svn commit: r215643 - in vendor-crypto/openssl/dist: . apps crypto
crypto/aes crypto/aes/asm crypto/asn1 crypto/bio crypto/bn
crypto/cms crypto/conf crypto/des crypto/dsa crypto/ec
crypto/ecdh cryp...
Simon L. Nielsen
simon at FreeBSD.org
Sun Nov 21 22:45:19 UTC 2010
Author: simon
Date: Sun Nov 21 22:45:18 2010
New Revision: 215643
URL: http://svn.freebsd.org/changeset/base/215643
Log:
Import OpenSSL 0.9.8p.
Modified:
vendor-crypto/openssl/dist/CHANGES
vendor-crypto/openssl/dist/Configure
vendor-crypto/openssl/dist/FAQ
vendor-crypto/openssl/dist/Makefile
vendor-crypto/openssl/dist/NEWS
vendor-crypto/openssl/dist/PROBLEMS
vendor-crypto/openssl/dist/README
vendor-crypto/openssl/dist/apps/apps.c
vendor-crypto/openssl/dist/apps/dh.c
vendor-crypto/openssl/dist/apps/dhparam.c
vendor-crypto/openssl/dist/apps/dsaparam.c
vendor-crypto/openssl/dist/apps/ec.c
vendor-crypto/openssl/dist/apps/ecparam.c
vendor-crypto/openssl/dist/apps/enc.c
vendor-crypto/openssl/dist/apps/gendh.c
vendor-crypto/openssl/dist/apps/gendsa.c
vendor-crypto/openssl/dist/apps/genrsa.c
vendor-crypto/openssl/dist/apps/pkcs7.c
vendor-crypto/openssl/dist/apps/rand.c
vendor-crypto/openssl/dist/apps/s_server.c
vendor-crypto/openssl/dist/apps/s_socket.c
vendor-crypto/openssl/dist/apps/speed.c
vendor-crypto/openssl/dist/apps/x509.c
vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c
vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl
vendor-crypto/openssl/dist/crypto/asn1/a_int.c
vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c
vendor-crypto/openssl/dist/crypto/asn1/t_crl.c
vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c
vendor-crypto/openssl/dist/crypto/asn1/x_x509.c
vendor-crypto/openssl/dist/crypto/bio/b_sock.c
vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c
vendor-crypto/openssl/dist/crypto/bio/bio_lib.c
vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c
vendor-crypto/openssl/dist/crypto/bio/bss_sock.c
vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c
vendor-crypto/openssl/dist/crypto/bn/bn_mul.c
vendor-crypto/openssl/dist/crypto/cms/cms_asn1.c
vendor-crypto/openssl/dist/crypto/conf/conf_def.c
vendor-crypto/openssl/dist/crypto/des/rpc_des.h
vendor-crypto/openssl/dist/crypto/dsa/dsa_gen.c
vendor-crypto/openssl/dist/crypto/dsa/dsa_ossl.c
vendor-crypto/openssl/dist/crypto/ec/ec2_mult.c
vendor-crypto/openssl/dist/crypto/ec/ec_mult.c
vendor-crypto/openssl/dist/crypto/ecdh/ech_lib.c
vendor-crypto/openssl/dist/crypto/ecdsa/ecs_lib.c
vendor-crypto/openssl/dist/crypto/engine/eng_list.c
vendor-crypto/openssl/dist/crypto/err/err_prn.c
vendor-crypto/openssl/dist/crypto/evp/bio_b64.c
vendor-crypto/openssl/dist/crypto/evp/enc_min.c
vendor-crypto/openssl/dist/crypto/evp/encode.c
vendor-crypto/openssl/dist/crypto/evp/evp_pbe.c
vendor-crypto/openssl/dist/crypto/hmac/hmac.c
vendor-crypto/openssl/dist/crypto/md32_common.h
vendor-crypto/openssl/dist/crypto/o_init.c
vendor-crypto/openssl/dist/crypto/ocsp/ocsp_ht.c
vendor-crypto/openssl/dist/crypto/ocsp/ocsp_prn.c
vendor-crypto/openssl/dist/crypto/opensslv.h
vendor-crypto/openssl/dist/crypto/pem/pem_lib.c
vendor-crypto/openssl/dist/crypto/pkcs12/p12_key.c
vendor-crypto/openssl/dist/crypto/pkcs12/p12_npas.c
vendor-crypto/openssl/dist/crypto/pkcs7/pk7_doit.c
vendor-crypto/openssl/dist/crypto/pkcs7/pk7_lib.c
vendor-crypto/openssl/dist/crypto/pkcs7/pk7_mime.c
vendor-crypto/openssl/dist/crypto/pqueue/pqueue.c
vendor-crypto/openssl/dist/crypto/rand/rand_nw.c
vendor-crypto/openssl/dist/crypto/rand/randfile.c
vendor-crypto/openssl/dist/crypto/rsa/rsa_eay.c
vendor-crypto/openssl/dist/crypto/x509/x509.h
vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c
vendor-crypto/openssl/dist/crypto/x509/x_all.c
vendor-crypto/openssl/dist/crypto/x509v3/v3_ncons.c
vendor-crypto/openssl/dist/crypto/x509v3/v3_pci.c
vendor-crypto/openssl/dist/doc/apps/smime.pod
vendor-crypto/openssl/dist/doc/crypto/ASN1_OBJECT_new.pod
vendor-crypto/openssl/dist/doc/crypto/ASN1_STRING_length.pod
vendor-crypto/openssl/dist/doc/crypto/ASN1_STRING_new.pod
vendor-crypto/openssl/dist/doc/crypto/ASN1_generate_nconf.pod
vendor-crypto/openssl/dist/doc/crypto/BIO_f_buffer.pod
vendor-crypto/openssl/dist/doc/crypto/BIO_should_retry.pod
vendor-crypto/openssl/dist/doc/crypto/CRYPTO_set_ex_data.pod
vendor-crypto/openssl/dist/doc/crypto/OBJ_nid2obj.pod
vendor-crypto/openssl/dist/doc/crypto/PKCS7_decrypt.pod
vendor-crypto/openssl/dist/doc/crypto/PKCS7_encrypt.pod
vendor-crypto/openssl/dist/doc/crypto/PKCS7_sign.pod
vendor-crypto/openssl/dist/doc/crypto/PKCS7_verify.pod
vendor-crypto/openssl/dist/doc/crypto/SMIME_read_PKCS7.pod
vendor-crypto/openssl/dist/doc/crypto/SMIME_write_PKCS7.pod
vendor-crypto/openssl/dist/doc/crypto/X509_NAME_ENTRY_get_object.pod
vendor-crypto/openssl/dist/doc/crypto/X509_NAME_add_entry_by_txt.pod
vendor-crypto/openssl/dist/doc/crypto/X509_NAME_get_index_by_NID.pod
vendor-crypto/openssl/dist/doc/crypto/X509_new.pod
vendor-crypto/openssl/dist/doc/crypto/bn_internal.pod
vendor-crypto/openssl/dist/doc/crypto/ui_compat.pod
vendor-crypto/openssl/dist/doc/ssl/SSL_library_init.pod
vendor-crypto/openssl/dist/e_os.h
vendor-crypto/openssl/dist/engines/e_chil.c
vendor-crypto/openssl/dist/engines/e_cswift.c
vendor-crypto/openssl/dist/engines/e_ubsec.c
vendor-crypto/openssl/dist/fips/mkfipsscr.pl
vendor-crypto/openssl/dist/openssl.spec
vendor-crypto/openssl/dist/ssl/d1_both.c
vendor-crypto/openssl/dist/ssl/d1_clnt.c
vendor-crypto/openssl/dist/ssl/d1_enc.c
vendor-crypto/openssl/dist/ssl/d1_lib.c
vendor-crypto/openssl/dist/ssl/d1_pkt.c
vendor-crypto/openssl/dist/ssl/dtls1.h
vendor-crypto/openssl/dist/ssl/s23_clnt.c
vendor-crypto/openssl/dist/ssl/s23_lib.c
vendor-crypto/openssl/dist/ssl/s2_srvr.c
vendor-crypto/openssl/dist/ssl/s3_both.c
vendor-crypto/openssl/dist/ssl/s3_clnt.c
vendor-crypto/openssl/dist/ssl/s3_enc.c
vendor-crypto/openssl/dist/ssl/ssl_algs.c
vendor-crypto/openssl/dist/ssl/ssl_asn1.c
vendor-crypto/openssl/dist/ssl/ssl_cert.c
vendor-crypto/openssl/dist/ssl/ssl_ciph.c
vendor-crypto/openssl/dist/ssl/ssl_lib.c
vendor-crypto/openssl/dist/ssl/ssltest.c
vendor-crypto/openssl/dist/ssl/t1_enc.c
vendor-crypto/openssl/dist/ssl/t1_lib.c
vendor-crypto/openssl/dist/test/cms-test.pl
vendor-crypto/openssl/dist/tools/c_rehash
vendor-crypto/openssl/dist/tools/c_rehash.in
vendor-crypto/openssl/dist/util/libeay.num
vendor-crypto/openssl/dist/util/mkdef.pl
vendor-crypto/openssl/dist/util/pl/VC-32.pl
Modified: vendor-crypto/openssl/dist/CHANGES
==============================================================================
--- vendor-crypto/openssl/dist/CHANGES Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/CHANGES Sun Nov 21 22:45:18 2010 (r215643)
@@ -2,6 +2,51 @@
OpenSSL CHANGES
_______________
+ Changes between 0.9.8o and 0.9.8p [16 Nov 2010]
+
+ *) Fix extension code to avoid race conditions which can result in a buffer
+ overrun vulnerability: resumed sessions must not be modified as they can
+ be shared by multiple threads. CVE-2010-3864
+ [Steve Henson]
+
+ *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939
+ [Steve Henson]
+
+ *) Don't reencode certificate when calculating signature: cache and use
+ the original encoding instead. This makes signature verification of
+ some broken encodings work correctly.
+ [Steve Henson]
+
+ *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT
+ is also one of the inputs.
+ [Emilia Käsper <emilia.kasper at esat.kuleuven.be> (Google)]
+
+ *) Don't repeatedly append PBE algorithms to table if they already exist.
+ Sort table on each new add. This effectively makes the table read only
+ after all algorithms are added and subsequent calls to PKCS12_pbe_add
+ etc are non-op.
+ [Steve Henson]
+
+ Changes between 0.9.8n and 0.9.8o [01 Jun 2010]
+
+ [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after
+ OpenSSL 1.0.0.]
+
+ *) Correct a typo in the CMS ASN1 module which can result in invalid memory
+ access or freeing data twice (CVE-2010-0742)
+ [Steve Henson, Ronald Moesbergen <intercommit at gmail.com>]
+
+ *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more
+ common in certificates and some applications which only call
+ SSL_library_init and not OpenSSL_add_all_algorithms() will fail.
+ [Steve Henson]
+
+ *) VMS fixes:
+ Reduce copying into .apps and .test in makevms.com
+ Don't try to use blank CA certificate in CA.com
+ Allow use of C files from original directories in maketests.com
+ [Steven M. Schweda" <sms at antinode.info>]
+
Changes between 0.9.8m and 0.9.8n [24 Mar 2010]
*) When rejecting SSL/TLS records due to an incorrect version number, never
Modified: vendor-crypto/openssl/dist/Configure
==============================================================================
--- vendor-crypto/openssl/dist/Configure Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/Configure Sun Nov 21 22:45:18 2010 (r215643)
@@ -1812,11 +1812,11 @@ EOF
(system $make_command.$make_targets) == 0 or exit $?
if $make_targets ne "";
if ( $perl =~ m@^/@) {
- &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
+ &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
} else {
# No path for Perl known ...
- &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";');
+ &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
if ($depflags ne $default_depflags && !$make_depend) {
Modified: vendor-crypto/openssl/dist/FAQ
==============================================================================
--- vendor-crypto/openssl/dist/FAQ Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/FAQ Sun Nov 21 22:45:18 2010 (r215643)
@@ -70,6 +70,7 @@ OpenSSL - Frequently Asked Questions
* I think I've detected a memory leak, is this a bug?
* Why does Valgrind complain about the use of uninitialized data?
* Why doesn't a memory BIO work when a file does?
+* Where are the declarations and implementations of d2i_X509() etc?
===============================================================================
@@ -78,7 +79,7 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>.
-OpenSSL 0.9.8n was released on Mar 24th, 2010.
+OpenSSL 1.0.0b was released on Nov 16th, 2010.
In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL:
@@ -94,14 +95,17 @@ explains how to install this library.
OpenSSL includes a command line utility that can be used to perform a
variety of cryptographic functions. It is described in the openssl(1)
-manpage. Documentation for developers is currently being written. A
-few manual pages already are available; overviews over libcrypto and
+manpage. Documentation for developers is currently being written. Many
+manual pages are available; overviews over libcrypto and
libssl are given in the crypto(3) and ssl(3) manpages.
The OpenSSL manpages are installed in /usr/local/ssl/man/ (or a
different directory if you specified one as described in INSTALL).
In addition, you can read the most current versions at
-<URL: http://www.openssl.org/docs/>.
+<URL: http://www.openssl.org/docs/>. Note that the online documents refer
+to the very latest development versions of OpenSSL and may include features
+not present in released versions. If in doubt refer to the documentation
+that came with the version of OpenSSL you are using.
For information on parts of libcrypto that are not yet documented, you
might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's
@@ -717,8 +721,10 @@ file.
Multi-threaded applications must provide two callback functions to
OpenSSL by calling CRYPTO_set_locking_callback() and
-CRYPTO_set_id_callback(). This is described in the threads(3)
-manpage.
+CRYPTO_set_id_callback(), for all versions of OpenSSL up to and
+including 0.9.8[abc...]. As of version 1.0.0, CRYPTO_set_id_callback()
+and associated APIs are deprecated by CRYPTO_THREADID_set_callback()
+and friends. This is described in the threads(3) manpage.
* I've compiled a program under Windows and it crashes: why?
@@ -962,4 +968,15 @@ is needed. This must be done by calling:
See the manual pages for more details.
+* Where are the declarations and implementations of d2i_X509() etc?
+
+These are defined and implemented by macros of the form:
+
+
+ DECLARE_ASN1_FUNCTIONS(X509) and IMPLEMENT_ASN1_FUNCTIONS(X509)
+
+The implementation passes an ASN1 "template" defining the structure into an
+ASN1 interpreter using generalised functions such as ASN1_item_d2i().
+
+
===============================================================================
Modified: vendor-crypto/openssl/dist/Makefile
==============================================================================
--- vendor-crypto/openssl/dist/Makefile Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/Makefile Sun Nov 21 22:45:18 2010 (r215643)
@@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
-VERSION=0.9.8n
+VERSION=0.9.8p
MAJOR=0
MINOR=9.8
SHLIB_VERSION_NUMBER=0.9.8
Modified: vendor-crypto/openssl/dist/NEWS
==============================================================================
--- vendor-crypto/openssl/dist/NEWS Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/NEWS Sun Nov 21 22:45:18 2010 (r215643)
@@ -5,6 +5,18 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p:
+
+ o Fix for security issue CVE-2010-3864.
+
+ Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o:
+
+ o Fix for security issue CVE-2010-0742.
+ o Various DTLS fixes.
+ o Recognise SHA2 certificates if only SSL algorithms added.
+ o Fix for no-rc4 compilation.
+ o Chil ENGINE unload workaround.
+
Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n:
o CFB cipher definition fixes.
Modified: vendor-crypto/openssl/dist/PROBLEMS
==============================================================================
--- vendor-crypto/openssl/dist/PROBLEMS Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/PROBLEMS Sun Nov 21 22:45:18 2010 (r215643)
@@ -36,7 +36,9 @@ may differ on your machine.
As long as Apple doesn't fix the problem with ld, this problem building
-OpenSSL will remain as is.
+OpenSSL will remain as is. Well, the problem was addressed in 0.9.8f by
+passing -Wl,-search_paths_first, but it's unknown if the flag was
+supported from the initial MacOS X release.
* Parallell make leads to errors
Modified: vendor-crypto/openssl/dist/README
==============================================================================
--- vendor-crypto/openssl/dist/README Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/README Sun Nov 21 22:45:18 2010 (r215643)
@@ -1,5 +1,5 @@
- OpenSSL 0.9.8n
+ OpenSSL 0.9.8p 16 Nov 2010
Copyright (c) 1998-2009 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Modified: vendor-crypto/openssl/dist/apps/apps.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/apps.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/apps.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -351,13 +351,12 @@ void program_name(char *in, char *out, i
int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[])
{
- int num,len,i;
+ int num,i;
char *p;
*argc=0;
*argv=NULL;
- len=strlen(buf);
i=0;
if (arg->count == 0)
{
@@ -866,10 +865,17 @@ EVP_PKEY *load_key(BIO *err, const char
if (format == FORMAT_ENGINE)
{
if (!e)
- BIO_printf(bio_err,"no engine specified\n");
+ BIO_printf(err,"no engine specified\n");
else
+ {
pkey = ENGINE_load_private_key(e, file,
ui_method, &cb_data);
+ if (!pkey)
+ {
+ BIO_printf(err,"cannot load %s from engine\n",key_descrip);
+ ERR_print_errors(err);
+ }
+ }
goto end;
}
#endif
@@ -919,8 +925,11 @@ EVP_PKEY *load_key(BIO *err, const char
}
end:
if (key != NULL) BIO_free(key);
- if (pkey == NULL)
+ if (pkey == NULL)
+ {
BIO_printf(err,"unable to load %s\n", key_descrip);
+ ERR_print_errors(err);
+ }
return(pkey);
}
Modified: vendor-crypto/openssl/dist/apps/dh.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/dh.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/dh.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -88,9 +88,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@@ -189,7 +186,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
Modified: vendor-crypto/openssl/dist/apps/dhparam.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/dhparam.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/dhparam.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -149,9 +149,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int i,badops=0,text=0;
#ifndef OPENSSL_NO_DSA
@@ -270,7 +267,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (g && !num)
Modified: vendor-crypto/openssl/dist/apps/dsaparam.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/dsaparam.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/dsaparam.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -111,9 +111,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DSA *dsa=NULL;
int i,badops=0,text=0;
BIO *in=NULL,*out=NULL;
@@ -278,7 +275,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (need_rand)
@@ -357,12 +354,10 @@ bad:
if (C)
{
unsigned char *data;
- int l,len,bits_p,bits_q,bits_g;
+ int l,len,bits_p;
len=BN_num_bytes(dsa->p);
bits_p=BN_num_bits(dsa->p);
- bits_q=BN_num_bits(dsa->q);
- bits_g=BN_num_bits(dsa->g);
data=(unsigned char *)OPENSSL_malloc(len+20);
if (data == NULL)
{
Modified: vendor-crypto/openssl/dist/apps/ec.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/ec.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/ec.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -85,9 +85,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
int ret = 1;
EC_KEY *eckey = NULL;
const EC_GROUP *group;
@@ -254,7 +251,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, passargin, passargout, &passin, &passout))
Modified: vendor-crypto/openssl/dist/apps/ecparam.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/ecparam.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/ecparam.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -129,9 +129,6 @@ int MAIN(int argc, char **argv)
char *infile = NULL, *outfile = NULL, *prog;
BIO *in = NULL, *out = NULL;
int informat, outformat, noout = 0, C = 0, ret = 1;
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
char *engine = NULL;
BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL,
@@ -340,7 +337,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (list_curves)
Modified: vendor-crypto/openssl/dist/apps/enc.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/enc.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/enc.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -100,9 +100,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
static const char magic[]="Salted__";
char mbuf[sizeof magic-1];
char *strbuf=NULL;
@@ -311,7 +308,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (md && (dgst=EVP_get_digestbyname(md)) == NULL)
Modified: vendor-crypto/openssl/dist/apps/gendh.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/gendh.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/gendh.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -89,9 +89,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DH *dh=NULL;
int ret=1,num=DEFBITS;
int g=2;
@@ -163,7 +160,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
out=BIO_new(BIO_s_file());
Modified: vendor-crypto/openssl/dist/apps/gendsa.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/gendsa.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/gendsa.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -78,9 +78,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
DSA *dsa=NULL;
int ret=1;
char *outfile=NULL;
@@ -206,7 +203,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) {
Modified: vendor-crypto/openssl/dist/apps/genrsa.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/genrsa.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/genrsa.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -89,9 +89,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
BN_GENCB cb;
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
int ret=1;
int i,num=DEFBITS;
long l;
@@ -235,7 +232,7 @@ bad:
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
if (outfile == NULL)
Modified: vendor-crypto/openssl/dist/apps/pkcs7.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/pkcs7.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/pkcs7.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -82,9 +82,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
PKCS7 *p7=NULL;
int i,badops=0;
BIO *in=NULL,*out=NULL;
@@ -180,7 +177,7 @@ bad:
ERR_load_crypto_strings();
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
in=BIO_new(BIO_s_file());
Modified: vendor-crypto/openssl/dist/apps/rand.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/rand.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/rand.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -77,9 +77,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
int i, r, ret = 1;
int badopt;
char *outfile = NULL;
@@ -178,7 +175,7 @@ int MAIN(int argc, char **argv)
}
#ifndef OPENSSL_NO_ENGINE
- e = setup_engine(bio_err, engine, 0);
+ setup_engine(bio_err, engine, 0);
#endif
app_RAND_load_file(NULL, bio_err, (inrand != NULL));
Modified: vendor-crypto/openssl/dist/apps/s_server.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/s_server.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/s_server.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -2075,12 +2075,14 @@ static int www_body(char *hostname, int
{
char *buf=NULL;
int ret=1;
- int i,j,k,blank,dot;
+ int i,j,k,dot;
struct stat st_buf;
SSL *con;
SSL_CIPHER *c;
BIO *io,*ssl_bio,*sbio;
+#ifdef RENEG
long total_bytes;
+#endif
buf=OPENSSL_malloc(bufsize);
if (buf == NULL) return(0);
@@ -2151,7 +2153,6 @@ static int www_body(char *hostname, int
SSL_set_msg_callback_arg(con, bio_s_out);
}
- blank=0;
for (;;)
{
if (hack)
@@ -2388,7 +2389,9 @@ static int www_body(char *hostname, int
BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
}
/* send the file */
+#ifdef RENEG
total_bytes=0;
+#endif
for (;;)
{
i=BIO_read(file,buf,bufsize);
Modified: vendor-crypto/openssl/dist/apps/s_socket.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/s_socket.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/s_socket.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -329,7 +329,7 @@ static int init_server_long(int *sock, i
{
int ret=0;
struct sockaddr_in server;
- int s= -1,i;
+ int s= -1;
if (!ssl_sock_init()) return(0);
@@ -368,7 +368,6 @@ static int init_server_long(int *sock, i
}
/* Make it 128 for linux */
if (type==SOCK_STREAM && listen(s,128) == -1) goto err;
- i=0;
*sock=s;
ret=1;
err:
@@ -386,7 +385,7 @@ static int init_server(int *sock, int po
static int do_accept(int acc_sock, int *sock, char **host)
{
- int ret,i;
+ int ret;
struct hostent *h1,*h2;
static struct sockaddr_in from;
int len;
@@ -409,6 +408,7 @@ redoit:
if (ret == INVALID_SOCKET)
{
#if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK))
+ int i;
i=WSAGetLastError();
BIO_printf(bio_err,"accept error %d\n",i);
#else
@@ -463,7 +463,6 @@ redoit:
BIO_printf(bio_err,"gethostbyname failure\n");
return(0);
}
- i=0;
if (h2->h_addrtype != AF_INET)
{
BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
Modified: vendor-crypto/openssl/dist/apps/speed.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/speed.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/speed.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -500,9 +500,6 @@ int MAIN(int, char **);
int MAIN(int argc, char **argv)
{
-#ifndef OPENSSL_NO_ENGINE
- ENGINE *e = NULL;
-#endif
unsigned char *buf=NULL,*buf2=NULL;
int mret=1;
long count=0,save_count=0;
@@ -593,7 +590,6 @@ int MAIN(int argc, char **argv)
unsigned char DES_iv[8];
unsigned char iv[2*MAX_BLOCK_SIZE/8];
#ifndef OPENSSL_NO_DES
- DES_cblock *buf_as_des_cblock = NULL;
static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
@@ -806,9 +802,6 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"out of memory\n");
goto end;
}
-#ifndef OPENSSL_NO_DES
- buf_as_des_cblock = (DES_cblock *)buf;
-#endif
if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL)
{
BIO_printf(bio_err,"out of memory\n");
@@ -883,7 +876,7 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err,"no engine given\n");
goto end;
}
- e = setup_engine(bio_err, *argv, 0);
+ setup_engine(bio_err, *argv, 0);
/* j will be increased again further down. We just
don't want speed to confuse an engine with an
algorithm, especially when none is given (which
@@ -1388,7 +1381,8 @@ int MAIN(int argc, char **argv)
count*=2;
Time_F(START);
for (it=count; it; it--)
- DES_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock,
+ DES_ecb_encrypt((DES_cblock *)buf,
+ (DES_cblock *)buf,
&sch,DES_ENCRYPT);
d=Time_F(STOP);
} while (d <3);
Modified: vendor-crypto/openssl/dist/apps/x509.c
==============================================================================
--- vendor-crypto/openssl/dist/apps/x509.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/apps/x509.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -539,7 +539,6 @@ bad:
if (reqfile)
{
EVP_PKEY *pkey;
- X509_CINF *ci;
BIO *in;
if (!sign_flag && !CA_flag)
@@ -607,7 +606,6 @@ bad:
print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag);
if ((x=X509_new()) == NULL) goto end;
- ci=x->cert_info;
if (sno == NULL)
{
Modified: vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -85,9 +85,9 @@ int AES_wrap_key(AES_KEY *key, const uns
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff)
{
- A[6] ^= (unsigned char)((t & 0xff) >> 8);
- A[5] ^= (unsigned char)((t & 0xff) >> 16);
- A[4] ^= (unsigned char)((t & 0xff) >> 24);
+ A[6] ^= (unsigned char)((t >> 8) & 0xff);
+ A[5] ^= (unsigned char)((t >> 16) & 0xff);
+ A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(R, B + 8, 8);
}
@@ -119,9 +119,9 @@ int AES_unwrap_key(AES_KEY *key, const u
A[7] ^= (unsigned char)(t & 0xff);
if (t > 0xff)
{
- A[6] ^= (unsigned char)((t & 0xff) >> 8);
- A[5] ^= (unsigned char)((t & 0xff) >> 16);
- A[4] ^= (unsigned char)((t & 0xff) >> 24);
+ A[6] ^= (unsigned char)((t >> 8) & 0xff);
+ A[5] ^= (unsigned char)((t >> 16) & 0xff);
+ A[4] ^= (unsigned char)((t >> 24) & 0xff);
}
memcpy(B + 8, R, 8);
AES_decrypt(B, B, key);
Modified: vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl
==============================================================================
--- vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl Sun Nov 21 22:45:18 2010 (r215643)
@@ -751,7 +751,19 @@ $code.=<<___;
AES_set_encrypt_key:
push %rbx
push %rbp
+ sub \$8,%rsp
+ call _x86_64_AES_set_encrypt_key
+
+ mov 8(%rsp),%rbp
+ mov 16(%rsp),%rbx
+ add \$24,%rsp
+ ret
+.size AES_set_encrypt_key,.-AES_set_encrypt_key
+
+.type _x86_64_AES_set_encrypt_key,\@abi-omnipotent
+.align 16
+_x86_64_AES_set_encrypt_key:
mov %esi,%ecx # %ecx=bits
mov %rdi,%rsi # %rsi=userKey
mov %rdx,%rdi # %rdi=key
@@ -938,10 +950,8 @@ $code.=<<___;
.Lbadpointer:
mov \$-1,%rax
.Lexit:
- pop %rbp
- pop %rbx
- ret
-.size AES_set_encrypt_key,.-AES_set_encrypt_key
+ .byte 0xf3,0xc3 # rep ret
+.size _x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key
___
sub deckey()
@@ -973,15 +983,14 @@ $code.=<<___;
.type AES_set_decrypt_key,\@function,3
.align 16
AES_set_decrypt_key:
- push %rdx
- call AES_set_encrypt_key
- cmp \$0,%eax
- je .Lproceed
- lea 24(%rsp),%rsp
- ret
-.Lproceed:
+ push %rbx
+ push %rbp
+ push %rdx # save key schedule
+
+ call _x86_64_AES_set_encrypt_key
mov (%rsp),%r8 # restore key schedule
- mov %rbx,(%rsp)
+ cmp \$0,%eax
+ jne .Labort
mov 240(%r8),%ecx # pull number of rounds
xor %rdi,%rdi
@@ -1023,7 +1032,10 @@ $code.=<<___;
jnz .Lpermute
xor %rax,%rax
- pop %rbx
+.Labort:
+ mov 8(%rsp),%rbp
+ mov 16(%rsp),%rbx
+ add \$24,%rsp
ret
.size AES_set_decrypt_key,.-AES_set_decrypt_key
___
Modified: vendor-crypto/openssl/dist/crypto/asn1/a_int.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/a_int.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/asn1/a_int.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INT
{
ASN1_INTEGER *ret=NULL;
const unsigned char *p;
- unsigned char *to,*s;
+ unsigned char *s;
long len;
int inf,tag,xclass;
int i;
@@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INT
i=ERR_R_MALLOC_FAILURE;
goto err;
}
- to=s;
ret->type=V_ASN1_INTEGER;
if(len) {
if ((*p == 0) && (len != 1))
Modified: vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -242,7 +242,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned
int sgckey)
{
RSA *ret=NULL;
- const unsigned char *p, *kp;
+ const unsigned char *p;
NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
p = *pp;
@@ -265,7 +265,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned
ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
goto err;
}
- kp = enckey->enckey->digest->data;
if (cb == NULL)
cb=EVP_read_pw_string;
if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
Modified: vendor-crypto/openssl/dist/crypto/asn1/t_crl.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/t_crl.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/asn1/t_crl.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x
STACK_OF(X509_REVOKED) *rev;
X509_REVOKED *r;
long l;
- int i, n;
+ int i;
char *p;
BIO_printf(out, "Certificate Revocation List (CRL):\n");
@@ -107,7 +107,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x
else BIO_printf(out,"NONE");
BIO_printf(out,"\n");
- n=X509_CRL_get_ext_count(x);
X509V3_extensions_print(out, "CRL extensions",
x->crl->extensions, 0, 8);
Modified: vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -166,7 +166,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval,
int i;
int otag;
int ret = 0;
- ASN1_VALUE *pchval, **pchptr, *ptmpval;
+ ASN1_VALUE **pchptr, *ptmpval;
if (!pval)
return 0;
if (aux && aux->asn1_cb)
@@ -317,7 +317,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval,
goto err;
}
/* CHOICE type, try each possibility in turn */
- pchval = NULL;
p = *in;
for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
{
Modified: vendor-crypto/openssl/dist/crypto/asn1/x_x509.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/asn1/x_x509.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/asn1/x_x509.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -63,7 +63,7 @@
#include <openssl/x509.h>
#include <openssl/x509v3.h>
-ASN1_SEQUENCE(X509_CINF) = {
+ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = {
ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
@@ -74,7 +74,7 @@ ASN1_SEQUENCE(X509_CINF) = {
ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
-} ASN1_SEQUENCE_END(X509_CINF)
+} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF)
IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
/* X509 top level structure needs a bit of customisation */
Modified: vendor-crypto/openssl/dist/crypto/bio/b_sock.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/bio/b_sock.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/bio/b_sock.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -659,7 +659,14 @@ again:
#ifdef SO_REUSEADDR
err_num=get_last_socket_error();
if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) &&
+#ifdef OPENSSL_SYS_WINDOWS
+ /* Some versions of Windows define EADDRINUSE to
+ * a dummy value.
+ */
+ (err_num == WSAEADDRINUSE))
+#else
(err_num == EADDRINUSE))
+#endif
{
memcpy((char *)&client,(char *)&server,sizeof(server));
if (strcmp(h,"*") == 0)
Modified: vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -125,7 +125,6 @@ static int nbiof_free(BIO *a)
static int nbiof_read(BIO *b, char *out, int outl)
{
- NBIO_TEST *nt;
int ret=0;
#if 1
int num;
@@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out,
if (out == NULL) return(0);
if (b->next_bio == NULL) return(0);
- nt=(NBIO_TEST *)b->ptr;
BIO_clear_retry_flags(b);
#if 1
Modified: vendor-crypto/openssl/dist/crypto/bio/bio_lib.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bio_lib.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/bio/bio_lib.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method
int BIO_free(BIO *a)
{
- int ret=0,i;
+ int i;
if (a == NULL) return(0);
@@ -133,7 +133,7 @@ int BIO_free(BIO *a)
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data);
if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
- ret=a->method->destroy(a);
+ a->method->destroy(a);
OPENSSL_free(a);
return(1);
}
Modified: vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char
static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr)
{
- BIO *dbio;
int *ip;
long ret=1;
BIO_ACCEPT *data;
@@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, l
ret=(long)data->bind_mode;
break;
case BIO_CTRL_DUP:
- dbio=(BIO *)ptr;
-/* if (data->param_port) EAY EAY
+/* dbio=(BIO *)ptr;
+ if (data->param_port) EAY EAY
BIO_set_port(dbio,data->param_port);
if (data->param_hostname)
BIO_set_hostname(dbio,data->param_hostname);
Modified: vendor-crypto/openssl/dist/crypto/bio/bss_sock.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/bio/bss_sock.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/bio/bss_sock.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -172,15 +172,6 @@ static long sock_ctrl(BIO *b, int cmd, l
switch (cmd)
{
- case BIO_CTRL_RESET:
- num=0;
- case BIO_C_FILE_SEEK:
- ret=0;
- break;
- case BIO_C_FILE_TELL:
- case BIO_CTRL_INFO:
- ret=0;
- break;
case BIO_C_SET_FD:
sock_free(b);
b->num= *((int *)ptr);
@@ -203,10 +194,6 @@ static long sock_ctrl(BIO *b, int cmd, l
case BIO_CTRL_SET_CLOSE:
b->shutdown=(int)num;
break;
- case BIO_CTRL_PENDING:
- case BIO_CTRL_WPENDING:
- ret=0;
- break;
case BIO_CTRL_DUP:
case BIO_CTRL_FLUSH:
ret=1;
Modified: vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -301,7 +301,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const B
r_is_one = 0;
}
}
- BN_from_montgomery(rr,r,mont,ctx);
+ if (!BN_from_montgomery(rr,r,mont,ctx))
+ goto err;
ret=1;
err:
if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont);
Modified: vendor-crypto/openssl/dist/crypto/bn/bn_mul.c
==============================================================================
--- vendor-crypto/openssl/dist/crypto/bn/bn_mul.c Sun Nov 21 21:31:29 2010 (r215642)
+++ vendor-crypto/openssl/dist/crypto/bn/bn_mul.c Sun Nov 21 22:45:18 2010 (r215643)
@@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r,
int tna, int tnb, BN_ULONG *t)
{
int i,j,n2=n*2;
- int c1,c2,neg,zero;
+ int c1,c2,neg;
BN_ULONG ln,lo,*p;
# ifdef BN_COUNT
@@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r,
/* r=(a[0]-a[1])*(b[1]-b[0]) */
c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna);
c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n);
- zero=neg=0;
+ neg=0;
switch (c1*3+c2)
{
case -4:
@@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r,
bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */
break;
case -3:
- zero=1;
/* break; */
case -2:
bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */
@@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r,
case -1:
case 0:
case 1:
- zero=1;
/* break; */
case 2:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */
@@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r,
neg=1;
break;
case 3:
- zero=1;
/* break; */
case 4:
bn_sub_part_words(t, a, &(a[n]),tna,n-tna);
@@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, c
{
if (i >= -1 && i <= 1)
{
- int sav_j =0;
/* Find out the power of two lower or equal
to the longest of the two numbers */
if (i >= 0)
@@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, c
{
j = BN_num_bits_word((BN_ULONG)bl);
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-vendor
mailing list