svn commit: r269687 - in stable: 8/crypto/openssl 8/crypto/openssl/apps 8/crypto/openssl/crypto 8/crypto/openssl/crypto/asn1 8/crypto/openssl/crypto/bio 8/crypto/openssl/crypto/bn 8/crypto/openssl/...
Jung-uk Kim
jkim at FreeBSD.org
Thu Aug 7 21:06:49 UTC 2014
Author: jkim
Date: Thu Aug 7 21:06:34 2014
New Revision: 269687
URL: http://svnweb.freebsd.org/changeset/base/269687
Log:
Merge OpenSSL 0.9.8zb.
Added:
stable/9/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
- copied unchanged from r269672, vendor-crypto/openssl/dist-0.9.8/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
stable/9/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 (contents, props changed)
Deleted:
stable/9/crypto/openssl/crypto/pkcs7/bio_ber.c
stable/9/crypto/openssl/crypto/pkcs7/dec.c
stable/9/crypto/openssl/crypto/pkcs7/des.pem
stable/9/crypto/openssl/crypto/pkcs7/doc
stable/9/crypto/openssl/crypto/pkcs7/enc.c
stable/9/crypto/openssl/crypto/pkcs7/es1.pem
stable/9/crypto/openssl/crypto/pkcs7/example.c
stable/9/crypto/openssl/crypto/pkcs7/example.h
stable/9/crypto/openssl/crypto/pkcs7/info.pem
stable/9/crypto/openssl/crypto/pkcs7/infokey.pem
stable/9/crypto/openssl/crypto/pkcs7/p7/
stable/9/crypto/openssl/crypto/pkcs7/server.pem
stable/9/crypto/openssl/crypto/pkcs7/sign.c
stable/9/crypto/openssl/crypto/pkcs7/t/
stable/9/crypto/openssl/crypto/pkcs7/verify.c
stable/9/crypto/openssl/demos/eay/
stable/9/crypto/openssl/demos/maurice/
Modified:
stable/9/crypto/openssl/CHANGES
stable/9/crypto/openssl/FAQ
stable/9/crypto/openssl/Makefile
stable/9/crypto/openssl/NEWS
stable/9/crypto/openssl/README
stable/9/crypto/openssl/apps/apps.c
stable/9/crypto/openssl/apps/ca.c
stable/9/crypto/openssl/apps/crl2p7.c
stable/9/crypto/openssl/apps/ocsp.c
stable/9/crypto/openssl/apps/s_server.c
stable/9/crypto/openssl/apps/speed.c
stable/9/crypto/openssl/crypto/asn1/a_object.c
stable/9/crypto/openssl/crypto/asn1/asn1_lib.c
stable/9/crypto/openssl/crypto/asn1/asn_mime.c
stable/9/crypto/openssl/crypto/asn1/asn_pack.c
stable/9/crypto/openssl/crypto/asn1/evp_asn1.c
stable/9/crypto/openssl/crypto/asn1/t_x509.c
stable/9/crypto/openssl/crypto/asn1/tasn_enc.c
stable/9/crypto/openssl/crypto/bio/bio_lib.c
stable/9/crypto/openssl/crypto/bn/bn_gf2m.c
stable/9/crypto/openssl/crypto/bn/bn_lib.c
stable/9/crypto/openssl/crypto/bn/bn_sqr.c
stable/9/crypto/openssl/crypto/conf/conf_api.c
stable/9/crypto/openssl/crypto/conf/conf_def.c
stable/9/crypto/openssl/crypto/ec/ec_lib.c
stable/9/crypto/openssl/crypto/ec/ecp_smpl.c
stable/9/crypto/openssl/crypto/idea/ideatest.c
stable/9/crypto/openssl/crypto/objects/obj_dat.c
stable/9/crypto/openssl/crypto/ocsp/ocsp_ht.c
stable/9/crypto/openssl/crypto/ocsp/ocsp_lib.c
stable/9/crypto/openssl/crypto/opensslv.h
stable/9/crypto/openssl/crypto/pkcs7/Makefile
stable/9/crypto/openssl/crypto/rsa/rsa_eay.c
stable/9/crypto/openssl/crypto/ui/ui_lib.c
stable/9/crypto/openssl/doc/apps/asn1parse.pod
stable/9/crypto/openssl/doc/apps/ca.pod
stable/9/crypto/openssl/doc/apps/crl.pod
stable/9/crypto/openssl/doc/apps/dhparam.pod
stable/9/crypto/openssl/doc/apps/dsa.pod
stable/9/crypto/openssl/doc/apps/ecparam.pod
stable/9/crypto/openssl/doc/apps/gendsa.pod
stable/9/crypto/openssl/doc/apps/genrsa.pod
stable/9/crypto/openssl/doc/apps/rsa.pod
stable/9/crypto/openssl/doc/apps/s_client.pod
stable/9/crypto/openssl/doc/apps/s_server.pod
stable/9/crypto/openssl/doc/apps/verify.pod
stable/9/crypto/openssl/doc/apps/x509.pod
stable/9/crypto/openssl/doc/apps/x509v3_config.pod
stable/9/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod
stable/9/crypto/openssl/doc/crypto/BIO_f_base64.pod
stable/9/crypto/openssl/doc/crypto/BIO_push.pod
stable/9/crypto/openssl/doc/crypto/ERR_get_error.pod
stable/9/crypto/openssl/doc/crypto/RSA_set_method.pod
stable/9/crypto/openssl/doc/crypto/RSA_sign.pod
stable/9/crypto/openssl/doc/crypto/des.pod
stable/9/crypto/openssl/doc/crypto/err.pod
stable/9/crypto/openssl/doc/crypto/pem.pod
stable/9/crypto/openssl/doc/crypto/ui.pod
stable/9/crypto/openssl/doc/fingerprints.txt
stable/9/crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod
stable/9/crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
stable/9/crypto/openssl/doc/ssl/SSL_CTX_add_session.pod
stable/9/crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod
stable/9/crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod
stable/9/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod
stable/9/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
stable/9/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod
stable/9/crypto/openssl/doc/ssl/SSL_get_version.pod
stable/9/crypto/openssl/doc/ssl/SSL_shutdown.pod
stable/9/crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod
stable/9/crypto/openssl/openssl.spec
stable/9/crypto/openssl/ssl/d1_both.c
stable/9/crypto/openssl/ssl/d1_clnt.c
stable/9/crypto/openssl/ssl/d1_srvr.c
stable/9/crypto/openssl/ssl/s23_lib.c
stable/9/crypto/openssl/ssl/s23_srvr.c
stable/9/crypto/openssl/ssl/s3_clnt.c
stable/9/crypto/openssl/ssl/s3_pkt.c
stable/9/crypto/openssl/ssl/s3_srvr.c
stable/9/crypto/openssl/ssl/ssl_ciph.c
stable/9/crypto/openssl/ssl/ssl_stat.c
stable/9/crypto/openssl/ssl/t1_lib.c
stable/9/crypto/openssl/util/mkerr.pl
stable/9/secure/lib/libcrypto/Makefile
stable/9/secure/lib/libcrypto/Makefile.inc
stable/9/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
stable/9/secure/lib/libcrypto/man/ASN1_STRING_length.3
stable/9/secure/lib/libcrypto/man/ASN1_STRING_new.3
stable/9/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
stable/9/secure/lib/libcrypto/man/ASN1_generate_nconf.3
stable/9/secure/lib/libcrypto/man/BIO_ctrl.3
stable/9/secure/lib/libcrypto/man/BIO_f_base64.3
stable/9/secure/lib/libcrypto/man/BIO_f_buffer.3
stable/9/secure/lib/libcrypto/man/BIO_f_cipher.3
stable/9/secure/lib/libcrypto/man/BIO_f_md.3
stable/9/secure/lib/libcrypto/man/BIO_f_null.3
stable/9/secure/lib/libcrypto/man/BIO_f_ssl.3
stable/9/secure/lib/libcrypto/man/BIO_find_type.3
stable/9/secure/lib/libcrypto/man/BIO_new.3
stable/9/secure/lib/libcrypto/man/BIO_push.3
stable/9/secure/lib/libcrypto/man/BIO_read.3
stable/9/secure/lib/libcrypto/man/BIO_s_accept.3
stable/9/secure/lib/libcrypto/man/BIO_s_bio.3
stable/9/secure/lib/libcrypto/man/BIO_s_connect.3
stable/9/secure/lib/libcrypto/man/BIO_s_fd.3
stable/9/secure/lib/libcrypto/man/BIO_s_file.3
stable/9/secure/lib/libcrypto/man/BIO_s_mem.3
stable/9/secure/lib/libcrypto/man/BIO_s_null.3
stable/9/secure/lib/libcrypto/man/BIO_s_socket.3
stable/9/secure/lib/libcrypto/man/BIO_set_callback.3
stable/9/secure/lib/libcrypto/man/BIO_should_retry.3
stable/9/secure/lib/libcrypto/man/BN_BLINDING_new.3
stable/9/secure/lib/libcrypto/man/BN_CTX_new.3
stable/9/secure/lib/libcrypto/man/BN_CTX_start.3
stable/9/secure/lib/libcrypto/man/BN_add.3
stable/9/secure/lib/libcrypto/man/BN_add_word.3
stable/9/secure/lib/libcrypto/man/BN_bn2bin.3
stable/9/secure/lib/libcrypto/man/BN_cmp.3
stable/9/secure/lib/libcrypto/man/BN_copy.3
stable/9/secure/lib/libcrypto/man/BN_generate_prime.3
stable/9/secure/lib/libcrypto/man/BN_mod_inverse.3
stable/9/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
stable/9/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
stable/9/secure/lib/libcrypto/man/BN_new.3
stable/9/secure/lib/libcrypto/man/BN_num_bytes.3
stable/9/secure/lib/libcrypto/man/BN_rand.3
stable/9/secure/lib/libcrypto/man/BN_set_bit.3
stable/9/secure/lib/libcrypto/man/BN_swap.3
stable/9/secure/lib/libcrypto/man/BN_zero.3
stable/9/secure/lib/libcrypto/man/CONF_modules_free.3
stable/9/secure/lib/libcrypto/man/CONF_modules_load_file.3
stable/9/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
stable/9/secure/lib/libcrypto/man/DH_generate_key.3
stable/9/secure/lib/libcrypto/man/DH_generate_parameters.3
stable/9/secure/lib/libcrypto/man/DH_get_ex_new_index.3
stable/9/secure/lib/libcrypto/man/DH_new.3
stable/9/secure/lib/libcrypto/man/DH_set_method.3
stable/9/secure/lib/libcrypto/man/DH_size.3
stable/9/secure/lib/libcrypto/man/DSA_SIG_new.3
stable/9/secure/lib/libcrypto/man/DSA_do_sign.3
stable/9/secure/lib/libcrypto/man/DSA_dup_DH.3
stable/9/secure/lib/libcrypto/man/DSA_generate_key.3
stable/9/secure/lib/libcrypto/man/DSA_generate_parameters.3
stable/9/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
stable/9/secure/lib/libcrypto/man/DSA_new.3
stable/9/secure/lib/libcrypto/man/DSA_set_method.3
stable/9/secure/lib/libcrypto/man/DSA_sign.3
stable/9/secure/lib/libcrypto/man/DSA_size.3
stable/9/secure/lib/libcrypto/man/ERR_GET_LIB.3
stable/9/secure/lib/libcrypto/man/ERR_clear_error.3
stable/9/secure/lib/libcrypto/man/ERR_error_string.3
stable/9/secure/lib/libcrypto/man/ERR_get_error.3
stable/9/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
stable/9/secure/lib/libcrypto/man/ERR_load_strings.3
stable/9/secure/lib/libcrypto/man/ERR_print_errors.3
stable/9/secure/lib/libcrypto/man/ERR_put_error.3
stable/9/secure/lib/libcrypto/man/ERR_remove_state.3
stable/9/secure/lib/libcrypto/man/ERR_set_mark.3
stable/9/secure/lib/libcrypto/man/EVP_BytesToKey.3
stable/9/secure/lib/libcrypto/man/EVP_DigestInit.3
stable/9/secure/lib/libcrypto/man/EVP_EncryptInit.3
stable/9/secure/lib/libcrypto/man/EVP_OpenInit.3
stable/9/secure/lib/libcrypto/man/EVP_PKEY_new.3
stable/9/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
stable/9/secure/lib/libcrypto/man/EVP_SealInit.3
stable/9/secure/lib/libcrypto/man/EVP_SignInit.3
stable/9/secure/lib/libcrypto/man/EVP_VerifyInit.3
stable/9/secure/lib/libcrypto/man/OBJ_nid2obj.3
stable/9/secure/lib/libcrypto/man/OPENSSL_Applink.3
stable/9/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
stable/9/secure/lib/libcrypto/man/OPENSSL_config.3
stable/9/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
stable/9/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
stable/9/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
stable/9/secure/lib/libcrypto/man/PKCS12_create.3
stable/9/secure/lib/libcrypto/man/PKCS12_parse.3
stable/9/secure/lib/libcrypto/man/PKCS7_decrypt.3
stable/9/secure/lib/libcrypto/man/PKCS7_encrypt.3
stable/9/secure/lib/libcrypto/man/PKCS7_sign.3
stable/9/secure/lib/libcrypto/man/PKCS7_verify.3
stable/9/secure/lib/libcrypto/man/RAND_add.3
stable/9/secure/lib/libcrypto/man/RAND_bytes.3
stable/9/secure/lib/libcrypto/man/RAND_cleanup.3
stable/9/secure/lib/libcrypto/man/RAND_egd.3
stable/9/secure/lib/libcrypto/man/RAND_load_file.3
stable/9/secure/lib/libcrypto/man/RAND_set_rand_method.3
stable/9/secure/lib/libcrypto/man/RSA_blinding_on.3
stable/9/secure/lib/libcrypto/man/RSA_check_key.3
stable/9/secure/lib/libcrypto/man/RSA_generate_key.3
stable/9/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
stable/9/secure/lib/libcrypto/man/RSA_new.3
stable/9/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
stable/9/secure/lib/libcrypto/man/RSA_print.3
stable/9/secure/lib/libcrypto/man/RSA_private_encrypt.3
stable/9/secure/lib/libcrypto/man/RSA_public_encrypt.3
stable/9/secure/lib/libcrypto/man/RSA_set_method.3
stable/9/secure/lib/libcrypto/man/RSA_sign.3
stable/9/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
stable/9/secure/lib/libcrypto/man/RSA_size.3
stable/9/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
stable/9/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
stable/9/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
stable/9/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
stable/9/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
stable/9/secure/lib/libcrypto/man/X509_NAME_print_ex.3
stable/9/secure/lib/libcrypto/man/X509_new.3
stable/9/secure/lib/libcrypto/man/bio.3
stable/9/secure/lib/libcrypto/man/blowfish.3
stable/9/secure/lib/libcrypto/man/bn.3
stable/9/secure/lib/libcrypto/man/bn_internal.3
stable/9/secure/lib/libcrypto/man/buffer.3
stable/9/secure/lib/libcrypto/man/crypto.3
stable/9/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
stable/9/secure/lib/libcrypto/man/d2i_DHparams.3
stable/9/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
stable/9/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
stable/9/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
stable/9/secure/lib/libcrypto/man/d2i_X509.3
stable/9/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
stable/9/secure/lib/libcrypto/man/d2i_X509_CRL.3
stable/9/secure/lib/libcrypto/man/d2i_X509_NAME.3
stable/9/secure/lib/libcrypto/man/d2i_X509_REQ.3
stable/9/secure/lib/libcrypto/man/d2i_X509_SIG.3
stable/9/secure/lib/libcrypto/man/des.3
stable/9/secure/lib/libcrypto/man/dh.3
stable/9/secure/lib/libcrypto/man/dsa.3
stable/9/secure/lib/libcrypto/man/ecdsa.3
stable/9/secure/lib/libcrypto/man/engine.3
stable/9/secure/lib/libcrypto/man/err.3
stable/9/secure/lib/libcrypto/man/evp.3
stable/9/secure/lib/libcrypto/man/hmac.3
stable/9/secure/lib/libcrypto/man/lh_stats.3
stable/9/secure/lib/libcrypto/man/lhash.3
stable/9/secure/lib/libcrypto/man/md5.3
stable/9/secure/lib/libcrypto/man/mdc2.3
stable/9/secure/lib/libcrypto/man/pem.3
stable/9/secure/lib/libcrypto/man/rand.3
stable/9/secure/lib/libcrypto/man/rc4.3
stable/9/secure/lib/libcrypto/man/ripemd.3
stable/9/secure/lib/libcrypto/man/rsa.3
stable/9/secure/lib/libcrypto/man/sha.3
stable/9/secure/lib/libcrypto/man/threads.3
stable/9/secure/lib/libcrypto/man/ui.3
stable/9/secure/lib/libcrypto/man/ui_compat.3
stable/9/secure/lib/libcrypto/man/x509.3
stable/9/secure/lib/libssl/Makefile.man
stable/9/secure/lib/libssl/man/SSL_CIPHER_get_name.3
stable/9/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
stable/9/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
stable/9/secure/lib/libssl/man/SSL_CTX_add_session.3
stable/9/secure/lib/libssl/man/SSL_CTX_ctrl.3
stable/9/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
stable/9/secure/lib/libssl/man/SSL_CTX_free.3
stable/9/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
stable/9/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
stable/9/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
stable/9/secure/lib/libssl/man/SSL_CTX_new.3
stable/9/secure/lib/libssl/man/SSL_CTX_sess_number.3
stable/9/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
stable/9/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
stable/9/secure/lib/libssl/man/SSL_CTX_sessions.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_mode.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_options.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_timeout.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
stable/9/secure/lib/libssl/man/SSL_CTX_set_verify.3
stable/9/secure/lib/libssl/man/SSL_CTX_use_certificate.3
stable/9/secure/lib/libssl/man/SSL_SESSION_free.3
stable/9/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
stable/9/secure/lib/libssl/man/SSL_SESSION_get_time.3
stable/9/secure/lib/libssl/man/SSL_accept.3
stable/9/secure/lib/libssl/man/SSL_alert_type_string.3
stable/9/secure/lib/libssl/man/SSL_clear.3
stable/9/secure/lib/libssl/man/SSL_connect.3
stable/9/secure/lib/libssl/man/SSL_do_handshake.3
stable/9/secure/lib/libssl/man/SSL_free.3
stable/9/secure/lib/libssl/man/SSL_get_SSL_CTX.3
stable/9/secure/lib/libssl/man/SSL_get_ciphers.3
stable/9/secure/lib/libssl/man/SSL_get_client_CA_list.3
stable/9/secure/lib/libssl/man/SSL_get_current_cipher.3
stable/9/secure/lib/libssl/man/SSL_get_default_timeout.3
stable/9/secure/lib/libssl/man/SSL_get_error.3
stable/9/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
stable/9/secure/lib/libssl/man/SSL_get_ex_new_index.3
stable/9/secure/lib/libssl/man/SSL_get_fd.3
stable/9/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
stable/9/secure/lib/libssl/man/SSL_get_peer_certificate.3
stable/9/secure/lib/libssl/man/SSL_get_rbio.3
stable/9/secure/lib/libssl/man/SSL_get_session.3
stable/9/secure/lib/libssl/man/SSL_get_verify_result.3
stable/9/secure/lib/libssl/man/SSL_get_version.3
stable/9/secure/lib/libssl/man/SSL_library_init.3
stable/9/secure/lib/libssl/man/SSL_load_client_CA_file.3
stable/9/secure/lib/libssl/man/SSL_new.3
stable/9/secure/lib/libssl/man/SSL_pending.3
stable/9/secure/lib/libssl/man/SSL_read.3
stable/9/secure/lib/libssl/man/SSL_rstate_string.3
stable/9/secure/lib/libssl/man/SSL_session_reused.3
stable/9/secure/lib/libssl/man/SSL_set_bio.3
stable/9/secure/lib/libssl/man/SSL_set_connect_state.3
stable/9/secure/lib/libssl/man/SSL_set_fd.3
stable/9/secure/lib/libssl/man/SSL_set_session.3
stable/9/secure/lib/libssl/man/SSL_set_shutdown.3
stable/9/secure/lib/libssl/man/SSL_set_verify_result.3
stable/9/secure/lib/libssl/man/SSL_shutdown.3
stable/9/secure/lib/libssl/man/SSL_state_string.3
stable/9/secure/lib/libssl/man/SSL_want.3
stable/9/secure/lib/libssl/man/SSL_write.3
stable/9/secure/lib/libssl/man/d2i_SSL_SESSION.3
stable/9/secure/lib/libssl/man/ssl.3
stable/9/secure/usr.bin/openssl/man/CA.pl.1
stable/9/secure/usr.bin/openssl/man/asn1parse.1
stable/9/secure/usr.bin/openssl/man/ca.1
stable/9/secure/usr.bin/openssl/man/ciphers.1
stable/9/secure/usr.bin/openssl/man/crl.1
stable/9/secure/usr.bin/openssl/man/crl2pkcs7.1
stable/9/secure/usr.bin/openssl/man/dgst.1
stable/9/secure/usr.bin/openssl/man/dhparam.1
stable/9/secure/usr.bin/openssl/man/dsa.1
stable/9/secure/usr.bin/openssl/man/dsaparam.1
stable/9/secure/usr.bin/openssl/man/ec.1
stable/9/secure/usr.bin/openssl/man/ecparam.1
stable/9/secure/usr.bin/openssl/man/enc.1
stable/9/secure/usr.bin/openssl/man/errstr.1
stable/9/secure/usr.bin/openssl/man/gendsa.1
stable/9/secure/usr.bin/openssl/man/genrsa.1
stable/9/secure/usr.bin/openssl/man/nseq.1
stable/9/secure/usr.bin/openssl/man/ocsp.1
stable/9/secure/usr.bin/openssl/man/openssl.1
stable/9/secure/usr.bin/openssl/man/passwd.1
stable/9/secure/usr.bin/openssl/man/pkcs12.1
stable/9/secure/usr.bin/openssl/man/pkcs7.1
stable/9/secure/usr.bin/openssl/man/pkcs8.1
stable/9/secure/usr.bin/openssl/man/rand.1
stable/9/secure/usr.bin/openssl/man/req.1
stable/9/secure/usr.bin/openssl/man/rsa.1
stable/9/secure/usr.bin/openssl/man/rsautl.1
stable/9/secure/usr.bin/openssl/man/s_client.1
stable/9/secure/usr.bin/openssl/man/s_server.1
stable/9/secure/usr.bin/openssl/man/s_time.1
stable/9/secure/usr.bin/openssl/man/sess_id.1
stable/9/secure/usr.bin/openssl/man/smime.1
stable/9/secure/usr.bin/openssl/man/speed.1
stable/9/secure/usr.bin/openssl/man/spkac.1
stable/9/secure/usr.bin/openssl/man/verify.1
stable/9/secure/usr.bin/openssl/man/version.1
stable/9/secure/usr.bin/openssl/man/x509.1
stable/9/secure/usr.bin/openssl/man/x509v3_config.1
Directory Properties:
stable/9/crypto/openssl/ (props changed)
Changes in other areas also in this revision:
Added:
stable/8/crypto/openssl/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
- copied unchanged from r269672, vendor-crypto/openssl/dist-0.9.8/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
stable/8/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 (contents, props changed)
Deleted:
stable/8/crypto/openssl/crypto/pkcs7/bio_ber.c
stable/8/crypto/openssl/crypto/pkcs7/dec.c
stable/8/crypto/openssl/crypto/pkcs7/des.pem
stable/8/crypto/openssl/crypto/pkcs7/doc
stable/8/crypto/openssl/crypto/pkcs7/enc.c
stable/8/crypto/openssl/crypto/pkcs7/es1.pem
stable/8/crypto/openssl/crypto/pkcs7/example.c
stable/8/crypto/openssl/crypto/pkcs7/example.h
stable/8/crypto/openssl/crypto/pkcs7/info.pem
stable/8/crypto/openssl/crypto/pkcs7/infokey.pem
stable/8/crypto/openssl/crypto/pkcs7/p7/
stable/8/crypto/openssl/crypto/pkcs7/server.pem
stable/8/crypto/openssl/crypto/pkcs7/sign.c
stable/8/crypto/openssl/crypto/pkcs7/t/
stable/8/crypto/openssl/crypto/pkcs7/verify.c
stable/8/crypto/openssl/demos/eay/
stable/8/crypto/openssl/demos/maurice/
Modified:
stable/8/crypto/openssl/CHANGES
stable/8/crypto/openssl/FAQ
stable/8/crypto/openssl/Makefile
stable/8/crypto/openssl/NEWS
stable/8/crypto/openssl/README
stable/8/crypto/openssl/apps/apps.c
stable/8/crypto/openssl/apps/ca.c
stable/8/crypto/openssl/apps/crl2p7.c
stable/8/crypto/openssl/apps/ocsp.c
stable/8/crypto/openssl/apps/s_server.c
stable/8/crypto/openssl/apps/speed.c
stable/8/crypto/openssl/crypto/asn1/a_object.c
stable/8/crypto/openssl/crypto/asn1/asn1_lib.c
stable/8/crypto/openssl/crypto/asn1/asn_mime.c
stable/8/crypto/openssl/crypto/asn1/asn_pack.c
stable/8/crypto/openssl/crypto/asn1/evp_asn1.c
stable/8/crypto/openssl/crypto/asn1/t_x509.c
stable/8/crypto/openssl/crypto/asn1/tasn_enc.c
stable/8/crypto/openssl/crypto/bio/bio_lib.c
stable/8/crypto/openssl/crypto/bn/bn_gf2m.c
stable/8/crypto/openssl/crypto/bn/bn_lib.c
stable/8/crypto/openssl/crypto/bn/bn_sqr.c
stable/8/crypto/openssl/crypto/conf/conf_api.c
stable/8/crypto/openssl/crypto/conf/conf_def.c
stable/8/crypto/openssl/crypto/ec/ec_lib.c
stable/8/crypto/openssl/crypto/ec/ecp_smpl.c
stable/8/crypto/openssl/crypto/idea/ideatest.c
stable/8/crypto/openssl/crypto/objects/obj_dat.c
stable/8/crypto/openssl/crypto/ocsp/ocsp_ht.c
stable/8/crypto/openssl/crypto/ocsp/ocsp_lib.c
stable/8/crypto/openssl/crypto/opensslv.h
stable/8/crypto/openssl/crypto/pkcs7/Makefile
stable/8/crypto/openssl/crypto/rsa/rsa_eay.c
stable/8/crypto/openssl/crypto/ui/ui_lib.c
stable/8/crypto/openssl/doc/apps/asn1parse.pod
stable/8/crypto/openssl/doc/apps/ca.pod
stable/8/crypto/openssl/doc/apps/crl.pod
stable/8/crypto/openssl/doc/apps/dhparam.pod
stable/8/crypto/openssl/doc/apps/dsa.pod
stable/8/crypto/openssl/doc/apps/ecparam.pod
stable/8/crypto/openssl/doc/apps/gendsa.pod
stable/8/crypto/openssl/doc/apps/genrsa.pod
stable/8/crypto/openssl/doc/apps/rsa.pod
stable/8/crypto/openssl/doc/apps/s_client.pod
stable/8/crypto/openssl/doc/apps/s_server.pod
stable/8/crypto/openssl/doc/apps/verify.pod
stable/8/crypto/openssl/doc/apps/x509.pod
stable/8/crypto/openssl/doc/apps/x509v3_config.pod
stable/8/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod
stable/8/crypto/openssl/doc/crypto/BIO_f_base64.pod
stable/8/crypto/openssl/doc/crypto/BIO_push.pod
stable/8/crypto/openssl/doc/crypto/ERR_get_error.pod
stable/8/crypto/openssl/doc/crypto/RSA_set_method.pod
stable/8/crypto/openssl/doc/crypto/RSA_sign.pod
stable/8/crypto/openssl/doc/crypto/des.pod
stable/8/crypto/openssl/doc/crypto/err.pod
stable/8/crypto/openssl/doc/crypto/pem.pod
stable/8/crypto/openssl/doc/crypto/ui.pod
stable/8/crypto/openssl/doc/fingerprints.txt
stable/8/crypto/openssl/doc/ssl/SSL_CIPHER_get_name.pod
stable/8/crypto/openssl/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
stable/8/crypto/openssl/doc/ssl/SSL_CTX_add_session.pod
stable/8/crypto/openssl/doc/ssl/SSL_CTX_set_client_CA_list.pod
stable/8/crypto/openssl/doc/ssl/SSL_CTX_set_client_cert_cb.pod
stable/8/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod
stable/8/crypto/openssl/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
stable/8/crypto/openssl/doc/ssl/SSL_CTX_set_verify.pod
stable/8/crypto/openssl/doc/ssl/SSL_get_version.pod
stable/8/crypto/openssl/doc/ssl/SSL_shutdown.pod
stable/8/crypto/openssl/doc/ssl/d2i_SSL_SESSION.pod
stable/8/crypto/openssl/openssl.spec
stable/8/crypto/openssl/ssl/d1_both.c
stable/8/crypto/openssl/ssl/d1_clnt.c
stable/8/crypto/openssl/ssl/d1_srvr.c
stable/8/crypto/openssl/ssl/s23_lib.c
stable/8/crypto/openssl/ssl/s23_srvr.c
stable/8/crypto/openssl/ssl/s3_clnt.c
stable/8/crypto/openssl/ssl/s3_pkt.c
stable/8/crypto/openssl/ssl/s3_srvr.c
stable/8/crypto/openssl/ssl/ssl_ciph.c
stable/8/crypto/openssl/ssl/ssl_stat.c
stable/8/crypto/openssl/ssl/t1_lib.c
stable/8/crypto/openssl/util/mkerr.pl
stable/8/secure/lib/libcrypto/Makefile
stable/8/secure/lib/libcrypto/Makefile.inc
stable/8/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
stable/8/secure/lib/libcrypto/man/ASN1_STRING_length.3
stable/8/secure/lib/libcrypto/man/ASN1_STRING_new.3
stable/8/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
stable/8/secure/lib/libcrypto/man/ASN1_generate_nconf.3
stable/8/secure/lib/libcrypto/man/BIO_ctrl.3
stable/8/secure/lib/libcrypto/man/BIO_f_base64.3
stable/8/secure/lib/libcrypto/man/BIO_f_buffer.3
stable/8/secure/lib/libcrypto/man/BIO_f_cipher.3
stable/8/secure/lib/libcrypto/man/BIO_f_md.3
stable/8/secure/lib/libcrypto/man/BIO_f_null.3
stable/8/secure/lib/libcrypto/man/BIO_f_ssl.3
stable/8/secure/lib/libcrypto/man/BIO_find_type.3
stable/8/secure/lib/libcrypto/man/BIO_new.3
stable/8/secure/lib/libcrypto/man/BIO_push.3
stable/8/secure/lib/libcrypto/man/BIO_read.3
stable/8/secure/lib/libcrypto/man/BIO_s_accept.3
stable/8/secure/lib/libcrypto/man/BIO_s_bio.3
stable/8/secure/lib/libcrypto/man/BIO_s_connect.3
stable/8/secure/lib/libcrypto/man/BIO_s_fd.3
stable/8/secure/lib/libcrypto/man/BIO_s_file.3
stable/8/secure/lib/libcrypto/man/BIO_s_mem.3
stable/8/secure/lib/libcrypto/man/BIO_s_null.3
stable/8/secure/lib/libcrypto/man/BIO_s_socket.3
stable/8/secure/lib/libcrypto/man/BIO_set_callback.3
stable/8/secure/lib/libcrypto/man/BIO_should_retry.3
stable/8/secure/lib/libcrypto/man/BN_BLINDING_new.3
stable/8/secure/lib/libcrypto/man/BN_CTX_new.3
stable/8/secure/lib/libcrypto/man/BN_CTX_start.3
stable/8/secure/lib/libcrypto/man/BN_add.3
stable/8/secure/lib/libcrypto/man/BN_add_word.3
stable/8/secure/lib/libcrypto/man/BN_bn2bin.3
stable/8/secure/lib/libcrypto/man/BN_cmp.3
stable/8/secure/lib/libcrypto/man/BN_copy.3
stable/8/secure/lib/libcrypto/man/BN_generate_prime.3
stable/8/secure/lib/libcrypto/man/BN_mod_inverse.3
stable/8/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
stable/8/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
stable/8/secure/lib/libcrypto/man/BN_new.3
stable/8/secure/lib/libcrypto/man/BN_num_bytes.3
stable/8/secure/lib/libcrypto/man/BN_rand.3
stable/8/secure/lib/libcrypto/man/BN_set_bit.3
stable/8/secure/lib/libcrypto/man/BN_swap.3
stable/8/secure/lib/libcrypto/man/BN_zero.3
stable/8/secure/lib/libcrypto/man/CONF_modules_free.3
stable/8/secure/lib/libcrypto/man/CONF_modules_load_file.3
stable/8/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
stable/8/secure/lib/libcrypto/man/DH_generate_key.3
stable/8/secure/lib/libcrypto/man/DH_generate_parameters.3
stable/8/secure/lib/libcrypto/man/DH_get_ex_new_index.3
stable/8/secure/lib/libcrypto/man/DH_new.3
stable/8/secure/lib/libcrypto/man/DH_set_method.3
stable/8/secure/lib/libcrypto/man/DH_size.3
stable/8/secure/lib/libcrypto/man/DSA_SIG_new.3
stable/8/secure/lib/libcrypto/man/DSA_do_sign.3
stable/8/secure/lib/libcrypto/man/DSA_dup_DH.3
stable/8/secure/lib/libcrypto/man/DSA_generate_key.3
stable/8/secure/lib/libcrypto/man/DSA_generate_parameters.3
stable/8/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
stable/8/secure/lib/libcrypto/man/DSA_new.3
stable/8/secure/lib/libcrypto/man/DSA_set_method.3
stable/8/secure/lib/libcrypto/man/DSA_sign.3
stable/8/secure/lib/libcrypto/man/DSA_size.3
stable/8/secure/lib/libcrypto/man/ERR_GET_LIB.3
stable/8/secure/lib/libcrypto/man/ERR_clear_error.3
stable/8/secure/lib/libcrypto/man/ERR_error_string.3
stable/8/secure/lib/libcrypto/man/ERR_get_error.3
stable/8/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
stable/8/secure/lib/libcrypto/man/ERR_load_strings.3
stable/8/secure/lib/libcrypto/man/ERR_print_errors.3
stable/8/secure/lib/libcrypto/man/ERR_put_error.3
stable/8/secure/lib/libcrypto/man/ERR_remove_state.3
stable/8/secure/lib/libcrypto/man/ERR_set_mark.3
stable/8/secure/lib/libcrypto/man/EVP_BytesToKey.3
stable/8/secure/lib/libcrypto/man/EVP_DigestInit.3
stable/8/secure/lib/libcrypto/man/EVP_EncryptInit.3
stable/8/secure/lib/libcrypto/man/EVP_OpenInit.3
stable/8/secure/lib/libcrypto/man/EVP_PKEY_new.3
stable/8/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
stable/8/secure/lib/libcrypto/man/EVP_SealInit.3
stable/8/secure/lib/libcrypto/man/EVP_SignInit.3
stable/8/secure/lib/libcrypto/man/EVP_VerifyInit.3
stable/8/secure/lib/libcrypto/man/OBJ_nid2obj.3
stable/8/secure/lib/libcrypto/man/OPENSSL_Applink.3
stable/8/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
stable/8/secure/lib/libcrypto/man/OPENSSL_config.3
stable/8/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
stable/8/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
stable/8/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
stable/8/secure/lib/libcrypto/man/PKCS12_create.3
stable/8/secure/lib/libcrypto/man/PKCS12_parse.3
stable/8/secure/lib/libcrypto/man/PKCS7_decrypt.3
stable/8/secure/lib/libcrypto/man/PKCS7_encrypt.3
stable/8/secure/lib/libcrypto/man/PKCS7_sign.3
stable/8/secure/lib/libcrypto/man/PKCS7_verify.3
stable/8/secure/lib/libcrypto/man/RAND_add.3
stable/8/secure/lib/libcrypto/man/RAND_bytes.3
stable/8/secure/lib/libcrypto/man/RAND_cleanup.3
stable/8/secure/lib/libcrypto/man/RAND_egd.3
stable/8/secure/lib/libcrypto/man/RAND_load_file.3
stable/8/secure/lib/libcrypto/man/RAND_set_rand_method.3
stable/8/secure/lib/libcrypto/man/RSA_blinding_on.3
stable/8/secure/lib/libcrypto/man/RSA_check_key.3
stable/8/secure/lib/libcrypto/man/RSA_generate_key.3
stable/8/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
stable/8/secure/lib/libcrypto/man/RSA_new.3
stable/8/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
stable/8/secure/lib/libcrypto/man/RSA_print.3
stable/8/secure/lib/libcrypto/man/RSA_private_encrypt.3
stable/8/secure/lib/libcrypto/man/RSA_public_encrypt.3
stable/8/secure/lib/libcrypto/man/RSA_set_method.3
stable/8/secure/lib/libcrypto/man/RSA_sign.3
stable/8/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
stable/8/secure/lib/libcrypto/man/RSA_size.3
stable/8/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
stable/8/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
stable/8/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
stable/8/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
stable/8/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
stable/8/secure/lib/libcrypto/man/X509_NAME_print_ex.3
stable/8/secure/lib/libcrypto/man/X509_new.3
stable/8/secure/lib/libcrypto/man/bio.3
stable/8/secure/lib/libcrypto/man/blowfish.3
stable/8/secure/lib/libcrypto/man/bn.3
stable/8/secure/lib/libcrypto/man/bn_internal.3
stable/8/secure/lib/libcrypto/man/buffer.3
stable/8/secure/lib/libcrypto/man/crypto.3
stable/8/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
stable/8/secure/lib/libcrypto/man/d2i_DHparams.3
stable/8/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
stable/8/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
stable/8/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
stable/8/secure/lib/libcrypto/man/d2i_X509.3
stable/8/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
stable/8/secure/lib/libcrypto/man/d2i_X509_CRL.3
stable/8/secure/lib/libcrypto/man/d2i_X509_NAME.3
stable/8/secure/lib/libcrypto/man/d2i_X509_REQ.3
stable/8/secure/lib/libcrypto/man/d2i_X509_SIG.3
stable/8/secure/lib/libcrypto/man/des.3
stable/8/secure/lib/libcrypto/man/dh.3
stable/8/secure/lib/libcrypto/man/dsa.3
stable/8/secure/lib/libcrypto/man/ecdsa.3
stable/8/secure/lib/libcrypto/man/engine.3
stable/8/secure/lib/libcrypto/man/err.3
stable/8/secure/lib/libcrypto/man/evp.3
stable/8/secure/lib/libcrypto/man/hmac.3
stable/8/secure/lib/libcrypto/man/lh_stats.3
stable/8/secure/lib/libcrypto/man/lhash.3
stable/8/secure/lib/libcrypto/man/md5.3
stable/8/secure/lib/libcrypto/man/mdc2.3
stable/8/secure/lib/libcrypto/man/pem.3
stable/8/secure/lib/libcrypto/man/rand.3
stable/8/secure/lib/libcrypto/man/rc4.3
stable/8/secure/lib/libcrypto/man/ripemd.3
stable/8/secure/lib/libcrypto/man/rsa.3
stable/8/secure/lib/libcrypto/man/sha.3
stable/8/secure/lib/libcrypto/man/threads.3
stable/8/secure/lib/libcrypto/man/ui.3
stable/8/secure/lib/libcrypto/man/ui_compat.3
stable/8/secure/lib/libcrypto/man/x509.3
stable/8/secure/lib/libssl/Makefile.man
stable/8/secure/lib/libssl/man/SSL_CIPHER_get_name.3
stable/8/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
stable/8/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
stable/8/secure/lib/libssl/man/SSL_CTX_add_session.3
stable/8/secure/lib/libssl/man/SSL_CTX_ctrl.3
stable/8/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
stable/8/secure/lib/libssl/man/SSL_CTX_free.3
stable/8/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
stable/8/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
stable/8/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
stable/8/secure/lib/libssl/man/SSL_CTX_new.3
stable/8/secure/lib/libssl/man/SSL_CTX_sess_number.3
stable/8/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
stable/8/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
stable/8/secure/lib/libssl/man/SSL_CTX_sessions.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_mode.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_options.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_timeout.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
stable/8/secure/lib/libssl/man/SSL_CTX_set_verify.3
stable/8/secure/lib/libssl/man/SSL_CTX_use_certificate.3
stable/8/secure/lib/libssl/man/SSL_SESSION_free.3
stable/8/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
stable/8/secure/lib/libssl/man/SSL_SESSION_get_time.3
stable/8/secure/lib/libssl/man/SSL_accept.3
stable/8/secure/lib/libssl/man/SSL_alert_type_string.3
stable/8/secure/lib/libssl/man/SSL_clear.3
stable/8/secure/lib/libssl/man/SSL_connect.3
stable/8/secure/lib/libssl/man/SSL_do_handshake.3
stable/8/secure/lib/libssl/man/SSL_free.3
stable/8/secure/lib/libssl/man/SSL_get_SSL_CTX.3
stable/8/secure/lib/libssl/man/SSL_get_ciphers.3
stable/8/secure/lib/libssl/man/SSL_get_client_CA_list.3
stable/8/secure/lib/libssl/man/SSL_get_current_cipher.3
stable/8/secure/lib/libssl/man/SSL_get_default_timeout.3
stable/8/secure/lib/libssl/man/SSL_get_error.3
stable/8/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
stable/8/secure/lib/libssl/man/SSL_get_ex_new_index.3
stable/8/secure/lib/libssl/man/SSL_get_fd.3
stable/8/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
stable/8/secure/lib/libssl/man/SSL_get_peer_certificate.3
stable/8/secure/lib/libssl/man/SSL_get_rbio.3
stable/8/secure/lib/libssl/man/SSL_get_session.3
stable/8/secure/lib/libssl/man/SSL_get_verify_result.3
stable/8/secure/lib/libssl/man/SSL_get_version.3
stable/8/secure/lib/libssl/man/SSL_library_init.3
stable/8/secure/lib/libssl/man/SSL_load_client_CA_file.3
stable/8/secure/lib/libssl/man/SSL_new.3
stable/8/secure/lib/libssl/man/SSL_pending.3
stable/8/secure/lib/libssl/man/SSL_read.3
stable/8/secure/lib/libssl/man/SSL_rstate_string.3
stable/8/secure/lib/libssl/man/SSL_session_reused.3
stable/8/secure/lib/libssl/man/SSL_set_bio.3
stable/8/secure/lib/libssl/man/SSL_set_connect_state.3
stable/8/secure/lib/libssl/man/SSL_set_fd.3
stable/8/secure/lib/libssl/man/SSL_set_session.3
stable/8/secure/lib/libssl/man/SSL_set_shutdown.3
stable/8/secure/lib/libssl/man/SSL_set_verify_result.3
stable/8/secure/lib/libssl/man/SSL_shutdown.3
stable/8/secure/lib/libssl/man/SSL_state_string.3
stable/8/secure/lib/libssl/man/SSL_want.3
stable/8/secure/lib/libssl/man/SSL_write.3
stable/8/secure/lib/libssl/man/d2i_SSL_SESSION.3
stable/8/secure/lib/libssl/man/ssl.3
stable/8/secure/usr.bin/openssl/man/CA.pl.1
stable/8/secure/usr.bin/openssl/man/asn1parse.1
stable/8/secure/usr.bin/openssl/man/ca.1
stable/8/secure/usr.bin/openssl/man/ciphers.1
stable/8/secure/usr.bin/openssl/man/crl.1
stable/8/secure/usr.bin/openssl/man/crl2pkcs7.1
stable/8/secure/usr.bin/openssl/man/dgst.1
stable/8/secure/usr.bin/openssl/man/dhparam.1
stable/8/secure/usr.bin/openssl/man/dsa.1
stable/8/secure/usr.bin/openssl/man/dsaparam.1
stable/8/secure/usr.bin/openssl/man/ec.1
stable/8/secure/usr.bin/openssl/man/ecparam.1
stable/8/secure/usr.bin/openssl/man/enc.1
stable/8/secure/usr.bin/openssl/man/errstr.1
stable/8/secure/usr.bin/openssl/man/gendsa.1
stable/8/secure/usr.bin/openssl/man/genrsa.1
stable/8/secure/usr.bin/openssl/man/nseq.1
stable/8/secure/usr.bin/openssl/man/ocsp.1
stable/8/secure/usr.bin/openssl/man/openssl.1
stable/8/secure/usr.bin/openssl/man/passwd.1
stable/8/secure/usr.bin/openssl/man/pkcs12.1
stable/8/secure/usr.bin/openssl/man/pkcs7.1
stable/8/secure/usr.bin/openssl/man/pkcs8.1
stable/8/secure/usr.bin/openssl/man/rand.1
stable/8/secure/usr.bin/openssl/man/req.1
stable/8/secure/usr.bin/openssl/man/rsa.1
stable/8/secure/usr.bin/openssl/man/rsautl.1
stable/8/secure/usr.bin/openssl/man/s_client.1
stable/8/secure/usr.bin/openssl/man/s_server.1
stable/8/secure/usr.bin/openssl/man/s_time.1
stable/8/secure/usr.bin/openssl/man/sess_id.1
stable/8/secure/usr.bin/openssl/man/smime.1
stable/8/secure/usr.bin/openssl/man/speed.1
stable/8/secure/usr.bin/openssl/man/spkac.1
stable/8/secure/usr.bin/openssl/man/verify.1
stable/8/secure/usr.bin/openssl/man/version.1
stable/8/secure/usr.bin/openssl/man/x509.1
stable/8/secure/usr.bin/openssl/man/x509v3_config.1
Directory Properties:
stable/8/crypto/openssl/ (props changed)
Modified: stable/9/crypto/openssl/CHANGES
==============================================================================
--- stable/9/crypto/openssl/CHANGES Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/CHANGES Thu Aug 7 21:06:34 2014 (r269687)
@@ -2,6 +2,53 @@
OpenSSL CHANGES
_______________
+ Changes between 0.9.8za and 0.9.8zb [6 Aug 2014]
+
+ *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject
+ to a denial of service attack. A malicious server can crash the client
+ with a null pointer dereference (read) by specifying an anonymous (EC)DH
+ ciphersuite and sending carefully crafted handshake messages.
+
+ Thanks to Felix Gröbert (Google) for discovering and researching this
+ issue.
+ (CVE-2014-3510)
+ [Emilia Käsper]
+
+ *) By sending carefully crafted DTLS packets an attacker could cause openssl
+ to leak memory. This can be exploited through a Denial of Service attack.
+ Thanks to Adam Langley for discovering and researching this issue.
+ (CVE-2014-3507)
+ [Adam Langley]
+
+ *) An attacker can force openssl to consume large amounts of memory whilst
+ processing DTLS handshake messages. This can be exploited through a
+ Denial of Service attack.
+ Thanks to Adam Langley for discovering and researching this issue.
+ (CVE-2014-3506)
+ [Adam Langley]
+
+ *) An attacker can force an error condition which causes openssl to crash
+ whilst processing DTLS packets due to memory being freed twice. This
+ can be exploited through a Denial of Service attack.
+ Thanks to Adam Langley and Wan-Teh Chang for discovering and researching
+ this issue.
+ (CVE-2014-3505)
+ [Adam Langley]
+
+ *) A flaw in OBJ_obj2txt may cause pretty printing functions such as
+ X509_name_oneline, X509_name_print_ex et al. to leak some information
+ from the stack. Applications may be affected if they echo pretty printing
+ output to the attacker.
+
+ Thanks to Ivan Fratric (Google) for discovering this issue.
+ (CVE-2014-3508)
+ [Emilia Käsper, and Steve Henson]
+
+ *) Fix ec_GFp_simple_points_make_affine (thus, EC_POINTs_mul etc.)
+ for corner cases. (Certain input points at infinity could lead to
+ bogus results, with non-infinity inputs mapped to infinity too.)
+ [Bodo Moeller]
+
Changes between 0.9.8y and 0.9.8za [5 Jun 2014]
*) Fix for SSL/TLS MITM flaw. An attacker using a carefully crafted
Modified: stable/9/crypto/openssl/FAQ
==============================================================================
--- stable/9/crypto/openssl/FAQ Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/FAQ Thu Aug 7 21:06:34 2014 (r269687)
@@ -113,11 +113,6 @@ that came with the version of OpenSSL yo
documentation is included in each OpenSSL distribution under the docs
directory.
-For information on parts of libcrypto that are not yet documented, you
-might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
-predecessor, at <URL: http://www.columbia.edu/~ariel/ssleay/>. Much
-of this still applies to OpenSSL.
-
There is some documentation about certificate extensions and PKCS#12
in doc/openssl.txt
Modified: stable/9/crypto/openssl/Makefile
==============================================================================
--- stable/9/crypto/openssl/Makefile Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/Makefile Thu Aug 7 21:06:34 2014 (r269687)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=0.9.8za
+VERSION=0.9.8zb
MAJOR=0
MINOR=9.8
SHLIB_VERSION_NUMBER=0.9.8
Modified: stable/9/crypto/openssl/NEWS
==============================================================================
--- stable/9/crypto/openssl/NEWS Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/NEWS Thu Aug 7 21:06:34 2014 (r269687)
@@ -5,6 +5,22 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 0.9.8za and OpenSSL 0.9.8zb [6 Aug 2014]:
+
+ o Fix for CVE-2014-3510
+ o Fix for CVE-2014-3507
+ o Fix for CVE-2014-3506
+ o Fix for CVE-2014-3505
+ o Fix for CVE-2014-3508
+
+ Known issues in OpenSSL 0.9.8za:
+
+ o Compilation failure of s3_pkt.c on some platforms due to missing
+ <limits.h> include. Fixed in 0.9.8zb-dev.
+ o FIPS capable link failure with missing symbol BN_consttime_swap.
+ Fixed in 0.9.8zb-dev. Workaround is to compile with no-ec: the EC
+ algorithms are not FIPS approved in OpenSSL 0.9.8 anyway.
+
Major changes between OpenSSL 0.9.8y and OpenSSL 0.9.8za [5 Jun 2014]:
o Fix for CVE-2014-0224
Modified: stable/9/crypto/openssl/README
==============================================================================
--- stable/9/crypto/openssl/README Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/README Thu Aug 7 21:06:34 2014 (r269687)
@@ -1,5 +1,5 @@
- OpenSSL 0.9.8za 5 Jun 2014
+ OpenSSL 0.9.8zb 6 Aug 2014
Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Modified: stable/9/crypto/openssl/apps/apps.c
==============================================================================
--- stable/9/crypto/openssl/apps/apps.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/apps/apps.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -362,6 +362,8 @@ int chopup_args(ARGS *arg, char *buf, in
{
arg->count=20;
arg->data=(char **)OPENSSL_malloc(sizeof(char *)*arg->count);
+ if (arg->data == NULL)
+ return 0;
}
for (i=0; i<arg->count; i++)
arg->data[i]=NULL;
@@ -1429,6 +1431,8 @@ char *make_config_name()
len=strlen(t)+strlen(OPENSSL_CONF)+2;
p=OPENSSL_malloc(len);
+ if (p == NULL)
+ return NULL;
BUF_strlcpy(p,t,len);
#ifndef OPENSSL_SYS_VMS
BUF_strlcat(p,"/",len);
Modified: stable/9/crypto/openssl/apps/ca.c
==============================================================================
--- stable/9/crypto/openssl/apps/ca.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/apps/ca.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -1582,12 +1582,14 @@ static int certify(X509 **xret, char *in
{
ok=0;
BIO_printf(bio_err,"Signature verification problems....\n");
+ ERR_print_errors(bio_err);
goto err;
}
if (i == 0)
{
ok=0;
BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ ERR_print_errors(bio_err);
goto err;
}
else
@@ -2751,6 +2753,9 @@ char *make_revocation_str(int rev_type,
revtm = X509_gmtime_adj(NULL, 0);
+ if (!revtm)
+ return NULL;
+
i = revtm->length + 1;
if (reason) i += strlen(reason) + 1;
Modified: stable/9/crypto/openssl/apps/crl2p7.c
==============================================================================
--- stable/9/crypto/openssl/apps/crl2p7.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/apps/crl2p7.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -142,7 +142,13 @@ int MAIN(int argc, char **argv)
{
if (--argc < 1) goto bad;
if(!certflst) certflst = sk_new_null();
- sk_push(certflst,*(++argv));
+ if (!certflst)
+ goto end;
+ if (!sk_push(certflst,*(++argv)))
+ {
+ sk_free(certflst);
+ goto end;
+ }
}
else
{
Modified: stable/9/crypto/openssl/apps/ocsp.c
==============================================================================
--- stable/9/crypto/openssl/apps/ocsp.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/apps/ocsp.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -1344,7 +1344,7 @@ OCSP_RESPONSE *process_responder(BIO *er
}
resp = query_responder(err, cbio, path, req, req_timeout);
if (!resp)
- BIO_printf(bio_err, "Error querying OCSP responsder\n");
+ BIO_printf(bio_err, "Error querying OCSP responder\n");
end:
if (ctx)
SSL_CTX_free(ctx);
Modified: stable/9/crypto/openssl/apps/s_server.c
==============================================================================
--- stable/9/crypto/openssl/apps/s_server.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/apps/s_server.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -583,7 +583,7 @@ static int MS_CALLBACK ssl_servername_cb
if (servername)
{
- if (strcmp(servername,p->servername))
+ if (strcasecmp(servername,p->servername))
return p->extension_error;
if (ctx2)
{
@@ -1095,6 +1095,14 @@ bad:
sv_usage();
goto end;
}
+#ifndef OPENSSL_NO_DTLS1
+ if (www && socket_type == SOCK_DGRAM)
+ {
+ BIO_printf(bio_err,
+ "Can't use -HTTP, -www or -WWW with DTLS\n");
+ goto end;
+ }
+#endif
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
@@ -1922,8 +1930,10 @@ again:
#ifdef CHARSET_EBCDIC
ascii2ebcdic(buf,buf,i);
#endif
- write(fileno(stdout),buf,
- (unsigned int)i);
+ if (write(fileno(stdout),buf,
+ (unsigned int)i) != i)
+ goto err;
+
if (SSL_pending(con)) goto again;
break;
case SSL_ERROR_WANT_WRITE:
Modified: stable/9/crypto/openssl/apps/speed.c
==============================================================================
--- stable/9/crypto/openssl/apps/speed.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/apps/speed.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -2767,7 +2767,11 @@ static int do_multi(int multi)
fds=malloc(multi*sizeof *fds);
for(n=0 ; n < multi ; ++n)
{
- pipe(fd);
+ if (pipe(fd) == -1)
+ {
+ fprintf(stderr, "pipe failure\n");
+ exit(1);
+ }
fflush(stdout);
fflush(stderr);
if(fork())
@@ -2779,7 +2783,11 @@ static int do_multi(int multi)
{
close(fd[0]);
close(1);
- dup(fd[1]);
+ if (dup(fd[1]) == -1)
+ {
+ fprintf(stderr, "dup failed\n");
+ exit(1);
+ }
close(fd[1]);
mr=1;
usertime=0;
Modified: stable/9/crypto/openssl/crypto/asn1/a_object.c
==============================================================================
--- stable/9/crypto/openssl/crypto/asn1/a_object.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/asn1/a_object.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -285,16 +285,28 @@ err:
ASN1_OBJECT_free(ret);
return(NULL);
}
+
ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
long len)
{
ASN1_OBJECT *ret=NULL;
const unsigned char *p;
- int i;
- /* Sanity check OID encoding: can't have leading 0x80 in
- * subidentifiers, see: X.690 8.19.2
+ int i, length;
+
+ /* Sanity check OID encoding.
+ * Need at least one content octet.
+ * MSB must be clear in the last octet.
+ * can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
*/
- for (i = 0, p = *pp; i < len; i++, p++)
+ if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
+ p[len - 1] & 0x80)
+ {
+ ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
+ return NULL;
+ }
+ /* Now 0 < len <= INT_MAX, so the cast is safe. */
+ length = (int)len;
+ for (i = 0; i < length; i++, p++)
{
if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
{
@@ -313,20 +325,20 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT
else ret=(*a);
p= *pp;
- if ((ret->data == NULL) || (ret->length < len))
+ if ((ret->data == NULL) || (ret->length < length))
{
if (ret->data != NULL) OPENSSL_free(ret->data);
- ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
+ ret->data=(unsigned char *)OPENSSL_malloc(length);
ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
if (ret->data == NULL)
{ i=ERR_R_MALLOC_FAILURE; goto err; }
}
- memcpy(ret->data,p,(int)len);
- ret->length=(int)len;
+ memcpy(ret->data,p,length);
+ ret->length=length;
ret->sn=NULL;
ret->ln=NULL;
/* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
- p+=len;
+ p+=length;
if (a != NULL) (*a)=ret;
*pp=p;
Modified: stable/9/crypto/openssl/crypto/asn1/asn1_lib.c
==============================================================================
--- stable/9/crypto/openssl/crypto/asn1/asn1_lib.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/asn1/asn1_lib.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -131,6 +131,9 @@ int ASN1_get_object(const unsigned char
*pclass=xclass;
if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
+ if (inf && !(ret & V_ASN1_CONSTRUCTED))
+ goto err;
+
#if 0
fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
(int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
Modified: stable/9/crypto/openssl/crypto/asn1/asn_mime.c
==============================================================================
--- stable/9/crypto/openssl/crypto/asn1/asn_mime.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/asn1/asn_mime.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -595,6 +595,8 @@ static STACK_OF(MIME_HEADER) *mime_parse
int len, state, save_state = 0;
headers = sk_MIME_HEADER_new(mime_hdr_cmp);
+ if (!headers)
+ return NULL;
while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
/* If whitespace at line start then continuation line */
if(mhdr && isspace((unsigned char)linebuf[0])) state = MIME_NAME;
Modified: stable/9/crypto/openssl/crypto/asn1/asn_pack.c
==============================================================================
--- stable/9/crypto/openssl/crypto/asn1/asn_pack.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/asn1/asn_pack.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -134,15 +134,23 @@ ASN1_STRING *ASN1_pack_string(void *obj,
if (!(octmp->length = i2d(obj, NULL))) {
ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
- return NULL;
+ goto err;
}
if (!(p = OPENSSL_malloc (octmp->length))) {
ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
- return NULL;
+ goto err;
}
octmp->data = p;
i2d (obj, &p);
return octmp;
+ err:
+ if (!oct || !*oct)
+ {
+ ASN1_STRING_free(octmp);
+ if (oct)
+ *oct = NULL;
+ }
+ return NULL;
}
#endif
Modified: stable/9/crypto/openssl/crypto/asn1/evp_asn1.c
==============================================================================
--- stable/9/crypto/openssl/crypto/asn1/evp_asn1.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/asn1/evp_asn1.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -66,7 +66,11 @@ int ASN1_TYPE_set_octetstring(ASN1_TYPE
ASN1_STRING *os;
if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0);
- if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0);
+ if (!M_ASN1_OCTET_STRING_set(os,data,len))
+ {
+ M_ASN1_OCTET_STRING_free(os);
+ return 0;
+ }
ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os);
return(1);
}
Modified: stable/9/crypto/openssl/crypto/asn1/t_x509.c
==============================================================================
--- stable/9/crypto/openssl/crypto/asn1/t_x509.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/asn1/t_x509.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -465,6 +465,8 @@ int X509_NAME_print(BIO *bp, X509_NAME *
l=80-2-obase;
b=X509_NAME_oneline(name,NULL,0);
+ if (!b)
+ return 0;
if (!*b)
{
OPENSSL_free(b);
Modified: stable/9/crypto/openssl/crypto/asn1/tasn_enc.c
==============================================================================
--- stable/9/crypto/openssl/crypto/asn1/tasn_enc.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/asn1/tasn_enc.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -453,9 +453,14 @@ static int asn1_set_seq_out(STACK_OF(ASN
{
derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
* sizeof(*derlst));
+ if (!derlst)
+ return 0;
tmpdat = OPENSSL_malloc(skcontlen);
- if (!derlst || !tmpdat)
+ if (!tmpdat)
+ {
+ OPENSSL_free(derlst);
return 0;
+ }
}
}
/* If not sorting just output each item */
Modified: stable/9/crypto/openssl/crypto/bio/bio_lib.c
==============================================================================
--- stable/9/crypto/openssl/crypto/bio/bio_lib.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/bio/bio_lib.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -132,8 +132,8 @@ int BIO_free(BIO *a)
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
- if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
- a->method->destroy(a);
+ if ((a->method != NULL) && (a->method->destroy != NULL))
+ a->method->destroy(a);
OPENSSL_free(a);
return(1);
}
Modified: stable/9/crypto/openssl/crypto/bn/bn_gf2m.c
==============================================================================
--- stable/9/crypto/openssl/crypto/bn/bn_gf2m.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/bn/bn_gf2m.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -1095,3 +1095,54 @@ int BN_GF2m_arr2poly(const unsigned int
return 1;
}
+/*
+ * Constant-time conditional swap of a and b.
+ * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
+ * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
+ * and that no more than nwords are used by either a or b.
+ * a and b cannot be the same number
+ */
+void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
+ {
+ BN_ULONG t;
+ int i;
+
+ bn_wcheck_size(a, nwords);
+ bn_wcheck_size(b, nwords);
+
+ assert(a != b);
+ assert((condition & (condition - 1)) == 0);
+ assert(sizeof(BN_ULONG) >= sizeof(int));
+
+ condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
+
+ t = (a->top^b->top) & condition;
+ a->top ^= t;
+ b->top ^= t;
+
+#define BN_CONSTTIME_SWAP(ind) \
+ do { \
+ t = (a->d[ind] ^ b->d[ind]) & condition; \
+ a->d[ind] ^= t; \
+ b->d[ind] ^= t; \
+ } while (0)
+
+
+ switch (nwords) {
+ default:
+ for (i = 10; i < nwords; i++)
+ BN_CONSTTIME_SWAP(i);
+ /* Fallthrough */
+ case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */
+ case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */
+ case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */
+ case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */
+ case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */
+ case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */
+ case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */
+ case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */
+ case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */
+ case 1: BN_CONSTTIME_SWAP(0);
+ }
+#undef BN_CONSTTIME_SWAP
+}
Modified: stable/9/crypto/openssl/crypto/bn/bn_lib.c
==============================================================================
--- stable/9/crypto/openssl/crypto/bn/bn_lib.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/bn/bn_lib.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(cons
BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE);
return(NULL);
}
+#ifdef PURIFY
+ /* Valgrind complains in BN_consttime_swap because we process the whole
+ * array even if it's not initialised yet. This doesn't matter in that
+ * function - what's important is constant time operation (we're not
+ * actually going to use the data)
+ */
+ memset(a, 0, sizeof(BN_ULONG)*words);
+#endif
+
#if 1
B=b->d;
/* Check if the previous number needs to be copied */
@@ -824,55 +833,3 @@ int bn_cmp_part_words(const BN_ULONG *a,
}
return bn_cmp_words(a,b,cl);
}
-
-/*
- * Constant-time conditional swap of a and b.
- * a and b are swapped if condition is not 0. The code assumes that at most one bit of condition is set.
- * nwords is the number of words to swap. The code assumes that at least nwords are allocated in both a and b,
- * and that no more than nwords are used by either a or b.
- * a and b cannot be the same number
- */
-void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, BIGNUM *b, int nwords)
- {
- BN_ULONG t;
- int i;
-
- bn_wcheck_size(a, nwords);
- bn_wcheck_size(b, nwords);
-
- assert(a != b);
- assert((condition & (condition - 1)) == 0);
- assert(sizeof(BN_ULONG) >= sizeof(int));
-
- condition = ((condition - 1) >> (BN_BITS2 - 1)) - 1;
-
- t = (a->top^b->top) & condition;
- a->top ^= t;
- b->top ^= t;
-
-#define BN_CONSTTIME_SWAP(ind) \
- do { \
- t = (a->d[ind] ^ b->d[ind]) & condition; \
- a->d[ind] ^= t; \
- b->d[ind] ^= t; \
- } while (0)
-
-
- switch (nwords) {
- default:
- for (i = 10; i < nwords; i++)
- BN_CONSTTIME_SWAP(i);
- /* Fallthrough */
- case 10: BN_CONSTTIME_SWAP(9); /* Fallthrough */
- case 9: BN_CONSTTIME_SWAP(8); /* Fallthrough */
- case 8: BN_CONSTTIME_SWAP(7); /* Fallthrough */
- case 7: BN_CONSTTIME_SWAP(6); /* Fallthrough */
- case 6: BN_CONSTTIME_SWAP(5); /* Fallthrough */
- case 5: BN_CONSTTIME_SWAP(4); /* Fallthrough */
- case 4: BN_CONSTTIME_SWAP(3); /* Fallthrough */
- case 3: BN_CONSTTIME_SWAP(2); /* Fallthrough */
- case 2: BN_CONSTTIME_SWAP(1); /* Fallthrough */
- case 1: BN_CONSTTIME_SWAP(0);
- }
-#undef BN_CONSTTIME_SWAP
-}
Modified: stable/9/crypto/openssl/crypto/bn/bn_sqr.c
==============================================================================
--- stable/9/crypto/openssl/crypto/bn/bn_sqr.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/bn/bn_sqr.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -77,6 +77,7 @@ int BN_sqr(BIGNUM *r, const BIGNUM *a, B
if (al <= 0)
{
r->top=0;
+ r->neg = 0;
return 1;
}
Modified: stable/9/crypto/openssl/crypto/conf/conf_api.c
==============================================================================
--- stable/9/crypto/openssl/crypto/conf/conf_api.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/conf/conf_api.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -294,7 +294,7 @@ CONF_VALUE *_CONF_new_section(CONF *conf
v->value=(char *)sk;
vv=(CONF_VALUE *)lh_insert(conf->data,v);
- assert(vv == NULL);
+ OPENSSL_assert(vv == NULL);
ok=1;
err:
if (!ok)
Modified: stable/9/crypto/openssl/crypto/conf/conf_def.c
==============================================================================
--- stable/9/crypto/openssl/crypto/conf/conf_def.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/conf/conf_def.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -324,7 +324,7 @@ again:
p=eat_ws(conf, end);
if (*p != ']')
{
- if (*p != '\0')
+ if (*p != '\0' && ss != p)
{
ss=p;
goto again;
Modified: stable/9/crypto/openssl/crypto/ec/ec_lib.c
==============================================================================
--- stable/9/crypto/openssl/crypto/ec/ec_lib.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/ec/ec_lib.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -1010,7 +1010,7 @@ int EC_POINT_dbl(const EC_GROUP *group,
int EC_POINT_invert(const EC_GROUP *group, EC_POINT *a, BN_CTX *ctx)
{
- if (group->meth->dbl == 0)
+ if (group->meth->invert == 0)
{
ECerr(EC_F_EC_POINT_INVERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
return 0;
Modified: stable/9/crypto/openssl/crypto/ec/ecp_smpl.c
==============================================================================
--- stable/9/crypto/openssl/crypto/ec/ecp_smpl.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/ec/ecp_smpl.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -1540,9 +1540,8 @@ int ec_GFp_simple_make_affine(const EC_G
int ec_GFp_simple_points_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx)
{
BN_CTX *new_ctx = NULL;
- BIGNUM *tmp0, *tmp1;
- size_t pow2 = 0;
- BIGNUM **heap = NULL;
+ BIGNUM *tmp, *tmp_Z;
+ BIGNUM **prod_Z = NULL;
size_t i;
int ret = 0;
@@ -1557,124 +1556,104 @@ int ec_GFp_simple_points_make_affine(con
}
BN_CTX_start(ctx);
- tmp0 = BN_CTX_get(ctx);
- tmp1 = BN_CTX_get(ctx);
- if (tmp0 == NULL || tmp1 == NULL) goto err;
-
- /* Before converting the individual points, compute inverses of all Z values.
- * Modular inversion is rather slow, but luckily we can do with a single
- * explicit inversion, plus about 3 multiplications per input value.
- */
-
- pow2 = 1;
- while (num > pow2)
- pow2 <<= 1;
- /* Now pow2 is the smallest power of 2 satifsying pow2 >= num.
- * We need twice that. */
- pow2 <<= 1;
-
- heap = OPENSSL_malloc(pow2 * sizeof heap[0]);
- if (heap == NULL) goto err;
-
- /* The array is used as a binary tree, exactly as in heapsort:
- *
- * heap[1]
- * heap[2] heap[3]
- * heap[4] heap[5] heap[6] heap[7]
- * heap[8]heap[9] heap[10]heap[11] heap[12]heap[13] heap[14] heap[15]
- *
- * We put the Z's in the last line;
- * then we set each other node to the product of its two child-nodes (where
- * empty or 0 entries are treated as ones);
- * then we invert heap[1];
- * then we invert each other node by replacing it by the product of its
- * parent (after inversion) and its sibling (before inversion).
- */
- heap[0] = NULL;
- for (i = pow2/2 - 1; i > 0; i--)
- heap[i] = NULL;
+ tmp = BN_CTX_get(ctx);
+ tmp_Z = BN_CTX_get(ctx);
+ if (tmp == NULL || tmp_Z == NULL) goto err;
+
+ prod_Z = OPENSSL_malloc(num * sizeof prod_Z[0]);
+ if (prod_Z == NULL) goto err;
for (i = 0; i < num; i++)
- heap[pow2/2 + i] = &points[i]->Z;
- for (i = pow2/2 + num; i < pow2; i++)
- heap[i] = NULL;
-
- /* set each node to the product of its children */
- for (i = pow2/2 - 1; i > 0; i--)
- {
- heap[i] = BN_new();
- if (heap[i] == NULL) goto err;
-
- if (heap[2*i] != NULL)
+ {
+ prod_Z[i] = BN_new();
+ if (prod_Z[i] == NULL) goto err;
+ }
+
+ /* Set each prod_Z[i] to the product of points[0]->Z .. points[i]->Z,
+ * skipping any zero-valued inputs (pretend that they're 1). */
+
+ if (!BN_is_zero(&points[0]->Z))
+ {
+ if (!BN_copy(prod_Z[0], &points[0]->Z)) goto err;
+ }
+ else
+ {
+ if (group->meth->field_set_to_one != 0)
{
- if ((heap[2*i + 1] == NULL) || BN_is_zero(heap[2*i + 1]))
- {
- if (!BN_copy(heap[i], heap[2*i])) goto err;
- }
- else
- {
- if (BN_is_zero(heap[2*i]))
- {
- if (!BN_copy(heap[i], heap[2*i + 1])) goto err;
- }
- else
- {
- if (!group->meth->field_mul(group, heap[i],
- heap[2*i], heap[2*i + 1], ctx)) goto err;
- }
- }
+ if (!group->meth->field_set_to_one(group, prod_Z[0], ctx)) goto err;
+ }
+ else
+ {
+ if (!BN_one(prod_Z[0])) goto err;
}
}
- /* invert heap[1] */
- if (!BN_is_zero(heap[1]))
+ for (i = 1; i < num; i++)
{
- if (!BN_mod_inverse(heap[1], heap[1], &group->field, ctx))
+ if (!BN_is_zero(&points[i]->Z))
{
- ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB);
- goto err;
+ if (!group->meth->field_mul(group, prod_Z[i], prod_Z[i - 1], &points[i]->Z, ctx)) goto err;
}
+ else
+ {
+ if (!BN_copy(prod_Z[i], prod_Z[i - 1])) goto err;
+ }
+ }
+
+ /* Now use a single explicit inversion to replace every
+ * non-zero points[i]->Z by its inverse. */
+
+ if (!BN_mod_inverse(tmp, prod_Z[num - 1], &group->field, ctx))
+ {
+ ECerr(EC_F_EC_GFP_SIMPLE_POINTS_MAKE_AFFINE, ERR_R_BN_LIB);
+ goto err;
}
if (group->meth->field_encode != 0)
{
- /* in the Montgomery case, we just turned R*H (representing H)
+ /* In the Montgomery case, we just turned R*H (representing H)
* into 1/(R*H), but we need R*(1/H) (representing 1/H);
- * i.e. we have need to multiply by the Montgomery factor twice */
- if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err;
- if (!group->meth->field_encode(group, heap[1], heap[1], ctx)) goto err;
+ * i.e. we need to multiply by the Montgomery factor twice. */
+ if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err;
+ if (!group->meth->field_encode(group, tmp, tmp, ctx)) goto err;
}
- /* set other heap[i]'s to their inverses */
- for (i = 2; i < pow2/2 + num; i += 2)
+ for (i = num - 1; i > 0; --i)
{
- /* i is even */
- if ((heap[i + 1] != NULL) && !BN_is_zero(heap[i + 1]))
- {
- if (!group->meth->field_mul(group, tmp0, heap[i/2], heap[i + 1], ctx)) goto err;
- if (!group->meth->field_mul(group, tmp1, heap[i/2], heap[i], ctx)) goto err;
- if (!BN_copy(heap[i], tmp0)) goto err;
- if (!BN_copy(heap[i + 1], tmp1)) goto err;
- }
- else
+ /* Loop invariant: tmp is the product of the inverses of
+ * points[0]->Z .. points[i]->Z (zero-valued inputs skipped). */
+ if (!BN_is_zero(&points[i]->Z))
{
- if (!BN_copy(heap[i], heap[i/2])) goto err;
+ /* Set tmp_Z to the inverse of points[i]->Z (as product
+ * of Z inverses 0 .. i, Z values 0 .. i - 1). */
+ if (!group->meth->field_mul(group, tmp_Z, prod_Z[i - 1], tmp, ctx)) goto err;
+ /* Update tmp to satisfy the loop invariant for i - 1. */
+ if (!group->meth->field_mul(group, tmp, tmp, &points[i]->Z, ctx)) goto err;
+ /* Replace points[i]->Z by its inverse. */
+ if (!BN_copy(&points[i]->Z, tmp_Z)) goto err;
}
}
- /* we have replaced all non-zero Z's by their inverses, now fix up all the points */
+ if (!BN_is_zero(&points[0]->Z))
+ {
+ /* Replace points[0]->Z by its inverse. */
+ if (!BN_copy(&points[0]->Z, tmp)) goto err;
+ }
+
+ /* Finally, fix up the X and Y coordinates for all points. */
+
for (i = 0; i < num; i++)
{
EC_POINT *p = points[i];
-
+
if (!BN_is_zero(&p->Z))
{
/* turn (X, Y, 1/Z) into (X/Z^2, Y/Z^3, 1) */
- if (!group->meth->field_sqr(group, tmp1, &p->Z, ctx)) goto err;
- if (!group->meth->field_mul(group, &p->X, &p->X, tmp1, ctx)) goto err;
+ if (!group->meth->field_sqr(group, tmp, &p->Z, ctx)) goto err;
+ if (!group->meth->field_mul(group, &p->X, &p->X, tmp, ctx)) goto err;
+
+ if (!group->meth->field_mul(group, tmp, tmp, &p->Z, ctx)) goto err;
+ if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp, ctx)) goto err;
- if (!group->meth->field_mul(group, tmp1, tmp1, &p->Z, ctx)) goto err;
- if (!group->meth->field_mul(group, &p->Y, &p->Y, tmp1, ctx)) goto err;
-
if (group->meth->field_set_to_one != 0)
{
if (!group->meth->field_set_to_one(group, &p->Z, ctx)) goto err;
@@ -1688,20 +1667,19 @@ int ec_GFp_simple_points_make_affine(con
}
ret = 1;
-
+
err:
BN_CTX_end(ctx);
if (new_ctx != NULL)
BN_CTX_free(new_ctx);
- if (heap != NULL)
+ if (prod_Z != NULL)
{
- /* heap[pow2/2] .. heap[pow2-1] have not been allocated locally! */
- for (i = pow2/2 - 1; i > 0; i--)
+ for (i = 0; i < num; i++)
{
- if (heap[i] != NULL)
- BN_clear_free(heap[i]);
+ if (prod_Z[i] != NULL)
+ BN_clear_free(prod_Z[i]);
}
- OPENSSL_free(heap);
+ OPENSSL_free(prod_Z);
}
return ret;
}
Modified: stable/9/crypto/openssl/crypto/idea/ideatest.c
==============================================================================
--- stable/9/crypto/openssl/crypto/idea/ideatest.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/idea/ideatest.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -199,10 +199,10 @@ static int cfb64_test(unsigned char *cfb
}
memcpy(cfb_tmp,cfb_iv,8);
n=0;
- idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+ idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)13,&eks,
cfb_tmp,&n,IDEA_DECRYPT);
- idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
- (long)CFB_TEST_SIZE-17,&dks,
+ idea_cfb64_encrypt(&(cfb_buf1[13]),&(cfb_buf2[13]),
+ (long)CFB_TEST_SIZE-13,&eks,
cfb_tmp,&n,IDEA_DECRYPT);
if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
{
Modified: stable/9/crypto/openssl/crypto/objects/obj_dat.c
==============================================================================
--- stable/9/crypto/openssl/crypto/objects/obj_dat.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/objects/obj_dat.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -444,11 +444,12 @@ int OBJ_obj2txt(char *buf, int buf_len,
unsigned char *p;
char tbuf[DECIMAL_SIZE(i)+DECIMAL_SIZE(l)+2];
- if ((a == NULL) || (a->data == NULL)) {
- buf[0]='\0';
- return(0);
- }
+ /* Ensure that, at every state, |buf| is NUL-terminated. */
+ if (buf && buf_len > 0)
+ buf[0] = '\0';
+ if ((a == NULL) || (a->data == NULL))
+ return(0);
if (!no_name && (nid=OBJ_obj2nid(a)) != NID_undef)
{
@@ -527,9 +528,10 @@ int OBJ_obj2txt(char *buf, int buf_len,
i=(int)(l/40);
l-=(long)(i*40);
}
- if (buf && (buf_len > 0))
+ if (buf && (buf_len > 1))
{
*buf++ = i + '0';
+ *buf = '\0';
buf_len--;
}
n++;
@@ -544,9 +546,10 @@ int OBJ_obj2txt(char *buf, int buf_len,
i = strlen(bndec);
if (buf)
{
- if (buf_len > 0)
+ if (buf_len > 1)
{
*buf++ = '.';
+ *buf = '\0';
buf_len--;
}
BUF_strlcpy(buf,bndec,buf_len);
@@ -786,4 +789,3 @@ err:
OPENSSL_free(buf);
return(ok);
}
-
Modified: stable/9/crypto/openssl/crypto/ocsp/ocsp_ht.c
==============================================================================
--- stable/9/crypto/openssl/crypto/ocsp/ocsp_ht.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/ocsp/ocsp_ht.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -464,6 +464,9 @@ OCSP_RESPONSE *OCSP_sendreq_bio(BIO *b,
ctx = OCSP_sendreq_new(b, path, req, -1);
+ if (!ctx)
+ return NULL;
+
do
{
rv = OCSP_sendreq_nbio(&resp, ctx);
Modified: stable/9/crypto/openssl/crypto/ocsp/ocsp_lib.c
==============================================================================
--- stable/9/crypto/openssl/crypto/ocsp/ocsp_lib.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/ocsp/ocsp_lib.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -220,8 +220,19 @@ int OCSP_parse_url(char *url, char **pho
if (!*ppath) goto mem_err;
+ p = host;
+ if(host[0] == '[')
+ {
+ /* ipv6 literal */
+ host++;
+ p = strchr(host, ']');
+ if(!p) goto parse_err;
+ *p = '\0';
+ p++;
+ }
+
/* Look for optional ':' for port number */
- if ((p = strchr(host, ':')))
+ if ((p = strchr(p, ':')))
{
*p = 0;
port = p + 1;
Modified: stable/9/crypto/openssl/crypto/opensslv.h
==============================================================================
--- stable/9/crypto/openssl/crypto/opensslv.h Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/opensslv.h Thu Aug 7 21:06:34 2014 (r269687)
@@ -25,11 +25,11 @@
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-#define OPENSSL_VERSION_NUMBER 0x009081afL
+#define OPENSSL_VERSION_NUMBER 0x009081bfL
#ifdef OPENSSL_FIPS
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8za-fips 5 Jun 2014"
+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zb-fips 6 Aug 2014"
#else
-#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8za-freebsd 5 Jun 2014"
+#define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zb-freebsd 6 Aug 2014"
#endif
#define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
Modified: stable/9/crypto/openssl/crypto/pkcs7/Makefile
==============================================================================
--- stable/9/crypto/openssl/crypto/pkcs7/Makefile Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/pkcs7/Makefile Thu Aug 7 21:06:34 2014 (r269687)
@@ -39,20 +39,6 @@ test:
all: lib
-testapps: enc dec sign verify
-
-enc: enc.o lib
- $(CC) $(CFLAGS) -o enc enc.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-dec: dec.o lib
- $(CC) $(CFLAGS) -o dec dec.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-sign: sign.o lib
- $(CC) $(CFLAGS) -o sign sign.o $(PEX_LIBS) $(LIB) $(EX_LIBS)
-
-verify: verify.o example.o lib
- $(CC) $(CFLAGS) -o verify verify.o $(PEX_LIBS) example.o $(LIB) $(EX_LIBS)
-
lib: $(LIBOBJ)
$(ARX) $(LIB) $(LIBOBJ)
$(RANLIB) $(LIB) || echo Never mind.
Modified: stable/9/crypto/openssl/crypto/rsa/rsa_eay.c
==============================================================================
--- stable/9/crypto/openssl/crypto/rsa/rsa_eay.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/rsa/rsa_eay.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -457,7 +457,7 @@ static int RSA_eay_private_encrypt(int f
if (padding == RSA_X931_PADDING)
{
BN_sub(f, rsa->n, ret);
- if (BN_cmp(ret, f))
+ if (BN_cmp(ret, f) > 0)
res = f;
else
res = ret;
Modified: stable/9/crypto/openssl/crypto/ui/ui_lib.c
==============================================================================
--- stable/9/crypto/openssl/crypto/ui/ui_lib.c Thu Aug 7 21:04:42 2014 (r269686)
+++ stable/9/crypto/openssl/crypto/ui/ui_lib.c Thu Aug 7 21:06:34 2014 (r269687)
@@ -897,9 +897,9 @@ int UI_set_result(UI *ui, UI_STRING *uis
break;
}
}
+ }
default:
break;
}
- }
return 0;
}
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-stable-9
mailing list