svn commit: r356290 - in stable/11: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/asn1 crypto/openssl/crypto/bn/asm crypto/openssl/crypto/ec secure/lib/libcrypto se...
Jung-uk Kim
jkim at FreeBSD.org
Thu Jan 2 21:35:32 UTC 2020
Author: jkim
Date: Thu Jan 2 21:35:28 2020
New Revision: 356290
URL: https://svnweb.freebsd.org/changeset/base/356290
Log:
Merge OpenSSL 1.0.2u.
Modified:
stable/11/crypto/openssl/CHANGES
stable/11/crypto/openssl/Makefile
stable/11/crypto/openssl/NEWS
stable/11/crypto/openssl/README
stable/11/crypto/openssl/apps/s_server.c
stable/11/crypto/openssl/appveyor.yml
stable/11/crypto/openssl/crypto/asn1/x_bignum.c
stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl
stable/11/crypto/openssl/crypto/cryptlib.c
stable/11/crypto/openssl/crypto/ec/ec_asn1.c
stable/11/crypto/openssl/crypto/opensslv.h
stable/11/secure/lib/libcrypto/Makefile.inc
stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S
stable/11/secure/lib/libcrypto/man/ASN1_OBJECT_new.3
stable/11/secure/lib/libcrypto/man/ASN1_STRING_length.3
stable/11/secure/lib/libcrypto/man/ASN1_STRING_new.3
stable/11/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
stable/11/secure/lib/libcrypto/man/ASN1_TIME_set.3
stable/11/secure/lib/libcrypto/man/ASN1_generate_nconf.3
stable/11/secure/lib/libcrypto/man/BIO_ctrl.3
stable/11/secure/lib/libcrypto/man/BIO_f_base64.3
stable/11/secure/lib/libcrypto/man/BIO_f_buffer.3
stable/11/secure/lib/libcrypto/man/BIO_f_cipher.3
stable/11/secure/lib/libcrypto/man/BIO_f_md.3
stable/11/secure/lib/libcrypto/man/BIO_f_null.3
stable/11/secure/lib/libcrypto/man/BIO_f_ssl.3
stable/11/secure/lib/libcrypto/man/BIO_find_type.3
stable/11/secure/lib/libcrypto/man/BIO_new.3
stable/11/secure/lib/libcrypto/man/BIO_new_CMS.3
stable/11/secure/lib/libcrypto/man/BIO_push.3
stable/11/secure/lib/libcrypto/man/BIO_read.3
stable/11/secure/lib/libcrypto/man/BIO_s_accept.3
stable/11/secure/lib/libcrypto/man/BIO_s_bio.3
stable/11/secure/lib/libcrypto/man/BIO_s_connect.3
stable/11/secure/lib/libcrypto/man/BIO_s_fd.3
stable/11/secure/lib/libcrypto/man/BIO_s_file.3
stable/11/secure/lib/libcrypto/man/BIO_s_mem.3
stable/11/secure/lib/libcrypto/man/BIO_s_null.3
stable/11/secure/lib/libcrypto/man/BIO_s_socket.3
stable/11/secure/lib/libcrypto/man/BIO_set_callback.3
stable/11/secure/lib/libcrypto/man/BIO_should_retry.3
stable/11/secure/lib/libcrypto/man/BN_BLINDING_new.3
stable/11/secure/lib/libcrypto/man/BN_CTX_new.3
stable/11/secure/lib/libcrypto/man/BN_CTX_start.3
stable/11/secure/lib/libcrypto/man/BN_add.3
stable/11/secure/lib/libcrypto/man/BN_add_word.3
stable/11/secure/lib/libcrypto/man/BN_bn2bin.3
stable/11/secure/lib/libcrypto/man/BN_cmp.3
stable/11/secure/lib/libcrypto/man/BN_copy.3
stable/11/secure/lib/libcrypto/man/BN_generate_prime.3
stable/11/secure/lib/libcrypto/man/BN_mod_inverse.3
stable/11/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3
stable/11/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3
stable/11/secure/lib/libcrypto/man/BN_new.3
stable/11/secure/lib/libcrypto/man/BN_num_bytes.3
stable/11/secure/lib/libcrypto/man/BN_rand.3
stable/11/secure/lib/libcrypto/man/BN_set_bit.3
stable/11/secure/lib/libcrypto/man/BN_swap.3
stable/11/secure/lib/libcrypto/man/BN_zero.3
stable/11/secure/lib/libcrypto/man/CMS_add0_cert.3
stable/11/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3
stable/11/secure/lib/libcrypto/man/CMS_add1_signer.3
stable/11/secure/lib/libcrypto/man/CMS_compress.3
stable/11/secure/lib/libcrypto/man/CMS_decrypt.3
stable/11/secure/lib/libcrypto/man/CMS_encrypt.3
stable/11/secure/lib/libcrypto/man/CMS_final.3
stable/11/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3
stable/11/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3
stable/11/secure/lib/libcrypto/man/CMS_get0_type.3
stable/11/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3
stable/11/secure/lib/libcrypto/man/CMS_sign.3
stable/11/secure/lib/libcrypto/man/CMS_sign_receipt.3
stable/11/secure/lib/libcrypto/man/CMS_uncompress.3
stable/11/secure/lib/libcrypto/man/CMS_verify.3
stable/11/secure/lib/libcrypto/man/CMS_verify_receipt.3
stable/11/secure/lib/libcrypto/man/CONF_modules_free.3
stable/11/secure/lib/libcrypto/man/CONF_modules_load_file.3
stable/11/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3
stable/11/secure/lib/libcrypto/man/DH_generate_key.3
stable/11/secure/lib/libcrypto/man/DH_generate_parameters.3
stable/11/secure/lib/libcrypto/man/DH_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/DH_new.3
stable/11/secure/lib/libcrypto/man/DH_set_method.3
stable/11/secure/lib/libcrypto/man/DH_size.3
stable/11/secure/lib/libcrypto/man/DSA_SIG_new.3
stable/11/secure/lib/libcrypto/man/DSA_do_sign.3
stable/11/secure/lib/libcrypto/man/DSA_dup_DH.3
stable/11/secure/lib/libcrypto/man/DSA_generate_key.3
stable/11/secure/lib/libcrypto/man/DSA_generate_parameters.3
stable/11/secure/lib/libcrypto/man/DSA_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/DSA_new.3
stable/11/secure/lib/libcrypto/man/DSA_set_method.3
stable/11/secure/lib/libcrypto/man/DSA_sign.3
stable/11/secure/lib/libcrypto/man/DSA_size.3
stable/11/secure/lib/libcrypto/man/EC_GFp_simple_method.3
stable/11/secure/lib/libcrypto/man/EC_GROUP_copy.3
stable/11/secure/lib/libcrypto/man/EC_GROUP_new.3
stable/11/secure/lib/libcrypto/man/EC_KEY_new.3
stable/11/secure/lib/libcrypto/man/EC_POINT_add.3
stable/11/secure/lib/libcrypto/man/EC_POINT_new.3
stable/11/secure/lib/libcrypto/man/ERR_GET_LIB.3
stable/11/secure/lib/libcrypto/man/ERR_clear_error.3
stable/11/secure/lib/libcrypto/man/ERR_error_string.3
stable/11/secure/lib/libcrypto/man/ERR_get_error.3
stable/11/secure/lib/libcrypto/man/ERR_load_crypto_strings.3
stable/11/secure/lib/libcrypto/man/ERR_load_strings.3
stable/11/secure/lib/libcrypto/man/ERR_print_errors.3
stable/11/secure/lib/libcrypto/man/ERR_put_error.3
stable/11/secure/lib/libcrypto/man/ERR_remove_state.3
stable/11/secure/lib/libcrypto/man/ERR_set_mark.3
stable/11/secure/lib/libcrypto/man/EVP_BytesToKey.3
stable/11/secure/lib/libcrypto/man/EVP_DigestInit.3
stable/11/secure/lib/libcrypto/man/EVP_DigestSignInit.3
stable/11/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3
stable/11/secure/lib/libcrypto/man/EVP_EncodeInit.3
stable/11/secure/lib/libcrypto/man/EVP_EncryptInit.3
stable/11/secure/lib/libcrypto/man/EVP_OpenInit.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_cmp.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_derive.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_keygen.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_meth_new.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_new.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_print_private.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_sign.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_verify.3
stable/11/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3
stable/11/secure/lib/libcrypto/man/EVP_SealInit.3
stable/11/secure/lib/libcrypto/man/EVP_SignInit.3
stable/11/secure/lib/libcrypto/man/EVP_VerifyInit.3
stable/11/secure/lib/libcrypto/man/OBJ_nid2obj.3
stable/11/secure/lib/libcrypto/man/OPENSSL_Applink.3
stable/11/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3
stable/11/secure/lib/libcrypto/man/OPENSSL_config.3
stable/11/secure/lib/libcrypto/man/OPENSSL_ia32cap.3
stable/11/secure/lib/libcrypto/man/OPENSSL_instrument_bus.3
stable/11/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3
stable/11/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3
stable/11/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3
stable/11/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3
stable/11/secure/lib/libcrypto/man/PKCS12_create.3
stable/11/secure/lib/libcrypto/man/PKCS12_parse.3
stable/11/secure/lib/libcrypto/man/PKCS7_decrypt.3
stable/11/secure/lib/libcrypto/man/PKCS7_encrypt.3
stable/11/secure/lib/libcrypto/man/PKCS7_sign.3
stable/11/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3
stable/11/secure/lib/libcrypto/man/PKCS7_verify.3
stable/11/secure/lib/libcrypto/man/RAND_add.3
stable/11/secure/lib/libcrypto/man/RAND_bytes.3
stable/11/secure/lib/libcrypto/man/RAND_cleanup.3
stable/11/secure/lib/libcrypto/man/RAND_egd.3
stable/11/secure/lib/libcrypto/man/RAND_load_file.3
stable/11/secure/lib/libcrypto/man/RAND_set_rand_method.3
stable/11/secure/lib/libcrypto/man/RSA_blinding_on.3
stable/11/secure/lib/libcrypto/man/RSA_check_key.3
stable/11/secure/lib/libcrypto/man/RSA_generate_key.3
stable/11/secure/lib/libcrypto/man/RSA_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/RSA_new.3
stable/11/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3
stable/11/secure/lib/libcrypto/man/RSA_print.3
stable/11/secure/lib/libcrypto/man/RSA_private_encrypt.3
stable/11/secure/lib/libcrypto/man/RSA_public_encrypt.3
stable/11/secure/lib/libcrypto/man/RSA_set_method.3
stable/11/secure/lib/libcrypto/man/RSA_sign.3
stable/11/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3
stable/11/secure/lib/libcrypto/man/RSA_size.3
stable/11/secure/lib/libcrypto/man/SMIME_read_CMS.3
stable/11/secure/lib/libcrypto/man/SMIME_read_PKCS7.3
stable/11/secure/lib/libcrypto/man/SMIME_write_CMS.3
stable/11/secure/lib/libcrypto/man/SMIME_write_PKCS7.3
stable/11/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3
stable/11/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3
stable/11/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3
stable/11/secure/lib/libcrypto/man/X509_NAME_print_ex.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_new.3
stable/11/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3
stable/11/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3
stable/11/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3
stable/11/secure/lib/libcrypto/man/X509_check_host.3
stable/11/secure/lib/libcrypto/man/X509_check_private_key.3
stable/11/secure/lib/libcrypto/man/X509_cmp_time.3
stable/11/secure/lib/libcrypto/man/X509_new.3
stable/11/secure/lib/libcrypto/man/X509_verify_cert.3
stable/11/secure/lib/libcrypto/man/bio.3
stable/11/secure/lib/libcrypto/man/blowfish.3
stable/11/secure/lib/libcrypto/man/bn.3
stable/11/secure/lib/libcrypto/man/bn_internal.3
stable/11/secure/lib/libcrypto/man/buffer.3
stable/11/secure/lib/libcrypto/man/crypto.3
stable/11/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3
stable/11/secure/lib/libcrypto/man/d2i_CMS_ContentInfo.3
stable/11/secure/lib/libcrypto/man/d2i_DHparams.3
stable/11/secure/lib/libcrypto/man/d2i_DSAPublicKey.3
stable/11/secure/lib/libcrypto/man/d2i_ECPKParameters.3
stable/11/secure/lib/libcrypto/man/d2i_ECPrivateKey.3
stable/11/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3
stable/11/secure/lib/libcrypto/man/d2i_PrivateKey.3
stable/11/secure/lib/libcrypto/man/d2i_RSAPublicKey.3
stable/11/secure/lib/libcrypto/man/d2i_X509.3
stable/11/secure/lib/libcrypto/man/d2i_X509_ALGOR.3
stable/11/secure/lib/libcrypto/man/d2i_X509_CRL.3
stable/11/secure/lib/libcrypto/man/d2i_X509_NAME.3
stable/11/secure/lib/libcrypto/man/d2i_X509_REQ.3
stable/11/secure/lib/libcrypto/man/d2i_X509_SIG.3
stable/11/secure/lib/libcrypto/man/des.3
stable/11/secure/lib/libcrypto/man/dh.3
stable/11/secure/lib/libcrypto/man/dsa.3
stable/11/secure/lib/libcrypto/man/ec.3
stable/11/secure/lib/libcrypto/man/ecdsa.3
stable/11/secure/lib/libcrypto/man/engine.3
stable/11/secure/lib/libcrypto/man/err.3
stable/11/secure/lib/libcrypto/man/evp.3
stable/11/secure/lib/libcrypto/man/hmac.3
stable/11/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3
stable/11/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3
stable/11/secure/lib/libcrypto/man/lh_stats.3
stable/11/secure/lib/libcrypto/man/lhash.3
stable/11/secure/lib/libcrypto/man/md5.3
stable/11/secure/lib/libcrypto/man/mdc2.3
stable/11/secure/lib/libcrypto/man/pem.3
stable/11/secure/lib/libcrypto/man/rand.3
stable/11/secure/lib/libcrypto/man/rc4.3
stable/11/secure/lib/libcrypto/man/ripemd.3
stable/11/secure/lib/libcrypto/man/rsa.3
stable/11/secure/lib/libcrypto/man/sha.3
stable/11/secure/lib/libcrypto/man/threads.3
stable/11/secure/lib/libcrypto/man/ui.3
stable/11/secure/lib/libcrypto/man/ui_compat.3
stable/11/secure/lib/libcrypto/man/x509.3
stable/11/secure/lib/libssl/man/SSL_CIPHER_get_name.3
stable/11/secure/lib/libssl/man/SSL_COMP_add_compression_method.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_new.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set1_prefix.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set_flags.3
stable/11/secure/lib/libssl/man/SSL_CONF_CTX_set_ssl_ctx.3
stable/11/secure/lib/libssl/man/SSL_CONF_cmd.3
stable/11/secure/lib/libssl/man/SSL_CONF_cmd_argv.3
stable/11/secure/lib/libssl/man/SSL_CTX_add1_chain_cert.3
stable/11/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3
stable/11/secure/lib/libssl/man/SSL_CTX_add_session.3
stable/11/secure/lib/libssl/man/SSL_CTX_ctrl.3
stable/11/secure/lib/libssl/man/SSL_CTX_flush_sessions.3
stable/11/secure/lib/libssl/man/SSL_CTX_free.3
stable/11/secure/lib/libssl/man/SSL_CTX_get0_param.3
stable/11/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3
stable/11/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3
stable/11/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3
stable/11/secure/lib/libssl/man/SSL_CTX_new.3
stable/11/secure/lib/libssl/man/SSL_CTX_sess_number.3
stable/11/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3
stable/11/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_sessions.3
stable/11/secure/lib/libssl/man/SSL_CTX_set1_curves.3
stable/11/secure/lib/libssl/man/SSL_CTX_set1_verify_cert_store.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_alpn_select_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_store.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_custom_cli_ext.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_info_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_mode.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_options.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_read_ahead.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_timeout.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_servername_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3
stable/11/secure/lib/libssl/man/SSL_CTX_set_verify.3
stable/11/secure/lib/libssl/man/SSL_CTX_use_certificate.3
stable/11/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3
stable/11/secure/lib/libssl/man/SSL_CTX_use_serverinfo.3
stable/11/secure/lib/libssl/man/SSL_SESSION_free.3
stable/11/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3
stable/11/secure/lib/libssl/man/SSL_SESSION_get_time.3
stable/11/secure/lib/libssl/man/SSL_accept.3
stable/11/secure/lib/libssl/man/SSL_alert_type_string.3
stable/11/secure/lib/libssl/man/SSL_check_chain.3
stable/11/secure/lib/libssl/man/SSL_clear.3
stable/11/secure/lib/libssl/man/SSL_connect.3
stable/11/secure/lib/libssl/man/SSL_do_handshake.3
stable/11/secure/lib/libssl/man/SSL_export_keying_material.3
stable/11/secure/lib/libssl/man/SSL_free.3
stable/11/secure/lib/libssl/man/SSL_get_SSL_CTX.3
stable/11/secure/lib/libssl/man/SSL_get_ciphers.3
stable/11/secure/lib/libssl/man/SSL_get_client_CA_list.3
stable/11/secure/lib/libssl/man/SSL_get_current_cipher.3
stable/11/secure/lib/libssl/man/SSL_get_default_timeout.3
stable/11/secure/lib/libssl/man/SSL_get_error.3
stable/11/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3
stable/11/secure/lib/libssl/man/SSL_get_ex_new_index.3
stable/11/secure/lib/libssl/man/SSL_get_fd.3
stable/11/secure/lib/libssl/man/SSL_get_peer_cert_chain.3
stable/11/secure/lib/libssl/man/SSL_get_peer_certificate.3
stable/11/secure/lib/libssl/man/SSL_get_psk_identity.3
stable/11/secure/lib/libssl/man/SSL_get_rbio.3
stable/11/secure/lib/libssl/man/SSL_get_session.3
stable/11/secure/lib/libssl/man/SSL_get_verify_result.3
stable/11/secure/lib/libssl/man/SSL_get_version.3
stable/11/secure/lib/libssl/man/SSL_library_init.3
stable/11/secure/lib/libssl/man/SSL_load_client_CA_file.3
stable/11/secure/lib/libssl/man/SSL_new.3
stable/11/secure/lib/libssl/man/SSL_pending.3
stable/11/secure/lib/libssl/man/SSL_read.3
stable/11/secure/lib/libssl/man/SSL_rstate_string.3
stable/11/secure/lib/libssl/man/SSL_session_reused.3
stable/11/secure/lib/libssl/man/SSL_set_bio.3
stable/11/secure/lib/libssl/man/SSL_set_connect_state.3
stable/11/secure/lib/libssl/man/SSL_set_fd.3
stable/11/secure/lib/libssl/man/SSL_set_session.3
stable/11/secure/lib/libssl/man/SSL_set_shutdown.3
stable/11/secure/lib/libssl/man/SSL_set_verify_result.3
stable/11/secure/lib/libssl/man/SSL_shutdown.3
stable/11/secure/lib/libssl/man/SSL_state_string.3
stable/11/secure/lib/libssl/man/SSL_want.3
stable/11/secure/lib/libssl/man/SSL_write.3
stable/11/secure/lib/libssl/man/d2i_SSL_SESSION.3
stable/11/secure/lib/libssl/man/ssl.3
stable/11/secure/usr.bin/openssl/man/CA.pl.1
stable/11/secure/usr.bin/openssl/man/asn1parse.1
stable/11/secure/usr.bin/openssl/man/ca.1
stable/11/secure/usr.bin/openssl/man/ciphers.1
stable/11/secure/usr.bin/openssl/man/cms.1
stable/11/secure/usr.bin/openssl/man/crl.1
stable/11/secure/usr.bin/openssl/man/crl2pkcs7.1
stable/11/secure/usr.bin/openssl/man/dgst.1
stable/11/secure/usr.bin/openssl/man/dhparam.1
stable/11/secure/usr.bin/openssl/man/dsa.1
stable/11/secure/usr.bin/openssl/man/dsaparam.1
stable/11/secure/usr.bin/openssl/man/ec.1
stable/11/secure/usr.bin/openssl/man/ecparam.1
stable/11/secure/usr.bin/openssl/man/enc.1
stable/11/secure/usr.bin/openssl/man/errstr.1
stable/11/secure/usr.bin/openssl/man/gendsa.1
stable/11/secure/usr.bin/openssl/man/genpkey.1
stable/11/secure/usr.bin/openssl/man/genrsa.1
stable/11/secure/usr.bin/openssl/man/nseq.1
stable/11/secure/usr.bin/openssl/man/ocsp.1
stable/11/secure/usr.bin/openssl/man/openssl.1
stable/11/secure/usr.bin/openssl/man/passwd.1
stable/11/secure/usr.bin/openssl/man/pkcs12.1
stable/11/secure/usr.bin/openssl/man/pkcs7.1
stable/11/secure/usr.bin/openssl/man/pkcs8.1
stable/11/secure/usr.bin/openssl/man/pkey.1
stable/11/secure/usr.bin/openssl/man/pkeyparam.1
stable/11/secure/usr.bin/openssl/man/pkeyutl.1
stable/11/secure/usr.bin/openssl/man/rand.1
stable/11/secure/usr.bin/openssl/man/req.1
stable/11/secure/usr.bin/openssl/man/rsa.1
stable/11/secure/usr.bin/openssl/man/rsautl.1
stable/11/secure/usr.bin/openssl/man/s_client.1
stable/11/secure/usr.bin/openssl/man/s_server.1
stable/11/secure/usr.bin/openssl/man/s_time.1
stable/11/secure/usr.bin/openssl/man/sess_id.1
stable/11/secure/usr.bin/openssl/man/smime.1
stable/11/secure/usr.bin/openssl/man/speed.1
stable/11/secure/usr.bin/openssl/man/spkac.1
stable/11/secure/usr.bin/openssl/man/ts.1
stable/11/secure/usr.bin/openssl/man/tsget.1
stable/11/secure/usr.bin/openssl/man/verify.1
stable/11/secure/usr.bin/openssl/man/version.1
stable/11/secure/usr.bin/openssl/man/x509.1
stable/11/secure/usr.bin/openssl/man/x509v3_config.1
Modified: stable/11/crypto/openssl/CHANGES
==============================================================================
--- stable/11/crypto/openssl/CHANGES Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/CHANGES Thu Jan 2 21:35:28 2020 (r356290)
@@ -7,6 +7,20 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.0.2t and 1.0.2u [20 Dec 2019]
+
+ *) Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
+ used in exponentiation with 512-bit moduli. No EC algorithms are
+ affected. Analysis suggests that attacks against 2-prime RSA1024,
+ 3-prime RSA1536, and DSA1024 as a result of this defect would be very
+ difficult to perform and are not believed likely. Attacks against DH512
+ are considered just feasible. However, for an attack the target would
+ have to re-use the DH512 private key, which is not recommended anyway.
+ Also applications directly using the low level API BN_mod_exp may be
+ affected if they use BN_FLG_CONSTTIME.
+ (CVE-2019-1551)
+ [Andy Polyakov]
+
Changes between 1.0.2s and 1.0.2t [10 Sep 2019]
*) For built-in EC curves, ensure an EC_GROUP built from the curve name is
Modified: stable/11/crypto/openssl/Makefile
==============================================================================
--- stable/11/crypto/openssl/Makefile Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/Makefile Thu Jan 2 21:35:28 2020 (r356290)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=1.0.2t
+VERSION=1.0.2u
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Modified: stable/11/crypto/openssl/NEWS
==============================================================================
--- stable/11/crypto/openssl/NEWS Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/NEWS Thu Jan 2 21:35:28 2020 (r356290)
@@ -5,6 +5,11 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.2t and OpenSSL 1.0.2u [20 Dec 2019]
+
+ o Fixed an an overflow bug in the x64_64 Montgomery squaring procedure
+ used in exponentiation with 512-bit moduli (CVE-2019-1551)
+
Major changes between OpenSSL 1.0.2s and OpenSSL 1.0.2t [10 Sep 2019]
o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
Modified: stable/11/crypto/openssl/README
==============================================================================
--- stable/11/crypto/openssl/README Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/README Thu Jan 2 21:35:28 2020 (r356290)
@@ -1,5 +1,5 @@
- OpenSSL 1.0.2t 10 Sep 2019
+ OpenSSL 1.0.2u 20 Dec 2019
Copyright (c) 1998-2019 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Modified: stable/11/crypto/openssl/apps/s_server.c
==============================================================================
--- stable/11/crypto/openssl/apps/s_server.c Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/apps/s_server.c Thu Jan 2 21:35:28 2020 (r356290)
@@ -56,7 +56,7 @@
* [including the GNU Public Licence.]
*/
/* ====================================================================
- * Copyright (c) 1998-2018 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -3045,6 +3045,12 @@ static int www_body(int s, int stype, unsigned char *c
if (e[0] == ' ')
break;
+ if (e[0] == ':') {
+ /* Windows drive. We treat this the same way as ".." */
+ dot = -1;
+ break;
+ }
+
switch (dot) {
case 1:
dot = (e[0] == '.') ? 2 : 0;
@@ -3053,11 +3059,11 @@ static int www_body(int s, int stype, unsigned char *c
dot = (e[0] == '.') ? 3 : 0;
break;
case 3:
- dot = (e[0] == '/') ? -1 : 0;
+ dot = (e[0] == '/' || e[0] == '\\') ? -1 : 0;
break;
}
if (dot == 0)
- dot = (e[0] == '/') ? 1 : 0;
+ dot = (e[0] == '/' || e[0] == '\\') ? 1 : 0;
}
dot = (dot == 3) || (dot == -1); /* filename contains ".."
* component */
@@ -3071,11 +3077,11 @@ static int www_body(int s, int stype, unsigned char *c
if (dot) {
BIO_puts(io, text);
- BIO_printf(io, "'%s' contains '..' reference\r\n", p);
+ BIO_printf(io, "'%s' contains '..' or ':'\r\n", p);
break;
}
- if (*p == '/') {
+ if (*p == '/' || *p == '\\') {
BIO_puts(io, text);
BIO_printf(io, "'%s' is an invalid path\r\n", p);
break;
Modified: stable/11/crypto/openssl/appveyor.yml
==============================================================================
--- stable/11/crypto/openssl/appveyor.yml Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/appveyor.yml Thu Jan 2 21:35:28 2020 (r356290)
@@ -15,7 +15,7 @@ configuration:
- shared
matrix:
- allow_failures:
+ exclude:
- platform: x64
VSVER: 9
- platform: x64
Modified: stable/11/crypto/openssl/crypto/asn1/x_bignum.c
==============================================================================
--- stable/11/crypto/openssl/crypto/asn1/x_bignum.c Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/crypto/asn1/x_bignum.c Thu Jan 2 21:35:28 2020 (r356290)
@@ -4,7 +4,7 @@
* 2000.
*/
/* ====================================================================
- * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000-2019 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -102,7 +102,7 @@ ASN1_ITEM_end(CBIGNUM)
static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
*pval = (ASN1_VALUE *)BN_new();
- if (*pval)
+ if (*pval != NULL)
return 1;
else
return 0;
@@ -110,7 +110,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *
static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- if (!*pval)
+ if (*pval == NULL)
return;
if (it->size & BN_SENSITIVE)
BN_clear_free((BIGNUM *)*pval);
@@ -124,7 +124,7 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *co
{
BIGNUM *bn;
int pad;
- if (!*pval)
+ if (*pval == NULL)
return -1;
bn = (BIGNUM *)*pval;
/* If MSB set in an octet we need a padding byte */
Modified: stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl
==============================================================================
--- stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/crypto/bn/asm/rsaz-x86_64.pl Thu Jan 2 21:35:28 2020 (r356290)
@@ -140,7 +140,7 @@ rsaz_512_sqr: # 25-29% faster than rsaz_512_mul
subq \$128+24, %rsp
.Lsqr_body:
- movq $mod, %rbp # common argument
+ movq $mod, %xmm1 # common off-load
movq ($inp), %rdx
movq 8($inp), %rax
movq $n0, 128(%rsp)
@@ -158,7 +158,8 @@ $code.=<<___;
.Loop_sqr:
movl $times,128+8(%rsp)
#first iteration
- movq %rdx, %rbx
+ movq %rdx, %rbx # 0($inp)
+ mov %rax, %rbp # 8($inp)
mulq %rdx
movq %rax, %r8
movq 16($inp), %rax
@@ -197,31 +198,29 @@ $code.=<<___;
mulq %rbx
addq %rax, %r14
movq %rbx, %rax
- movq %rdx, %r15
- adcq \$0, %r15
+ adcq \$0, %rdx
- addq %r8, %r8 #shlq \$1, %r8
- movq %r9, %rcx
- adcq %r9, %r9 #shld \$1, %r8, %r9
+ xorq %rcx,%rcx # rcx:r8 = r8 << 1
+ addq %r8, %r8
+ movq %rdx, %r15
+ adcq \$0, %rcx
mulq %rax
+ addq %r8, %rdx
+ adcq \$0, %rcx
+
movq %rax, (%rsp)
- addq %rdx, %r8
- adcq \$0, %r9
+ movq %rdx, 8(%rsp)
- movq %r8, 8(%rsp)
- shrq \$63, %rcx
-
#second iteration
- movq 8($inp), %r8
movq 16($inp), %rax
- mulq %r8
+ mulq %rbp
addq %rax, %r10
movq 24($inp), %rax
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r11
movq 32($inp), %rax
adcq \$0, %rdx
@@ -229,7 +228,7 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r12
movq 40($inp), %rax
adcq \$0, %rdx
@@ -237,7 +236,7 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r13
movq 48($inp), %rax
adcq \$0, %rdx
@@ -245,7 +244,7 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r14
movq 56($inp), %rax
adcq \$0, %rdx
@@ -253,39 +252,39 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
- mulq %r8
+ mulq %rbp
addq %rax, %r15
- movq %r8, %rax
+ movq %rbp, %rax
adcq \$0, %rdx
addq %rbx, %r15
- movq %rdx, %r8
- movq %r10, %rdx
- adcq \$0, %r8
+ adcq \$0, %rdx
- add %rdx, %rdx
- lea (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
- movq %r11, %rbx
- adcq %r11, %r11 #shld \$1, %r10, %r11
+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
+ addq %r9, %r9
+ movq %rdx, %r8
+ adcq %r10, %r10
+ adcq \$0, %rbx
mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
+ movq 16($inp), %rbp
addq %rax, %r9
+ movq 24($inp), %rax
adcq %rdx, %r10
- adcq \$0, %r11
+ adcq \$0, %rbx
movq %r9, 16(%rsp)
movq %r10, 24(%rsp)
- shrq \$63, %rbx
-
+
#third iteration
- movq 16($inp), %r9
- movq 24($inp), %rax
- mulq %r9
+ mulq %rbp
addq %rax, %r12
movq 32($inp), %rax
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
+ mulq %rbp
addq %rax, %r13
movq 40($inp), %rax
adcq \$0, %rdx
@@ -293,7 +292,7 @@ $code.=<<___;
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
+ mulq %rbp
addq %rax, %r14
movq 48($inp), %rax
adcq \$0, %rdx
@@ -301,9 +300,7 @@ $code.=<<___;
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
- movq %r12, %r10
- lea (%rbx,%r12,2), %r12 #shld \$1, %rbx, %r12
+ mulq %rbp
addq %rax, %r15
movq 56($inp), %rax
adcq \$0, %rdx
@@ -311,36 +308,40 @@ $code.=<<___;
movq %rdx, %rcx
adcq \$0, %rcx
- mulq %r9
- shrq \$63, %r10
+ mulq %rbp
addq %rax, %r8
- movq %r9, %rax
+ movq %rbp, %rax
adcq \$0, %rdx
addq %rcx, %r8
- movq %rdx, %r9
- adcq \$0, %r9
+ adcq \$0, %rdx
- movq %r13, %rcx
- leaq (%r10,%r13,2), %r13 #shld \$1, %r12, %r13
+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
+ addq %r11, %r11
+ movq %rdx, %r9
+ adcq %r12, %r12
+ adcq \$0, %rcx
mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rbx, %rax
+ movq 24($inp), %r10
addq %rax, %r11
+ movq 32($inp), %rax
adcq %rdx, %r12
- adcq \$0, %r13
+ adcq \$0, %rcx
movq %r11, 32(%rsp)
movq %r12, 40(%rsp)
- shrq \$63, %rcx
#fourth iteration
- movq 24($inp), %r10
- movq 32($inp), %rax
+ mov %rax, %r11 # 32($inp)
mulq %r10
addq %rax, %r14
movq 40($inp), %rax
movq %rdx, %rbx
adcq \$0, %rbx
+ mov %rax, %r12 # 40($inp)
mulq %r10
addq %rax, %r15
movq 48($inp), %rax
@@ -349,9 +350,8 @@ $code.=<<___;
movq %rdx, %rbx
adcq \$0, %rbx
+ mov %rax, %rbp # 48($inp)
mulq %r10
- movq %r14, %r12
- leaq (%rcx,%r14,2), %r14 #shld \$1, %rcx, %r14
addq %rax, %r8
movq 56($inp), %rax
adcq \$0, %rdx
@@ -360,32 +360,33 @@ $code.=<<___;
adcq \$0, %rbx
mulq %r10
- shrq \$63, %r12
addq %rax, %r9
movq %r10, %rax
adcq \$0, %rdx
addq %rbx, %r9
- movq %rdx, %r10
- adcq \$0, %r10
+ adcq \$0, %rdx
- movq %r15, %rbx
- leaq (%r12,%r15,2),%r15 #shld \$1, %r14, %r15
+ xorq %rbx, %rbx # rbx:r13:r14 = r13:r14 << 1
+ addq %r13, %r13
+ movq %rdx, %r10
+ adcq %r14, %r14
+ adcq \$0, %rbx
mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
addq %rax, %r13
+ movq %r12, %rax # 40($inp)
adcq %rdx, %r14
- adcq \$0, %r15
+ adcq \$0, %rbx
movq %r13, 48(%rsp)
movq %r14, 56(%rsp)
- shrq \$63, %rbx
#fifth iteration
- movq 32($inp), %r11
- movq 40($inp), %rax
mulq %r11
addq %rax, %r8
- movq 48($inp), %rax
+ movq %rbp, %rax # 48($inp)
movq %rdx, %rcx
adcq \$0, %rcx
@@ -393,98 +394,100 @@ $code.=<<___;
addq %rax, %r9
movq 56($inp), %rax
adcq \$0, %rdx
- movq %r8, %r12
- leaq (%rbx,%r8,2), %r8 #shld \$1, %rbx, %r8
addq %rcx, %r9
movq %rdx, %rcx
adcq \$0, %rcx
+ mov %rax, %r14 # 56($inp)
mulq %r11
- shrq \$63, %r12
addq %rax, %r10
movq %r11, %rax
adcq \$0, %rdx
addq %rcx, %r10
- movq %rdx, %r11
- adcq \$0, %r11
+ adcq \$0, %rdx
- movq %r9, %rcx
- leaq (%r12,%r9,2), %r9 #shld \$1, %r8, %r9
+ xorq %rcx, %rcx # rcx:r8:r15 = r8:r15 << 1
+ addq %r15, %r15
+ movq %rdx, %r11
+ adcq %r8, %r8
+ adcq \$0, %rcx
mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rbx, %rax
addq %rax, %r15
+ movq %rbp, %rax # 48($inp)
adcq %rdx, %r8
- adcq \$0, %r9
+ adcq \$0, %rcx
movq %r15, 64(%rsp)
movq %r8, 72(%rsp)
- shrq \$63, %rcx
#sixth iteration
- movq 40($inp), %r12
- movq 48($inp), %rax
mulq %r12
addq %rax, %r10
- movq 56($inp), %rax
+ movq %r14, %rax # 56($inp)
movq %rdx, %rbx
adcq \$0, %rbx
mulq %r12
addq %rax, %r11
movq %r12, %rax
- movq %r10, %r15
- leaq (%rcx,%r10,2), %r10 #shld \$1, %rcx, %r10
adcq \$0, %rdx
- shrq \$63, %r15
addq %rbx, %r11
- movq %rdx, %r12
- adcq \$0, %r12
+ adcq \$0, %rdx
- movq %r11, %rbx
- leaq (%r15,%r11,2), %r11 #shld \$1, %r10, %r11
+ xorq %rbx, %rbx # rbx:r10:r9 = r10:r9 << 1
+ addq %r9, %r9
+ movq %rdx, %r12
+ adcq %r10, %r10
+ adcq \$0, %rbx
mulq %rax
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
addq %rax, %r9
+ movq %r14, %rax # 56($inp)
adcq %rdx, %r10
- adcq \$0, %r11
+ adcq \$0, %rbx
movq %r9, 80(%rsp)
movq %r10, 88(%rsp)
#seventh iteration
- movq 48($inp), %r13
- movq 56($inp), %rax
- mulq %r13
+ mulq %rbp
addq %rax, %r12
- movq %r13, %rax
- movq %rdx, %r13
- adcq \$0, %r13
+ movq %rbp, %rax
+ adcq \$0, %rdx
- xorq %r14, %r14
- shlq \$1, %rbx
- adcq %r12, %r12 #shld \$1, %rbx, %r12
- adcq %r13, %r13 #shld \$1, %r12, %r13
- adcq %r14, %r14 #shld \$1, %r13, %r14
+ xorq %rcx, %rcx # rcx:r12:r11 = r12:r11 << 1
+ addq %r11, %r11
+ movq %rdx, %r13
+ adcq %r12, %r12
+ adcq \$0, %rcx
mulq %rax
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rbx, %rax
addq %rax, %r11
+ movq %r14, %rax # 56($inp)
adcq %rdx, %r12
- adcq \$0, %r13
+ adcq \$0, %rcx
movq %r11, 96(%rsp)
movq %r12, 104(%rsp)
#eighth iteration
- movq 56($inp), %rax
+ xorq %rbx, %rbx # rbx:r13 = r13 << 1
+ addq %r13, %r13
+ adcq \$0, %rbx
+
mulq %rax
- addq %rax, %r13
- adcq \$0, %rdx
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ addq %rcx, %rax
+ addq %r13, %rax
+ adcq %rbx, %rdx
- addq %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
-
movq (%rsp), %r8
movq 8(%rsp), %r9
movq 16(%rsp), %r10
@@ -493,7 +496,11 @@ $code.=<<___;
movq 40(%rsp), %r13
movq 48(%rsp), %r14
movq 56(%rsp), %r15
+ movq %xmm1, %rbp
+ movq %rax, 112(%rsp)
+ movq %rdx, 120(%rsp)
+
call __rsaz_512_reduce
addq 64(%rsp), %r8
@@ -524,9 +531,9 @@ $code.=<<___;
.Loop_sqrx:
movl $times,128+8(%rsp)
movq $out, %xmm0 # off-load
- movq %rbp, %xmm1 # off-load
-#first iteration
+#first iteration
mulx %rax, %r8, %r9
+ mov %rax, %rbx
mulx 16($inp), %rcx, %r10
xor %rbp, %rbp # cf=0, of=0
@@ -534,40 +541,39 @@ $code.=<<___;
mulx 24($inp), %rax, %r11
adcx %rcx, %r9
- mulx 32($inp), %rcx, %r12
+ .byte 0xc4,0x62,0xf3,0xf6,0xa6,0x20,0x00,0x00,0x00 # mulx 32($inp), %rcx, %r12
adcx %rax, %r10
- mulx 40($inp), %rax, %r13
+ .byte 0xc4,0x62,0xfb,0xf6,0xae,0x28,0x00,0x00,0x00 # mulx 40($inp), %rax, %r13
adcx %rcx, %r11
- .byte 0xc4,0x62,0xf3,0xf6,0xb6,0x30,0x00,0x00,0x00 # mulx 48($inp), %rcx, %r14
+ mulx 48($inp), %rcx, %r14
adcx %rax, %r12
adcx %rcx, %r13
- .byte 0xc4,0x62,0xfb,0xf6,0xbe,0x38,0x00,0x00,0x00 # mulx 56($inp), %rax, %r15
+ mulx 56($inp), %rax, %r15
adcx %rax, %r14
adcx %rbp, %r15 # %rbp is 0
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shl \$1, %r8
+ mulx %rdx, %rax, $out
+ mov %rbx, %rdx # 8($inp)
+ xor %rcx, %rcx
+ adox %r8, %r8
+ adcx $out, %r8
+ adox %rbp, %rcx
+ adcx %rbp, %rcx
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rdx, %r8
- mov 8($inp), %rdx
- adcx %rbp, %r9
-
mov %rax, (%rsp)
mov %r8, 8(%rsp)
-#second iteration
- mulx 16($inp), %rax, %rbx
+#second iteration
+ .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x10,0x00,0x00,0x00 # mulx 16($inp), %rax, %rbx
adox %rax, %r10
adcx %rbx, %r11
- .byte 0xc4,0x62,0xc3,0xf6,0x86,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r8
+ mulx 24($inp), $out, %r8
adox $out, %r11
+ .byte 0x66
adcx %r8, %r12
mulx 32($inp), %rax, %rbx
@@ -585,24 +591,25 @@ $code.=<<___;
.byte 0xc4,0x62,0xc3,0xf6,0x86,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r8
adox $out, %r15
adcx %rbp, %r8
+ mulx %rdx, %rax, $out
adox %rbp, %r8
+ .byte 0x48,0x8b,0x96,0x10,0x00,0x00,0x00 # mov 16($inp), %rdx
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp,%ebp
- mulx %rdx, %rax, %rcx
- mov 16($inp), %rdx
+ xor %rbx, %rbx
+ adox %r9, %r9
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %r10, %r10
adcx %rax, %r9
- adcx %rcx, %r10
- adcx %rbp, %r11
+ adox %rbp, %rbx
+ adcx $out, %r10
+ adcx %rbp, %rbx
mov %r9, 16(%rsp)
.byte 0x4c,0x89,0x94,0x24,0x18,0x00,0x00,0x00 # mov %r10, 24(%rsp)
-
-#third iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x18,0x00,0x00,0x00 # mulx 24($inp), $out, %r9
+
+#third iteration
+ mulx 24($inp), $out, %r9
adox $out, %r12
adcx %r9, %r13
@@ -610,7 +617,7 @@ $code.=<<___;
adox %rax, %r13
adcx %rcx, %r14
- mulx 40($inp), $out, %r9
+ .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r9
adox $out, %r14
adcx %r9, %r15
@@ -618,27 +625,28 @@ $code.=<<___;
adox %rax, %r15
adcx %rcx, %r8
- .byte 0xc4,0x62,0xc3,0xf6,0x8e,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r9
+ mulx 56($inp), $out, %r9
adox $out, %r8
adcx %rbp, %r9
+ mulx %rdx, %rax, $out
adox %rbp, %r9
+ mov 24($inp), %rdx
- mov %r13, %rcx
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rcx, %rcx
+ adox %r11, %r11
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rbx, %rax
+ adox %r12, %r12
adcx %rax, %r11
- adcx %rdx, %r12
- mov 24($inp), %rdx
- adcx %rbp, %r13
+ adox %rbp, %rcx
+ adcx $out, %r12
+ adcx %rbp, %rcx
mov %r11, 32(%rsp)
- .byte 0x4c,0x89,0xa4,0x24,0x28,0x00,0x00,0x00 # mov %r12, 40(%rsp)
-
-#fourth iteration
- .byte 0xc4,0xe2,0xfb,0xf6,0x9e,0x20,0x00,0x00,0x00 # mulx 32($inp), %rax, %rbx
+ mov %r12, 40(%rsp)
+
+#fourth iteration
+ mulx 32($inp), %rax, %rbx
adox %rax, %r14
adcx %rbx, %r15
@@ -653,25 +661,25 @@ $code.=<<___;
mulx 56($inp), $out, %r10
adox $out, %r9
adcx %rbp, %r10
+ mulx %rdx, %rax, $out
adox %rbp, %r10
+ mov 32($inp), %rdx
- .byte 0x66
- mov %r15, %rbx
- shld \$1, %r14, %r15
- shld \$1, %rcx, %r14
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rbx, %rbx
+ adox %r13, %r13
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %r14, %r14
adcx %rax, %r13
- adcx %rdx, %r14
- mov 32($inp), %rdx
- adcx %rbp, %r15
+ adox %rbp, %rbx
+ adcx $out, %r14
+ adcx %rbp, %rbx
mov %r13, 48(%rsp)
mov %r14, 56(%rsp)
-
-#fifth iteration
- .byte 0xc4,0x62,0xc3,0xf6,0x9e,0x28,0x00,0x00,0x00 # mulx 40($inp), $out, %r11
+
+#fifth iteration
+ mulx 40($inp), $out, %r11
adox $out, %r8
adcx %r11, %r9
@@ -682,18 +690,19 @@ $code.=<<___;
mulx 56($inp), $out, %r11
adox $out, %r10
adcx %rbp, %r11
+ mulx %rdx, %rax, $out
+ mov 40($inp), %rdx
adox %rbp, %r11
- mov %r9, %rcx
- shld \$1, %r8, %r9
- shld \$1, %rbx, %r8
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rcx, %rcx
+ adox %r15, %r15
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rbx, %rax
+ adox %r8, %r8
adcx %rax, %r15
- adcx %rdx, %r8
- mov 40($inp), %rdx
- adcx %rbp, %r9
+ adox %rbp, %rcx
+ adcx $out, %r8
+ adcx %rbp, %rcx
mov %r15, 64(%rsp)
mov %r8, 72(%rsp)
@@ -706,18 +715,19 @@ $code.=<<___;
.byte 0xc4,0x62,0xc3,0xf6,0xa6,0x38,0x00,0x00,0x00 # mulx 56($inp), $out, %r12
adox $out, %r11
adcx %rbp, %r12
+ mulx %rdx, %rax, $out
adox %rbp, %r12
+ mov 48($inp), %rdx
- mov %r11, %rbx
- shld \$1, %r10, %r11
- shld \$1, %rcx, %r10
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
+ xor %rbx, %rbx
+ adox %r9, %r9
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %r10, %r10
adcx %rax, %r9
- adcx %rdx, %r10
- mov 48($inp), %rdx
- adcx %rbp, %r11
+ adcx $out, %r10
+ adox %rbp, %rbx
+ adcx %rbp, %rbx
mov %r9, 80(%rsp)
mov %r10, 88(%rsp)
@@ -727,31 +737,31 @@ $code.=<<___;
adox %rax, %r12
adox %rbp, %r13
- xor %r14, %r14
- shld \$1, %r13, %r14
- shld \$1, %r12, %r13
- shld \$1, %rbx, %r12
-
- xor %ebp, %ebp
- mulx %rdx, %rax, %rdx
- adcx %rax, %r11
- adcx %rdx, %r12
+ mulx %rdx, %rax, $out
+ xor %rcx, %rcx
mov 56($inp), %rdx
- adcx %rbp, %r13
+ adox %r11, %r11
+ # rbx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rbx, %rax
+ adox %r12, %r12
+ adcx %rax, %r11
+ adox %rbp, %rcx
+ adcx $out, %r12
+ adcx %rbp, %rcx
.byte 0x4c,0x89,0x9c,0x24,0x60,0x00,0x00,0x00 # mov %r11, 96(%rsp)
.byte 0x4c,0x89,0xa4,0x24,0x68,0x00,0x00,0x00 # mov %r12, 104(%rsp)
#eighth iteration
mulx %rdx, %rax, %rdx
- adox %rax, %r13
- adox %rbp, %rdx
+ xor %rbx, %rbx
+ adox %r13, %r13
+ # rcx <= 2 and rax <= 0xFFFF..F9, so carry must be zero here
+ adcx %rcx, %rax
+ adox %rbp, %rbx
+ adcx %r13, %rax
+ adcx %rdx, %rbx
- .byte 0x66
- add %rdx, %r14
-
- movq %r13, 112(%rsp)
- movq %r14, 120(%rsp)
movq %xmm0, $out
movq %xmm1, %rbp
@@ -764,6 +774,9 @@ $code.=<<___;
movq 40(%rsp), %r13
movq 48(%rsp), %r14
movq 56(%rsp), %r15
+
+ movq %rax, 112(%rsp)
+ movq %rbx, 120(%rsp)
call __rsaz_512_reducex
Modified: stable/11/crypto/openssl/crypto/cryptlib.c
==============================================================================
--- stable/11/crypto/openssl/crypto/cryptlib.c Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/crypto/cryptlib.c Thu Jan 2 21:35:28 2020 (r356290)
@@ -1,6 +1,6 @@
/* crypto/cryptlib.c */
/* ====================================================================
- * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 1998-2019 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -744,6 +744,11 @@ int OPENSSL_NONPIC_relocated = 0;
#if !defined(OPENSSL_CPUID_SETUP) && !defined(OPENSSL_CPUID_OBJ)
void OPENSSL_cpuid_setup(void)
{
+}
+
+unsigned long OPENSSL_rdtsc(void)
+{
+ return 0;
}
#endif
Modified: stable/11/crypto/openssl/crypto/ec/ec_asn1.c
==============================================================================
--- stable/11/crypto/openssl/crypto/ec/ec_asn1.c Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/crypto/ec/ec_asn1.c Thu Jan 2 21:35:28 2020 (r356290)
@@ -973,6 +973,20 @@ static EC_GROUP *ec_asn1_parameters2group(const ECPARA
* 0x0 = OPENSSL_EC_EXPLICIT_CURVE
*/
EC_GROUP_set_asn1_flag(ret, 0x0);
+
+ /*
+ * If the input params do not contain the optional seed field we make
+ * sure it is not added to the returned group.
+ *
+ * The seed field is not really used inside libcrypto anyway, and
+ * adding it to parsed explicit parameter keys would alter their DER
+ * encoding output (because of the extra field) which could impact
+ * applications fingerprinting keys by their DER encoding.
+ */
+ if (params->curve->seed == NULL) {
+ if (EC_GROUP_set_seed(ret, NULL, 0) != 1)
+ goto err;
+ }
}
ok = 1;
Modified: stable/11/crypto/openssl/crypto/opensslv.h
==============================================================================
--- stable/11/crypto/openssl/crypto/opensslv.h Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/crypto/openssl/crypto/opensslv.h Thu Jan 2 21:35:28 2020 (r356290)
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x1000214fL
+# define OPENSSL_VERSION_NUMBER 0x1000215fL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2t-fips 10 Sep 2019"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2u-fips 20 Dec 2019"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2t-freebsd 10 Sep 2019"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2u-freebsd 20 Dec 2019"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
Modified: stable/11/secure/lib/libcrypto/Makefile.inc
==============================================================================
--- stable/11/secure/lib/libcrypto/Makefile.inc Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/secure/lib/libcrypto/Makefile.inc Thu Jan 2 21:35:28 2020 (r356290)
@@ -3,8 +3,8 @@
.include <bsd.own.mk>
# OpenSSL version used for manual page generation
-OPENSSL_VER= 1.0.2t
-OPENSSL_DATE= 2019-09-10
+OPENSSL_VER= 1.0.2u
+OPENSSL_DATE= 2019-12-20
LCRYPTO_SRC= ${SRCTOP}/crypto/openssl
LCRYPTO_DOC= ${LCRYPTO_SRC}/doc
Modified: stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S
==============================================================================
--- stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S Thu Jan 2 21:34:44 2020 (r356289)
+++ stable/11/secure/lib/libcrypto/amd64/rsaz-x86_64.S Thu Jan 2 21:35:28 2020 (r356290)
@@ -17,7 +17,7 @@ rsaz_512_sqr:
subq $128+24,%rsp
.Lsqr_body:
- movq %rdx,%rbp
+.byte 102,72,15,110,202
movq (%rsi),%rdx
movq 8(%rsi),%rax
movq %rcx,128(%rsp)
@@ -32,6 +32,7 @@ rsaz_512_sqr:
movl %r8d,128+8(%rsp)
movq %rdx,%rbx
+ movq %rax,%rbp
mulq %rdx
movq %rax,%r8
movq 16(%rsi),%rax
@@ -70,31 +71,29 @@ rsaz_512_sqr:
mulq %rbx
addq %rax,%r14
movq %rbx,%rax
- movq %rdx,%r15
- adcq $0,%r15
+ adcq $0,%rdx
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-stable
mailing list