrypto/man/RAND_cleanup.3
stable/11/secure/lib/libcrypto/man/RAND_egd.3
stable/11/secure/lib/libcrypto/man/RAND_load_file.3
stable/11/secure/lib/libcrypto/man/RAND_set_rand_method.3
stable/11/secure/lib/libcrypto/man/RSA_blinding_on.3
stable/11/secure/lib/libcrypto/man/RSA_check_key.3
stable/11/secure/lib/libcrypto/man/RSA_generate_key.3
stable/11/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/RSA_new.3
stable/11/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
stable/11/secure/lib/libcrypto/man/RSA_print.3
stable/11/secure/lib/libcrypto/man/RSA_private_encrypt.3
stable/11/secure/lib/libcrypto/man/RSA_public_encrypt.3
stable/11/secure/lib/libcrypto/man/RSA_set_method.3
stable/11/secure/lib/libcrypto/man/RSA_sign.3
stable/11/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
stable/11/secure/lib/libcrypto/man/RSA_size.3
stable/11/secure/lib/libcrypto/man/SMIME_read_CMS.3
stable/11/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
stable/11/secure/lib/libcrypto/man/SMIME_write_CMS.3
stable/11/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
stable/11/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
stable/11/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
stable/11/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
stable/11/secure/lib/libcrypto/man/X509_NAME_print_ex.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_new.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
stable/11/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
stable/11/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
stable/11/secure/lib/libcrypto/man/X509_check_host.3
stable/11/secure/lib/libcrypto/man/X509_new.3
stable/11/secure/lib/libcrypto/man/X509_verify_cert.3
stable/11/secure/lib/libcrypto/man/bio.3
stable/11/secure/lib/libcrypto/man/blowfish.3
stable/11/secure/lib/libcrypto/man/bn.3
stable/11/secure/lib/libcrypto/man/bn_internal.3
stable/11/secure/lib/libcrypto/man/buffer.3
stable/11/secure/lib/libcrypto/man/crypto.3
stable/11/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
stable/11/secure/lib/libcrypto/man/d2i_CMS_ContentInfo.3
stable/11/secure/lib/libcrypto/man/d2i_DHparams.3
stable/11/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
stable/11/secure/lib/libcrypto/man/d2i_ECPKParameters.3
stable/11/secure/lib/libcrypto/man/d2i_ECPrivateKey.3
stable/11/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
stable/11/secure/lib/libcrypto/man/d2i_PrivateKey.3
stable/11/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
stable/11/secure/lib/libcrypto/man/d2i_X509.3
stable/11/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
stable/11/secure/lib/libcrypto/man/d2i_X509_CRL.3
stable/11/secure/lib/libcrypto/man/d2i_X509_NAME.3
stable/11/secure/lib/libcrypto/man/d2i_X509_REQ.3
stable/11/secure/lib/libcrypto/man/d2i_X509_SIG.3
stable/11/secure/lib/libcrypto/man/des.3
stable/11/secure/lib/libcrypto/man/dh.3
stable/11/secure/lib/libcrypto/man/dsa.3
stable/11/secure/lib/libcrypto/man/ec.3
stable/11/secure/lib/libcrypto/man/ecdsa.3
stable/11/secure/lib/libcrypto/man/engine.3
stable/11/secure/lib/libcrypto/man/err.3
stable/11/secure/lib/libcrypto/man/evp.3
stable/11/secure/lib/libcrypto/man/hmac.3
stable/11/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3
stable/11/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3
stable/11/secure/lib/libcrypto/man/lh_stats.3
stable/11/secure/lib/libcrypto/man/lhash.3
stable/11/secure/lib/libcrypto/man/md5.3
stable/11/secure/lib/libcrypto/man/mdc2.3
stable/11/secure/lib/libcrypto/man/pem.3
stable/11/secure/lib/libcrypto/man/rand.3
stable/11/secure/lib/libcrypto/man/rc4.3
stable/11/secure/lib/libcrypto/man/ripemd.3
stable/11/secure/lib/libcrypto/man/rsa.3
stable/11/secure/lib/libcrypto/man/sha.3
stable/11/secure/lib/libcrypto/man/threads.3
stable/11/secure/lib/libcrypto/man/ui.3
stable/11/secure/lib/libcrypto/man/ui_compat.3
stable/11/secure/lib/libcrypto/man/x509.3
stable/11/secure/lib/libssl/Makefile.man
stable/11/secure/lib/libssl/man/SSL_CIPHER_get_name.3
stable/11/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_new.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set1_prefix.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set_flags.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set_ssl_ctx.3
stable/11/secure/lib/libssl/man/SSL_CONF_cmd.3
stable/11/secure/lib/libssl/man/SSL_CONF_cmd_argv.3
stable/11/secure/lib/libssl/man/SSL_CTX_add1_chain_cert.3
stable/11/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
stable/11/secure/lib/libssl/man/SSL_CTX_add_session.3
stable/11/secure/lib/libssl/man/SSL_CTX_ctrl.3
stable/11/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
stable/11/secure/lib/libssl/man/SSL_CTX_free.3
stable/11/secure/lib/libssl/man/SSL_CTX_get0_param.3
stable/11/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
stable/11/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
stable/11/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
stable/11/secure/lib/libssl/man/SSL_CTX_new.3
stable/11/secure/lib/libssl/man/SSL_CTX_sess_number.3
stable/11/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
stable/11/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_sessions.3
stable/11/secure/lib/libssl/man/SSL_CTX_set1_curves.3
stable/11/secure/lib/libssl/man/SSL_CTX_set1_verify_cert_store.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_custom_cli_ext.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_mode.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_options.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_read_ahead.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_timeout.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_verify.3
stable/11/secure/lib/libssl/man/SSL_CTX_use_certificate.3
stable/11/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
stable/11/secure/lib/libssl/man/SSL_CTX_use_serverinfo.3
stable/11/secure/lib/libssl/man/SSL_SESSION_free.3
stable/11/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
stable/11/secure/lib/libssl/man/SSL_SESSION_get_time.3
stable/11/secure/lib/libssl/man/SSL_accept.3
stable/11/secure/lib/libssl/man/SSL_alert_type_string.3
stable/11/secure/lib/libssl/man/SSL_check_chain.3
stable/11/secure/lib/libssl/man/SSL_clear.3
stable/11/secure/lib/libssl/man/SSL_connect.3
stable/11/secure/lib/libssl/man/SSL_do_handshake.3
stable/11/secure/lib/libssl/man/SSL_free.3
stable/11/secure/lib/libssl/man/SSL_get_SSL_CTX.3
stable/11/secure/lib/libssl/man/SSL_get_ciphers.3
stable/11/secure/lib/libssl/man/SSL_get_client_CA_list.3
stable/11/secure/lib/libssl/man/SSL_get_current_cipher.3
stable/11/secure/lib/libssl/man/SSL_get_default_timeout.3
stable/11/secure/lib/libssl/man/SSL_get_error.3
stable/11/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
stable/11/secure/lib/libssl/man/SSL_get_ex_new_index.3
stable/11/secure/lib/libssl/man/SSL_get_fd.3
stable/11/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
stable/11/secure/lib/libssl/man/SSL_get_peer_certificate.3
stable/11/secure/lib/libssl/man/SSL_get_psk_identity.3
stable/11/secure/lib/libssl/man/SSL_get_rbio.3
stable/11/secure/lib/libssl/man/SSL_get_session.3
stable/11/secure/lib/libssl/man/SSL_get_verify_result.3
stable/11/secure/lib/libssl/man/SSL_get_version.3
stable/11/secure/lib/libssl/man/SSL_library_init.3
stable/11/secure/lib/libssl/man/SSL_load_client_CA_file.3
stable/11/secure/lib/libssl/man/SSL_new.3
stable/11/secure/lib/libssl/man/SSL_pending.3
stable/11/secure/lib/libssl/man/SSL_read.3
stable/11/secure/lib/libssl/man/SSL_rstate_string.3
stable/11/secure/lib/libssl/man/SSL_session_reused.3
stable/11/secure/lib/libssl/man/SSL_set_bio.3
stable/11/secure/lib/libssl/man/SSL_set_connect_state.3
stable/11/secure/lib/libssl/man/SSL_set_fd.3
stable/11/secure/lib/libssl/man/SSL_set_session.3
stable/11/secure/lib/libssl/man/SSL_set_shutdown.3
stable/11/secure/lib/libssl/man/SSL_set_verify_result.3
stable/11/secure/lib/libssl/man/SSL_shutdown.3
stable/11/secure/lib/libssl/man/SSL_state_string.3
stable/11/secure/lib/libssl/man/SSL_want.3
stable/11/secure/lib/libssl/man/SSL_write.3
stable/11/secure/lib/libssl/man/d2i_SSL_SESSION.3
stable/11/secure/lib/libssl/man/ssl.3
stable/11/secure/usr.bin/openssl/Makefile.man
stable/11/secure/usr.bin/openssl/man/CA.pl.1
stable/11/secure/usr.bin/openssl/man/asn1parse.1
stable/11/secure/usr.bin/openssl/man/c_rehash.1
stable/11/secure/usr.bin/openssl/man/ca.1
stable/11/secure/usr.bin/openssl/man/ciphers.1
stable/11/secure/usr.bin/openssl/man/cms.1
stable/11/secure/usr.bin/openssl/man/crl.1
stable/11/secure/usr.bin/openssl/man/crl2pkcs7.1
stable/11/secure/usr.bin/openssl/man/dgst.1
stable/11/secure/usr.bin/openssl/man/dhparam.1
stable/11/secure/usr.bin/openssl/man/dsa.1
stable/11/secure/usr.bin/openssl/man/dsaparam.1
stable/11/secure/usr.bin/openssl/man/ec.1
stable/11/secure/usr.bin/openssl/man/ecparam.1
stable/11/secure/usr.bin/openssl/man/enc.1
stable/11/secure/usr.bin/openssl/man/errstr.1
stable/11/secure/usr.bin/openssl/man/gendsa.1
stable/11/secure/usr.bin/openssl/man/genpkey.1
stable/11/secure/usr.bin/openssl/man/genrsa.1
stable/11/secure/usr.bin/openssl/man/nseq.1
stable/11/secure/usr.bin/openssl/man/ocsp.1
stable/11/secure/usr.bin/openssl/man/openssl.1
stable/11/secure/usr.bin/openssl/man/passwd.1
stable/11/secure/usr.bin/openssl/man/pkcs12.1
stable/11/secure/usr.bin/openssl/man/pkcs7.1
stable/11/secure/usr.bin/openssl/man/pkcs8.1
stable/11/secure/usr.bin/openssl/man/pkey.1
stable/11/secure/usr.bin/openssl/man/pkeyparam.1
stable/11/secure/usr.bin/openssl/man/pkeyutl.1
stable/11/secure/usr.bin/openssl/man/rand.1
stable/11/secure/usr.bin/openssl/man/req.1
stable/11/secure/usr.bin/openssl/man/rsa.1
stable/11/secure/usr.bin/openssl/man/rsautl.1
stable/11/secure/usr.bin/openssl/man/s_client.1
stable/11/secure/usr.bin/openssl/man/s_server.1
stable/11/secure/usr.bin/openssl/man/s_time.1
stable/11/secure/usr.bin/openssl/man/sess_id.1
stable/11/secure/usr.bin/openssl/man/smime.1
stable/11/secure/usr.bin/openssl/man/speed.1
stable/11/secure/usr.bin/openssl/man/spkac.1
stable/11/secure/usr.bin/openssl/man/ts.1
stable/11/secure/usr.bin/openssl/man/tsget.1
stable/11/secure/usr.bin/openssl/man/verify.1
stable/11/secure/usr.bin/openssl/man/version.1
stable/11/secure/usr.bin/openssl/man/x509.1
stable/11/secure/usr.bin/openssl/man/x509v3_config.1
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/crypto/openssl/CHANGES
==============================================================================
--- stable/11/crypto/openssl/CHANGES Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/CHANGES Thu Nov 2 18:22:53 2017 (r325335)
@@ -2,6 +2,12 @@
OpenSSL CHANGES
_______________
+ Changes between 1.0.2k and 1.0.2l [25 May 2017]
+
+ *) Have 'config' recognise 64-bit mingw and choose 'mingw64' as the target
+ platform rather than 'mingw'.
+ [Richard Levitte]
+
Changes between 1.0.2j and 1.0.2k [26 Jan 2017]
*) Truncated packet could crash via OOB read
Modified: stable/11/crypto/openssl/Configure
==============================================================================
--- stable/11/crypto/openssl/Configure Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/Configure Thu Nov 2 18:22:53 2017 (r325335)
@@ -109,7 +109,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-
# Minimum warning options... any contributions to OpenSSL should at least get
# past these.
-my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
+my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wundef -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
# TODO(openssl-team): fix problems and investigate if (at least) the following
# warnings can also be enabled:
@@ -2041,12 +2041,13 @@ EOF
close(OUT);
} else {
my $make_command = "$make PERL=\'$perl\'";
- my $make_targets = "";
- $make_targets .= " links" if $symlink;
- $make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
- $make_targets .= " gentests" if $symlink;
- (system $make_command.$make_targets) == 0 or exit $?
- if $make_targets ne "";
+ my @make_targets = ();
+ push @make_targets, "links" if $symlink;
+ push @make_targets, "depend" if $depflags ne $default_depflags && $make_depend;
+ push @make_targets, "gentests" if $symlink;
+ foreach my $make_target (@make_targets) {
+ (system "$make_command $make_target") == 0 or exit $?;
+ }
if ( $perl =~ m@^/@) {
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
@@ -2056,8 +2057,8 @@ EOF
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
if ($depflags ne $default_depflags && !$make_depend) {
- $warn_make_depend++;
- }
+ $warn_make_depend++;
+ }
}
# create the ms/version32.rc file if needed
Modified: stable/11/crypto/openssl/LICENSE
==============================================================================
--- stable/11/crypto/openssl/LICENSE Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/LICENSE Thu Nov 2 18:22:53 2017 (r325335)
@@ -2,7 +2,7 @@
LICENSE ISSUES
==============
- The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
+ The OpenSSL toolkit stays under a double license, i.e. both the conditions of
the OpenSSL License and the original SSLeay license apply to the toolkit.
See below for the actual license texts. Actually both licenses are BSD-style
Open Source licenses. In case of any license issues related to OpenSSL
@@ -12,7 +12,7 @@
---------------
/* ====================================================================
- * Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2017 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Modified: stable/11/crypto/openssl/Makefile
==============================================================================
--- stable/11/crypto/openssl/Makefile Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/Makefile Thu Nov 2 18:22:53 2017 (r325335)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.2k
+VERSION=1.0.2l
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
@@ -425,6 +425,14 @@ clean: libclean
do \
rm -fr $$i/*; \
done
+
+distclean: clean
+ -$(RM) `find . -name .git -prune -o -type l -print`
+ $(RM) apps/CA.pl
+ $(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
+ $(RM) tools/c_rehash
+ $(RM) crypto/opensslconf.h
+ $(RM) Makefile Makefile.bak
makefile.one: files
$(PERL) util/mk1mf.pl >makefile.one; \
Modified: stable/11/crypto/openssl/Makefile.org
==============================================================================
--- stable/11/crypto/openssl/Makefile.org Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/Makefile.org Thu Nov 2 18:22:53 2017 (r325335)
@@ -424,6 +424,14 @@ clean: libclean
rm -fr $$i/*; \
done
+distclean: clean
+ -$(RM) `find . -name .git -prune -o -type l -print`
+ $(RM) apps/CA.pl
+ $(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
+ $(RM) tools/c_rehash
+ $(RM) crypto/opensslconf.h
+ $(RM) Makefile Makefile.bak
+
makefile.one: files
$(PERL) util/mk1mf.pl >makefile.one; \
sh util/do_ms.sh
Modified: stable/11/crypto/openssl/NEWS
==============================================================================
--- stable/11/crypto/openssl/NEWS Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/NEWS Thu Nov 2 18:22:53 2017 (r325335)
@@ -5,6 +5,10 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017]
+
+ o config now recognises 64-bit mingw and chooses mingw64 instead of mingw
+
Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]
o Truncated packet could crash via OOB read (CVE-2017-3731)
Modified: stable/11/crypto/openssl/README
==============================================================================
--- stable/11/crypto/openssl/README Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/README Thu Nov 2 18:22:53 2017 (r325335)
@@ -1,5 +1,5 @@
- OpenSSL 1.0.2k 26 Jan 2017
+ OpenSSL 1.0.2l 25 May 2017
Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Modified: stable/11/crypto/openssl/apps/ca.c
==============================================================================
--- stable/11/crypto/openssl/apps/ca.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/ca.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -2126,10 +2126,8 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *
goto err;
}
- for (i = 0; i < DB_NUMBER; i++) {
+ for (i = 0; i < DB_NUMBER; i++)
irow[i] = row[i];
- row[i] = NULL;
- }
irow[DB_NUMBER] = NULL;
if (!TXT_DB_insert(db->db, irow)) {
@@ -2137,11 +2135,14 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *
BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
goto err;
}
+ irow = NULL;
ok = 1;
err:
- for (i = 0; i < DB_NUMBER; i++)
- if (row[i] != NULL)
+ if (irow != NULL) {
+ for (i = 0; i < DB_NUMBER; i++)
OPENSSL_free(row[i]);
+ OPENSSL_free(irow);
+ }
if (CAname != NULL)
X509_NAME_free(CAname);
@@ -2396,17 +2397,19 @@ static int do_revoke(X509 *x509, CA_DB *db, int type,
goto err;
}
- for (i = 0; i < DB_NUMBER; i++) {
+ for (i = 0; i < DB_NUMBER; i++)
irow[i] = row[i];
- row[i] = NULL;
- }
irow[DB_NUMBER] = NULL;
if (!TXT_DB_insert(db->db, irow)) {
BIO_printf(bio_err, "failed to update database\n");
BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
+ OPENSSL_free(irow);
goto err;
}
+
+ for (i = 0; i < DB_NUMBER; i++)
+ row[i] = NULL;
/* Revoke Certificate */
if (type == -1)
Modified: stable/11/crypto/openssl/apps/dhparam.c
==============================================================================
--- stable/11/crypto/openssl/apps/dhparam.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/dhparam.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -381,10 +381,19 @@ int MAIN(int argc, char **argv)
} else
# endif
{
- if (informat == FORMAT_ASN1)
+ if (informat == FORMAT_ASN1) {
+ /*
+ * We have no PEM header to determine what type of DH params it
+ * is. We'll just try both.
+ */
dh = d2i_DHparams_bio(in, NULL);
- else /* informat == FORMAT_PEM */
+ /* BIO_reset() returns 0 for success for file BIOs only!!! */
+ if (dh == NULL && BIO_reset(in) == 0)
+ dh = d2i_DHxparams_bio(in, NULL);
+ } else {
+ /* informat == FORMAT_PEM */
dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
+ }
if (dh == NULL) {
BIO_printf(bio_err, "unable to load DH parameters\n");
@@ -484,10 +493,13 @@ int MAIN(int argc, char **argv)
}
if (!noout) {
- if (outformat == FORMAT_ASN1)
- i = i2d_DHparams_bio(out, dh);
- else if (outformat == FORMAT_PEM) {
- if (dh->q)
+ if (outformat == FORMAT_ASN1) {
+ if (dh->q != NULL)
+ i = i2d_DHxparams_bio(out, dh);
+ else
+ i = i2d_DHparams_bio(out, dh);
+ } else if (outformat == FORMAT_PEM) {
+ if (dh->q != NULL)
i = PEM_write_bio_DHxparams(out, dh);
else
i = PEM_write_bio_DHparams(out, dh);
Modified: stable/11/crypto/openssl/apps/enc.c
==============================================================================
--- stable/11/crypto/openssl/apps/enc.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/enc.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -81,20 +81,32 @@ int set_hex(char *in, unsigned char *out, int size);
#define BSIZE (8*1024)
#define PROG enc_main
-static void show_ciphers(const OBJ_NAME *name, void *bio_)
+struct doall_enc_ciphers {
+ BIO *bio;
+ int n;
+};
+
+static void show_ciphers(const OBJ_NAME *name, void *arg)
{
- BIO *bio = bio_;
- static int n;
+ struct doall_enc_ciphers *dec = (struct doall_enc_ciphers *)arg;
+ const EVP_CIPHER *cipher;
if (!islower((unsigned char)*name->name))
return;
- BIO_printf(bio, "-%-25s", name->name);
- if (++n == 3) {
- BIO_printf(bio, "\n");
- n = 0;
+ /* Filter out ciphers that we cannot use */
+ cipher = EVP_get_cipherbyname(name->name);
+ if (cipher == NULL ||
+ (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 ||
+ EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)
+ return;
+
+ BIO_printf(dec->bio, "-%-25s", name->name);
+ if (++dec->n == 3) {
+ BIO_printf(dec->bio, "\n");
+ dec->n = 0;
} else
- BIO_printf(bio, " ");
+ BIO_printf(dec->bio, " ");
}
int MAIN(int, char **);
@@ -130,6 +142,7 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
const EVP_MD *dgst = NULL;
int non_fips_allow = 0;
+ struct doall_enc_ciphers dec;
apps_startup();
@@ -311,8 +324,10 @@ int MAIN(int argc, char **argv)
#endif
BIO_printf(bio_err, "Cipher Types\n");
+ dec.n = 0;
+ dec.bio = bio_err;
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
- show_ciphers, bio_err);
+ show_ciphers, &dec);
BIO_printf(bio_err, "\n");
goto end;
Modified: stable/11/crypto/openssl/apps/engine.c
==============================================================================
--- stable/11/crypto/openssl/apps/engine.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/engine.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -108,12 +108,15 @@ static int append_buf(char **buf, const char *s, int *
}
if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
+ char *p = *buf;
+
*size += step;
*buf = OPENSSL_realloc(*buf, *size);
+ if (*buf == NULL) {
+ OPENSSL_free(p);
+ return 0;
+ }
}
-
- if (*buf == NULL)
- return 0;
if (**buf != '\0')
BUF_strlcat(*buf, ", ", *size);
Modified: stable/11/crypto/openssl/apps/pkeyutl.c
==============================================================================
--- stable/11/crypto/openssl/apps/pkeyutl.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/pkeyutl.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -322,8 +322,10 @@ int MAIN(int argc, char **argv)
buf_in, (size_t)buf_inlen);
if (rv == 0)
BIO_puts(out, "Signature Verification Failure\n");
- else if (rv == 1)
+ else if (rv == 1) {
BIO_puts(out, "Signature Verified Successfully\n");
+ ret = 0;
+ }
if (rv >= 0)
goto end;
} else {
Modified: stable/11/crypto/openssl/apps/prime.c
==============================================================================
--- stable/11/crypto/openssl/apps/prime.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/prime.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -155,5 +155,8 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "options are\n");
BIO_printf(bio_err, "%-14s hex\n", "-hex");
BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
+ BIO_printf(bio_err, "%-14s generate prime\n", "-generate");
+ BIO_printf(bio_err, "%-14s number of bits\n", "-bits <n>");
+ BIO_printf(bio_err, "%-14s safe prime\n", "-safe");
return 1;
}
Modified: stable/11/crypto/openssl/apps/progs.h
==============================================================================
--- stable/11/crypto/openssl/apps/progs.h Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/progs.h Thu Nov 2 18:22:53 2017 (r325335)
@@ -58,7 +58,7 @@ extern int srp_main(int argc, char *argv[]);
typedef struct {
int type;
const char *name;
- int (*func) (int argc, char *argv[]);
+ int (*func)(int argc, char *argv[]);
} FUNCTION;
DECLARE_LHASH_OF(FUNCTION);
Modified: stable/11/crypto/openssl/apps/progs.pl
==============================================================================
--- stable/11/crypto/openssl/apps/progs.pl Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/progs.pl Thu Nov 2 18:22:53 2017 (r325335)
@@ -6,22 +6,22 @@ print "/* automatically generated by progs.pl for open
grep(s/^asn1pars$/asn1parse/, at ARGV);
foreach (@ARGV)
- { printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+ { printf "extern int %s_main(int argc, char *argv[]);\n",$_; }
print <<'EOF';
-#define FUNC_TYPE_GENERAL 1
-#define FUNC_TYPE_MD 2
-#define FUNC_TYPE_CIPHER 3
-#define FUNC_TYPE_PKEY 4
-#define FUNC_TYPE_MD_ALG 5
-#define FUNC_TYPE_CIPHER_ALG 6
+#define FUNC_TYPE_GENERAL 1
+#define FUNC_TYPE_MD 2
+#define FUNC_TYPE_CIPHER 3
+#define FUNC_TYPE_PKEY 4
+#define FUNC_TYPE_MD_ALG 5
+#define FUNC_TYPE_CIPHER_ALG 6
typedef struct {
- int type;
- const char *name;
- int (*func)(int argc,char *argv[]);
- } FUNCTION;
+ int type;
+ const char *name;
+ int (*func)(int argc, char *argv[]);
+} FUNCTION;
DECLARE_LHASH_OF(FUNCTION);
FUNCTION functions[] = {
@@ -30,7 +30,7 @@ EOF
foreach (@ARGV)
{
push(@files,$_);
- $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
+ $str=" {FUNC_TYPE_GENERAL, \"$_\", ${_}_main},\n";
if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
{ print "#if !defined(OPENSSL_NO_SOCK)\n${str}#endif\n"; }
elsif ( ($_ =~ /^speed$/))
@@ -60,7 +60,7 @@ foreach (@ARGV)
foreach ("md2","md4","md5","sha","sha1","mdc2","rmd160")
{
push(@files,$_);
- printf "#ifndef OPENSSL_NO_".uc($_)."\n\t{FUNC_TYPE_MD,\"".$_."\",dgst_main},\n#endif\n";
+ printf "#ifndef OPENSSL_NO_".uc($_)."\n {FUNC_TYPE_MD, \"".$_."\", dgst_main},\n#endif\n";
}
foreach (
@@ -86,7 +86,7 @@ foreach (
{
push(@files,$_);
- $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
+ $t=sprintf(" {FUNC_TYPE_CIPHER, \"%s\", enc_main},\n",$_);
if ($_ =~ /des/) { $t="#ifndef OPENSSL_NO_DES\n${t}#endif\n"; }
elsif ($_ =~ /aes/) { $t="#ifndef OPENSSL_NO_AES\n${t}#endif\n"; }
elsif ($_ =~ /camellia/) { $t="#ifndef OPENSSL_NO_CAMELLIA\n${t}#endif\n"; }
@@ -101,4 +101,4 @@ foreach (
print $t;
}
-print "\t{0,NULL,NULL}\n\t};\n";
+print " {0, NULL, NULL}\n};\n";
Modified: stable/11/crypto/openssl/apps/req.c
==============================================================================
--- stable/11/crypto/openssl/apps/req.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/req.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -331,7 +331,6 @@ int MAIN(int argc, char **argv)
else if (strcmp(*argv, "-text") == 0)
text = 1;
else if (strcmp(*argv, "-x509") == 0) {
- newreq = 1;
x509 = 1;
} else if (strcmp(*argv, "-asn1-kludge") == 0)
kludge = 1;
@@ -447,6 +446,9 @@ int MAIN(int argc, char **argv)
goto end;
}
+ if (x509 && infile == NULL)
+ newreq = 1;
+
ERR_load_crypto_strings();
if (!app_passwd(bio_err, passargin, passargout, &passin, &passout)) {
BIO_printf(bio_err, "Error getting passwords\n");
@@ -753,7 +755,7 @@ int MAIN(int argc, char **argv)
}
}
- if (newreq) {
+ if (newreq || x509) {
if (pkey == NULL) {
BIO_printf(bio_err, "you need to specify a private key\n");
goto end;
Modified: stable/11/crypto/openssl/apps/s_client.c
==============================================================================
--- stable/11/crypto/openssl/apps/s_client.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/s_client.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -2132,6 +2132,7 @@ int MAIN(int argc, char **argv)
BIO_free(bio_c_msg);
bio_c_msg = NULL;
}
+ SSL_COMP_free_compression_methods();
apps_shutdown();
OPENSSL_EXIT(ret);
}
Modified: stable/11/crypto/openssl/apps/s_server.c
==============================================================================
--- stable/11/crypto/openssl/apps/s_server.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/s_server.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -2132,6 +2132,7 @@ int MAIN(int argc, char *argv[])
BIO_free(bio_s_msg);
bio_s_msg = NULL;
}
+ SSL_COMP_free_compression_methods();
apps_shutdown();
OPENSSL_EXIT(ret);
}
Modified: stable/11/crypto/openssl/apps/srp.c
==============================================================================
--- stable/11/crypto/openssl/apps/srp.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/apps/srp.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -183,10 +183,8 @@ static int update_index(CA_DB *db, BIO *bio, char **ro
return 0;
}
- for (i = 0; i < DB_NUMBER; i++) {
+ for (i = 0; i < DB_NUMBER; i++)
irow[i] = row[i];
- row[i] = NULL;
- }
irow[DB_NUMBER] = NULL;
if (!TXT_DB_insert(db->db, irow)) {
Modified: stable/11/crypto/openssl/appveyor.yml
==============================================================================
--- stable/11/crypto/openssl/appveyor.yml Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/appveyor.yml Thu Nov 2 18:22:53 2017 (r325335)
@@ -50,11 +50,3 @@ build_script:
test_script:
- nmake /f ms\%MAK% test
-
-notifications:
- - provider: Email
- to:
- - openssl-commits at openssl.org
- on_build_success: false
- on_build_failure: true
- on_build_status_changed: true
Modified: stable/11/crypto/openssl/config
==============================================================================
--- stable/11/crypto/openssl/config Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/config Thu Nov 2 18:22:53 2017 (r325335)
@@ -344,6 +344,15 @@ case "${SYSTEM}:${RELEASE}:${VERSION}:${MACHINE}" in
echo "mips-sony-newsos4"; exit 0;
;;
+ # The following combinations are supported
+ # MINGW64* on x86_64 => mingw64
+ # MINGW32* on x86_64 => mingw
+ # MINGW32* on i?86 => mingw
+ #
+ # MINGW64* on i?86 isn't expected to work...
+ MINGW64*:*:*:x86_64)
+ echo "${MACHINE}-whatever-mingw64"; exit 0;
+ ;;
MINGW*)
echo "${MACHINE}-whatever-mingw"; exit 0;
;;
Modified: stable/11/crypto/openssl/crypto/aes/Makefile
==============================================================================
--- stable/11/crypto/openssl/crypto/aes/Makefile Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/aes/Makefile Thu Nov 2 18:22:53 2017 (r325335)
@@ -133,7 +133,7 @@ dclean:
mv -f Makefile.new $(MAKEFILE)
clean:
- rm -f *.s *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ rm -f *.s *.S *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
# DO NOT DELETE THIS LINE -- make depend depends on it.
Modified: stable/11/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl
==============================================================================
--- stable/11/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl Thu Nov 2 18:22:53 2017 (r325335)
@@ -1702,6 +1702,7 @@ $code.=<<___;
mov 240($key),$rounds
sub $in0,$out
movups ($key),$rndkey0 # $key[0]
+ movups ($ivp),$iv # load IV
movups 16($key),$rndkey[0] # forward reference
lea 112($key),$key # size optimization
Modified: stable/11/crypto/openssl/crypto/aes/asm/aesni-sha256-x86_64.pl
==============================================================================
--- stable/11/crypto/openssl/crypto/aes/asm/aesni-sha256-x86_64.pl Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/aes/asm/aesni-sha256-x86_64.pl Thu Nov 2 18:22:53 2017 (r325335)
@@ -1299,6 +1299,7 @@ $code.=<<___;
mov 240($key),$rounds
sub $in0,$out
movups ($key),$rndkey0 # $key[0]
+ movups ($ivp),$iv # load IV
movups 16($key),$rndkey[0] # forward reference
lea 112($key),$key # size optimization
Modified: stable/11/crypto/openssl/crypto/aes/asm/bsaes-armv7.pl
==============================================================================
--- stable/11/crypto/openssl/crypto/aes/asm/bsaes-armv7.pl Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/aes/asm/bsaes-armv7.pl Thu Nov 2 18:22:53 2017 (r325335)
@@ -1333,7 +1333,7 @@ bsaes_cbc_encrypt:
vmov @XMM[4], at XMM[15] @ just in case ensure that IV
vmov @XMM[5], at XMM[0] @ and input are preserved
bl AES_decrypt
- vld1.8 {@XMM[0]}, [$fp,:64] @ load result
+ vld1.8 {@XMM[0]}, [$fp] @ load result
veor @XMM[0], @XMM[0], @XMM[4] @ ^= IV
vmov @XMM[15], @XMM[5] @ @XMM[5] holds input
vst1.8 {@XMM[0]}, [$rounds] @ write output
Modified: stable/11/crypto/openssl/crypto/asn1/a_bitstr.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/a_bitstr.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/a_bitstr.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -114,10 +114,11 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned c
*(p++) = (unsigned char)bits;
d = a->data;
- memcpy(p, d, len);
- p += len;
- if (len > 0)
+ if (len > 0) {
+ memcpy(p, d, len);
+ p += len;
p[-1] &= (0xff << bits);
+ }
*pp = p;
return (ret);
}
Modified: stable/11/crypto/openssl/crypto/asn1/a_digest.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/a_digest.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/a_digest.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -86,8 +86,10 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type,
p = str;
i2d(data, &p);
- if (!EVP_Digest(str, i, md, len, type, NULL))
+ if (!EVP_Digest(str, i, md, len, type, NULL)) {
+ OPENSSL_free(str);
return 0;
+ }
OPENSSL_free(str);
return (1);
}
@@ -104,8 +106,10 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD
if (!str)
return (0);
- if (!EVP_Digest(str, i, md, len, type, NULL))
+ if (!EVP_Digest(str, i, md, len, type, NULL)) {
+ OPENSSL_free(str);
return 0;
+ }
OPENSSL_free(str);
return (1);
}
Modified: stable/11/crypto/openssl/crypto/asn1/a_gentm.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/a_gentm.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/a_gentm.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -202,7 +202,7 @@ int asn1_generalizedtime_to_tm(struct tm *tm, const AS
if (a[o] == 'Z')
o++;
else if ((a[o] == '+') || (a[o] == '-')) {
- int offsign = a[o] == '-' ? -1 : 1, offset = 0;
+ int offsign = a[o] == '-' ? 1 : -1, offset = 0;
o++;
if (o + 4 > l)
goto err;
Modified: stable/11/crypto/openssl/crypto/asn1/a_strnid.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/a_strnid.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/a_strnid.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -192,7 +192,8 @@ static const ASN1_STRING_TABLE tbl_standard[] = {
{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
{NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
- {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
+ {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
+ {NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}
};
static int sk_table_cmp(const ASN1_STRING_TABLE *const *a,
Modified: stable/11/crypto/openssl/crypto/asn1/a_time.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/a_time.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/a_time.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -137,7 +137,7 @@ int ASN1_TIME_check(ASN1_TIME *t)
ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
ASN1_GENERALIZEDTIME **out)
{
- ASN1_GENERALIZEDTIME *ret;
+ ASN1_GENERALIZEDTIME *ret = NULL;
char *str;
int newlen;
@@ -146,22 +146,21 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN
if (!out || !*out) {
if (!(ret = ASN1_GENERALIZEDTIME_new()))
- return NULL;
- if (out)
- *out = ret;
- } else
+ goto err;
+ } else {
ret = *out;
+ }
/* If already GeneralizedTime just copy across */
if (t->type == V_ASN1_GENERALIZEDTIME) {
if (!ASN1_STRING_set(ret, t->data, t->length))
- return NULL;
- return ret;
+ goto err;
+ goto done;
}
/* grow the string */
if (!ASN1_STRING_set(ret, NULL, t->length + 2))
- return NULL;
+ goto err;
/* ASN1_STRING_set() allocated 'len + 1' bytes. */
newlen = t->length + 2 + 1;
str = (char *)ret->data;
@@ -173,8 +172,17 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN
BUF_strlcat(str, (char *)t->data, newlen);
- return ret;
+ done:
+ if (out != NULL && *out == NULL)
+ *out = ret;
+ return ret;
+
+ err:
+ if (out == NULL || *out != ret)
+ ASN1_GENERALIZEDTIME_free(ret);
+ return NULL;
}
+
int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
{
Modified: stable/11/crypto/openssl/crypto/asn1/a_utctm.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/a_utctm.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/a_utctm.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -172,7 +172,7 @@ int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTI
if (a[o] == 'Z')
o++;
else if ((a[o] == '+') || (a[o] == '-')) {
- int offsign = a[o] == '-' ? -1 : 1, offset = 0;
+ int offsign = a[o] == '-' ? 1 : -1, offset = 0;
o++;
if (o + 4 > l)
goto err;
Modified: stable/11/crypto/openssl/crypto/asn1/f_enum.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/f_enum.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/f_enum.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -138,7 +138,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs,
bufp = (unsigned char *)buf;
if (first) {
first = 0;
- if ((bufp[0] == '0') && (buf[1] == '0')) {
+ if ((bufp[0] == '0') && (bufp[1] == '0')) {
bufp += 2;
i -= 2;
}
Modified: stable/11/crypto/openssl/crypto/asn1/f_int.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/f_int.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/f_int.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -152,7 +152,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *
bufp = (unsigned char *)buf;
if (first) {
first = 0;
- if ((bufp[0] == '0') && (buf[1] == '0')) {
+ if ((bufp[0] == '0') && (bufp[1] == '0')) {
bufp += 2;
i -= 2;
}
Modified: stable/11/crypto/openssl/crypto/asn1/tasn_dec.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/tasn_dec.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/tasn_dec.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -673,6 +673,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
}
len -= p - q;
if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, skfield)) {
+ ASN1_item_ex_free(&skfield, ASN1_ITEM_ptr(tt->item));
ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ERR_R_MALLOC_FAILURE);
goto err;
}
Modified: stable/11/crypto/openssl/crypto/asn1/tasn_new.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/tasn_new.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/tasn_new.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -158,7 +158,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval,
}
asn1_set_choice_selector(pval, -1, it);
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
- goto auxerr;
+ goto auxerr2;
break;
case ASN1_ITYPE_NDEF_SEQUENCE:
@@ -186,10 +186,10 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval,
for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
pseqval = asn1_get_field_ptr(pval, tt);
if (!ASN1_template_new(pseqval, tt))
- goto memerr;
+ goto memerr2;
}
if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
- goto auxerr;
+ goto auxerr2;
break;
}
#ifdef CRYPTO_MDEBUG
@@ -198,6 +198,8 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval,
#endif
return 1;
+ memerr2:
+ ASN1_item_ex_free(pval, it);
memerr:
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
#ifdef CRYPTO_MDEBUG
@@ -206,9 +208,10 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval,
#endif
return 0;
+ auxerr2:
+ ASN1_item_ex_free(pval, it);
auxerr:
ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
- ASN1_item_ex_free(pval, it);
#ifdef CRYPTO_MDEBUG
if (it->sname)
CRYPTO_pop_info();
Modified: stable/11/crypto/openssl/crypto/asn1/x_long.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/x_long.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/x_long.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -126,7 +126,7 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *
* set.
*/
if (ltmp < 0)
- utmp = -ltmp - 1;
+ utmp = 0 - (unsigned long)ltmp - 1;
else
utmp = ltmp;
clen = BN_num_bits_word(utmp);
@@ -155,19 +155,41 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *
static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
int utype, char *free_cont, const ASN1_ITEM *it)
{
- int neg, i;
+ int neg = -1, i;
long ltmp;
unsigned long utmp = 0;
char *cp = (char *)pval;
+
+ if (len) {
+ /*
+ * Check possible pad byte. Worst case, we're skipping past actual
+ * content, but since that's only with 0x00 and 0xff and we set neg
+ * accordingly, the result will be correct in the end anyway.
+ */
+ switch (cont[0]) {
+ case 0xff:
+ cont++;
+ len--;
+ neg = 1;
+ break;
+ case 0:
+ cont++;
+ len--;
+ neg = 0;
+ break;
+ }
+ }
if (len > (int)sizeof(long)) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
return 0;
}
- /* Is it negative? */
- if (len && (cont[0] & 0x80))
- neg = 1;
- else
- neg = 0;
+ if (neg == -1) {
+ /* Is it negative? */
+ if (len && (cont[0] & 0x80))
+ neg = 1;
+ else
+ neg = 0;
+ }
utmp = 0;
for (i = 0; i < len; i++) {
utmp <<= 8;
@@ -178,8 +200,8 @@ static int long_c2i(ASN1_VALUE **pval, const unsigned
}
ltmp = (long)utmp;
if (neg) {
- ltmp++;
ltmp = -ltmp;
+ ltmp--;
}
if (ltmp == it->size) {
ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
Modified: stable/11/crypto/openssl/crypto/asn1/x_name.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/x_name.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/asn1/x_name.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -178,6 +178,16 @@ static void x509_name_ex_free(ASN1_VALUE **pval, const
*pval = NULL;
}
+static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+ sk_X509_NAME_ENTRY_free(ne);
+}
+
+static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
+{
+ sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
+}
+
static int x509_name_ex_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_ITEM *it, int tag, int aclass,
@@ -228,13 +238,14 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
entry->set = i;
if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
goto err;
+ sk_X509_NAME_ENTRY_set(entries, j, NULL);
}
- sk_X509_NAME_ENTRY_free(entries);
}
- sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
ret = x509_name_canon(nm.x);
if (!ret)
goto err;
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+ local_sk_X509_NAME_ENTRY_free);
nm.x->modified = 0;
*val = nm.a;
*in = p;
@@ -242,6 +253,8 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
err:
if (nm.x != NULL)
X509_NAME_free(nm.x);
+ sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
+ local_sk_X509_NAME_ENTRY_pop_free);
ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
return 0;
}
@@ -267,16 +280,6 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned
return ret;
}
-static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
- sk_X509_NAME_ENTRY_free(ne);
-}
-
-static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
-{
- sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
-}
-
static int x509_name_encode(X509_NAME *a)
{
union {
@@ -299,8 +302,10 @@ static int x509_name_encode(X509_NAME *a)
entries = sk_X509_NAME_ENTRY_new_null();
if (!entries)
goto memerr;
- if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries))
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s, entries)) {
+ sk_X509_NAME_ENTRY_free(entries);
goto memerr;
+ }
set = entry->set;
}
if (!sk_X509_NAME_ENTRY_push(entries, entry))
@@ -370,8 +375,10 @@ static int x509_name_canon(X509_NAME *a)
entries = sk_X509_NAME_ENTRY_new_null();
if (!entries)
goto err;
- if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
+ if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) {
+ sk_X509_NAME_ENTRY_free(entries);
goto err;
+ }
set = entry->set;
}
tmpentry = X509_NAME_ENTRY_new();
Modified: stable/11/crypto/openssl/crypto/bio/b_print.c
==============================================================================
--- stable/11/crypto/openssl/crypto/bio/b_print.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/bio/b_print.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -502,7 +502,7 @@ fmtint(char **sbuffer,
if (!(flags & DP_F_UNSIGNED)) {
if (value < 0) {
signvalue = '-';
- uvalue = -value;
+ uvalue = -(unsigned LLONG)value;
} else if (flags & DP_F_PLUS)
signvalue = '+';
else if (flags & DP_F_SPACE)
Modified: stable/11/crypto/openssl/crypto/bio/bio_cb.c
==============================================================================
--- stable/11/crypto/openssl/crypto/bio/bio_cb.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/bio/bio_cb.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -78,6 +78,9 @@ long MS_CALLBACK BIO_debug_callback(BIO *bio, int cmd,
len = BIO_snprintf(buf,sizeof buf,"BIO[%p]: ",(void *)bio);
+ /* Ignore errors and continue printing the other information. */
+ if (len < 0)
+ len = 0;
p = buf + len;
p_maxlen = sizeof(buf) - len;
Modified: stable/11/crypto/openssl/crypto/bio/bss_file.c
==============================================================================
--- stable/11/crypto/openssl/crypto/bio/bss_file.c Thu Nov 2 18:20:05 2017 (r325334)
+++ stable/11/crypto/openssl/crypto/bio/bss_file.c Thu Nov 2 18:22:53 2017 (r325335)
@@ -251,7 +251,7 @@ static int MS_CALLBACK file_read(BIO *b, char *out, in
ret = fread(out, 1, (int)outl, (FILE *)b->ptr);
if (ret == 0
&& (b->flags & BIO_FLAGS_UPLINK) ? UP_ferror((FILE *)b->ptr) :
- ferror((FILE *)b->ptr)) {
+ ferror((FILE *)b->ptr)) {
SYSerr(SYS_F_FREAD, get_last_sys_error());
BIOerr(BIO_F_FILE_READ, ERR_R_SYS_LIB);
ret = -1;
@@ -287,6 +287,7 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, lon
FILE *fp = (FILE *)b->ptr;
FILE **fpp;
char p[4];
+ int st;
switch (cmd) {
case BIO_C_FILE_SEEK:
@@ -318,8 +319,11 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, lon
# if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES)
# define _IOB_ENTRIES 20
# endif
-# if defined(_IOB_ENTRIES)
/* Safety net to catch purely internal BIO_set_fp calls */
+# if defined(_MSC_VER) && _MSC_VER>=1900
+ if (ptr == stdin || ptr == stdout || ptr == stderr)
+ BIO_clear_flags(b, BIO_FLAGS_UPLINK);
+# elif defined(_IOB_ENTRIES)
if ((size_t)ptr >= (size_t)stdin &&
(size_t)ptr < (size_t)(stdin + _IOB_ENTRIES))
BIO_clear_flags(b, BIO_FLAGS_UPLINK);
@@ -424,10 +428,14 @@ static long MS_CALLBACK file_ctrl(BIO *b, int cmd, lon
b->shutdown = (int)num;
break;
case BIO_CTRL_FLUSH:
- if (b->flags & BIO_FLAGS_UPLINK)
- UP_fflush(b->ptr);
- else
- fflush((FILE *)b->ptr);
+ st = b->flags & BIO_FLAGS_UPLINK
+ ? UP_fflush(b->ptr) : fflush((FILE *)b->ptr);
+ if (st == EOF) {
+ SYSerr(SYS_F_FFLUSH, get_last_sys_error());
+ ERR_add_error_data(1, "fflush()");
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-stable-11
mailing list