From owner-svn-src-vendor@FreeBSD.ORG Sun Nov 21 22:45:19 2010 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BE322106564A; Sun, 21 Nov 2010 22:45:19 +0000 (UTC) (envelope-from simon@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A88238FC0C; Sun, 21 Nov 2010 22:45:19 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id oALMjJMC070164; Sun, 21 Nov 2010 22:45:19 GMT (envelope-from simon@svn.freebsd.org) Received: (from simon@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id oALMjJS7070125; Sun, 21 Nov 2010 22:45:19 GMT (envelope-from simon@svn.freebsd.org) Message-Id: <201011212245.oALMjJS7070125@svn.freebsd.org> From: "Simon L. Nielsen" Date: Sun, 21 Nov 2010 22:45:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor-crypto MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r215643 - in vendor-crypto/openssl/dist: . apps crypto crypto/aes crypto/aes/asm crypto/asn1 crypto/bio crypto/bn crypto/cms crypto/conf crypto/des crypto/dsa crypto/ec crypto/ecdh cryp... X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Nov 2010 22:45:19 -0000 Author: simon Date: Sun Nov 21 22:45:18 2010 New Revision: 215643 URL: http://svn.freebsd.org/changeset/base/215643 Log: Import OpenSSL 0.9.8p. Modified: vendor-crypto/openssl/dist/CHANGES vendor-crypto/openssl/dist/Configure vendor-crypto/openssl/dist/FAQ vendor-crypto/openssl/dist/Makefile vendor-crypto/openssl/dist/NEWS vendor-crypto/openssl/dist/PROBLEMS vendor-crypto/openssl/dist/README vendor-crypto/openssl/dist/apps/apps.c vendor-crypto/openssl/dist/apps/dh.c vendor-crypto/openssl/dist/apps/dhparam.c vendor-crypto/openssl/dist/apps/dsaparam.c vendor-crypto/openssl/dist/apps/ec.c vendor-crypto/openssl/dist/apps/ecparam.c vendor-crypto/openssl/dist/apps/enc.c vendor-crypto/openssl/dist/apps/gendh.c vendor-crypto/openssl/dist/apps/gendsa.c vendor-crypto/openssl/dist/apps/genrsa.c vendor-crypto/openssl/dist/apps/pkcs7.c vendor-crypto/openssl/dist/apps/rand.c vendor-crypto/openssl/dist/apps/s_server.c vendor-crypto/openssl/dist/apps/s_socket.c vendor-crypto/openssl/dist/apps/speed.c vendor-crypto/openssl/dist/apps/x509.c vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl vendor-crypto/openssl/dist/crypto/asn1/a_int.c vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c vendor-crypto/openssl/dist/crypto/asn1/t_crl.c vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c vendor-crypto/openssl/dist/crypto/asn1/x_x509.c vendor-crypto/openssl/dist/crypto/bio/b_sock.c vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c vendor-crypto/openssl/dist/crypto/bio/bio_lib.c vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c vendor-crypto/openssl/dist/crypto/bio/bss_sock.c vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c vendor-crypto/openssl/dist/crypto/bn/bn_mul.c vendor-crypto/openssl/dist/crypto/cms/cms_asn1.c vendor-crypto/openssl/dist/crypto/conf/conf_def.c vendor-crypto/openssl/dist/crypto/des/rpc_des.h vendor-crypto/openssl/dist/crypto/dsa/dsa_gen.c vendor-crypto/openssl/dist/crypto/dsa/dsa_ossl.c vendor-crypto/openssl/dist/crypto/ec/ec2_mult.c vendor-crypto/openssl/dist/crypto/ec/ec_mult.c vendor-crypto/openssl/dist/crypto/ecdh/ech_lib.c vendor-crypto/openssl/dist/crypto/ecdsa/ecs_lib.c vendor-crypto/openssl/dist/crypto/engine/eng_list.c vendor-crypto/openssl/dist/crypto/err/err_prn.c vendor-crypto/openssl/dist/crypto/evp/bio_b64.c vendor-crypto/openssl/dist/crypto/evp/enc_min.c vendor-crypto/openssl/dist/crypto/evp/encode.c vendor-crypto/openssl/dist/crypto/evp/evp_pbe.c vendor-crypto/openssl/dist/crypto/hmac/hmac.c vendor-crypto/openssl/dist/crypto/md32_common.h vendor-crypto/openssl/dist/crypto/o_init.c vendor-crypto/openssl/dist/crypto/ocsp/ocsp_ht.c vendor-crypto/openssl/dist/crypto/ocsp/ocsp_prn.c vendor-crypto/openssl/dist/crypto/opensslv.h vendor-crypto/openssl/dist/crypto/pem/pem_lib.c vendor-crypto/openssl/dist/crypto/pkcs12/p12_key.c vendor-crypto/openssl/dist/crypto/pkcs12/p12_npas.c vendor-crypto/openssl/dist/crypto/pkcs7/pk7_doit.c vendor-crypto/openssl/dist/crypto/pkcs7/pk7_lib.c vendor-crypto/openssl/dist/crypto/pkcs7/pk7_mime.c vendor-crypto/openssl/dist/crypto/pqueue/pqueue.c vendor-crypto/openssl/dist/crypto/rand/rand_nw.c vendor-crypto/openssl/dist/crypto/rand/randfile.c vendor-crypto/openssl/dist/crypto/rsa/rsa_eay.c vendor-crypto/openssl/dist/crypto/x509/x509.h vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c vendor-crypto/openssl/dist/crypto/x509/x_all.c vendor-crypto/openssl/dist/crypto/x509v3/v3_ncons.c vendor-crypto/openssl/dist/crypto/x509v3/v3_pci.c vendor-crypto/openssl/dist/doc/apps/smime.pod vendor-crypto/openssl/dist/doc/crypto/ASN1_OBJECT_new.pod vendor-crypto/openssl/dist/doc/crypto/ASN1_STRING_length.pod vendor-crypto/openssl/dist/doc/crypto/ASN1_STRING_new.pod vendor-crypto/openssl/dist/doc/crypto/ASN1_generate_nconf.pod vendor-crypto/openssl/dist/doc/crypto/BIO_f_buffer.pod vendor-crypto/openssl/dist/doc/crypto/BIO_should_retry.pod vendor-crypto/openssl/dist/doc/crypto/CRYPTO_set_ex_data.pod vendor-crypto/openssl/dist/doc/crypto/OBJ_nid2obj.pod vendor-crypto/openssl/dist/doc/crypto/PKCS7_decrypt.pod vendor-crypto/openssl/dist/doc/crypto/PKCS7_encrypt.pod vendor-crypto/openssl/dist/doc/crypto/PKCS7_sign.pod vendor-crypto/openssl/dist/doc/crypto/PKCS7_verify.pod vendor-crypto/openssl/dist/doc/crypto/SMIME_read_PKCS7.pod vendor-crypto/openssl/dist/doc/crypto/SMIME_write_PKCS7.pod vendor-crypto/openssl/dist/doc/crypto/X509_NAME_ENTRY_get_object.pod vendor-crypto/openssl/dist/doc/crypto/X509_NAME_add_entry_by_txt.pod vendor-crypto/openssl/dist/doc/crypto/X509_NAME_get_index_by_NID.pod vendor-crypto/openssl/dist/doc/crypto/X509_new.pod vendor-crypto/openssl/dist/doc/crypto/bn_internal.pod vendor-crypto/openssl/dist/doc/crypto/ui_compat.pod vendor-crypto/openssl/dist/doc/ssl/SSL_library_init.pod vendor-crypto/openssl/dist/e_os.h vendor-crypto/openssl/dist/engines/e_chil.c vendor-crypto/openssl/dist/engines/e_cswift.c vendor-crypto/openssl/dist/engines/e_ubsec.c vendor-crypto/openssl/dist/fips/mkfipsscr.pl vendor-crypto/openssl/dist/openssl.spec vendor-crypto/openssl/dist/ssl/d1_both.c vendor-crypto/openssl/dist/ssl/d1_clnt.c vendor-crypto/openssl/dist/ssl/d1_enc.c vendor-crypto/openssl/dist/ssl/d1_lib.c vendor-crypto/openssl/dist/ssl/d1_pkt.c vendor-crypto/openssl/dist/ssl/dtls1.h vendor-crypto/openssl/dist/ssl/s23_clnt.c vendor-crypto/openssl/dist/ssl/s23_lib.c vendor-crypto/openssl/dist/ssl/s2_srvr.c vendor-crypto/openssl/dist/ssl/s3_both.c vendor-crypto/openssl/dist/ssl/s3_clnt.c vendor-crypto/openssl/dist/ssl/s3_enc.c vendor-crypto/openssl/dist/ssl/ssl_algs.c vendor-crypto/openssl/dist/ssl/ssl_asn1.c vendor-crypto/openssl/dist/ssl/ssl_cert.c vendor-crypto/openssl/dist/ssl/ssl_ciph.c vendor-crypto/openssl/dist/ssl/ssl_lib.c vendor-crypto/openssl/dist/ssl/ssltest.c vendor-crypto/openssl/dist/ssl/t1_enc.c vendor-crypto/openssl/dist/ssl/t1_lib.c vendor-crypto/openssl/dist/test/cms-test.pl vendor-crypto/openssl/dist/tools/c_rehash vendor-crypto/openssl/dist/tools/c_rehash.in vendor-crypto/openssl/dist/util/libeay.num vendor-crypto/openssl/dist/util/mkdef.pl vendor-crypto/openssl/dist/util/pl/VC-32.pl Modified: vendor-crypto/openssl/dist/CHANGES ============================================================================== --- vendor-crypto/openssl/dist/CHANGES Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/CHANGES Sun Nov 21 22:45:18 2010 (r215643) @@ -2,6 +2,51 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8o and 0.9.8p [16 Nov 2010] + + *) Fix extension code to avoid race conditions which can result in a buffer + overrun vulnerability: resumed sessions must not be modified as they can + be shared by multiple threads. CVE-2010-3864 + [Steve Henson] + + *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939 + [Steve Henson] + + *) Don't reencode certificate when calculating signature: cache and use + the original encoding instead. This makes signature verification of + some broken encodings work correctly. + [Steve Henson] + + *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT + is also one of the inputs. + [Emilia Käsper (Google)] + + *) Don't repeatedly append PBE algorithms to table if they already exist. + Sort table on each new add. This effectively makes the table read only + after all algorithms are added and subsequent calls to PKCS12_pbe_add + etc are non-op. + [Steve Henson] + + Changes between 0.9.8n and 0.9.8o [01 Jun 2010] + + [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after + OpenSSL 1.0.0.] + + *) Correct a typo in the CMS ASN1 module which can result in invalid memory + access or freeing data twice (CVE-2010-0742) + [Steve Henson, Ronald Moesbergen ] + + *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more + common in certificates and some applications which only call + SSL_library_init and not OpenSSL_add_all_algorithms() will fail. + [Steve Henson] + + *) VMS fixes: + Reduce copying into .apps and .test in makevms.com + Don't try to use blank CA certificate in CA.com + Allow use of C files from original directories in maketests.com + [Steven M. Schweda" ] + Changes between 0.9.8m and 0.9.8n [24 Mar 2010] *) When rejecting SSL/TLS records due to an incorrect version number, never Modified: vendor-crypto/openssl/dist/Configure ============================================================================== --- vendor-crypto/openssl/dist/Configure Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/Configure Sun Nov 21 22:45:18 2010 (r215643) @@ -1812,11 +1812,11 @@ EOF (system $make_command.$make_targets) == 0 or exit $? if $make_targets ne ""; if ( $perl =~ m@^/@) { - &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";'); + &dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";'); &dofile("apps/CA.pl",$perl,'^#!/', '#!%s'); } else { # No path for Perl known ... - &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";'); + &dofile("tools/c_rehash",'/usr/local/bin/perl','^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";'); &dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s'); } if ($depflags ne $default_depflags && !$make_depend) { Modified: vendor-crypto/openssl/dist/FAQ ============================================================================== --- vendor-crypto/openssl/dist/FAQ Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/FAQ Sun Nov 21 22:45:18 2010 (r215643) @@ -70,6 +70,7 @@ OpenSSL - Frequently Asked Questions * I think I've detected a memory leak, is this a bug? * Why does Valgrind complain about the use of uninitialized data? * Why doesn't a memory BIO work when a file does? +* Where are the declarations and implementations of d2i_X509() etc? =============================================================================== @@ -78,7 +79,7 @@ OpenSSL - Frequently Asked Questions * Which is the current version of OpenSSL? The current version is available from . -OpenSSL 0.9.8n was released on Mar 24th, 2010. +OpenSSL 1.0.0b was released on Nov 16th, 2010. In addition to the current stable release, you can also access daily snapshots of the OpenSSL development version at . +. Note that the online documents refer +to the very latest development versions of OpenSSL and may include features +not present in released versions. If in doubt refer to the documentation +that came with the version of OpenSSL you are using. For information on parts of libcrypto that are not yet documented, you might want to read Ariel Glenn's documentation on SSLeay 0.9, OpenSSL's @@ -717,8 +721,10 @@ file. Multi-threaded applications must provide two callback functions to OpenSSL by calling CRYPTO_set_locking_callback() and -CRYPTO_set_id_callback(). This is described in the threads(3) -manpage. +CRYPTO_set_id_callback(), for all versions of OpenSSL up to and +including 0.9.8[abc...]. As of version 1.0.0, CRYPTO_set_id_callback() +and associated APIs are deprecated by CRYPTO_THREADID_set_callback() +and friends. This is described in the threads(3) manpage. * I've compiled a program under Windows and it crashes: why? @@ -962,4 +968,15 @@ is needed. This must be done by calling: See the manual pages for more details. +* Where are the declarations and implementations of d2i_X509() etc? + +These are defined and implemented by macros of the form: + + + DECLARE_ASN1_FUNCTIONS(X509) and IMPLEMENT_ASN1_FUNCTIONS(X509) + +The implementation passes an ASN1 "template" defining the structure into an +ASN1 interpreter using generalised functions such as ASN1_item_d2i(). + + =============================================================================== Modified: vendor-crypto/openssl/dist/Makefile ============================================================================== --- vendor-crypto/openssl/dist/Makefile Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/Makefile Sun Nov 21 22:45:18 2010 (r215643) @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=0.9.8n +VERSION=0.9.8p MAJOR=0 MINOR=9.8 SHLIB_VERSION_NUMBER=0.9.8 Modified: vendor-crypto/openssl/dist/NEWS ============================================================================== --- vendor-crypto/openssl/dist/NEWS Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/NEWS Sun Nov 21 22:45:18 2010 (r215643) @@ -5,6 +5,18 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p: + + o Fix for security issue CVE-2010-3864. + + Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o: + + o Fix for security issue CVE-2010-0742. + o Various DTLS fixes. + o Recognise SHA2 certificates if only SSL algorithms added. + o Fix for no-rc4 compilation. + o Chil ENGINE unload workaround. + Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n: o CFB cipher definition fixes. Modified: vendor-crypto/openssl/dist/PROBLEMS ============================================================================== --- vendor-crypto/openssl/dist/PROBLEMS Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/PROBLEMS Sun Nov 21 22:45:18 2010 (r215643) @@ -36,7 +36,9 @@ may differ on your machine. As long as Apple doesn't fix the problem with ld, this problem building -OpenSSL will remain as is. +OpenSSL will remain as is. Well, the problem was addressed in 0.9.8f by +passing -Wl,-search_paths_first, but it's unknown if the flag was +supported from the initial MacOS X release. * Parallell make leads to errors Modified: vendor-crypto/openssl/dist/README ============================================================================== --- vendor-crypto/openssl/dist/README Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/README Sun Nov 21 22:45:18 2010 (r215643) @@ -1,5 +1,5 @@ - OpenSSL 0.9.8n + OpenSSL 0.9.8p 16 Nov 2010 Copyright (c) 1998-2009 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: vendor-crypto/openssl/dist/apps/apps.c ============================================================================== --- vendor-crypto/openssl/dist/apps/apps.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/apps.c Sun Nov 21 22:45:18 2010 (r215643) @@ -351,13 +351,12 @@ void program_name(char *in, char *out, i int chopup_args(ARGS *arg, char *buf, int *argc, char **argv[]) { - int num,len,i; + int num,i; char *p; *argc=0; *argv=NULL; - len=strlen(buf); i=0; if (arg->count == 0) { @@ -866,10 +865,17 @@ EVP_PKEY *load_key(BIO *err, const char if (format == FORMAT_ENGINE) { if (!e) - BIO_printf(bio_err,"no engine specified\n"); + BIO_printf(err,"no engine specified\n"); else + { pkey = ENGINE_load_private_key(e, file, ui_method, &cb_data); + if (!pkey) + { + BIO_printf(err,"cannot load %s from engine\n",key_descrip); + ERR_print_errors(err); + } + } goto end; } #endif @@ -919,8 +925,11 @@ EVP_PKEY *load_key(BIO *err, const char } end: if (key != NULL) BIO_free(key); - if (pkey == NULL) + if (pkey == NULL) + { BIO_printf(err,"unable to load %s\n", key_descrip); + ERR_print_errors(err); + } return(pkey); } Modified: vendor-crypto/openssl/dist/apps/dh.c ============================================================================== --- vendor-crypto/openssl/dist/apps/dh.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/dh.c Sun Nov 21 22:45:18 2010 (r215643) @@ -88,9 +88,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DH *dh=NULL; int i,badops=0,text=0; BIO *in=NULL,*out=NULL; @@ -189,7 +186,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif in=BIO_new(BIO_s_file()); Modified: vendor-crypto/openssl/dist/apps/dhparam.c ============================================================================== --- vendor-crypto/openssl/dist/apps/dhparam.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/dhparam.c Sun Nov 21 22:45:18 2010 (r215643) @@ -149,9 +149,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DH *dh=NULL; int i,badops=0,text=0; #ifndef OPENSSL_NO_DSA @@ -270,7 +267,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (g && !num) Modified: vendor-crypto/openssl/dist/apps/dsaparam.c ============================================================================== --- vendor-crypto/openssl/dist/apps/dsaparam.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/dsaparam.c Sun Nov 21 22:45:18 2010 (r215643) @@ -111,9 +111,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DSA *dsa=NULL; int i,badops=0,text=0; BIO *in=NULL,*out=NULL; @@ -278,7 +275,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (need_rand) @@ -357,12 +354,10 @@ bad: if (C) { unsigned char *data; - int l,len,bits_p,bits_q,bits_g; + int l,len,bits_p; len=BN_num_bytes(dsa->p); bits_p=BN_num_bits(dsa->p); - bits_q=BN_num_bits(dsa->q); - bits_g=BN_num_bits(dsa->g); data=(unsigned char *)OPENSSL_malloc(len+20); if (data == NULL) { Modified: vendor-crypto/openssl/dist/apps/ec.c ============================================================================== --- vendor-crypto/openssl/dist/apps/ec.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/ec.c Sun Nov 21 22:45:18 2010 (r215643) @@ -85,9 +85,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif int ret = 1; EC_KEY *eckey = NULL; const EC_GROUP *group; @@ -254,7 +251,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if(!app_passwd(bio_err, passargin, passargout, &passin, &passout)) Modified: vendor-crypto/openssl/dist/apps/ecparam.c ============================================================================== --- vendor-crypto/openssl/dist/apps/ecparam.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/ecparam.c Sun Nov 21 22:45:18 2010 (r215643) @@ -129,9 +129,6 @@ int MAIN(int argc, char **argv) char *infile = NULL, *outfile = NULL, *prog; BIO *in = NULL, *out = NULL; int informat, outformat, noout = 0, C = 0, ret = 1; -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif char *engine = NULL; BIGNUM *ec_p = NULL, *ec_a = NULL, *ec_b = NULL, @@ -340,7 +337,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (list_curves) Modified: vendor-crypto/openssl/dist/apps/enc.c ============================================================================== --- vendor-crypto/openssl/dist/apps/enc.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/enc.c Sun Nov 21 22:45:18 2010 (r215643) @@ -100,9 +100,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif static const char magic[]="Salted__"; char mbuf[sizeof magic-1]; char *strbuf=NULL; @@ -311,7 +308,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (md && (dgst=EVP_get_digestbyname(md)) == NULL) Modified: vendor-crypto/openssl/dist/apps/gendh.c ============================================================================== --- vendor-crypto/openssl/dist/apps/gendh.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/gendh.c Sun Nov 21 22:45:18 2010 (r215643) @@ -89,9 +89,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { BN_GENCB cb; -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DH *dh=NULL; int ret=1,num=DEFBITS; int g=2; @@ -163,7 +160,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif out=BIO_new(BIO_s_file()); Modified: vendor-crypto/openssl/dist/apps/gendsa.c ============================================================================== --- vendor-crypto/openssl/dist/apps/gendsa.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/gendsa.c Sun Nov 21 22:45:18 2010 (r215643) @@ -78,9 +78,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif DSA *dsa=NULL; int ret=1; char *outfile=NULL; @@ -206,7 +203,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if(!app_passwd(bio_err, NULL, passargout, NULL, &passout)) { Modified: vendor-crypto/openssl/dist/apps/genrsa.c ============================================================================== --- vendor-crypto/openssl/dist/apps/genrsa.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/genrsa.c Sun Nov 21 22:45:18 2010 (r215643) @@ -89,9 +89,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { BN_GENCB cb; -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif int ret=1; int i,num=DEFBITS; long l; @@ -235,7 +232,7 @@ bad: } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif if (outfile == NULL) Modified: vendor-crypto/openssl/dist/apps/pkcs7.c ============================================================================== --- vendor-crypto/openssl/dist/apps/pkcs7.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/pkcs7.c Sun Nov 21 22:45:18 2010 (r215643) @@ -82,9 +82,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif PKCS7 *p7=NULL; int i,badops=0; BIO *in=NULL,*out=NULL; @@ -180,7 +177,7 @@ bad: ERR_load_crypto_strings(); #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif in=BIO_new(BIO_s_file()); Modified: vendor-crypto/openssl/dist/apps/rand.c ============================================================================== --- vendor-crypto/openssl/dist/apps/rand.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/rand.c Sun Nov 21 22:45:18 2010 (r215643) @@ -77,9 +77,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif int i, r, ret = 1; int badopt; char *outfile = NULL; @@ -178,7 +175,7 @@ int MAIN(int argc, char **argv) } #ifndef OPENSSL_NO_ENGINE - e = setup_engine(bio_err, engine, 0); + setup_engine(bio_err, engine, 0); #endif app_RAND_load_file(NULL, bio_err, (inrand != NULL)); Modified: vendor-crypto/openssl/dist/apps/s_server.c ============================================================================== --- vendor-crypto/openssl/dist/apps/s_server.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/s_server.c Sun Nov 21 22:45:18 2010 (r215643) @@ -2075,12 +2075,14 @@ static int www_body(char *hostname, int { char *buf=NULL; int ret=1; - int i,j,k,blank,dot; + int i,j,k,dot; struct stat st_buf; SSL *con; SSL_CIPHER *c; BIO *io,*ssl_bio,*sbio; +#ifdef RENEG long total_bytes; +#endif buf=OPENSSL_malloc(bufsize); if (buf == NULL) return(0); @@ -2151,7 +2153,6 @@ static int www_body(char *hostname, int SSL_set_msg_callback_arg(con, bio_s_out); } - blank=0; for (;;) { if (hack) @@ -2388,7 +2389,9 @@ static int www_body(char *hostname, int BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n"); } /* send the file */ +#ifdef RENEG total_bytes=0; +#endif for (;;) { i=BIO_read(file,buf,bufsize); Modified: vendor-crypto/openssl/dist/apps/s_socket.c ============================================================================== --- vendor-crypto/openssl/dist/apps/s_socket.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/s_socket.c Sun Nov 21 22:45:18 2010 (r215643) @@ -329,7 +329,7 @@ static int init_server_long(int *sock, i { int ret=0; struct sockaddr_in server; - int s= -1,i; + int s= -1; if (!ssl_sock_init()) return(0); @@ -368,7 +368,6 @@ static int init_server_long(int *sock, i } /* Make it 128 for linux */ if (type==SOCK_STREAM && listen(s,128) == -1) goto err; - i=0; *sock=s; ret=1; err: @@ -386,7 +385,7 @@ static int init_server(int *sock, int po static int do_accept(int acc_sock, int *sock, char **host) { - int ret,i; + int ret; struct hostent *h1,*h2; static struct sockaddr_in from; int len; @@ -409,6 +408,7 @@ redoit: if (ret == INVALID_SOCKET) { #if defined(OPENSSL_SYS_WINDOWS) || (defined(OPENSSL_SYS_NETWARE) && !defined(NETWARE_BSDSOCK)) + int i; i=WSAGetLastError(); BIO_printf(bio_err,"accept error %d\n",i); #else @@ -463,7 +463,6 @@ redoit: BIO_printf(bio_err,"gethostbyname failure\n"); return(0); } - i=0; if (h2->h_addrtype != AF_INET) { BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n"); Modified: vendor-crypto/openssl/dist/apps/speed.c ============================================================================== --- vendor-crypto/openssl/dist/apps/speed.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/speed.c Sun Nov 21 22:45:18 2010 (r215643) @@ -500,9 +500,6 @@ int MAIN(int, char **); int MAIN(int argc, char **argv) { -#ifndef OPENSSL_NO_ENGINE - ENGINE *e = NULL; -#endif unsigned char *buf=NULL,*buf2=NULL; int mret=1; long count=0,save_count=0; @@ -593,7 +590,6 @@ int MAIN(int argc, char **argv) unsigned char DES_iv[8]; unsigned char iv[2*MAX_BLOCK_SIZE/8]; #ifndef OPENSSL_NO_DES - DES_cblock *buf_as_des_cblock = NULL; static DES_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0}; static DES_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12}; static DES_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34}; @@ -806,9 +802,6 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"out of memory\n"); goto end; } -#ifndef OPENSSL_NO_DES - buf_as_des_cblock = (DES_cblock *)buf; -#endif if ((buf2=(unsigned char *)OPENSSL_malloc((int)BUFSIZE)) == NULL) { BIO_printf(bio_err,"out of memory\n"); @@ -883,7 +876,7 @@ int MAIN(int argc, char **argv) BIO_printf(bio_err,"no engine given\n"); goto end; } - e = setup_engine(bio_err, *argv, 0); + setup_engine(bio_err, *argv, 0); /* j will be increased again further down. We just don't want speed to confuse an engine with an algorithm, especially when none is given (which @@ -1388,7 +1381,8 @@ int MAIN(int argc, char **argv) count*=2; Time_F(START); for (it=count; it; it--) - DES_ecb_encrypt(buf_as_des_cblock,buf_as_des_cblock, + DES_ecb_encrypt((DES_cblock *)buf, + (DES_cblock *)buf, &sch,DES_ENCRYPT); d=Time_F(STOP); } while (d <3); Modified: vendor-crypto/openssl/dist/apps/x509.c ============================================================================== --- vendor-crypto/openssl/dist/apps/x509.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/apps/x509.c Sun Nov 21 22:45:18 2010 (r215643) @@ -539,7 +539,6 @@ bad: if (reqfile) { EVP_PKEY *pkey; - X509_CINF *ci; BIO *in; if (!sign_flag && !CA_flag) @@ -607,7 +606,6 @@ bad: print_name(bio_err, "subject=", X509_REQ_get_subject_name(req), nmflag); if ((x=X509_new()) == NULL) goto end; - ci=x->cert_info; if (sno == NULL) { Modified: vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/aes/aes_wrap.c Sun Nov 21 22:45:18 2010 (r215643) @@ -85,9 +85,9 @@ int AES_wrap_key(AES_KEY *key, const uns A[7] ^= (unsigned char)(t & 0xff); if (t > 0xff) { - A[6] ^= (unsigned char)((t & 0xff) >> 8); - A[5] ^= (unsigned char)((t & 0xff) >> 16); - A[4] ^= (unsigned char)((t & 0xff) >> 24); + A[6] ^= (unsigned char)((t >> 8) & 0xff); + A[5] ^= (unsigned char)((t >> 16) & 0xff); + A[4] ^= (unsigned char)((t >> 24) & 0xff); } memcpy(R, B + 8, 8); } @@ -119,9 +119,9 @@ int AES_unwrap_key(AES_KEY *key, const u A[7] ^= (unsigned char)(t & 0xff); if (t > 0xff) { - A[6] ^= (unsigned char)((t & 0xff) >> 8); - A[5] ^= (unsigned char)((t & 0xff) >> 16); - A[4] ^= (unsigned char)((t & 0xff) >> 24); + A[6] ^= (unsigned char)((t >> 8) & 0xff); + A[5] ^= (unsigned char)((t >> 16) & 0xff); + A[4] ^= (unsigned char)((t >> 24) & 0xff); } memcpy(B + 8, R, 8); AES_decrypt(B, B, key); Modified: vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl Sun Nov 21 22:45:18 2010 (r215643) @@ -751,7 +751,19 @@ $code.=<<___; AES_set_encrypt_key: push %rbx push %rbp + sub \$8,%rsp + call _x86_64_AES_set_encrypt_key + + mov 8(%rsp),%rbp + mov 16(%rsp),%rbx + add \$24,%rsp + ret +.size AES_set_encrypt_key,.-AES_set_encrypt_key + +.type _x86_64_AES_set_encrypt_key,\@abi-omnipotent +.align 16 +_x86_64_AES_set_encrypt_key: mov %esi,%ecx # %ecx=bits mov %rdi,%rsi # %rsi=userKey mov %rdx,%rdi # %rdi=key @@ -938,10 +950,8 @@ $code.=<<___; .Lbadpointer: mov \$-1,%rax .Lexit: - pop %rbp - pop %rbx - ret -.size AES_set_encrypt_key,.-AES_set_encrypt_key + .byte 0xf3,0xc3 # rep ret +.size _x86_64_AES_set_encrypt_key,.-_x86_64_AES_set_encrypt_key ___ sub deckey() @@ -973,15 +983,14 @@ $code.=<<___; .type AES_set_decrypt_key,\@function,3 .align 16 AES_set_decrypt_key: - push %rdx - call AES_set_encrypt_key - cmp \$0,%eax - je .Lproceed - lea 24(%rsp),%rsp - ret -.Lproceed: + push %rbx + push %rbp + push %rdx # save key schedule + + call _x86_64_AES_set_encrypt_key mov (%rsp),%r8 # restore key schedule - mov %rbx,(%rsp) + cmp \$0,%eax + jne .Labort mov 240(%r8),%ecx # pull number of rounds xor %rdi,%rdi @@ -1023,7 +1032,10 @@ $code.=<<___; jnz .Lpermute xor %rax,%rax - pop %rbx +.Labort: + mov 8(%rsp),%rbp + mov 16(%rsp),%rbx + add \$24,%rsp ret .size AES_set_decrypt_key,.-AES_set_decrypt_key ___ Modified: vendor-crypto/openssl/dist/crypto/asn1/a_int.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/a_int.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/asn1/a_int.c Sun Nov 21 22:45:18 2010 (r215643) @@ -273,7 +273,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INT { ASN1_INTEGER *ret=NULL; const unsigned char *p; - unsigned char *to,*s; + unsigned char *s; long len; int inf,tag,xclass; int i; @@ -308,7 +308,6 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INT i=ERR_R_MALLOC_FAILURE; goto err; } - to=s; ret->type=V_ASN1_INTEGER; if(len) { if ((*p == 0) && (len != 1)) Modified: vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/asn1/n_pkey.c Sun Nov 21 22:45:18 2010 (r215643) @@ -242,7 +242,7 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned int sgckey) { RSA *ret=NULL; - const unsigned char *p, *kp; + const unsigned char *p; NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; p = *pp; @@ -265,7 +265,6 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); goto err; } - kp = enckey->enckey->digest->data; if (cb == NULL) cb=EVP_read_pw_string; if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err; Modified: vendor-crypto/openssl/dist/crypto/asn1/t_crl.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/t_crl.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/asn1/t_crl.c Sun Nov 21 22:45:18 2010 (r215643) @@ -87,7 +87,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x STACK_OF(X509_REVOKED) *rev; X509_REVOKED *r; long l; - int i, n; + int i; char *p; BIO_printf(out, "Certificate Revocation List (CRL):\n"); @@ -107,7 +107,6 @@ int X509_CRL_print(BIO *out, X509_CRL *x else BIO_printf(out,"NONE"); BIO_printf(out,"\n"); - n=X509_CRL_get_ext_count(x); X509V3_extensions_print(out, "CRL extensions", x->crl->extensions, 0, 8); Modified: vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/asn1/tasn_dec.c Sun Nov 21 22:45:18 2010 (r215643) @@ -166,7 +166,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, int i; int otag; int ret = 0; - ASN1_VALUE *pchval, **pchptr, *ptmpval; + ASN1_VALUE **pchptr, *ptmpval; if (!pval) return 0; if (aux && aux->asn1_cb) @@ -317,7 +317,6 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, goto err; } /* CHOICE type, try each possibility in turn */ - pchval = NULL; p = *in; for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) { Modified: vendor-crypto/openssl/dist/crypto/asn1/x_x509.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/x_x509.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/asn1/x_x509.c Sun Nov 21 22:45:18 2010 (r215643) @@ -63,7 +63,7 @@ #include #include -ASN1_SEQUENCE(X509_CINF) = { +ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = { ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER), ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR), @@ -74,7 +74,7 @@ ASN1_SEQUENCE(X509_CINF) = { ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1), ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2), ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3) -} ASN1_SEQUENCE_END(X509_CINF) +} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF) IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) /* X509 top level structure needs a bit of customisation */ Modified: vendor-crypto/openssl/dist/crypto/bio/b_sock.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/b_sock.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/bio/b_sock.c Sun Nov 21 22:45:18 2010 (r215643) @@ -659,7 +659,14 @@ again: #ifdef SO_REUSEADDR err_num=get_last_socket_error(); if ((bind_mode == BIO_BIND_REUSEADDR_IF_UNUSED) && +#ifdef OPENSSL_SYS_WINDOWS + /* Some versions of Windows define EADDRINUSE to + * a dummy value. + */ + (err_num == WSAEADDRINUSE)) +#else (err_num == EADDRINUSE)) +#endif { memcpy((char *)&client,(char *)&server,sizeof(server)); if (strcmp(h,"*") == 0) Modified: vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/bio/bf_nbio.c Sun Nov 21 22:45:18 2010 (r215643) @@ -125,7 +125,6 @@ static int nbiof_free(BIO *a) static int nbiof_read(BIO *b, char *out, int outl) { - NBIO_TEST *nt; int ret=0; #if 1 int num; @@ -134,7 +133,6 @@ static int nbiof_read(BIO *b, char *out, if (out == NULL) return(0); if (b->next_bio == NULL) return(0); - nt=(NBIO_TEST *)b->ptr; BIO_clear_retry_flags(b); #if 1 Modified: vendor-crypto/openssl/dist/crypto/bio/bio_lib.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bio_lib.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/bio/bio_lib.c Sun Nov 21 22:45:18 2010 (r215643) @@ -110,7 +110,7 @@ int BIO_set(BIO *bio, BIO_METHOD *method int BIO_free(BIO *a) { - int ret=0,i; + int i; if (a == NULL) return(0); @@ -133,7 +133,7 @@ int BIO_free(BIO *a) CRYPTO_free_ex_data(CRYPTO_EX_INDEX_BIO, a, &a->ex_data); if ((a->method == NULL) || (a->method->destroy == NULL)) return(1); - ret=a->method->destroy(a); + a->method->destroy(a); OPENSSL_free(a); return(1); } Modified: vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c Sun Nov 21 22:45:18 2010 (r215643) @@ -340,7 +340,6 @@ static int acpt_write(BIO *b, const char static long acpt_ctrl(BIO *b, int cmd, long num, void *ptr) { - BIO *dbio; int *ip; long ret=1; BIO_ACCEPT *data; @@ -437,8 +436,8 @@ static long acpt_ctrl(BIO *b, int cmd, l ret=(long)data->bind_mode; break; case BIO_CTRL_DUP: - dbio=(BIO *)ptr; -/* if (data->param_port) EAY EAY +/* dbio=(BIO *)ptr; + if (data->param_port) EAY EAY BIO_set_port(dbio,data->param_port); if (data->param_hostname) BIO_set_hostname(dbio,data->param_hostname); Modified: vendor-crypto/openssl/dist/crypto/bio/bss_sock.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bss_sock.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/bio/bss_sock.c Sun Nov 21 22:45:18 2010 (r215643) @@ -172,15 +172,6 @@ static long sock_ctrl(BIO *b, int cmd, l switch (cmd) { - case BIO_CTRL_RESET: - num=0; - case BIO_C_FILE_SEEK: - ret=0; - break; - case BIO_C_FILE_TELL: - case BIO_CTRL_INFO: - ret=0; - break; case BIO_C_SET_FD: sock_free(b); b->num= *((int *)ptr); @@ -203,10 +194,6 @@ static long sock_ctrl(BIO *b, int cmd, l case BIO_CTRL_SET_CLOSE: b->shutdown=(int)num; break; - case BIO_CTRL_PENDING: - case BIO_CTRL_WPENDING: - ret=0; - break; case BIO_CTRL_DUP: case BIO_CTRL_FLUSH: ret=1; Modified: vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/bn/bn_exp2.c Sun Nov 21 22:45:18 2010 (r215643) @@ -301,7 +301,8 @@ int BN_mod_exp2_mont(BIGNUM *rr, const B r_is_one = 0; } } - BN_from_montgomery(rr,r,mont,ctx); + if (!BN_from_montgomery(rr,r,mont,ctx)) + goto err; ret=1; err: if ((in_mont == NULL) && (mont != NULL)) BN_MONT_CTX_free(mont); Modified: vendor-crypto/openssl/dist/crypto/bn/bn_mul.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bn/bn_mul.c Sun Nov 21 21:31:29 2010 (r215642) +++ vendor-crypto/openssl/dist/crypto/bn/bn_mul.c Sun Nov 21 22:45:18 2010 (r215643) @@ -551,7 +551,7 @@ void bn_mul_part_recursive(BN_ULONG *r, int tna, int tnb, BN_ULONG *t) { int i,j,n2=n*2; - int c1,c2,neg,zero; + int c1,c2,neg; BN_ULONG ln,lo,*p; # ifdef BN_COUNT @@ -567,7 +567,7 @@ void bn_mul_part_recursive(BN_ULONG *r, /* r=(a[0]-a[1])*(b[1]-b[0]) */ c1=bn_cmp_part_words(a,&(a[n]),tna,n-tna); c2=bn_cmp_part_words(&(b[n]),b,tnb,tnb-n); - zero=neg=0; + neg=0; switch (c1*3+c2) { case -4: @@ -575,7 +575,6 @@ void bn_mul_part_recursive(BN_ULONG *r, bn_sub_part_words(&(t[n]),b, &(b[n]),tnb,n-tnb); /* - */ break; case -3: - zero=1; /* break; */ case -2: bn_sub_part_words(t, &(a[n]),a, tna,tna-n); /* - */ @@ -585,7 +584,6 @@ void bn_mul_part_recursive(BN_ULONG *r, case -1: case 0: case 1: - zero=1; /* break; */ case 2: bn_sub_part_words(t, a, &(a[n]),tna,n-tna); /* + */ @@ -593,7 +591,6 @@ void bn_mul_part_recursive(BN_ULONG *r, neg=1; break; case 3: - zero=1; /* break; */ case 4: bn_sub_part_words(t, a, &(a[n]),tna,n-tna); @@ -1012,7 +1009,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, c { if (i >= -1 && i <= 1) { - int sav_j =0; /* Find out the power of two lower or equal to the longest of the two numbers */ if (i >= 0) @@ -1023,7 +1019,6 @@ int BN_mul(BIGNUM *r, const BIGNUM *a, c { j = BN_num_bits_word((BN_ULONG)bl); *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-vendor@FreeBSD.ORG Sun Nov 21 22:46:51 2010 Return-Path: Delivered-To: svn-src-vendor@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BAC411065672; Sun, 21 Nov 2010 22:46:51 +0000 (UTC) (envelope-from simon@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 8F8A88FC15; Sun, 21 Nov 2010 22:46:51 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id oALMkpa8070232; Sun, 21 Nov 2010 22:46:51 GMT (envelope-from simon@svn.freebsd.org) Received: (from simon@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id oALMkpBm070231; Sun, 21 Nov 2010 22:46:51 GMT (envelope-from simon@svn.freebsd.org) Message-Id: <201011212246.oALMkpBm070231@svn.freebsd.org> From: "Simon L. Nielsen" Date: Sun, 21 Nov 2010 22:46:51 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org X-SVN-Group: vendor-crypto MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r215644 - vendor-crypto/openssl/0.9.8p X-BeenThere: svn-src-vendor@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the vendor work area tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Nov 2010 22:46:51 -0000 Author: simon Date: Sun Nov 21 22:46:51 2010 New Revision: 215644 URL: http://svn.freebsd.org/changeset/base/215644 Log: Tag OpenSSL 0.9.8p. Added: vendor-crypto/openssl/0.9.8p/ - copied from r215643, vendor-crypto/openssl/dist/