Date: Thu, 12 Jul 2012 19:30:56 +0000 (UTC) From: Jung-uk Kim <jkim@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r238405 - in head: . crypto/openssl crypto/openssl/apps crypto/openssl/apps/demoCA crypto/openssl/bugs crypto/openssl/certs/demo crypto/openssl/crypto crypto/openssl/crypto/aes crypto/o... Message-ID: <201207121930.q6CJUu97025034@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jkim Date: Thu Jul 12 19:30:53 2012 New Revision: 238405 URL: http://svn.freebsd.org/changeset/base/238405 Log: Merge OpenSSL 1.0.1c. Approved by: benl (maintainer) Added: head/crypto/openssl/apps/genpkey.c - copied unchanged from r238402, vendor-crypto/openssl/dist/apps/genpkey.c head/crypto/openssl/apps/pkey.c - copied unchanged from r238402, vendor-crypto/openssl/dist/apps/pkey.c head/crypto/openssl/apps/pkeyparam.c - copied unchanged from r238402, vendor-crypto/openssl/dist/apps/pkeyparam.c head/crypto/openssl/apps/pkeyutl.c - copied unchanged from r238402, vendor-crypto/openssl/dist/apps/pkeyutl.c head/crypto/openssl/apps/srp.c - copied unchanged from r238402, vendor-crypto/openssl/dist/apps/srp.c head/crypto/openssl/apps/ts.c - copied unchanged from r238402, vendor-crypto/openssl/dist/apps/ts.c head/crypto/openssl/apps/tsget - copied unchanged from r238402, vendor-crypto/openssl/dist/apps/tsget head/crypto/openssl/crypto/aes/aes_x86core.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/aes_x86core.c head/crypto/openssl/crypto/aes/asm/aes-armv4.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aes-armv4.pl head/crypto/openssl/crypto/aes/asm/aes-mips.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aes-mips.pl head/crypto/openssl/crypto/aes/asm/aes-parisc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aes-parisc.pl head/crypto/openssl/crypto/aes/asm/aes-ppc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aes-ppc.pl head/crypto/openssl/crypto/aes/asm/aes-s390x.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aes-s390x.pl head/crypto/openssl/crypto/aes/asm/aes-sparcv9.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aes-sparcv9.pl head/crypto/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aesni-sha1-x86_64.pl head/crypto/openssl/crypto/aes/asm/aesni-x86.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aesni-x86.pl head/crypto/openssl/crypto/aes/asm/aesni-x86_64.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/aesni-x86_64.pl head/crypto/openssl/crypto/aes/asm/bsaes-x86_64.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl head/crypto/openssl/crypto/aes/asm/vpaes-x86.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/vpaes-x86.pl head/crypto/openssl/crypto/aes/asm/vpaes-x86_64.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/aes/asm/vpaes-x86_64.pl head/crypto/openssl/crypto/arm_arch.h - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/arm_arch.h head/crypto/openssl/crypto/armcap.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/armcap.c head/crypto/openssl/crypto/armv4cpuid.S - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/armv4cpuid.S head/crypto/openssl/crypto/asn1/ameth_lib.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/asn1/ameth_lib.c head/crypto/openssl/crypto/asn1/asn1_locl.h - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/asn1/asn1_locl.h head/crypto/openssl/crypto/asn1/bio_asn1.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/asn1/bio_asn1.c head/crypto/openssl/crypto/asn1/bio_ndef.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/asn1/bio_ndef.c head/crypto/openssl/crypto/asn1/x_nx509.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/asn1/x_nx509.c head/crypto/openssl/crypto/bn/asm/armv4-gf2m.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/armv4-gf2m.pl head/crypto/openssl/crypto/bn/asm/armv4-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/armv4-mont.pl head/crypto/openssl/crypto/bn/asm/ia64-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/ia64-mont.pl head/crypto/openssl/crypto/bn/asm/mips-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/mips-mont.pl head/crypto/openssl/crypto/bn/asm/mips.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/mips.pl head/crypto/openssl/crypto/bn/asm/mips3-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/mips3-mont.pl head/crypto/openssl/crypto/bn/asm/modexp512-x86_64.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/modexp512-x86_64.pl head/crypto/openssl/crypto/bn/asm/parisc-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/parisc-mont.pl head/crypto/openssl/crypto/bn/asm/ppc-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/ppc-mont.pl head/crypto/openssl/crypto/bn/asm/ppc64-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/ppc64-mont.pl head/crypto/openssl/crypto/bn/asm/s390x-gf2m.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/s390x-gf2m.pl head/crypto/openssl/crypto/bn/asm/s390x-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/s390x-mont.pl head/crypto/openssl/crypto/bn/asm/s390x.S - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/s390x.S head/crypto/openssl/crypto/bn/asm/sparcv9-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/sparcv9-mont.pl head/crypto/openssl/crypto/bn/asm/sparcv9a-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/sparcv9a-mont.pl head/crypto/openssl/crypto/bn/asm/via-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/via-mont.pl head/crypto/openssl/crypto/bn/asm/x86-gf2m.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/x86-gf2m.pl head/crypto/openssl/crypto/bn/asm/x86-mont.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/x86-mont.pl head/crypto/openssl/crypto/bn/asm/x86_64-gf2m.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-gf2m.pl head/crypto/openssl/crypto/bn/asm/x86_64-mont5.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/bn/asm/x86_64-mont5.pl head/crypto/openssl/crypto/camellia/asm/ - copied from r238402, vendor-crypto/openssl/dist/crypto/camellia/asm/ head/crypto/openssl/crypto/camellia/cmll_utl.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/camellia/cmll_utl.c head/crypto/openssl/crypto/cmac/ - copied from r238402, vendor-crypto/openssl/dist/crypto/cmac/ head/crypto/openssl/crypto/cms/cms_pwri.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/cms/cms_pwri.c head/crypto/openssl/crypto/dh/dh_ameth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dh/dh_ameth.c head/crypto/openssl/crypto/dh/dh_pmeth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dh/dh_pmeth.c head/crypto/openssl/crypto/dh/dh_prn.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dh/dh_prn.c head/crypto/openssl/crypto/dsa/dsa_ameth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dsa/dsa_ameth.c head/crypto/openssl/crypto/dsa/dsa_locl.h - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dsa/dsa_locl.h head/crypto/openssl/crypto/dsa/dsa_pmeth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dsa/dsa_pmeth.c head/crypto/openssl/crypto/dsa/dsa_prn.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dsa/dsa_prn.c head/crypto/openssl/crypto/dso/dso_beos.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/dso/dso_beos.c head/crypto/openssl/crypto/ec/ec2_oct.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ec2_oct.c head/crypto/openssl/crypto/ec/ec_ameth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ec_ameth.c head/crypto/openssl/crypto/ec/ec_oct.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ec_oct.c head/crypto/openssl/crypto/ec/ec_pmeth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ec_pmeth.c head/crypto/openssl/crypto/ec/eck_prn.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/eck_prn.c head/crypto/openssl/crypto/ec/ecp_nistp224.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ecp_nistp224.c head/crypto/openssl/crypto/ec/ecp_nistp256.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ecp_nistp256.c head/crypto/openssl/crypto/ec/ecp_nistp521.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ecp_nistp521.c head/crypto/openssl/crypto/ec/ecp_nistputil.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ecp_nistputil.c head/crypto/openssl/crypto/ec/ecp_oct.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ec/ecp_oct.c head/crypto/openssl/crypto/engine/eng_rdrand.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/engine/eng_rdrand.c head/crypto/openssl/crypto/engine/eng_rsax.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/engine/eng_rsax.c head/crypto/openssl/crypto/engine/tb_asnmth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/engine/tb_asnmth.c head/crypto/openssl/crypto/engine/tb_pkmeth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/engine/tb_pkmeth.c head/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/e_aes_cbc_hmac_sha1.c head/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/e_rc4_hmac_md5.c head/crypto/openssl/crypto/evp/evp_fips.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/evp_fips.c head/crypto/openssl/crypto/evp/m_sigver.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/m_sigver.c head/crypto/openssl/crypto/evp/m_wp.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/m_wp.c head/crypto/openssl/crypto/evp/pmeth_fn.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/pmeth_fn.c head/crypto/openssl/crypto/evp/pmeth_gn.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/pmeth_gn.c head/crypto/openssl/crypto/evp/pmeth_lib.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/evp/pmeth_lib.c head/crypto/openssl/crypto/fips_ers.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/fips_ers.c head/crypto/openssl/crypto/hmac/hm_ameth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/hmac/hm_ameth.c head/crypto/openssl/crypto/hmac/hm_pmeth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/hmac/hm_pmeth.c head/crypto/openssl/crypto/md5/asm/md5-ia64.S - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/md5/asm/md5-ia64.S head/crypto/openssl/crypto/modes/ - copied from r238402, vendor-crypto/openssl/dist/crypto/modes/ head/crypto/openssl/crypto/o_fips.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/o_fips.c head/crypto/openssl/crypto/objects/obj_xref.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/objects/obj_xref.c head/crypto/openssl/crypto/objects/obj_xref.h - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/objects/obj_xref.h head/crypto/openssl/crypto/objects/obj_xref.txt - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/objects/obj_xref.txt head/crypto/openssl/crypto/objects/objxref.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/objects/objxref.pl head/crypto/openssl/crypto/pariscid.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/pariscid.pl head/crypto/openssl/crypto/pem/pvkfmt.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/pem/pvkfmt.c head/crypto/openssl/crypto/perlasm/ppc-xlate.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/perlasm/ppc-xlate.pl head/crypto/openssl/crypto/perlasm/x86gas.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/perlasm/x86gas.pl head/crypto/openssl/crypto/perlasm/x86masm.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/perlasm/x86masm.pl head/crypto/openssl/crypto/pkcs7/bio_pk7.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/pkcs7/bio_pk7.c head/crypto/openssl/crypto/ppccap.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ppccap.c head/crypto/openssl/crypto/ppccpuid.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/ppccpuid.pl head/crypto/openssl/crypto/rc4/asm/rc4-ia64.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-ia64.pl head/crypto/openssl/crypto/rc4/asm/rc4-md5-x86_64.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-md5-x86_64.pl head/crypto/openssl/crypto/rc4/asm/rc4-parisc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-parisc.pl head/crypto/openssl/crypto/rc4/asm/rc4-s390x.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rc4/asm/rc4-s390x.pl head/crypto/openssl/crypto/rc4/rc4_utl.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rc4/rc4_utl.c head/crypto/openssl/crypto/rsa/rsa_ameth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rsa/rsa_ameth.c head/crypto/openssl/crypto/rsa/rsa_crpt.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rsa/rsa_crpt.c head/crypto/openssl/crypto/rsa/rsa_locl.h - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rsa/rsa_locl.h head/crypto/openssl/crypto/rsa/rsa_pmeth.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rsa/rsa_pmeth.c head/crypto/openssl/crypto/rsa/rsa_prn.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/rsa/rsa_prn.c head/crypto/openssl/crypto/s390xcap.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/s390xcap.c head/crypto/openssl/crypto/s390xcpuid.S - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/s390xcpuid.S head/crypto/openssl/crypto/sha/asm/sha1-armv4-large.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-armv4-large.pl head/crypto/openssl/crypto/sha/asm/sha1-mips.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-mips.pl head/crypto/openssl/crypto/sha/asm/sha1-parisc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-parisc.pl head/crypto/openssl/crypto/sha/asm/sha1-ppc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-ppc.pl head/crypto/openssl/crypto/sha/asm/sha1-s390x.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-s390x.pl head/crypto/openssl/crypto/sha/asm/sha1-sparcv9.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-sparcv9.pl head/crypto/openssl/crypto/sha/asm/sha1-sparcv9a.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-sparcv9a.pl head/crypto/openssl/crypto/sha/asm/sha1-thumb.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha1-thumb.pl head/crypto/openssl/crypto/sha/asm/sha256-586.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha256-586.pl head/crypto/openssl/crypto/sha/asm/sha256-armv4.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha256-armv4.pl head/crypto/openssl/crypto/sha/asm/sha512-586.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-586.pl head/crypto/openssl/crypto/sha/asm/sha512-armv4.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-armv4.pl head/crypto/openssl/crypto/sha/asm/sha512-mips.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-mips.pl head/crypto/openssl/crypto/sha/asm/sha512-parisc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-parisc.pl head/crypto/openssl/crypto/sha/asm/sha512-ppc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-ppc.pl head/crypto/openssl/crypto/sha/asm/sha512-s390x.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-s390x.pl head/crypto/openssl/crypto/sha/asm/sha512-sparcv9.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sha/asm/sha512-sparcv9.pl head/crypto/openssl/crypto/sparcv9cap.c - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/sparcv9cap.c head/crypto/openssl/crypto/srp/ - copied from r238402, vendor-crypto/openssl/dist/crypto/srp/ head/crypto/openssl/crypto/ts/ - copied from r238402, vendor-crypto/openssl/dist/crypto/ts/ head/crypto/openssl/crypto/vms_rms.h - copied unchanged from r238402, vendor-crypto/openssl/dist/crypto/vms_rms.h head/crypto/openssl/crypto/whrlpool/ - copied from r238402, vendor-crypto/openssl/dist/crypto/whrlpool/ head/crypto/openssl/doc/apps/cms.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/apps/cms.pod head/crypto/openssl/doc/apps/genpkey.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/apps/genpkey.pod head/crypto/openssl/doc/apps/pkey.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/apps/pkey.pod head/crypto/openssl/doc/apps/pkeyparam.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/apps/pkeyparam.pod head/crypto/openssl/doc/apps/pkeyutl.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/apps/pkeyutl.pod head/crypto/openssl/doc/apps/ts.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/apps/ts.pod head/crypto/openssl/doc/apps/tsget.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/apps/tsget.pod head/crypto/openssl/doc/crypto/BIO_new_CMS.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/BIO_new_CMS.pod head/crypto/openssl/doc/crypto/CMS_add0_cert.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_add0_cert.pod head/crypto/openssl/doc/crypto/CMS_add1_recipient_cert.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_add1_recipient_cert.pod head/crypto/openssl/doc/crypto/CMS_compress.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_compress.pod head/crypto/openssl/doc/crypto/CMS_decrypt.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_decrypt.pod head/crypto/openssl/doc/crypto/CMS_encrypt.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_encrypt.pod head/crypto/openssl/doc/crypto/CMS_final.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_final.pod head/crypto/openssl/doc/crypto/CMS_get0_RecipientInfos.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_get0_RecipientInfos.pod head/crypto/openssl/doc/crypto/CMS_get0_SignerInfos.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_get0_SignerInfos.pod head/crypto/openssl/doc/crypto/CMS_get0_type.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_get0_type.pod head/crypto/openssl/doc/crypto/CMS_get1_ReceiptRequest.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_get1_ReceiptRequest.pod head/crypto/openssl/doc/crypto/CMS_sign.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_sign.pod head/crypto/openssl/doc/crypto/CMS_sign_add1_signer.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_sign_add1_signer.pod head/crypto/openssl/doc/crypto/CMS_sign_receipt.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_sign_receipt.pod head/crypto/openssl/doc/crypto/CMS_uncompress.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_uncompress.pod head/crypto/openssl/doc/crypto/CMS_verify.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_verify.pod head/crypto/openssl/doc/crypto/CMS_verify_receipt.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/CMS_verify_receipt.pod head/crypto/openssl/doc/crypto/EVP_DigestSignInit.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_DigestSignInit.pod head/crypto/openssl/doc/crypto/EVP_DigestVerifyInit.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_DigestVerifyInit.pod head/crypto/openssl/doc/crypto/EVP_PKEY_CTX_ctrl.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_CTX_ctrl.pod head/crypto/openssl/doc/crypto/EVP_PKEY_CTX_new.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_CTX_new.pod head/crypto/openssl/doc/crypto/EVP_PKEY_cmp.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_cmp.pod head/crypto/openssl/doc/crypto/EVP_PKEY_decrypt.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_decrypt.pod head/crypto/openssl/doc/crypto/EVP_PKEY_derive.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_derive.pod head/crypto/openssl/doc/crypto/EVP_PKEY_encrypt.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_encrypt.pod head/crypto/openssl/doc/crypto/EVP_PKEY_get_default_digest.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_get_default_digest.pod head/crypto/openssl/doc/crypto/EVP_PKEY_keygen.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_keygen.pod head/crypto/openssl/doc/crypto/EVP_PKEY_print_private.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_print_private.pod head/crypto/openssl/doc/crypto/EVP_PKEY_sign.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_sign.pod head/crypto/openssl/doc/crypto/EVP_PKEY_verify.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_verify.pod head/crypto/openssl/doc/crypto/EVP_PKEY_verifyrecover.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/EVP_PKEY_verifyrecover.pod head/crypto/openssl/doc/crypto/PEM_write_bio_CMS_stream.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/PEM_write_bio_CMS_stream.pod head/crypto/openssl/doc/crypto/PEM_write_bio_PKCS7_stream.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/PEM_write_bio_PKCS7_stream.pod head/crypto/openssl/doc/crypto/PKCS7_sign_add_signer.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/PKCS7_sign_add_signer.pod head/crypto/openssl/doc/crypto/SMIME_read_CMS.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/SMIME_read_CMS.pod head/crypto/openssl/doc/crypto/SMIME_write_CMS.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/SMIME_write_CMS.pod head/crypto/openssl/doc/crypto/X509_STORE_CTX_get_error.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_get_error.pod head/crypto/openssl/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod head/crypto/openssl/doc/crypto/X509_STORE_CTX_new.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_new.pod head/crypto/openssl/doc/crypto/X509_STORE_CTX_set_verify_cb.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_CTX_set_verify_cb.pod head/crypto/openssl/doc/crypto/X509_STORE_set_verify_cb_func.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/X509_STORE_set_verify_cb_func.pod head/crypto/openssl/doc/crypto/X509_VERIFY_PARAM_set_flags.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/X509_VERIFY_PARAM_set_flags.pod head/crypto/openssl/doc/crypto/X509_verify_cert.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/X509_verify_cert.pod head/crypto/openssl/doc/crypto/i2d_CMS_bio_stream.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/i2d_CMS_bio_stream.pod head/crypto/openssl/doc/crypto/i2d_PKCS7_bio_stream.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/crypto/i2d_PKCS7_bio_stream.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_psk_client_callback.pod - copied, changed from r238402, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_set_psk_client_callback.pod head/crypto/openssl/doc/ssl/SSL_CTX_use_psk_identity_hint.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/ssl/SSL_CTX_use_psk_identity_hint.pod head/crypto/openssl/doc/ssl/SSL_get_psk_identity.pod - copied unchanged from r238402, vendor-crypto/openssl/dist/doc/ssl/SSL_get_psk_identity.pod head/crypto/openssl/engines/ccgost/ - copied from r238402, vendor-crypto/openssl/dist/engines/ccgost/ head/crypto/openssl/engines/e_padlock.c - copied unchanged from r238402, vendor-crypto/openssl/dist/engines/e_padlock.c head/crypto/openssl/ssl/d1_srtp.c - copied unchanged from r238402, vendor-crypto/openssl/dist/ssl/d1_srtp.c head/crypto/openssl/ssl/srtp.h - copied, changed from r238402, vendor-crypto/openssl/dist/ssl/srtp.h head/crypto/openssl/ssl/tls_srp.c - copied unchanged from r238402, vendor-crypto/openssl/dist/ssl/tls_srp.c head/crypto/openssl/util/cygwin.sh - copied unchanged from r238402, vendor-crypto/openssl/dist/util/cygwin.sh head/crypto/openssl/util/mkrc.pl - copied unchanged from r238402, vendor-crypto/openssl/dist/util/mkrc.pl head/secure/lib/libcrypto/amd64/ head/secure/lib/libcrypto/amd64/aes-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/aesni-sha1-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/aesni-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/bsaes-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/cmll-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/ghash-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/md5-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/modexp512-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/rc4-md5-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/rc4-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/sha1-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/sha256-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/sha512-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/vpaes-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/wp-x86_64.S (contents, props changed) head/secure/lib/libcrypto/amd64/x86_64-gf2m.S (contents, props changed) head/secure/lib/libcrypto/amd64/x86_64-mont.S (contents, props changed) head/secure/lib/libcrypto/amd64/x86_64-mont5.S (contents, props changed) head/secure/lib/libcrypto/amd64/x86_64cpuid.S (contents, props changed) head/secure/lib/libcrypto/engines/libgost/ head/secure/lib/libcrypto/engines/libgost/Makefile (contents, props changed) head/secure/lib/libcrypto/i386/aes-586.s (contents, props changed) head/secure/lib/libcrypto/i386/aesni-x86.s (contents, props changed) head/secure/lib/libcrypto/i386/cmll-x86.s (contents, props changed) head/secure/lib/libcrypto/i386/ghash-x86.s (contents, props changed) head/secure/lib/libcrypto/i386/sha256-586.s (contents, props changed) head/secure/lib/libcrypto/i386/sha512-586.s (contents, props changed) head/secure/lib/libcrypto/i386/vpaes-x86.s (contents, props changed) head/secure/lib/libcrypto/i386/wp-mmx.s (contents, props changed) head/secure/lib/libcrypto/i386/x86-gf2m.s (contents, props changed) head/secure/lib/libcrypto/i386/x86-mont.s (contents, props changed) head/secure/lib/libcrypto/i386/x86cpuid.s (contents, props changed) head/secure/lib/libcrypto/man/BIO_new_CMS.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_add0_cert.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_compress.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_decrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_encrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_final.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_get0_type.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_sign.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_sign_add1_signer.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_sign_receipt.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_uncompress.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_verify.3 (contents, props changed) head/secure/lib/libcrypto/man/CMS_verify_receipt.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_DigestSignInit.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_cmp.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_derive.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_keygen.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_print_private.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_sign.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_verify.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_verifyrecover.3 (contents, props changed) head/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 (contents, props changed) head/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 (contents, props changed) head/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3 (contents, props changed) head/secure/lib/libcrypto/man/SMIME_read_CMS.3 (contents, props changed) head/secure/lib/libcrypto/man/SMIME_write_CMS.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_STORE_CTX_new.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_verify_cert.3 (contents, props changed) head/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3 (contents, props changed) head/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 (contents, props changed) head/secure/lib/libcrypto/opensslconf-x86.h (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_psk_identity.3 (contents, props changed) head/secure/usr.bin/openssl/man/cms.1 (contents, props changed) head/secure/usr.bin/openssl/man/genpkey.1 (contents, props changed) head/secure/usr.bin/openssl/man/pkey.1 (contents, props changed) head/secure/usr.bin/openssl/man/pkeyparam.1 (contents, props changed) head/secure/usr.bin/openssl/man/pkeyutl.1 (contents, props changed) head/secure/usr.bin/openssl/man/ts.1 (contents, props changed) head/secure/usr.bin/openssl/man/tsget.1 (contents, props changed) Deleted: head/crypto/openssl/apps/demoCA/ head/crypto/openssl/apps/winrand.c head/crypto/openssl/bugs/ head/crypto/openssl/certs/demo/ head/crypto/openssl/crypto/LPdir_nyi.c head/crypto/openssl/crypto/LPdir_vms.c head/crypto/openssl/crypto/LPdir_win.c head/crypto/openssl/crypto/LPdir_win32.c head/crypto/openssl/crypto/LPdir_wince.c head/crypto/openssl/crypto/asn1/a_hdr.c head/crypto/openssl/crypto/asn1/a_meth.c head/crypto/openssl/crypto/asn1/p8_key.c head/crypto/openssl/crypto/bf/bfs.cpp head/crypto/openssl/crypto/bn/asm/mo-586.pl head/crypto/openssl/crypto/bn/bn_opt.c head/crypto/openssl/crypto/cast/casts.cpp head/crypto/openssl/crypto/des/asm/des686.pl head/crypto/openssl/crypto/des/des3s.cpp head/crypto/openssl/crypto/des/des_lib.c head/crypto/openssl/crypto/des/dess.cpp head/crypto/openssl/crypto/des/t/ head/crypto/openssl/crypto/des/times/ head/crypto/openssl/crypto/dsa/dsa_utl.c head/crypto/openssl/crypto/dyn_lck.c head/crypto/openssl/crypto/ec/ec2_smpt.c head/crypto/openssl/crypto/engine/eng_padlock.c head/crypto/openssl/crypto/err/err_bio.c head/crypto/openssl/crypto/err/err_def.c head/crypto/openssl/crypto/err/err_str.c head/crypto/openssl/crypto/err/openssl.ec head/crypto/openssl/crypto/evp/dig_eng.c head/crypto/openssl/crypto/evp/enc_min.c head/crypto/openssl/crypto/evp/evp_cnf.c head/crypto/openssl/crypto/fips_err.c head/crypto/openssl/crypto/md4/md4s.cpp head/crypto/openssl/crypto/md5/md5s.cpp head/crypto/openssl/crypto/perlasm/x86ms.pl head/crypto/openssl/crypto/perlasm/x86unix.pl head/crypto/openssl/crypto/pqueue/pq_compat.h head/crypto/openssl/crypto/rand/rand_eng.c head/crypto/openssl/crypto/rand/rand_nw.c head/crypto/openssl/crypto/rand/rand_os2.c head/crypto/openssl/crypto/rand/rand_vms.c head/crypto/openssl/crypto/rand/rand_win.c head/crypto/openssl/crypto/rc4/asm/rc4-ia64.S head/crypto/openssl/crypto/rc4/rc4_fblk.c head/crypto/openssl/crypto/rc4/rc4s.cpp head/crypto/openssl/crypto/rc5/rc5s.cpp head/crypto/openssl/crypto/ripemd/asm/rips.cpp head/crypto/openssl/crypto/rsa/rsa_eng.c head/crypto/openssl/crypto/rsa/rsa_x931g.c head/crypto/openssl/crypto/sha/asm/sha512-sse2.pl head/crypto/openssl/crypto/sha/sha1s.cpp head/crypto/openssl/crypto/tmdiff.c head/crypto/openssl/crypto/tmdiff.h head/crypto/openssl/demos/ head/crypto/openssl/engines/alpha.opt head/crypto/openssl/engines/e_4758cca.ec head/crypto/openssl/engines/e_aep.ec head/crypto/openssl/engines/e_atalla.ec head/crypto/openssl/engines/e_capi.ec head/crypto/openssl/engines/e_chil.ec head/crypto/openssl/engines/e_cswift.ec head/crypto/openssl/engines/e_gmp.ec head/crypto/openssl/engines/e_nuron.ec head/crypto/openssl/engines/e_sureware.ec head/crypto/openssl/engines/e_ubsec.ec head/crypto/openssl/engines/ia64.opt head/crypto/openssl/engines/vax.opt head/crypto/openssl/fips/ head/crypto/openssl/openssl.doxy head/crypto/openssl/openssl.spec head/crypto/openssl/test/ head/crypto/openssl/times/ head/crypto/openssl/tools/ head/crypto/openssl/util/arx.pl head/crypto/openssl/util/fipslink.pl head/crypto/openssl/util/mksdef.pl head/secure/lib/libcrypto/man/des_modes.3 head/secure/lib/libcrypto/opensslconf-amd64.h head/secure/lib/libcrypto/opensslconf-i386.h head/secure/usr.bin/openssl/man/config.1 Modified: head/ObsoleteFiles.inc head/UPDATING head/crypto/openssl/CHANGES head/crypto/openssl/CHANGES.SSLeay head/crypto/openssl/Configure head/crypto/openssl/INSTALL head/crypto/openssl/Makefile head/crypto/openssl/Makefile.org head/crypto/openssl/Makefile.shared head/crypto/openssl/NEWS head/crypto/openssl/README head/crypto/openssl/apps/Makefile head/crypto/openssl/apps/apps.c head/crypto/openssl/apps/apps.h head/crypto/openssl/apps/asn1pars.c head/crypto/openssl/apps/ca.c head/crypto/openssl/apps/ciphers.c head/crypto/openssl/apps/client.pem head/crypto/openssl/apps/cms.c head/crypto/openssl/apps/crl2p7.c head/crypto/openssl/apps/dgst.c head/crypto/openssl/apps/dh.c head/crypto/openssl/apps/dhparam.c head/crypto/openssl/apps/dsa.c head/crypto/openssl/apps/ec.c head/crypto/openssl/apps/ecparam.c head/crypto/openssl/apps/enc.c head/crypto/openssl/apps/engine.c head/crypto/openssl/apps/errstr.c head/crypto/openssl/apps/gendh.c head/crypto/openssl/apps/genrsa.c head/crypto/openssl/apps/ocsp.c head/crypto/openssl/apps/openssl.c head/crypto/openssl/apps/openssl.cnf head/crypto/openssl/apps/pkcs12.c head/crypto/openssl/apps/pkcs7.c head/crypto/openssl/apps/pkcs8.c head/crypto/openssl/apps/prime.c head/crypto/openssl/apps/progs.h head/crypto/openssl/apps/progs.pl head/crypto/openssl/apps/req.c head/crypto/openssl/apps/rsa.c head/crypto/openssl/apps/rsautl.c head/crypto/openssl/apps/s_apps.h head/crypto/openssl/apps/s_cb.c head/crypto/openssl/apps/s_client.c head/crypto/openssl/apps/s_server.c head/crypto/openssl/apps/s_socket.c head/crypto/openssl/apps/s_time.c head/crypto/openssl/apps/server.pem head/crypto/openssl/apps/server2.pem head/crypto/openssl/apps/sess_id.c head/crypto/openssl/apps/smime.c head/crypto/openssl/apps/speed.c head/crypto/openssl/apps/verify.c head/crypto/openssl/apps/x509.c head/crypto/openssl/config head/crypto/openssl/crypto/Makefile head/crypto/openssl/crypto/aes/Makefile head/crypto/openssl/crypto/aes/aes.h head/crypto/openssl/crypto/aes/aes_cbc.c head/crypto/openssl/crypto/aes/aes_cfb.c head/crypto/openssl/crypto/aes/aes_core.c head/crypto/openssl/crypto/aes/aes_ctr.c head/crypto/openssl/crypto/aes/aes_ige.c head/crypto/openssl/crypto/aes/aes_misc.c head/crypto/openssl/crypto/aes/aes_ofb.c head/crypto/openssl/crypto/aes/asm/aes-586.pl head/crypto/openssl/crypto/aes/asm/aes-x86_64.pl head/crypto/openssl/crypto/asn1/Makefile head/crypto/openssl/crypto/asn1/a_bitstr.c head/crypto/openssl/crypto/asn1/a_digest.c head/crypto/openssl/crypto/asn1/a_dup.c head/crypto/openssl/crypto/asn1/a_gentm.c head/crypto/openssl/crypto/asn1/a_int.c head/crypto/openssl/crypto/asn1/a_object.c head/crypto/openssl/crypto/asn1/a_octet.c head/crypto/openssl/crypto/asn1/a_set.c head/crypto/openssl/crypto/asn1/a_sign.c head/crypto/openssl/crypto/asn1/a_strnid.c head/crypto/openssl/crypto/asn1/a_time.c head/crypto/openssl/crypto/asn1/a_type.c head/crypto/openssl/crypto/asn1/a_utctm.c head/crypto/openssl/crypto/asn1/a_verify.c head/crypto/openssl/crypto/asn1/asn1.h head/crypto/openssl/crypto/asn1/asn1_err.c head/crypto/openssl/crypto/asn1/asn1_gen.c head/crypto/openssl/crypto/asn1/asn1_lib.c head/crypto/openssl/crypto/asn1/asn1_mac.h head/crypto/openssl/crypto/asn1/asn1_par.c head/crypto/openssl/crypto/asn1/asn1t.h head/crypto/openssl/crypto/asn1/asn_mime.c head/crypto/openssl/crypto/asn1/asn_pack.c head/crypto/openssl/crypto/asn1/charmap.h head/crypto/openssl/crypto/asn1/d2i_pr.c head/crypto/openssl/crypto/asn1/d2i_pu.c head/crypto/openssl/crypto/asn1/i2d_pr.c head/crypto/openssl/crypto/asn1/n_pkey.c head/crypto/openssl/crypto/asn1/nsseq.c head/crypto/openssl/crypto/asn1/p5_pbe.c head/crypto/openssl/crypto/asn1/p5_pbev2.c head/crypto/openssl/crypto/asn1/p8_pkey.c head/crypto/openssl/crypto/asn1/t_crl.c head/crypto/openssl/crypto/asn1/t_pkey.c head/crypto/openssl/crypto/asn1/t_req.c head/crypto/openssl/crypto/asn1/t_spki.c head/crypto/openssl/crypto/asn1/t_x509.c head/crypto/openssl/crypto/asn1/tasn_dec.c head/crypto/openssl/crypto/asn1/tasn_enc.c head/crypto/openssl/crypto/asn1/tasn_fre.c head/crypto/openssl/crypto/asn1/tasn_new.c head/crypto/openssl/crypto/asn1/tasn_prn.c head/crypto/openssl/crypto/asn1/tasn_typ.c head/crypto/openssl/crypto/asn1/x_algor.c head/crypto/openssl/crypto/asn1/x_crl.c head/crypto/openssl/crypto/asn1/x_long.c head/crypto/openssl/crypto/asn1/x_name.c head/crypto/openssl/crypto/asn1/x_pubkey.c head/crypto/openssl/crypto/asn1/x_req.c head/crypto/openssl/crypto/asn1/x_x509.c head/crypto/openssl/crypto/bf/Makefile head/crypto/openssl/crypto/bf/asm/bf-586.pl head/crypto/openssl/crypto/bf/bf_skey.c head/crypto/openssl/crypto/bf/blowfish.h head/crypto/openssl/crypto/bio/Makefile head/crypto/openssl/crypto/bio/b_print.c head/crypto/openssl/crypto/bio/b_sock.c head/crypto/openssl/crypto/bio/bio.h head/crypto/openssl/crypto/bio/bio_cb.c head/crypto/openssl/crypto/bio/bio_err.c head/crypto/openssl/crypto/bio/bio_lcl.h head/crypto/openssl/crypto/bio/bio_lib.c head/crypto/openssl/crypto/bio/bss_acpt.c head/crypto/openssl/crypto/bio/bss_bio.c head/crypto/openssl/crypto/bio/bss_dgram.c head/crypto/openssl/crypto/bio/bss_fd.c head/crypto/openssl/crypto/bio/bss_file.c head/crypto/openssl/crypto/bio/bss_log.c head/crypto/openssl/crypto/bio/bss_mem.c head/crypto/openssl/crypto/bn/Makefile head/crypto/openssl/crypto/bn/asm/bn-586.pl head/crypto/openssl/crypto/bn/asm/co-586.pl head/crypto/openssl/crypto/bn/asm/ppc.pl head/crypto/openssl/crypto/bn/asm/sparcv8plus.S head/crypto/openssl/crypto/bn/asm/x86_64-gcc.c head/crypto/openssl/crypto/bn/asm/x86_64-mont.pl head/crypto/openssl/crypto/bn/bn.h head/crypto/openssl/crypto/bn/bn_asm.c head/crypto/openssl/crypto/bn/bn_blind.c head/crypto/openssl/crypto/bn/bn_ctx.c head/crypto/openssl/crypto/bn/bn_div.c head/crypto/openssl/crypto/bn/bn_exp.c head/crypto/openssl/crypto/bn/bn_gf2m.c head/crypto/openssl/crypto/bn/bn_lcl.h head/crypto/openssl/crypto/bn/bn_lib.c head/crypto/openssl/crypto/bn/bn_mont.c head/crypto/openssl/crypto/bn/bn_nist.c head/crypto/openssl/crypto/bn/bn_print.c head/crypto/openssl/crypto/bn/bn_shift.c head/crypto/openssl/crypto/bn/bntest.c head/crypto/openssl/crypto/bn/exptest.c head/crypto/openssl/crypto/buffer/Makefile head/crypto/openssl/crypto/buffer/buf_err.c head/crypto/openssl/crypto/buffer/buf_str.c head/crypto/openssl/crypto/buffer/buffer.c head/crypto/openssl/crypto/buffer/buffer.h head/crypto/openssl/crypto/camellia/Makefile head/crypto/openssl/crypto/camellia/camellia.c head/crypto/openssl/crypto/camellia/camellia.h head/crypto/openssl/crypto/camellia/cmll_cbc.c head/crypto/openssl/crypto/camellia/cmll_cfb.c head/crypto/openssl/crypto/camellia/cmll_ctr.c head/crypto/openssl/crypto/camellia/cmll_locl.h head/crypto/openssl/crypto/camellia/cmll_misc.c head/crypto/openssl/crypto/camellia/cmll_ofb.c head/crypto/openssl/crypto/cast/Makefile head/crypto/openssl/crypto/cast/asm/cast-586.pl head/crypto/openssl/crypto/cast/c_skey.c head/crypto/openssl/crypto/cast/cast.h head/crypto/openssl/crypto/cms/Makefile head/crypto/openssl/crypto/cms/cms.h head/crypto/openssl/crypto/cms/cms_asn1.c head/crypto/openssl/crypto/cms/cms_env.c head/crypto/openssl/crypto/cms/cms_err.c head/crypto/openssl/crypto/cms/cms_ess.c head/crypto/openssl/crypto/cms/cms_io.c head/crypto/openssl/crypto/cms/cms_lcl.h head/crypto/openssl/crypto/cms/cms_lib.c head/crypto/openssl/crypto/cms/cms_sd.c head/crypto/openssl/crypto/cms/cms_smime.c head/crypto/openssl/crypto/comp/Makefile head/crypto/openssl/crypto/comp/c_rle.c head/crypto/openssl/crypto/comp/c_zlib.c head/crypto/openssl/crypto/comp/comp_err.c head/crypto/openssl/crypto/conf/Makefile head/crypto/openssl/crypto/conf/README head/crypto/openssl/crypto/conf/conf.h head/crypto/openssl/crypto/conf/conf_api.c head/crypto/openssl/crypto/conf/conf_def.c head/crypto/openssl/crypto/conf/conf_err.c head/crypto/openssl/crypto/conf/conf_lib.c head/crypto/openssl/crypto/conf/conf_mall.c head/crypto/openssl/crypto/conf/conf_mod.c head/crypto/openssl/crypto/cpt_err.c head/crypto/openssl/crypto/cryptlib.c head/crypto/openssl/crypto/cryptlib.h head/crypto/openssl/crypto/crypto.h head/crypto/openssl/crypto/des/Makefile head/crypto/openssl/crypto/des/asm/crypt586.pl head/crypto/openssl/crypto/des/asm/des-586.pl head/crypto/openssl/crypto/des/asm/des_enc.m4 head/crypto/openssl/crypto/des/des.h head/crypto/openssl/crypto/des/des_enc.c head/crypto/openssl/crypto/des/des_locl.h head/crypto/openssl/crypto/des/ecb_enc.c head/crypto/openssl/crypto/des/enc_read.c head/crypto/openssl/crypto/des/enc_writ.c head/crypto/openssl/crypto/des/fcrypt_b.c head/crypto/openssl/crypto/des/set_key.c head/crypto/openssl/crypto/des/xcbc_enc.c head/crypto/openssl/crypto/dh/Makefile head/crypto/openssl/crypto/dh/dh.h head/crypto/openssl/crypto/dh/dh_asn1.c head/crypto/openssl/crypto/dh/dh_check.c head/crypto/openssl/crypto/dh/dh_err.c head/crypto/openssl/crypto/dh/dh_gen.c head/crypto/openssl/crypto/dh/dh_key.c head/crypto/openssl/crypto/dh/dh_lib.c head/crypto/openssl/crypto/dsa/Makefile head/crypto/openssl/crypto/dsa/dsa.h head/crypto/openssl/crypto/dsa/dsa_asn1.c head/crypto/openssl/crypto/dsa/dsa_err.c head/crypto/openssl/crypto/dsa/dsa_gen.c head/crypto/openssl/crypto/dsa/dsa_key.c head/crypto/openssl/crypto/dsa/dsa_lib.c head/crypto/openssl/crypto/dsa/dsa_ossl.c head/crypto/openssl/crypto/dsa/dsa_sign.c head/crypto/openssl/crypto/dsa/dsa_vrf.c head/crypto/openssl/crypto/dsa/dsatest.c head/crypto/openssl/crypto/dso/Makefile head/crypto/openssl/crypto/dso/dso.h head/crypto/openssl/crypto/dso/dso_dl.c head/crypto/openssl/crypto/dso/dso_dlfcn.c head/crypto/openssl/crypto/dso/dso_err.c head/crypto/openssl/crypto/dso/dso_lib.c head/crypto/openssl/crypto/dso/dso_null.c head/crypto/openssl/crypto/dso/dso_openssl.c head/crypto/openssl/crypto/ec/Makefile head/crypto/openssl/crypto/ec/ec.h head/crypto/openssl/crypto/ec/ec2_mult.c head/crypto/openssl/crypto/ec/ec2_smpl.c head/crypto/openssl/crypto/ec/ec_asn1.c head/crypto/openssl/crypto/ec/ec_curve.c head/crypto/openssl/crypto/ec/ec_cvt.c head/crypto/openssl/crypto/ec/ec_err.c head/crypto/openssl/crypto/ec/ec_key.c head/crypto/openssl/crypto/ec/ec_lcl.h head/crypto/openssl/crypto/ec/ec_lib.c head/crypto/openssl/crypto/ec/ec_mult.c head/crypto/openssl/crypto/ec/ecp_mont.c head/crypto/openssl/crypto/ec/ecp_nist.c head/crypto/openssl/crypto/ec/ecp_smpl.c head/crypto/openssl/crypto/ec/ectest.c head/crypto/openssl/crypto/ecdh/Makefile head/crypto/openssl/crypto/ecdh/ecdh.h head/crypto/openssl/crypto/ecdh/ecdhtest.c head/crypto/openssl/crypto/ecdh/ech_err.c head/crypto/openssl/crypto/ecdh/ech_lib.c head/crypto/openssl/crypto/ecdh/ech_locl.h head/crypto/openssl/crypto/ecdh/ech_ossl.c head/crypto/openssl/crypto/ecdsa/Makefile head/crypto/openssl/crypto/ecdsa/ecdsa.h head/crypto/openssl/crypto/ecdsa/ecdsatest.c head/crypto/openssl/crypto/ecdsa/ecs_err.c head/crypto/openssl/crypto/ecdsa/ecs_lib.c head/crypto/openssl/crypto/ecdsa/ecs_locl.h head/crypto/openssl/crypto/ecdsa/ecs_ossl.c head/crypto/openssl/crypto/engine/Makefile head/crypto/openssl/crypto/engine/eng_all.c head/crypto/openssl/crypto/engine/eng_cryptodev.c head/crypto/openssl/crypto/engine/eng_dyn.c head/crypto/openssl/crypto/engine/eng_err.c head/crypto/openssl/crypto/engine/eng_fat.c head/crypto/openssl/crypto/engine/eng_int.h head/crypto/openssl/crypto/engine/eng_lib.c head/crypto/openssl/crypto/engine/eng_list.c head/crypto/openssl/crypto/engine/eng_openssl.c head/crypto/openssl/crypto/engine/eng_table.c head/crypto/openssl/crypto/engine/engine.h head/crypto/openssl/crypto/engine/enginetest.c head/crypto/openssl/crypto/err/Makefile head/crypto/openssl/crypto/err/err.c head/crypto/openssl/crypto/err/err.h head/crypto/openssl/crypto/err/err_all.c head/crypto/openssl/crypto/err/err_prn.c head/crypto/openssl/crypto/evp/Makefile head/crypto/openssl/crypto/evp/bio_enc.c head/crypto/openssl/crypto/evp/bio_md.c head/crypto/openssl/crypto/evp/bio_ok.c head/crypto/openssl/crypto/evp/c_all.c head/crypto/openssl/crypto/evp/c_allc.c head/crypto/openssl/crypto/evp/c_alld.c head/crypto/openssl/crypto/evp/digest.c head/crypto/openssl/crypto/evp/e_aes.c head/crypto/openssl/crypto/evp/e_camellia.c head/crypto/openssl/crypto/evp/e_des.c head/crypto/openssl/crypto/evp/e_des3.c head/crypto/openssl/crypto/evp/e_idea.c head/crypto/openssl/crypto/evp/e_null.c head/crypto/openssl/crypto/evp/e_rc2.c head/crypto/openssl/crypto/evp/e_rc4.c head/crypto/openssl/crypto/evp/e_seed.c head/crypto/openssl/crypto/evp/e_xcbc_d.c head/crypto/openssl/crypto/evp/encode.c head/crypto/openssl/crypto/evp/evp.h head/crypto/openssl/crypto/evp/evp_enc.c head/crypto/openssl/crypto/evp/evp_err.c head/crypto/openssl/crypto/evp/evp_key.c head/crypto/openssl/crypto/evp/evp_lib.c head/crypto/openssl/crypto/evp/evp_locl.h head/crypto/openssl/crypto/evp/evp_pbe.c head/crypto/openssl/crypto/evp/evp_pkey.c head/crypto/openssl/crypto/evp/evp_test.c head/crypto/openssl/crypto/evp/evptests.txt head/crypto/openssl/crypto/evp/m_dss.c head/crypto/openssl/crypto/evp/m_dss1.c head/crypto/openssl/crypto/evp/m_ecdsa.c head/crypto/openssl/crypto/evp/m_md2.c head/crypto/openssl/crypto/evp/m_md4.c head/crypto/openssl/crypto/evp/m_md5.c head/crypto/openssl/crypto/evp/m_mdc2.c head/crypto/openssl/crypto/evp/m_ripemd.c head/crypto/openssl/crypto/evp/m_sha.c head/crypto/openssl/crypto/evp/m_sha1.c head/crypto/openssl/crypto/evp/names.c head/crypto/openssl/crypto/evp/p5_crpt.c head/crypto/openssl/crypto/evp/p5_crpt2.c head/crypto/openssl/crypto/evp/p_dec.c head/crypto/openssl/crypto/evp/p_enc.c head/crypto/openssl/crypto/evp/p_lib.c head/crypto/openssl/crypto/evp/p_open.c head/crypto/openssl/crypto/evp/p_seal.c head/crypto/openssl/crypto/evp/p_sign.c head/crypto/openssl/crypto/evp/p_verify.c head/crypto/openssl/crypto/ex_data.c head/crypto/openssl/crypto/fips_err.h head/crypto/openssl/crypto/hmac/Makefile head/crypto/openssl/crypto/hmac/hmac.c head/crypto/openssl/crypto/hmac/hmac.h head/crypto/openssl/crypto/ia64cpuid.S head/crypto/openssl/crypto/idea/Makefile head/crypto/openssl/crypto/idea/i_skey.c head/crypto/openssl/crypto/idea/idea.h head/crypto/openssl/crypto/jpake/Makefile head/crypto/openssl/crypto/jpake/jpake.c head/crypto/openssl/crypto/jpake/jpaketest.c head/crypto/openssl/crypto/krb5/Makefile head/crypto/openssl/crypto/lhash/Makefile head/crypto/openssl/crypto/lhash/lh_stats.c head/crypto/openssl/crypto/lhash/lhash.c head/crypto/openssl/crypto/lhash/lhash.h head/crypto/openssl/crypto/md2/Makefile head/crypto/openssl/crypto/md2/md2_dgst.c head/crypto/openssl/crypto/md32_common.h head/crypto/openssl/crypto/md4/Makefile head/crypto/openssl/crypto/md4/md4.h head/crypto/openssl/crypto/md4/md4_dgst.c head/crypto/openssl/crypto/md5/Makefile head/crypto/openssl/crypto/md5/asm/md5-586.pl head/crypto/openssl/crypto/md5/asm/md5-x86_64.pl head/crypto/openssl/crypto/md5/md5.h head/crypto/openssl/crypto/md5/md5_dgst.c head/crypto/openssl/crypto/md5/md5_locl.h head/crypto/openssl/crypto/mdc2/Makefile head/crypto/openssl/crypto/mdc2/mdc2.h head/crypto/openssl/crypto/mdc2/mdc2dgst.c head/crypto/openssl/crypto/mem.c head/crypto/openssl/crypto/mem_dbg.c head/crypto/openssl/crypto/o_init.c head/crypto/openssl/crypto/o_time.c head/crypto/openssl/crypto/o_time.h head/crypto/openssl/crypto/objects/Makefile head/crypto/openssl/crypto/objects/o_names.c head/crypto/openssl/crypto/objects/obj_dat.c head/crypto/openssl/crypto/objects/obj_dat.h head/crypto/openssl/crypto/objects/obj_dat.pl head/crypto/openssl/crypto/objects/obj_err.c head/crypto/openssl/crypto/objects/obj_lib.c head/crypto/openssl/crypto/objects/obj_mac.h head/crypto/openssl/crypto/objects/obj_mac.num head/crypto/openssl/crypto/objects/objects.h head/crypto/openssl/crypto/objects/objects.pl head/crypto/openssl/crypto/objects/objects.txt head/crypto/openssl/crypto/ocsp/Makefile head/crypto/openssl/crypto/ocsp/ocsp.h head/crypto/openssl/crypto/ocsp/ocsp_cl.c head/crypto/openssl/crypto/ocsp/ocsp_err.c head/crypto/openssl/crypto/ocsp/ocsp_ext.c head/crypto/openssl/crypto/ocsp/ocsp_ht.c head/crypto/openssl/crypto/ocsp/ocsp_lib.c head/crypto/openssl/crypto/ocsp/ocsp_prn.c head/crypto/openssl/crypto/ocsp/ocsp_vfy.c head/crypto/openssl/crypto/opensslconf.h head/crypto/openssl/crypto/opensslconf.h.in head/crypto/openssl/crypto/opensslv.h head/crypto/openssl/crypto/ossl_typ.h head/crypto/openssl/crypto/pem/Makefile head/crypto/openssl/crypto/pem/pem.h head/crypto/openssl/crypto/pem/pem_all.c head/crypto/openssl/crypto/pem/pem_err.c head/crypto/openssl/crypto/pem/pem_info.c head/crypto/openssl/crypto/pem/pem_lib.c head/crypto/openssl/crypto/pem/pem_pkey.c head/crypto/openssl/crypto/pem/pem_x509.c head/crypto/openssl/crypto/pem/pem_xaux.c head/crypto/openssl/crypto/perlasm/x86_64-xlate.pl head/crypto/openssl/crypto/perlasm/x86asm.pl head/crypto/openssl/crypto/perlasm/x86nasm.pl head/crypto/openssl/crypto/pkcs12/Makefile head/crypto/openssl/crypto/pkcs12/p12_add.c head/crypto/openssl/crypto/pkcs12/p12_attr.c head/crypto/openssl/crypto/pkcs12/p12_crpt.c head/crypto/openssl/crypto/pkcs12/p12_crt.c head/crypto/openssl/crypto/pkcs12/p12_decr.c head/crypto/openssl/crypto/pkcs12/p12_key.c head/crypto/openssl/crypto/pkcs12/p12_kiss.c head/crypto/openssl/crypto/pkcs12/p12_mutl.c head/crypto/openssl/crypto/pkcs12/p12_utl.c head/crypto/openssl/crypto/pkcs12/pk12err.c head/crypto/openssl/crypto/pkcs12/pkcs12.h head/crypto/openssl/crypto/pkcs7/Makefile head/crypto/openssl/crypto/pkcs7/pk7_asn1.c head/crypto/openssl/crypto/pkcs7/pk7_attr.c head/crypto/openssl/crypto/pkcs7/pk7_doit.c head/crypto/openssl/crypto/pkcs7/pk7_lib.c head/crypto/openssl/crypto/pkcs7/pk7_mime.c head/crypto/openssl/crypto/pkcs7/pk7_smime.c head/crypto/openssl/crypto/pkcs7/pkcs7.h head/crypto/openssl/crypto/pkcs7/pkcs7err.c head/crypto/openssl/crypto/pqueue/Makefile head/crypto/openssl/crypto/pqueue/pqueue.c head/crypto/openssl/crypto/pqueue/pqueue.h head/crypto/openssl/crypto/rand/Makefile head/crypto/openssl/crypto/rand/md_rand.c head/crypto/openssl/crypto/rand/rand.h head/crypto/openssl/crypto/rand/rand_egd.c head/crypto/openssl/crypto/rand/rand_err.c head/crypto/openssl/crypto/rand/rand_lcl.h head/crypto/openssl/crypto/rand/rand_lib.c head/crypto/openssl/crypto/rand/rand_unix.c head/crypto/openssl/crypto/rand/randfile.c head/crypto/openssl/crypto/rc2/Makefile head/crypto/openssl/crypto/rc2/rc2_skey.c head/crypto/openssl/crypto/rc4/Makefile head/crypto/openssl/crypto/rc4/asm/rc4-586.pl head/crypto/openssl/crypto/rc4/asm/rc4-x86_64.pl head/crypto/openssl/crypto/rc4/rc4.h head/crypto/openssl/crypto/rc4/rc4_enc.c head/crypto/openssl/crypto/rc4/rc4_skey.c head/crypto/openssl/crypto/rc4/rc4test.c head/crypto/openssl/crypto/rc5/Makefile head/crypto/openssl/crypto/rc5/asm/rc5-586.pl head/crypto/openssl/crypto/rc5/rc5.h head/crypto/openssl/crypto/rc5/rc5_skey.c head/crypto/openssl/crypto/ripemd/Makefile head/crypto/openssl/crypto/ripemd/asm/rmd-586.pl head/crypto/openssl/crypto/ripemd/ripemd.h head/crypto/openssl/crypto/ripemd/rmd_dgst.c head/crypto/openssl/crypto/ripemd/rmd_locl.h head/crypto/openssl/crypto/rsa/Makefile head/crypto/openssl/crypto/rsa/rsa.h head/crypto/openssl/crypto/rsa/rsa_asn1.c head/crypto/openssl/crypto/rsa/rsa_eay.c head/crypto/openssl/crypto/rsa/rsa_err.c head/crypto/openssl/crypto/rsa/rsa_gen.c head/crypto/openssl/crypto/rsa/rsa_lib.c head/crypto/openssl/crypto/rsa/rsa_oaep.c head/crypto/openssl/crypto/rsa/rsa_pss.c head/crypto/openssl/crypto/rsa/rsa_sign.c head/crypto/openssl/crypto/rsa/rsa_test.c head/crypto/openssl/crypto/seed/Makefile head/crypto/openssl/crypto/seed/seed.c head/crypto/openssl/crypto/seed/seed.h head/crypto/openssl/crypto/seed/seed_cbc.c head/crypto/openssl/crypto/seed/seed_cfb.c head/crypto/openssl/crypto/seed/seed_ofb.c head/crypto/openssl/crypto/sha/Makefile head/crypto/openssl/crypto/sha/asm/sha1-586.pl head/crypto/openssl/crypto/sha/asm/sha1-ia64.pl head/crypto/openssl/crypto/sha/asm/sha1-x86_64.pl head/crypto/openssl/crypto/sha/asm/sha512-x86_64.pl head/crypto/openssl/crypto/sha/sha.h head/crypto/openssl/crypto/sha/sha1_one.c head/crypto/openssl/crypto/sha/sha1dgst.c head/crypto/openssl/crypto/sha/sha256.c head/crypto/openssl/crypto/sha/sha512.c head/crypto/openssl/crypto/sha/sha_dgst.c head/crypto/openssl/crypto/sha/sha_locl.h head/crypto/openssl/crypto/sha/shatest.c head/crypto/openssl/crypto/sparccpuid.S head/crypto/openssl/crypto/stack/Makefile head/crypto/openssl/crypto/stack/safestack.h head/crypto/openssl/crypto/stack/stack.c head/crypto/openssl/crypto/stack/stack.h head/crypto/openssl/crypto/store/Makefile head/crypto/openssl/crypto/store/store.h head/crypto/openssl/crypto/store/str_err.c head/crypto/openssl/crypto/store/str_lib.c head/crypto/openssl/crypto/store/str_mem.c head/crypto/openssl/crypto/symhacks.h head/crypto/openssl/crypto/threads/mttest.c head/crypto/openssl/crypto/txt_db/Makefile head/crypto/openssl/crypto/txt_db/txt_db.c head/crypto/openssl/crypto/txt_db/txt_db.h head/crypto/openssl/crypto/ui/Makefile head/crypto/openssl/crypto/ui/ui.h head/crypto/openssl/crypto/ui/ui_err.c head/crypto/openssl/crypto/ui/ui_lib.c head/crypto/openssl/crypto/ui/ui_openssl.c head/crypto/openssl/crypto/x509/Makefile head/crypto/openssl/crypto/x509/by_dir.c head/crypto/openssl/crypto/x509/by_file.c head/crypto/openssl/crypto/x509/x509.h head/crypto/openssl/crypto/x509/x509_cmp.c head/crypto/openssl/crypto/x509/x509_err.c head/crypto/openssl/crypto/x509/x509_lu.c head/crypto/openssl/crypto/x509/x509_obj.c head/crypto/openssl/crypto/x509/x509_req.c head/crypto/openssl/crypto/x509/x509_set.c head/crypto/openssl/crypto/x509/x509_trs.c head/crypto/openssl/crypto/x509/x509_txt.c head/crypto/openssl/crypto/x509/x509_vfy.c head/crypto/openssl/crypto/x509/x509_vfy.h head/crypto/openssl/crypto/x509/x509_vpm.c head/crypto/openssl/crypto/x509/x509cset.c head/crypto/openssl/crypto/x509/x509name.c head/crypto/openssl/crypto/x509/x509type.c head/crypto/openssl/crypto/x509/x_all.c head/crypto/openssl/crypto/x509v3/Makefile head/crypto/openssl/crypto/x509v3/ext_dat.h head/crypto/openssl/crypto/x509v3/pcy_cache.c head/crypto/openssl/crypto/x509v3/pcy_data.c head/crypto/openssl/crypto/x509v3/pcy_int.h head/crypto/openssl/crypto/x509v3/pcy_map.c head/crypto/openssl/crypto/x509v3/pcy_node.c head/crypto/openssl/crypto/x509v3/pcy_tree.c head/crypto/openssl/crypto/x509v3/v3_addr.c head/crypto/openssl/crypto/x509v3/v3_alt.c head/crypto/openssl/crypto/x509v3/v3_asid.c head/crypto/openssl/crypto/x509v3/v3_conf.c head/crypto/openssl/crypto/x509v3/v3_cpols.c head/crypto/openssl/crypto/x509v3/v3_crld.c head/crypto/openssl/crypto/x509v3/v3_enum.c head/crypto/openssl/crypto/x509v3/v3_extku.c head/crypto/openssl/crypto/x509v3/v3_genn.c head/crypto/openssl/crypto/x509v3/v3_lib.c head/crypto/openssl/crypto/x509v3/v3_ncons.c head/crypto/openssl/crypto/x509v3/v3_ocsp.c head/crypto/openssl/crypto/x509v3/v3_pci.c head/crypto/openssl/crypto/x509v3/v3_pcons.c head/crypto/openssl/crypto/x509v3/v3_pmaps.c head/crypto/openssl/crypto/x509v3/v3_prn.c head/crypto/openssl/crypto/x509v3/v3_purp.c head/crypto/openssl/crypto/x509v3/v3_skey.c head/crypto/openssl/crypto/x509v3/v3_utl.c head/crypto/openssl/crypto/x509v3/v3err.c head/crypto/openssl/crypto/x509v3/x509v3.h head/crypto/openssl/crypto/x86_64cpuid.pl head/crypto/openssl/crypto/x86cpuid.pl head/crypto/openssl/doc/apps/asn1parse.pod head/crypto/openssl/doc/apps/ca.pod head/crypto/openssl/doc/apps/ciphers.pod head/crypto/openssl/doc/apps/config.pod head/crypto/openssl/doc/apps/dgst.pod head/crypto/openssl/doc/apps/dhparam.pod head/crypto/openssl/doc/apps/dsa.pod head/crypto/openssl/doc/apps/dsaparam.pod head/crypto/openssl/doc/apps/ec.pod head/crypto/openssl/doc/apps/ecparam.pod head/crypto/openssl/doc/apps/enc.pod head/crypto/openssl/doc/apps/gendsa.pod head/crypto/openssl/doc/apps/genrsa.pod head/crypto/openssl/doc/apps/ocsp.pod head/crypto/openssl/doc/apps/openssl.pod head/crypto/openssl/doc/apps/pkcs12.pod head/crypto/openssl/doc/apps/pkcs7.pod head/crypto/openssl/doc/apps/pkcs8.pod head/crypto/openssl/doc/apps/req.pod head/crypto/openssl/doc/apps/rsa.pod head/crypto/openssl/doc/apps/s_client.pod head/crypto/openssl/doc/apps/s_server.pod head/crypto/openssl/doc/apps/smime.pod head/crypto/openssl/doc/apps/speed.pod head/crypto/openssl/doc/apps/spkac.pod head/crypto/openssl/doc/apps/verify.pod head/crypto/openssl/doc/apps/x509.pod head/crypto/openssl/doc/apps/x509v3_config.pod head/crypto/openssl/doc/crypto/ASN1_generate_nconf.pod head/crypto/openssl/doc/crypto/BIO_f_md.pod head/crypto/openssl/doc/crypto/BIO_f_ssl.pod head/crypto/openssl/doc/crypto/BIO_s_file.pod head/crypto/openssl/doc/crypto/BIO_s_mem.pod head/crypto/openssl/doc/crypto/BN_BLINDING_new.pod head/crypto/openssl/doc/crypto/DSA_get_ex_new_index.pod head/crypto/openssl/doc/crypto/EVP_DigestInit.pod head/crypto/openssl/doc/crypto/EVP_SignInit.pod head/crypto/openssl/doc/crypto/EVP_VerifyInit.pod head/crypto/openssl/doc/crypto/PKCS7_encrypt.pod head/crypto/openssl/doc/crypto/PKCS7_sign.pod head/crypto/openssl/doc/crypto/SMIME_write_PKCS7.pod head/crypto/openssl/doc/crypto/d2i_RSAPublicKey.pod head/crypto/openssl/doc/crypto/ecdsa.pod head/crypto/openssl/doc/crypto/evp.pod head/crypto/openssl/doc/crypto/hmac.pod head/crypto/openssl/doc/crypto/lhash.pod head/crypto/openssl/doc/crypto/threads.pod head/crypto/openssl/doc/ssl/SSL_CTX_new.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_options.pod head/crypto/openssl/doc/ssl/SSL_CTX_set_ssl_version.pod head/crypto/openssl/doc/ssl/SSL_alert_type_string.pod head/crypto/openssl/doc/ssl/SSL_library_init.pod head/crypto/openssl/doc/ssl/ssl.pod head/crypto/openssl/doc/ssleay.txt head/crypto/openssl/doc/standards.txt head/crypto/openssl/e_os.h head/crypto/openssl/e_os2.h head/crypto/openssl/engines/Makefile head/crypto/openssl/engines/e_4758cca.c head/crypto/openssl/engines/e_aep.c head/crypto/openssl/engines/e_capi.c head/crypto/openssl/engines/e_capi_err.c head/crypto/openssl/engines/e_chil.c head/crypto/openssl/engines/e_gmp.c head/crypto/openssl/engines/e_sureware.c head/crypto/openssl/engines/e_ubsec.c head/crypto/openssl/ssl/Makefile head/crypto/openssl/ssl/bio_ssl.c head/crypto/openssl/ssl/d1_both.c head/crypto/openssl/ssl/d1_clnt.c head/crypto/openssl/ssl/d1_enc.c head/crypto/openssl/ssl/d1_lib.c head/crypto/openssl/ssl/d1_meth.c head/crypto/openssl/ssl/d1_pkt.c head/crypto/openssl/ssl/d1_srvr.c head/crypto/openssl/ssl/dtls1.h head/crypto/openssl/ssl/kssl.c head/crypto/openssl/ssl/kssl.h head/crypto/openssl/ssl/kssl_lcl.h head/crypto/openssl/ssl/s23_clnt.c head/crypto/openssl/ssl/s23_lib.c head/crypto/openssl/ssl/s23_meth.c head/crypto/openssl/ssl/s23_srvr.c head/crypto/openssl/ssl/s2_clnt.c head/crypto/openssl/ssl/s2_enc.c head/crypto/openssl/ssl/s2_lib.c head/crypto/openssl/ssl/s2_meth.c head/crypto/openssl/ssl/s2_pkt.c head/crypto/openssl/ssl/s2_srvr.c head/crypto/openssl/ssl/s3_both.c head/crypto/openssl/ssl/s3_clnt.c head/crypto/openssl/ssl/s3_enc.c head/crypto/openssl/ssl/s3_lib.c head/crypto/openssl/ssl/s3_meth.c head/crypto/openssl/ssl/s3_pkt.c head/crypto/openssl/ssl/s3_srvr.c head/crypto/openssl/ssl/ssl.h head/crypto/openssl/ssl/ssl2.h head/crypto/openssl/ssl/ssl3.h head/crypto/openssl/ssl/ssl_algs.c head/crypto/openssl/ssl/ssl_asn1.c head/crypto/openssl/ssl/ssl_cert.c head/crypto/openssl/ssl/ssl_ciph.c head/crypto/openssl/ssl/ssl_err.c head/crypto/openssl/ssl/ssl_lib.c head/crypto/openssl/ssl/ssl_locl.h head/crypto/openssl/ssl/ssl_sess.c head/crypto/openssl/ssl/ssl_stat.c head/crypto/openssl/ssl/ssl_txt.c head/crypto/openssl/ssl/ssltest.c head/crypto/openssl/ssl/t1_clnt.c head/crypto/openssl/ssl/t1_enc.c head/crypto/openssl/ssl/t1_lib.c head/crypto/openssl/ssl/t1_meth.c head/crypto/openssl/ssl/t1_srvr.c head/crypto/openssl/ssl/tls1.h head/crypto/openssl/util/ck_errf.pl head/crypto/openssl/util/clean-depend.pl head/crypto/openssl/util/domd head/crypto/openssl/util/libeay.num head/crypto/openssl/util/mk1mf.pl head/crypto/openssl/util/mkdef.pl head/crypto/openssl/util/mkerr.pl head/crypto/openssl/util/mkfiles.pl head/crypto/openssl/util/mklink.pl head/crypto/openssl/util/mkstack.pl head/crypto/openssl/util/pl/BC-32.pl head/crypto/openssl/util/pl/Mingw32.pl head/crypto/openssl/util/pl/VC-32.pl head/crypto/openssl/util/pl/netware.pl head/crypto/openssl/util/point.sh head/crypto/openssl/util/selftest.pl head/crypto/openssl/util/shlib_wrap.sh head/crypto/openssl/util/ssleay.num head/lib/libfetch/common.h head/secure/lib/libcrypto/Makefile head/secure/lib/libcrypto/Makefile.asm head/secure/lib/libcrypto/Makefile.inc head/secure/lib/libcrypto/Makefile.man head/secure/lib/libcrypto/engines/Makefile head/secure/lib/libcrypto/engines/Makefile.inc head/secure/lib/libcrypto/i386/bf-586.s head/secure/lib/libcrypto/i386/bf-686.s head/secure/lib/libcrypto/i386/bn-586.s head/secure/lib/libcrypto/i386/cast-586.s head/secure/lib/libcrypto/i386/co-586.s head/secure/lib/libcrypto/i386/crypt586.s head/secure/lib/libcrypto/i386/des-586.s head/secure/lib/libcrypto/i386/md5-586.s head/secure/lib/libcrypto/i386/rc4-586.s head/secure/lib/libcrypto/i386/rc5-586.s head/secure/lib/libcrypto/i386/rmd-586.s head/secure/lib/libcrypto/i386/sha1-586.s head/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 (contents, props changed) head/secure/lib/libcrypto/man/ASN1_STRING_length.3 (contents, props changed) head/secure/lib/libcrypto/man/ASN1_STRING_new.3 (contents, props changed) head/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 (contents, props changed) head/secure/lib/libcrypto/man/ASN1_generate_nconf.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_ctrl.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_f_base64.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_f_buffer.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_f_cipher.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_f_md.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_f_null.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_f_ssl.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_find_type.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_new.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_push.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_read.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_accept.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_bio.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_connect.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_fd.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_file.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_mem.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_null.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_s_socket.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_set_callback.3 (contents, props changed) head/secure/lib/libcrypto/man/BIO_should_retry.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_BLINDING_new.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_CTX_new.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_CTX_start.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_add.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_add_word.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_bn2bin.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_cmp.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_copy.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_generate_prime.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_mod_inverse.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_new.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_num_bytes.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_rand.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_set_bit.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_swap.3 (contents, props changed) head/secure/lib/libcrypto/man/BN_zero.3 (contents, props changed) head/secure/lib/libcrypto/man/CONF_modules_free.3 (contents, props changed) head/secure/lib/libcrypto/man/CONF_modules_load_file.3 (contents, props changed) head/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 (contents, props changed) head/secure/lib/libcrypto/man/DH_generate_key.3 (contents, props changed) head/secure/lib/libcrypto/man/DH_generate_parameters.3 (contents, props changed) head/secure/lib/libcrypto/man/DH_get_ex_new_index.3 (contents, props changed) head/secure/lib/libcrypto/man/DH_new.3 (contents, props changed) head/secure/lib/libcrypto/man/DH_set_method.3 (contents, props changed) head/secure/lib/libcrypto/man/DH_size.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_SIG_new.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_do_sign.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_dup_DH.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_generate_key.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_generate_parameters.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_new.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_set_method.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_sign.3 (contents, props changed) head/secure/lib/libcrypto/man/DSA_size.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_GET_LIB.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_clear_error.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_error_string.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_get_error.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_load_strings.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_print_errors.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_put_error.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_remove_state.3 (contents, props changed) head/secure/lib/libcrypto/man/ERR_set_mark.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_BytesToKey.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_DigestInit.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_EncryptInit.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_OpenInit.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_new.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_SealInit.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_SignInit.3 (contents, props changed) head/secure/lib/libcrypto/man/EVP_VerifyInit.3 (contents, props changed) head/secure/lib/libcrypto/man/OBJ_nid2obj.3 (contents, props changed) head/secure/lib/libcrypto/man/OPENSSL_Applink.3 (contents, props changed) head/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 (contents, props changed) head/secure/lib/libcrypto/man/OPENSSL_config.3 (contents, props changed) head/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 (contents, props changed) head/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 (contents, props changed) head/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 (contents, props changed) head/secure/lib/libcrypto/man/PKCS12_create.3 (contents, props changed) head/secure/lib/libcrypto/man/PKCS12_parse.3 (contents, props changed) head/secure/lib/libcrypto/man/PKCS7_decrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/PKCS7_encrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/PKCS7_sign.3 (contents, props changed) head/secure/lib/libcrypto/man/PKCS7_verify.3 (contents, props changed) head/secure/lib/libcrypto/man/RAND_add.3 (contents, props changed) head/secure/lib/libcrypto/man/RAND_bytes.3 (contents, props changed) head/secure/lib/libcrypto/man/RAND_cleanup.3 (contents, props changed) head/secure/lib/libcrypto/man/RAND_egd.3 (contents, props changed) head/secure/lib/libcrypto/man/RAND_load_file.3 (contents, props changed) head/secure/lib/libcrypto/man/RAND_set_rand_method.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_blinding_on.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_check_key.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_generate_key.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_new.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_print.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_private_encrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_public_encrypt.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_set_method.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_sign.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 (contents, props changed) head/secure/lib/libcrypto/man/RSA_size.3 (contents, props changed) head/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 (contents, props changed) head/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_NAME_print_ex.3 (contents, props changed) head/secure/lib/libcrypto/man/X509_new.3 (contents, props changed) head/secure/lib/libcrypto/man/bio.3 (contents, props changed) head/secure/lib/libcrypto/man/blowfish.3 (contents, props changed) head/secure/lib/libcrypto/man/bn.3 (contents, props changed) head/secure/lib/libcrypto/man/bn_internal.3 (contents, props changed) head/secure/lib/libcrypto/man/buffer.3 (contents, props changed) head/secure/lib/libcrypto/man/crypto.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_DHparams.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_X509.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_X509_CRL.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_X509_NAME.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_X509_REQ.3 (contents, props changed) head/secure/lib/libcrypto/man/d2i_X509_SIG.3 (contents, props changed) head/secure/lib/libcrypto/man/des.3 (contents, props changed) head/secure/lib/libcrypto/man/dh.3 (contents, props changed) head/secure/lib/libcrypto/man/dsa.3 (contents, props changed) head/secure/lib/libcrypto/man/ecdsa.3 (contents, props changed) head/secure/lib/libcrypto/man/engine.3 (contents, props changed) head/secure/lib/libcrypto/man/err.3 (contents, props changed) head/secure/lib/libcrypto/man/evp.3 (contents, props changed) head/secure/lib/libcrypto/man/hmac.3 (contents, props changed) head/secure/lib/libcrypto/man/lh_stats.3 (contents, props changed) head/secure/lib/libcrypto/man/lhash.3 (contents, props changed) head/secure/lib/libcrypto/man/md5.3 (contents, props changed) head/secure/lib/libcrypto/man/mdc2.3 (contents, props changed) head/secure/lib/libcrypto/man/pem.3 (contents, props changed) head/secure/lib/libcrypto/man/rand.3 (contents, props changed) head/secure/lib/libcrypto/man/rc4.3 (contents, props changed) head/secure/lib/libcrypto/man/ripemd.3 (contents, props changed) head/secure/lib/libcrypto/man/rsa.3 (contents, props changed) head/secure/lib/libcrypto/man/sha.3 (contents, props changed) head/secure/lib/libcrypto/man/threads.3 (contents, props changed) head/secure/lib/libcrypto/man/ui.3 (contents, props changed) head/secure/lib/libcrypto/man/ui_compat.3 (contents, props changed) head/secure/lib/libcrypto/man/x509.3 (contents, props changed) head/secure/lib/libcrypto/opensslconf-arm.h head/secure/lib/libcrypto/opensslconf-ia64.h head/secure/lib/libcrypto/opensslconf-mips.h head/secure/lib/libcrypto/opensslconf-powerpc.h head/secure/lib/libcrypto/opensslconf-sparc64.h head/secure/lib/libssl/Makefile head/secure/lib/libssl/Makefile.man head/secure/lib/libssl/man/SSL_CIPHER_get_name.3 (contents, props changed) head/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_add_session.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_ctrl.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_free.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_new.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_sess_number.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_sessions.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_mode.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_options.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_timeout.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_set_verify.3 (contents, props changed) head/secure/lib/libssl/man/SSL_CTX_use_certificate.3 (contents, props changed) head/secure/lib/libssl/man/SSL_SESSION_free.3 (contents, props changed) head/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 (contents, props changed) head/secure/lib/libssl/man/SSL_SESSION_get_time.3 (contents, props changed) head/secure/lib/libssl/man/SSL_accept.3 (contents, props changed) head/secure/lib/libssl/man/SSL_alert_type_string.3 (contents, props changed) head/secure/lib/libssl/man/SSL_clear.3 (contents, props changed) head/secure/lib/libssl/man/SSL_connect.3 (contents, props changed) head/secure/lib/libssl/man/SSL_do_handshake.3 (contents, props changed) head/secure/lib/libssl/man/SSL_free.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_SSL_CTX.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_ciphers.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_client_CA_list.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_current_cipher.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_default_timeout.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_error.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_ex_new_index.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_fd.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_peer_certificate.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_rbio.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_session.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_verify_result.3 (contents, props changed) head/secure/lib/libssl/man/SSL_get_version.3 (contents, props changed) head/secure/lib/libssl/man/SSL_library_init.3 (contents, props changed) head/secure/lib/libssl/man/SSL_load_client_CA_file.3 (contents, props changed) head/secure/lib/libssl/man/SSL_new.3 (contents, props changed) head/secure/lib/libssl/man/SSL_pending.3 (contents, props changed) head/secure/lib/libssl/man/SSL_read.3 (contents, props changed) head/secure/lib/libssl/man/SSL_rstate_string.3 (contents, props changed) head/secure/lib/libssl/man/SSL_session_reused.3 (contents, props changed) head/secure/lib/libssl/man/SSL_set_bio.3 (contents, props changed) head/secure/lib/libssl/man/SSL_set_connect_state.3 (contents, props changed) head/secure/lib/libssl/man/SSL_set_fd.3 (contents, props changed) head/secure/lib/libssl/man/SSL_set_session.3 (contents, props changed) head/secure/lib/libssl/man/SSL_set_shutdown.3 (contents, props changed) head/secure/lib/libssl/man/SSL_set_verify_result.3 (contents, props changed) head/secure/lib/libssl/man/SSL_shutdown.3 (contents, props changed) head/secure/lib/libssl/man/SSL_state_string.3 (contents, props changed) head/secure/lib/libssl/man/SSL_want.3 (contents, props changed) head/secure/lib/libssl/man/SSL_write.3 (contents, props changed) head/secure/lib/libssl/man/d2i_SSL_SESSION.3 (contents, props changed) head/secure/lib/libssl/man/ssl.3 (contents, props changed) head/secure/usr.bin/openssl/Makefile head/secure/usr.bin/openssl/Makefile.man head/secure/usr.bin/openssl/man/CA.pl.1 (contents, props changed) head/secure/usr.bin/openssl/man/asn1parse.1 (contents, props changed) head/secure/usr.bin/openssl/man/ca.1 (contents, props changed) head/secure/usr.bin/openssl/man/ciphers.1 (contents, props changed) head/secure/usr.bin/openssl/man/crl.1 (contents, props changed) head/secure/usr.bin/openssl/man/crl2pkcs7.1 (contents, props changed) head/secure/usr.bin/openssl/man/dgst.1 (contents, props changed) head/secure/usr.bin/openssl/man/dhparam.1 (contents, props changed) head/secure/usr.bin/openssl/man/dsa.1 (contents, props changed) head/secure/usr.bin/openssl/man/dsaparam.1 (contents, props changed) head/secure/usr.bin/openssl/man/ec.1 (contents, props changed) head/secure/usr.bin/openssl/man/ecparam.1 (contents, props changed) head/secure/usr.bin/openssl/man/enc.1 (contents, props changed) head/secure/usr.bin/openssl/man/errstr.1 (contents, props changed) head/secure/usr.bin/openssl/man/gendsa.1 (contents, props changed) head/secure/usr.bin/openssl/man/genrsa.1 (contents, props changed) head/secure/usr.bin/openssl/man/nseq.1 (contents, props changed) head/secure/usr.bin/openssl/man/ocsp.1 (contents, props changed) head/secure/usr.bin/openssl/man/openssl.1 (contents, props changed) head/secure/usr.bin/openssl/man/passwd.1 (contents, props changed) head/secure/usr.bin/openssl/man/pkcs12.1 (contents, props changed) head/secure/usr.bin/openssl/man/pkcs7.1 (contents, props changed) head/secure/usr.bin/openssl/man/pkcs8.1 (contents, props changed) head/secure/usr.bin/openssl/man/rand.1 (contents, props changed) head/secure/usr.bin/openssl/man/req.1 (contents, props changed) head/secure/usr.bin/openssl/man/rsa.1 (contents, props changed) head/secure/usr.bin/openssl/man/rsautl.1 (contents, props changed) head/secure/usr.bin/openssl/man/s_client.1 (contents, props changed) head/secure/usr.bin/openssl/man/s_server.1 (contents, props changed) head/secure/usr.bin/openssl/man/s_time.1 (contents, props changed) head/secure/usr.bin/openssl/man/sess_id.1 (contents, props changed) head/secure/usr.bin/openssl/man/smime.1 (contents, props changed) head/secure/usr.bin/openssl/man/speed.1 (contents, props changed) head/secure/usr.bin/openssl/man/spkac.1 (contents, props changed) head/secure/usr.bin/openssl/man/verify.1 (contents, props changed) head/secure/usr.bin/openssl/man/version.1 (contents, props changed) head/secure/usr.bin/openssl/man/x509.1 (contents, props changed) head/secure/usr.bin/openssl/man/x509v3_config.1 (contents, props changed) head/sys/sys/param.h Directory Properties: head/crypto/openssl/ (props changed) Modified: head/ObsoleteFiles.inc ============================================================================== --- head/ObsoleteFiles.inc Thu Jul 12 19:15:38 2012 (r238404) +++ head/ObsoleteFiles.inc Thu Jul 12 19:30:53 2012 (r238405) @@ -38,6 +38,22 @@ # xargs -n1 | sort | uniq -d; # done +# 20120712: OpenSSL 1.0.1c import +OLD_FILES+=lib/libcrypto.so.6 +OLD_FILES+=usr/include/openssl/aes_locl.h +OLD_FILES+=usr/include/openssl/bio_lcl.h +OLD_FILES+=usr/include/openssl/e_os.h +OLD_FILES+=usr/include/openssl/fips.h +OLD_FILES+=usr/include/openssl/fips_rand.h +OLD_FILES+=usr/include/openssl/md2.h +OLD_FILES+=usr/include/openssl/pq_compat.h +OLD_FILES+=usr/include/openssl/store.h +OLD_FILES+=usr/include/openssl/tmdiff.h +OLD_FILES+=usr/include/openssl/ui_locl.h +OLD_FILES+=usr/lib/libssl.so.6 +OLD_FILES+=usr/lib32/libcrypto.so.6 +OLD_FILES+=usr/lib32/libssl.so.6 +OLD_FILES+=usr/share/openssl/man/man3/CRYPTO_set_id_callback.3.gz # 20120621: remove old man page OLD_FILES+=usr/share/man/man8/vnconfig.8.gz # 20120613: auth.conf removed Modified: head/UPDATING ============================================================================== --- head/UPDATING Thu Jul 12 19:15:38 2012 (r238404) +++ head/UPDATING Thu Jul 12 19:30:53 2012 (r238405) @@ -25,6 +25,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 10 "ln -s 'abort:false,junk:false' /etc/malloc.conf".) 20120712: + The OpenSSL has been upgraded to 1.0.1c. Any binaries requiring + libcrypto.so.6 or libssl.so.6 must be recompiled. Also, there are + configuration changes. Make sure to merge /etc/ssl/openssl.cnf. + +20120712: The following sysctls and tunables have been renamed for consistency with other variables: kern.cam.da.da_send_ordered -> kern.cam.da.send_ordered Modified: head/crypto/openssl/CHANGES ============================================================================== --- head/crypto/openssl/CHANGES Thu Jul 12 19:15:38 2012 (r238404) +++ head/crypto/openssl/CHANGES Thu Jul 12 19:30:53 2012 (r238405) @@ -2,10 +2,10 @@ OpenSSL CHANGES _______________ - Changes between 0.9.8w and 0.9.8x [10 May 2012] + Changes between 1.0.1b and 1.0.1c [10 May 2012] - *) Sanity check record length before skipping explicit IV in DTLS - to fix DoS attack. + *) Sanity check record length before skipping explicit IV in TLS + 1.2, 1.1 and DTLS to fix DoS attack. Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing as a service testing platform. @@ -16,15 +16,34 @@ Thanks to Solar Designer of Openwall for reporting this issue. [Steve Henson] - Changes between 0.9.8v and 0.9.8w [23 Apr 2012] + *) In FIPS mode don't try to use composite ciphers as they are not + approved. + [Steve Henson] - *) The fix for CVE-2012-2110 did not take into account that the - 'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an - int in OpenSSL 0.9.8, making it still vulnerable. Fix by - rejecting negative len parameter. (CVE-2012-2131) - [Tomas Hoger <thoger@redhat.com>] + Changes between 1.0.1a and 1.0.1b [26 Apr 2012] + + *) OpenSSL 1.0.0 sets SSL_OP_ALL to 0x80000FFFL and OpenSSL 1.0.1 and + 1.0.1a set SSL_OP_NO_TLSv1_1 to 0x00000400L which would unfortunately + mean any application compiled against OpenSSL 1.0.0 headers setting + SSL_OP_ALL would also set SSL_OP_NO_TLSv1_1, unintentionally disablng + TLS 1.1 also. Fix this by changing the value of SSL_OP_NO_TLSv1_1 to + 0x10000000L Any application which was previously compiled against + OpenSSL 1.0.1 or 1.0.1a headers and which cares about SSL_OP_NO_TLSv1_1 + will need to be recompiled as a result. Letting be results in + inability to disable specifically TLS 1.1 and in client context, + in unlike event, limit maximum offered version to TLS 1.0 [see below]. + [Steve Henson] + + *) In order to ensure interoperabilty SSL_OP_NO_protocolX does not + disable just protocol X, but all protocols above X *if* there are + protocols *below* X still enabled. In more practical terms it means + that if application wants to disable TLS1.0 in favor of TLS1.1 and + above, it's not sufficient to pass SSL_OP_NO_TLSv1, one has to pass + SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3|SSL_OP_NO_SSLv2. This applies to + client side. + [Andy Polyakov] - Changes between 0.9.8u and 0.9.8v [19 Apr 2012] + Changes between 1.0.1 and 1.0.1a [19 Apr 2012] *) Check for potentially exploitable overflows in asn1_d2i_read_bio BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer @@ -35,7 +54,310 @@ (CVE-2012-2110) [Adam Langley (Google), Tavis Ormandy, Google Security Team] - Changes between 0.9.8t and 0.9.8u [12 Mar 2012] + *) Don't allow TLS 1.2 SHA-256 ciphersuites in TLS 1.0, 1.1 connections. + [Adam Langley] + + *) Workarounds for some broken servers that "hang" if a client hello + record length exceeds 255 bytes. + + 1. Do not use record version number > TLS 1.0 in initial client + hello: some (but not all) hanging servers will now work. + 2. If we set OPENSSL_MAX_TLS1_2_CIPHER_LENGTH this will truncate + the number of ciphers sent in the client hello. This should be + set to an even number, such as 50, for example by passing: + -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH=50 to config or Configure. + Most broken servers should now work. + 3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable + TLS 1.2 client support entirely. + [Steve Henson] + + *) Fix SEGV in Vector Permutation AES module observed in OpenSSH. + [Andy Polyakov] + + Changes between 1.0.0h and 1.0.1 [14 Mar 2012] + + *) Add compatibility with old MDC2 signatures which use an ASN1 OCTET + STRING form instead of a DigestInfo. + [Steve Henson] + + *) The format used for MDC2 RSA signatures is inconsistent between EVP + and the RSA_sign/RSA_verify functions. This was made more apparent when + OpenSSL used RSA_sign/RSA_verify for some RSA signatures in particular + those which went through EVP_PKEY_METHOD in 1.0.0 and later. Detect + the correct format in RSA_verify so both forms transparently work. + [Steve Henson] + + *) Some servers which support TLS 1.0 can choke if we initially indicate + support for TLS 1.2 and later renegotiate using TLS 1.0 in the RSA + encrypted premaster secret. As a workaround use the maximum pemitted + client version in client hello, this should keep such servers happy + and still work with previous versions of OpenSSL. + [Steve Henson] + + *) Add support for TLS/DTLS heartbeats. + [Robin Seggelmann <seggelmann@fh-muenster.de>] + + *) Add support for SCTP. + [Robin Seggelmann <seggelmann@fh-muenster.de>] + + *) Improved PRNG seeding for VOS. + [Paul Green <Paul.Green@stratus.com>] + + *) Extensive assembler packs updates, most notably: + + - x86[_64]: AES-NI, PCLMULQDQ, RDRAND support; + - x86[_64]: SSSE3 support (SHA1, vector-permutation AES); + - x86_64: bit-sliced AES implementation; + - ARM: NEON support, contemporary platforms optimizations; + - s390x: z196 support; + - *: GHASH and GF(2^m) multiplication implementations; + + [Andy Polyakov] + + *) Make TLS-SRP code conformant with RFC 5054 API cleanup + (removal of unnecessary code) + [Peter Sylvester <peter.sylvester@edelweb.fr>] + + *) Add TLS key material exporter from RFC 5705. + [Eric Rescorla] + + *) Add DTLS-SRTP negotiation from RFC 5764. + [Eric Rescorla] + + *) Add Next Protocol Negotiation, + http://tools.ietf.org/html/draft-agl-tls-nextprotoneg-00. Can be + disabled with a no-npn flag to config or Configure. Code donated + by Google. + [Adam Langley <agl@google.com> and Ben Laurie] + + *) Add optional 64-bit optimized implementations of elliptic curves NIST-P224, + NIST-P256, NIST-P521, with constant-time single point multiplication on + typical inputs. Compiler support for the nonstandard type __uint128_t is + required to use this (present in gcc 4.4 and later, for 64-bit builds). + Code made available under Apache License version 2.0. + + Specify "enable-ec_nistp_64_gcc_128" on the Configure (or config) command + line to include this in your build of OpenSSL, and run "make depend" (or + "make update"). This enables the following EC_METHODs: + + EC_GFp_nistp224_method() + EC_GFp_nistp256_method() + EC_GFp_nistp521_method() + + EC_GROUP_new_by_curve_name() will automatically use these (while + EC_GROUP_new_curve_GFp() currently prefers the more flexible + implementations). + [Emilia Käsper, Adam Langley, Bodo Moeller (Google)] + + *) Use type ossl_ssize_t instad of ssize_t which isn't available on + all platforms. Move ssize_t definition from e_os.h to the public + header file e_os2.h as it now appears in public header file cms.h + [Steve Henson] + + *) New -sigopt option to the ca, req and x509 utilities. Additional + signature parameters can be passed using this option and in + particular PSS. + [Steve Henson] + + *) Add RSA PSS signing function. This will generate and set the + appropriate AlgorithmIdentifiers for PSS based on those in the + corresponding EVP_MD_CTX structure. No application support yet. + [Steve Henson] + + *) Support for companion algorithm specific ASN1 signing routines. + New function ASN1_item_sign_ctx() signs a pre-initialised + EVP_MD_CTX structure and sets AlgorithmIdentifiers based on + the appropriate parameters. + [Steve Henson] + + *) Add new algorithm specific ASN1 verification initialisation function + to EVP_PKEY_ASN1_METHOD: this is not in EVP_PKEY_METHOD since the ASN1 + handling will be the same no matter what EVP_PKEY_METHOD is used. + Add a PSS handler to support verification of PSS signatures: checked + against a number of sample certificates. + [Steve Henson] + + *) Add signature printing for PSS. Add PSS OIDs. + [Steve Henson, Martin Kaiser <lists@kaiser.cx>] + + *) Add algorithm specific signature printing. An individual ASN1 method + can now print out signatures instead of the standard hex dump. + + More complex signatures (e.g. PSS) can print out more meaningful + information. Include DSA version that prints out the signature + parameters r, s. + [Steve Henson] + + *) Password based recipient info support for CMS library: implementing + RFC3211. + [Steve Henson] + + *) Split password based encryption into PBES2 and PBKDF2 functions. This + neatly separates the code into cipher and PBE sections and is required + for some algorithms that split PBES2 into separate pieces (such as + password based CMS). + [Steve Henson] + + *) Session-handling fixes: + - Fix handling of connections that are resuming with a session ID, + but also support Session Tickets. + - Fix a bug that suppressed issuing of a new ticket if the client + presented a ticket with an expired session. + - Try to set the ticket lifetime hint to something reasonable. + - Make tickets shorter by excluding irrelevant information. + - On the client side, don't ignore renewed tickets. + [Adam Langley, Bodo Moeller (Google)] + + *) Fix PSK session representation. + [Bodo Moeller] + + *) Add RC4-MD5 and AESNI-SHA1 "stitched" implementations. + + This work was sponsored by Intel. + [Andy Polyakov] + + *) Add GCM support to TLS library. Some custom code is needed to split + the IV between the fixed (from PRF) and explicit (from TLS record) + portions. This adds all GCM ciphersuites supported by RFC5288 and + RFC5289. Generalise some AES* cipherstrings to inlclude GCM and + add a special AESGCM string for GCM only. + [Steve Henson] + + *) Expand range of ctrls for AES GCM. Permit setting invocation + field on decrypt and retrieval of invocation field only on encrypt. + [Steve Henson] + + *) Add HMAC ECC ciphersuites from RFC5289. Include SHA384 PRF support. + As required by RFC5289 these ciphersuites cannot be used if for + versions of TLS earlier than 1.2. + [Steve Henson] + + *) For FIPS capable OpenSSL interpret a NULL default public key method + as unset and return the appopriate default but do *not* set the default. + This means we can return the appopriate method in applications that + swicth between FIPS and non-FIPS modes. + [Steve Henson] + + *) Redirect HMAC and CMAC operations to FIPS module in FIPS mode. If an + ENGINE is used then we cannot handle that in the FIPS module so we + keep original code iff non-FIPS operations are allowed. + [Steve Henson] + + *) Add -attime option to openssl utilities. + [Peter Eckersley <pde@eff.org>, Ben Laurie and Steve Henson] + + *) Redirect DSA and DH operations to FIPS module in FIPS mode. + [Steve Henson] + + *) Redirect ECDSA and ECDH operations to FIPS module in FIPS mode. Also use + FIPS EC methods unconditionally for now. + [Steve Henson] + + *) New build option no-ec2m to disable characteristic 2 code. + [Steve Henson] + + *) Backport libcrypto audit of return value checking from 1.1.0-dev; not + all cases can be covered as some introduce binary incompatibilities. + [Steve Henson] + + *) Redirect RSA operations to FIPS module including keygen, + encrypt, decrypt, sign and verify. Block use of non FIPS RSA methods. + [Steve Henson] + + *) Add similar low level API blocking to ciphers. + [Steve Henson] + + *) Low level digest APIs are not approved in FIPS mode: any attempt + to use these will cause a fatal error. Applications that *really* want + to use them can use the private_* version instead. + [Steve Henson] + + *) Redirect cipher operations to FIPS module for FIPS builds. + [Steve Henson] + + *) Redirect digest operations to FIPS module for FIPS builds. + [Steve Henson] + + *) Update build system to add "fips" flag which will link in fipscanister.o + for static and shared library builds embedding a signature if needed. + [Steve Henson] + + *) Output TLS supported curves in preference order instead of numerical + order. This is currently hardcoded for the highest order curves first. + This should be configurable so applications can judge speed vs strength. + [Steve Henson] + + *) Add TLS v1.2 server support for client authentication. + [Steve Henson] + + *) Add support for FIPS mode in ssl library: disable SSLv3, non-FIPS ciphers + and enable MD5. + [Steve Henson] + + *) Functions FIPS_mode_set() and FIPS_mode() which call the underlying + FIPS modules versions. + [Steve Henson] + + *) Add TLS v1.2 client side support for client authentication. Keep cache + of handshake records longer as we don't know the hash algorithm to use + until after the certificate request message is received. + [Steve Henson] + + *) Initial TLS v1.2 client support. Add a default signature algorithms + extension including all the algorithms we support. Parse new signature + format in client key exchange. Relax some ECC signing restrictions for + TLS v1.2 as indicated in RFC5246. + [Steve Henson] + + *) Add server support for TLS v1.2 signature algorithms extension. Switch + to new signature format when needed using client digest preference. + All server ciphersuites should now work correctly in TLS v1.2. No client + support yet and no support for client certificates. + [Steve Henson] + + *) Initial TLS v1.2 support. Add new SHA256 digest to ssl code, switch + to SHA256 for PRF when using TLS v1.2 and later. Add new SHA256 based + ciphersuites. At present only RSA key exchange ciphersuites work with + TLS v1.2. Add new option for TLS v1.2 replacing the old and obsolete + SSL_OP_PKCS1_CHECK flags with SSL_OP_NO_TLSv1_2. New TLSv1.2 methods + and version checking. + [Steve Henson] + + *) New option OPENSSL_NO_SSL_INTERN. If an application can be compiled + with this defined it will not be affected by any changes to ssl internal + structures. Add several utility functions to allow openssl application + to work with OPENSSL_NO_SSL_INTERN defined. + [Steve Henson] + + *) Add SRP support. + [Tom Wu <tjw@cs.stanford.edu> and Ben Laurie] + + *) Add functions to copy EVP_PKEY_METHOD and retrieve flags and id. + [Steve Henson] + + *) Permit abbreviated handshakes when renegotiating using the function + SSL_renegotiate_abbreviated(). + [Robin Seggelmann <seggelmann@fh-muenster.de>] + + *) Add call to ENGINE_register_all_complete() to + ENGINE_load_builtin_engines(), so some implementations get used + automatically instead of needing explicit application support. + [Steve Henson] + + *) Add support for TLS key exporter as described in RFC5705. + [Robin Seggelmann <seggelmann@fh-muenster.de>, Steve Henson] + + *) Initial TLSv1.1 support. Since TLSv1.1 is very similar to TLS v1.0 only + a few changes are required: + + Add SSL_OP_NO_TLSv1_1 flag. + Add TLSv1_1 methods. + Update version checking logic to handle version 1.1. + Add explicit IV handling (ported from DTLS code). + Add command line options to s_client/s_server. + [Steve Henson] + + Changes between 1.0.0g and 1.0.0h [12 Mar 2012] *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness in CMS and PKCS7 code. When RSA decryption fails use a random key for @@ -53,7 +375,7 @@ Ivan Nestlerode <inestlerode@us.ibm.com> for discovering this bug. [Steve Henson] - Changes between 0.9.8s and 0.9.8t [18 Jan 2012] + Changes between 1.0.0f and 1.0.0g [18 Jan 2012] *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. Thanks to Antonio Martin, Enterprise Secure Access Research and @@ -61,6 +383,978 @@ preparing a fix. (CVE-2012-0050) [Antonio Martin] + Changes between 1.0.0e and 1.0.0f [4 Jan 2012] + + *) Nadhem Alfardan and Kenny Paterson have discovered an extension + of the Vaudenay padding oracle attack on CBC mode encryption + which enables an efficient plaintext recovery attack against + the OpenSSL implementation of DTLS. Their attack exploits timing + differences arising during decryption processing. A research + paper describing this attack can be found at: + http://www.isg.rhul.ac.uk/~kp/dtls.pdf + Thanks go to Nadhem Alfardan and Kenny Paterson of the Information + Security Group at Royal Holloway, University of London + (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann + <seggelmann@fh-muenster.de> and Michael Tuexen <tuexen@fh-muenster.de> + for preparing the fix. (CVE-2011-4108) + [Robin Seggelmann, Michael Tuexen] + + *) Clear bytes used for block padding of SSL 3.0 records. + (CVE-2011-4576) + [Adam Langley (Google)] + + *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George + Kadianakis <desnacked@gmail.com> for discovering this issue and + Adam Langley for preparing the fix. (CVE-2011-4619) + [Adam Langley (Google)] + + *) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027) + [Andrey Kulikov <amdeich@gmail.com>] + + *) Prevent malformed RFC3779 data triggering an assertion failure. + Thanks to Andrew Chi, BBN Technologies, for discovering the flaw + and Rob Austein <sra@hactrn.net> for fixing it. (CVE-2011-4577) + [Rob Austein <sra@hactrn.net>] + + *) Improved PRNG seeding for VOS. + [Paul Green <Paul.Green@stratus.com>] + + *) Fix ssl_ciph.c set-up race. + [Adam Langley (Google)] + + *) Fix spurious failures in ecdsatest.c. + [Emilia Käsper (Google)] + + *) Fix the BIO_f_buffer() implementation (which was mixing different + interpretations of the '..._len' fields). + [Adam Langley (Google)] + + *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than + BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent + threads won't reuse the same blinding coefficients. + + This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING + lock to call BN_BLINDING_invert_ex, and avoids one use of + BN_BLINDING_update for each BN_BLINDING structure (previously, + the last update always remained unused). + [Emilia Käsper (Google)] + + *) In ssl3_clear, preserve s3->init_extra along with s3->rbuf. + [Bob Buckholz (Google)] + + Changes between 1.0.0d and 1.0.0e [6 Sep 2011] + + *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted + by initialising X509_STORE_CTX properly. (CVE-2011-3207) + [Kaspar Brand <ossl@velox.ch>] + + *) Fix SSL memory handling for (EC)DH ciphersuites, in particular + for multi-threaded use of ECDH. (CVE-2011-3210) + [Adam Langley (Google)] + + *) Fix x509_name_ex_d2i memory leak on bad inputs. + [Bodo Moeller] + + *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check + signature public key algorithm by using OID xref utilities instead. + Before this you could only use some ECC ciphersuites with SHA1 only. + [Steve Henson] + + *) Add protection against ECDSA timing attacks as mentioned in the paper + by Billy Bob Brumley and Nicola Tuveri, see: + + http://eprint.iacr.org/2011/232.pdf + + [Billy Bob Brumley and Nicola Tuveri] + + Changes between 1.0.0c and 1.0.0d [8 Feb 2011] + + *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014 + [Neel Mehta, Adam Langley, Bodo Moeller (Google)] + + *) Fix bug in string printing code: if *any* escaping is enabled we must + escape the escape character (backslash) or the resulting string is + ambiguous. + [Steve Henson] + + Changes between 1.0.0b and 1.0.0c [2 Dec 2010] + + *) Disable code workaround for ancient and obsolete Netscape browsers + and servers: an attacker can use it in a ciphersuite downgrade attack. + Thanks to Martin Rex for discovering this bug. CVE-2010-4180 + [Steve Henson] + + *) Fixed J-PAKE implementation error, originally discovered by + Sebastien Martini, further info and confirmation from Stefan + Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252 + [Ben Laurie] + + Changes between 1.0.0a and 1.0.0b [16 Nov 2010] + + *) Fix extension code to avoid race conditions which can result in a buffer + overrun vulnerability: resumed sessions must not be modified as they can + be shared by multiple threads. CVE-2010-3864 + [Steve Henson] + + *) Fix WIN32 build system to correctly link an ENGINE directory into + a DLL. + [Steve Henson] + + Changes between 1.0.0 and 1.0.0a [01 Jun 2010] + + *) Check return value of int_rsa_verify in pkey_rsa_verifyrecover + (CVE-2010-1633) + [Steve Henson, Peter-Michael Hager <hager@dortmund.net>] + + Changes between 0.9.8n and 1.0.0 [29 Mar 2010] + + *) Add "missing" function EVP_CIPHER_CTX_copy(). This copies a cipher + context. The operation can be customised via the ctrl mechanism in + case ENGINEs want to include additional functionality. + [Steve Henson] + + *) Tolerate yet another broken PKCS#8 key format: private key value negative. + [Steve Henson] + + *) Add new -subject_hash_old and -issuer_hash_old options to x509 utility to + output hashes compatible with older versions of OpenSSL. + [Willy Weisz <weisz@vcpc.univie.ac.at>] + + *) Fix compression algorithm handling: if resuming a session use the + compression algorithm of the resumed session instead of determining + it from client hello again. Don't allow server to change algorithm. + [Steve Henson] + + *) Add load_crls() function to apps tidying load_certs() too. Add option + to verify utility to allow additional CRLs to be included. + [Steve Henson] + + *) Update OCSP request code to permit adding custom headers to the request: + some responders need this. + [Steve Henson] + + *) The function EVP_PKEY_sign() returns <=0 on error: check return code + correctly. + [Julia Lawall <julia@diku.dk>] + + *) Update verify callback code in apps/s_cb.c and apps/verify.c, it + needlessly dereferenced structures, used obsolete functions and + didn't handle all updated verify codes correctly. + [Steve Henson] + + *) Disable MD2 in the default configuration. + [Steve Henson] + + *) In BIO_pop() and BIO_push() use the ctrl argument (which was NULL) to + indicate the initial BIO being pushed or popped. This makes it possible + to determine whether the BIO is the one explicitly called or as a result + of the ctrl being passed down the chain. Fix BIO_pop() and SSL BIOs so + it handles reference counts correctly and doesn't zero out the I/O bio + when it is not being explicitly popped. WARNING: applications which + included workarounds for the old buggy behaviour will need to be modified + or they could free up already freed BIOs. + [Steve Henson] + + *) Extend the uni2asc/asc2uni => OPENSSL_uni2asc/OPENSSL_asc2uni + renaming to all platforms (within the 0.9.8 branch, this was + done conditionally on Netware platforms to avoid a name clash). + [Guenter <lists@gknw.net>] + + *) Add ECDHE and PSK support to DTLS. + [Michael Tuexen <tuexen@fh-muenster.de>] + + *) Add CHECKED_STACK_OF macro to safestack.h, otherwise safestack can't + be used on C++. + [Steve Henson] + + *) Add "missing" function EVP_MD_flags() (without this the only way to + retrieve a digest flags is by accessing the structure directly. Update + EVP_MD_do_all*() and EVP_CIPHER_do_all*() to include the name a digest + or cipher is registered as in the "from" argument. Print out all + registered digests in the dgst usage message instead of manually + attempting to work them out. + [Steve Henson] + + *) If no SSLv2 ciphers are used don't use an SSLv2 compatible client hello: + this allows the use of compression and extensions. Change default cipher + string to remove SSLv2 ciphersuites. This effectively avoids ancient SSLv2 + by default unless an application cipher string requests it. + [Steve Henson] + + *) Alter match criteria in PKCS12_parse(). It used to try to use local + key ids to find matching certificates and keys but some PKCS#12 files + don't follow the (somewhat unwritten) rules and this strategy fails. + Now just gather all certificates together and the first private key + then look for the first certificate that matches the key. + [Steve Henson] + + *) Support use of registered digest and cipher names for dgst and cipher + commands instead of having to add each one as a special case. So now + you can do: + + openssl sha256 foo + + as well as: + + openssl dgst -sha256 foo + + and this works for ENGINE based algorithms too. + + [Steve Henson] + + *) Update Gost ENGINE to support parameter files. + [Victor B. Wagner <vitus@cryptocom.ru>] + + *) Support GeneralizedTime in ca utility. + [Oliver Martin <oliver@volatilevoid.net>, Steve Henson] + + *) Enhance the hash format used for certificate directory links. The new + form uses the canonical encoding (meaning equivalent names will work + even if they aren't identical) and uses SHA1 instead of MD5. This form + is incompatible with the older format and as a result c_rehash should + be used to rebuild symbolic links. + [Steve Henson] + + *) Make PKCS#8 the default write format for private keys, replacing the + traditional format. This form is standardised, more secure and doesn't + include an implicit MD5 dependency. + [Steve Henson] + + *) Add a $gcc_devteam_warn option to Configure. The idea is that any code + committed to OpenSSL should pass this lot as a minimum. + [Steve Henson] + + *) Add session ticket override functionality for use by EAP-FAST. + [Jouni Malinen <j@w1.fi>] + + *) Modify HMAC functions to return a value. Since these can be implemented + in an ENGINE errors can occur. + [Steve Henson] + + *) Type-checked OBJ_bsearch_ex. + [Ben Laurie] + + *) Type-checked OBJ_bsearch. Also some constification necessitated + by type-checking. Still to come: TXT_DB, bsearch(?), + OBJ_bsearch_ex, qsort, CRYPTO_EX_DATA, ASN1_VALUE, ASN1_STRING, + CONF_VALUE. + [Ben Laurie] + + *) New function OPENSSL_gmtime_adj() to add a specific number of days and + seconds to a tm structure directly, instead of going through OS + specific date routines. This avoids any issues with OS routines such + as the year 2038 bug. New *_adj() functions for ASN1 time structures + and X509_time_adj_ex() to cover the extended range. The existing + X509_time_adj() is still usable and will no longer have any date issues. + [Steve Henson] + + *) Delta CRL support. New use deltas option which will attempt to locate + and search any appropriate delta CRLs available. + + This work was sponsored by Google. + [Steve Henson] + + *) Support for CRLs partitioned by reason code. Reorganise CRL processing + code and add additional score elements. Validate alternate CRL paths + as part of the CRL checking and indicate a new error "CRL path validation + error" in this case. Applications wanting additional details can use + the verify callback and check the new "parent" field. If this is not + NULL CRL path validation is taking place. Existing applications wont + see this because it requires extended CRL support which is off by + default. + + This work was sponsored by Google. + [Steve Henson] + + *) Support for freshest CRL extension. + + This work was sponsored by Google. + [Steve Henson] + + *) Initial indirect CRL support. Currently only supported in the CRLs + passed directly and not via lookup. Process certificate issuer + CRL entry extension and lookup CRL entries by bother issuer name + and serial number. Check and process CRL issuer entry in IDP extension. + + This work was sponsored by Google. + [Steve Henson] + + *) Add support for distinct certificate and CRL paths. The CRL issuer + certificate is validated separately in this case. Only enabled if + an extended CRL support flag is set: this flag will enable additional + CRL functionality in future. + + This work was sponsored by Google. + [Steve Henson] + + *) Add support for policy mappings extension. + + This work was sponsored by Google. + [Steve Henson] + + *) Fixes to pathlength constraint, self issued certificate handling, + policy processing to align with RFC3280 and PKITS tests. + + This work was sponsored by Google. + [Steve Henson] + + *) Support for name constraints certificate extension. DN, email, DNS + and URI types are currently supported. + + This work was sponsored by Google. + [Steve Henson] + + *) To cater for systems that provide a pointer-based thread ID rather + than numeric, deprecate the current numeric thread ID mechanism and + replace it with a structure and associated callback type. This + mechanism allows a numeric "hash" to be extracted from a thread ID in + either case, and on platforms where pointers are larger than 'long', + mixing is done to help ensure the numeric 'hash' is usable even if it + can't be guaranteed unique. The default mechanism is to use "&errno" + as a pointer-based thread ID to distinguish between threads. + + Applications that want to provide their own thread IDs should now use + CRYPTO_THREADID_set_callback() to register a callback that will call + either CRYPTO_THREADID_set_numeric() or CRYPTO_THREADID_set_pointer(). + + Note that ERR_remove_state() is now deprecated, because it is tied + to the assumption that thread IDs are numeric. ERR_remove_state(0) + to free the current thread's error state should be replaced by + ERR_remove_thread_state(NULL). + + (This new approach replaces the functions CRYPTO_set_idptr_callback(), + CRYPTO_get_idptr_callback(), and CRYPTO_thread_idptr() that existed in + OpenSSL 0.9.9-dev between June 2006 and August 2008. Also, if an + application was previously providing a numeric thread callback that + was inappropriate for distinguishing threads, then uniqueness might + have been obtained with &errno that happened immediately in the + intermediate development versions of OpenSSL; this is no longer the + case, the numeric thread callback will now override the automatic use + of &errno.) + [Geoff Thorpe, with help from Bodo Moeller] + + *) Initial support for different CRL issuing certificates. This covers a + simple case where the self issued certificates in the chain exist and + the real CRL issuer is higher in the existing chain. + + This work was sponsored by Google. + [Steve Henson] + + *) Removed effectively defunct crypto/store from the build. + [Ben Laurie] + + *) Revamp of STACK to provide stronger type-checking. Still to come: + TXT_DB, bsearch(?), OBJ_bsearch, qsort, CRYPTO_EX_DATA, ASN1_VALUE, + ASN1_STRING, CONF_VALUE. + [Ben Laurie] + + *) Add a new SSL_MODE_RELEASE_BUFFERS mode flag to release unused buffer + RAM on SSL connections. This option can save about 34k per idle SSL. + [Nick Mathewson] + + *) Revamp of LHASH to provide stronger type-checking. Still to come: + STACK, TXT_DB, bsearch, qsort. + [Ben Laurie] + + *) Initial support for Cryptographic Message Syntax (aka CMS) based + on RFC3850, RFC3851 and RFC3852. New cms directory and cms utility, + support for data, signedData, compressedData, digestedData and + encryptedData, envelopedData types included. Scripts to check against + RFC4134 examples draft and interop and consistency checks of many + content types and variants. + [Steve Henson] + + *) Add options to enc utility to support use of zlib compression BIO. + [Steve Henson] + + *) Extend mk1mf to support importing of options and assembly language + files from Configure script, currently only included in VC-WIN32. + The assembly language rules can now optionally generate the source + files from the associated perl scripts. + [Steve Henson] + + *) Implement remaining functionality needed to support GOST ciphersuites. + Interop testing has been performed using CryptoPro implementations. + [Victor B. Wagner <vitus@cryptocom.ru>] + + *) s390x assembler pack. + [Andy Polyakov] + + *) ARMv4 assembler pack. ARMv4 refers to v4 and later ISA, not CPU + "family." + [Andy Polyakov] + + *) Implement Opaque PRF Input TLS extension as specified in + draft-rescorla-tls-opaque-prf-input-00.txt. Since this is not an + official specification yet and no extension type assignment by + IANA exists, this extension (for now) will have to be explicitly + enabled when building OpenSSL by providing the extension number + to use. For example, specify an option + + -DTLSEXT_TYPE_opaque_prf_input=0x9527 + + to the "config" or "Configure" script to enable the extension, + assuming extension number 0x9527 (which is a completely arbitrary + and unofficial assignment based on the MD5 hash of the Internet + Draft). Note that by doing so, you potentially lose + interoperability with other TLS implementations since these might + be using the same extension number for other purposes. + + SSL_set_tlsext_opaque_prf_input(ssl, src, len) is used to set the + opaque PRF input value to use in the handshake. This will create + an interal copy of the length-'len' string at 'src', and will + return non-zero for success. + + To get more control and flexibility, provide a callback function + by using + + SSL_CTX_set_tlsext_opaque_prf_input_callback(ctx, cb) + SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(ctx, arg) + + where + + int (*cb)(SSL *, void *peerinput, size_t len, void *arg); + void *arg; + + Callback function 'cb' will be called in handshakes, and is + expected to use SSL_set_tlsext_opaque_prf_input() as appropriate. + Argument 'arg' is for application purposes (the value as given to + SSL_CTX_set_tlsext_opaque_prf_input_callback_arg() will directly + be provided to the callback function). The callback function + has to return non-zero to report success: usually 1 to use opaque + PRF input just if possible, or 2 to enforce use of the opaque PRF + input. In the latter case, the library will abort the handshake + if opaque PRF input is not successfully negotiated. + + Arguments 'peerinput' and 'len' given to the callback function + will always be NULL and 0 in the case of a client. A server will + see the client's opaque PRF input through these variables if + available (NULL and 0 otherwise). Note that if the server + provides an opaque PRF input, the length must be the same as the + length of the client's opaque PRF input. + + Note that the callback function will only be called when creating + a new session (session resumption can resume whatever was + previously negotiated), and will not be called in SSL 2.0 + handshakes; thus, SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2) or + SSL_set_options(ssl, SSL_OP_NO_SSLv2) is especially recommended + for applications that need to enforce opaque PRF input. + + [Bodo Moeller] + + *) Update ssl code to support digests other than SHA1+MD5 for handshake + MAC. + + [Victor B. Wagner <vitus@cryptocom.ru>] + + *) Add RFC4507 support to OpenSSL. This includes the corrections in + RFC4507bis. The encrypted ticket format is an encrypted encoded + SSL_SESSION structure, that way new session features are automatically + supported. + + If a client application caches session in an SSL_SESSION structure + support is transparent because tickets are now stored in the encoded + SSL_SESSION. + + The SSL_CTX structure automatically generates keys for ticket + protection in servers so again support should be possible + with no application modification. + + If a client or server wishes to disable RFC4507 support then the option + SSL_OP_NO_TICKET can be set. + + Add a TLS extension debugging callback to allow the contents of any client + or server extensions to be examined. + + This work was sponsored by Google. + [Steve Henson] + + *) Final changes to avoid use of pointer pointer casts in OpenSSL. + OpenSSL should now compile cleanly on gcc 4.2 + [Peter Hartley <pdh@utter.chaos.org.uk>, Steve Henson] + + *) Update SSL library to use new EVP_PKEY MAC API. Include generic MAC + support including streaming MAC support: this is required for GOST + ciphersuite support. + [Victor B. Wagner <vitus@cryptocom.ru>, Steve Henson] + + *) Add option -stream to use PKCS#7 streaming in smime utility. New + function i2d_PKCS7_bio_stream() and PEM_write_PKCS7_bio_stream() + to output in BER and PEM format. + [Steve Henson] + + *) Experimental support for use of HMAC via EVP_PKEY interface. This + allows HMAC to be handled via the EVP_DigestSign*() interface. The + EVP_PKEY "key" in this case is the HMAC key, potentially allowing + ENGINE support for HMAC keys which are unextractable. New -mac and + -macopt options to dgst utility. + [Steve Henson] + + *) New option -sigopt to dgst utility. Update dgst to use + EVP_Digest{Sign,Verify}*. These two changes make it possible to use + alternative signing paramaters such as X9.31 or PSS in the dgst + utility. + [Steve Henson] + + *) Change ssl_cipher_apply_rule(), the internal function that does + the work each time a ciphersuite string requests enabling + ("foo+bar"), moving ("+foo+bar"), disabling ("-foo+bar", or + removing ("!foo+bar") a class of ciphersuites: Now it maintains + the order of disabled ciphersuites such that those ciphersuites + that most recently went from enabled to disabled not only stay + in order with respect to each other, but also have higher priority + than other disabled ciphersuites the next time ciphersuites are + enabled again. + + This means that you can now say, e.g., "PSK:-PSK:HIGH" to enable + the same ciphersuites as with "HIGH" alone, but in a specific + order where the PSK ciphersuites come first (since they are the + most recently disabled ciphersuites when "HIGH" is parsed). + + Also, change ssl_create_cipher_list() (using this new + funcionality) such that between otherwise identical + cihpersuites, ephemeral ECDH is preferred over ephemeral DH in + the default order. + [Bodo Moeller] + + *) Change ssl_create_cipher_list() so that it automatically + arranges the ciphersuites in reasonable order before starting + to process the rule string. Thus, the definition for "DEFAULT" + (SSL_DEFAULT_CIPHER_LIST) now is just "ALL:!aNULL:!eNULL", but + remains equivalent to "AES:ALL:!aNULL:!eNULL:+aECDH:+kRSA:+RC4:@STRENGTH". + This makes it much easier to arrive at a reasonable default order + in applications for which anonymous ciphers are OK (meaning + that you can't actually use DEFAULT). + [Bodo Moeller; suggested by Victor Duchovni] + + *) Split the SSL/TLS algorithm mask (as used for ciphersuite string + processing) into multiple integers instead of setting + "SSL_MKEY_MASK" bits, "SSL_AUTH_MASK" bits, "SSL_ENC_MASK", + "SSL_MAC_MASK", and "SSL_SSL_MASK" bits all in a single integer. + (These masks as well as the individual bit definitions are hidden + away into the non-exported interface ssl/ssl_locl.h, so this + change to the definition of the SSL_CIPHER structure shouldn't + affect applications.) This give us more bits for each of these + categories, so there is no longer a need to coagulate AES128 and + AES256 into a single algorithm bit, and to coagulate Camellia128 + and Camellia256 into a single algorithm bit, which has led to all + kinds of kludges. + + Thus, among other things, the kludge introduced in 0.9.7m and + 0.9.8e for masking out AES256 independently of AES128 or masking + out Camellia256 independently of AES256 is not needed here in 0.9.9. + + With the change, we also introduce new ciphersuite aliases that + so far were missing: "AES128", "AES256", "CAMELLIA128", and + "CAMELLIA256". + [Bodo Moeller] + + *) Add support for dsa-with-SHA224 and dsa-with-SHA256. + Use the leftmost N bytes of the signature input if the input is + larger than the prime q (with N being the size in bytes of q). + [Nils Larsch] + + *) Very *very* experimental PKCS#7 streaming encoder support. Nothing uses + it yet and it is largely untested. + [Steve Henson] + + *) Add support for the ecdsa-with-SHA224/256/384/512 signature types. + [Nils Larsch] + *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201207121930.q6CJUu97025034>