Date: Wed, 15 Oct 2014 20:28:32 +0000 (UTC) From: Jung-uk Kim <jkim@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r273151 - in stable: 8/crypto/openssl 8/crypto/openssl/apps 8/crypto/openssl/crypto 8/crypto/openssl/crypto/bn 8/crypto/openssl/crypto/bn/asm 8/crypto/openssl/crypto/ec 8/crypto/openssl... Message-ID: <201410152028.s9FKSWSc044057@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jkim Date: Wed Oct 15 20:28:31 2014 New Revision: 273151 URL: https://svnweb.freebsd.org/changeset/base/273151 Log: Merge OpenSSL 0.9.8zc. Added: stable/8/crypto/openssl/crypto/constant_time_locl.h - copied unchanged from r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_locl.h stable/8/crypto/openssl/crypto/constant_time_test.c - copied unchanged from r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_test.c stable/8/crypto/openssl/test/constant_time_test.c - copied unchanged from r273140, vendor-crypto/openssl/dist-0.9.8/test/constant_time_test.c Modified: stable/8/crypto/openssl/CHANGES stable/8/crypto/openssl/Makefile stable/8/crypto/openssl/NEWS stable/8/crypto/openssl/README stable/8/crypto/openssl/apps/s_client.c stable/8/crypto/openssl/crypto/LPdir_vms.c stable/8/crypto/openssl/crypto/LPdir_win.c stable/8/crypto/openssl/crypto/Makefile stable/8/crypto/openssl/crypto/bn/asm/x86_64-gcc.c stable/8/crypto/openssl/crypto/bn/bn_exp.c stable/8/crypto/openssl/crypto/bn/exptest.c stable/8/crypto/openssl/crypto/ec/ec_key.c stable/8/crypto/openssl/crypto/ec/ecp_smpl.c stable/8/crypto/openssl/crypto/err/openssl.ec stable/8/crypto/openssl/crypto/evp/Makefile stable/8/crypto/openssl/crypto/evp/evp_enc.c stable/8/crypto/openssl/crypto/opensslv.h stable/8/crypto/openssl/crypto/rsa/Makefile stable/8/crypto/openssl/crypto/rsa/rsa.h stable/8/crypto/openssl/crypto/rsa/rsa_err.c stable/8/crypto/openssl/crypto/rsa/rsa_oaep.c stable/8/crypto/openssl/crypto/rsa/rsa_pk1.c stable/8/crypto/openssl/crypto/rsa/rsa_sign.c stable/8/crypto/openssl/doc/apps/s_client.pod stable/8/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod stable/8/crypto/openssl/e_os.h stable/8/crypto/openssl/openssl.spec stable/8/crypto/openssl/ssl/Makefile stable/8/crypto/openssl/ssl/d1_lib.c stable/8/crypto/openssl/ssl/dtls1.h stable/8/crypto/openssl/ssl/s23_clnt.c stable/8/crypto/openssl/ssl/s23_srvr.c stable/8/crypto/openssl/ssl/s2_lib.c stable/8/crypto/openssl/ssl/s3_cbc.c stable/8/crypto/openssl/ssl/s3_clnt.c stable/8/crypto/openssl/ssl/s3_enc.c stable/8/crypto/openssl/ssl/s3_lib.c stable/8/crypto/openssl/ssl/s3_pkt.c stable/8/crypto/openssl/ssl/s3_srvr.c stable/8/crypto/openssl/ssl/ssl.h stable/8/crypto/openssl/ssl/ssl3.h stable/8/crypto/openssl/ssl/ssl_err.c stable/8/crypto/openssl/ssl/ssl_lib.c stable/8/crypto/openssl/ssl/t1_enc.c stable/8/crypto/openssl/ssl/t1_lib.c stable/8/crypto/openssl/ssl/tls1.h stable/8/crypto/openssl/test/Makefile stable/8/secure/lib/libcrypto/Makefile.inc stable/8/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 stable/8/secure/lib/libcrypto/man/ASN1_STRING_length.3 stable/8/secure/lib/libcrypto/man/ASN1_STRING_new.3 stable/8/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 stable/8/secure/lib/libcrypto/man/ASN1_generate_nconf.3 stable/8/secure/lib/libcrypto/man/BIO_ctrl.3 stable/8/secure/lib/libcrypto/man/BIO_f_base64.3 stable/8/secure/lib/libcrypto/man/BIO_f_buffer.3 stable/8/secure/lib/libcrypto/man/BIO_f_cipher.3 stable/8/secure/lib/libcrypto/man/BIO_f_md.3 stable/8/secure/lib/libcrypto/man/BIO_f_null.3 stable/8/secure/lib/libcrypto/man/BIO_f_ssl.3 stable/8/secure/lib/libcrypto/man/BIO_find_type.3 stable/8/secure/lib/libcrypto/man/BIO_new.3 stable/8/secure/lib/libcrypto/man/BIO_push.3 stable/8/secure/lib/libcrypto/man/BIO_read.3 stable/8/secure/lib/libcrypto/man/BIO_s_accept.3 stable/8/secure/lib/libcrypto/man/BIO_s_bio.3 stable/8/secure/lib/libcrypto/man/BIO_s_connect.3 stable/8/secure/lib/libcrypto/man/BIO_s_fd.3 stable/8/secure/lib/libcrypto/man/BIO_s_file.3 stable/8/secure/lib/libcrypto/man/BIO_s_mem.3 stable/8/secure/lib/libcrypto/man/BIO_s_null.3 stable/8/secure/lib/libcrypto/man/BIO_s_socket.3 stable/8/secure/lib/libcrypto/man/BIO_set_callback.3 stable/8/secure/lib/libcrypto/man/BIO_should_retry.3 stable/8/secure/lib/libcrypto/man/BN_BLINDING_new.3 stable/8/secure/lib/libcrypto/man/BN_CTX_new.3 stable/8/secure/lib/libcrypto/man/BN_CTX_start.3 stable/8/secure/lib/libcrypto/man/BN_add.3 stable/8/secure/lib/libcrypto/man/BN_add_word.3 stable/8/secure/lib/libcrypto/man/BN_bn2bin.3 stable/8/secure/lib/libcrypto/man/BN_cmp.3 stable/8/secure/lib/libcrypto/man/BN_copy.3 stable/8/secure/lib/libcrypto/man/BN_generate_prime.3 stable/8/secure/lib/libcrypto/man/BN_mod_inverse.3 stable/8/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 stable/8/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 stable/8/secure/lib/libcrypto/man/BN_new.3 stable/8/secure/lib/libcrypto/man/BN_num_bytes.3 stable/8/secure/lib/libcrypto/man/BN_rand.3 stable/8/secure/lib/libcrypto/man/BN_set_bit.3 stable/8/secure/lib/libcrypto/man/BN_swap.3 stable/8/secure/lib/libcrypto/man/BN_zero.3 stable/8/secure/lib/libcrypto/man/CONF_modules_free.3 stable/8/secure/lib/libcrypto/man/CONF_modules_load_file.3 stable/8/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 stable/8/secure/lib/libcrypto/man/DH_generate_key.3 stable/8/secure/lib/libcrypto/man/DH_generate_parameters.3 stable/8/secure/lib/libcrypto/man/DH_get_ex_new_index.3 stable/8/secure/lib/libcrypto/man/DH_new.3 stable/8/secure/lib/libcrypto/man/DH_set_method.3 stable/8/secure/lib/libcrypto/man/DH_size.3 stable/8/secure/lib/libcrypto/man/DSA_SIG_new.3 stable/8/secure/lib/libcrypto/man/DSA_do_sign.3 stable/8/secure/lib/libcrypto/man/DSA_dup_DH.3 stable/8/secure/lib/libcrypto/man/DSA_generate_key.3 stable/8/secure/lib/libcrypto/man/DSA_generate_parameters.3 stable/8/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 stable/8/secure/lib/libcrypto/man/DSA_new.3 stable/8/secure/lib/libcrypto/man/DSA_set_method.3 stable/8/secure/lib/libcrypto/man/DSA_sign.3 stable/8/secure/lib/libcrypto/man/DSA_size.3 stable/8/secure/lib/libcrypto/man/ERR_GET_LIB.3 stable/8/secure/lib/libcrypto/man/ERR_clear_error.3 stable/8/secure/lib/libcrypto/man/ERR_error_string.3 stable/8/secure/lib/libcrypto/man/ERR_get_error.3 stable/8/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 stable/8/secure/lib/libcrypto/man/ERR_load_strings.3 stable/8/secure/lib/libcrypto/man/ERR_print_errors.3 stable/8/secure/lib/libcrypto/man/ERR_put_error.3 stable/8/secure/lib/libcrypto/man/ERR_remove_state.3 stable/8/secure/lib/libcrypto/man/ERR_set_mark.3 stable/8/secure/lib/libcrypto/man/EVP_BytesToKey.3 stable/8/secure/lib/libcrypto/man/EVP_DigestInit.3 stable/8/secure/lib/libcrypto/man/EVP_EncryptInit.3 stable/8/secure/lib/libcrypto/man/EVP_OpenInit.3 stable/8/secure/lib/libcrypto/man/EVP_PKEY_new.3 stable/8/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 stable/8/secure/lib/libcrypto/man/EVP_SealInit.3 stable/8/secure/lib/libcrypto/man/EVP_SignInit.3 stable/8/secure/lib/libcrypto/man/EVP_VerifyInit.3 stable/8/secure/lib/libcrypto/man/OBJ_nid2obj.3 stable/8/secure/lib/libcrypto/man/OPENSSL_Applink.3 stable/8/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 stable/8/secure/lib/libcrypto/man/OPENSSL_config.3 stable/8/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 stable/8/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 stable/8/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 stable/8/secure/lib/libcrypto/man/PKCS12_create.3 stable/8/secure/lib/libcrypto/man/PKCS12_parse.3 stable/8/secure/lib/libcrypto/man/PKCS7_decrypt.3 stable/8/secure/lib/libcrypto/man/PKCS7_encrypt.3 stable/8/secure/lib/libcrypto/man/PKCS7_sign.3 stable/8/secure/lib/libcrypto/man/PKCS7_verify.3 stable/8/secure/lib/libcrypto/man/RAND_add.3 stable/8/secure/lib/libcrypto/man/RAND_bytes.3 stable/8/secure/lib/libcrypto/man/RAND_cleanup.3 stable/8/secure/lib/libcrypto/man/RAND_egd.3 stable/8/secure/lib/libcrypto/man/RAND_load_file.3 stable/8/secure/lib/libcrypto/man/RAND_set_rand_method.3 stable/8/secure/lib/libcrypto/man/RSA_blinding_on.3 stable/8/secure/lib/libcrypto/man/RSA_check_key.3 stable/8/secure/lib/libcrypto/man/RSA_generate_key.3 stable/8/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 stable/8/secure/lib/libcrypto/man/RSA_new.3 stable/8/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 stable/8/secure/lib/libcrypto/man/RSA_print.3 stable/8/secure/lib/libcrypto/man/RSA_private_encrypt.3 stable/8/secure/lib/libcrypto/man/RSA_public_encrypt.3 stable/8/secure/lib/libcrypto/man/RSA_set_method.3 stable/8/secure/lib/libcrypto/man/RSA_sign.3 stable/8/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 stable/8/secure/lib/libcrypto/man/RSA_size.3 stable/8/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 stable/8/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 stable/8/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 stable/8/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 stable/8/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 stable/8/secure/lib/libcrypto/man/X509_NAME_print_ex.3 stable/8/secure/lib/libcrypto/man/X509_new.3 stable/8/secure/lib/libcrypto/man/bio.3 stable/8/secure/lib/libcrypto/man/blowfish.3 stable/8/secure/lib/libcrypto/man/bn.3 stable/8/secure/lib/libcrypto/man/bn_internal.3 stable/8/secure/lib/libcrypto/man/buffer.3 stable/8/secure/lib/libcrypto/man/crypto.3 stable/8/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 stable/8/secure/lib/libcrypto/man/d2i_DHparams.3 stable/8/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 stable/8/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 stable/8/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 stable/8/secure/lib/libcrypto/man/d2i_X509.3 stable/8/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 stable/8/secure/lib/libcrypto/man/d2i_X509_CRL.3 stable/8/secure/lib/libcrypto/man/d2i_X509_NAME.3 stable/8/secure/lib/libcrypto/man/d2i_X509_REQ.3 stable/8/secure/lib/libcrypto/man/d2i_X509_SIG.3 stable/8/secure/lib/libcrypto/man/des.3 stable/8/secure/lib/libcrypto/man/dh.3 stable/8/secure/lib/libcrypto/man/dsa.3 stable/8/secure/lib/libcrypto/man/ecdsa.3 stable/8/secure/lib/libcrypto/man/engine.3 stable/8/secure/lib/libcrypto/man/err.3 stable/8/secure/lib/libcrypto/man/evp.3 stable/8/secure/lib/libcrypto/man/hmac.3 stable/8/secure/lib/libcrypto/man/lh_stats.3 stable/8/secure/lib/libcrypto/man/lhash.3 stable/8/secure/lib/libcrypto/man/md5.3 stable/8/secure/lib/libcrypto/man/mdc2.3 stable/8/secure/lib/libcrypto/man/pem.3 stable/8/secure/lib/libcrypto/man/rand.3 stable/8/secure/lib/libcrypto/man/rc4.3 stable/8/secure/lib/libcrypto/man/ripemd.3 stable/8/secure/lib/libcrypto/man/rsa.3 stable/8/secure/lib/libcrypto/man/sha.3 stable/8/secure/lib/libcrypto/man/threads.3 stable/8/secure/lib/libcrypto/man/ui.3 stable/8/secure/lib/libcrypto/man/ui_compat.3 stable/8/secure/lib/libcrypto/man/x509.3 stable/8/secure/lib/libssl/man/SSL_CIPHER_get_name.3 stable/8/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 stable/8/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 stable/8/secure/lib/libssl/man/SSL_CTX_add_session.3 stable/8/secure/lib/libssl/man/SSL_CTX_ctrl.3 stable/8/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 stable/8/secure/lib/libssl/man/SSL_CTX_free.3 stable/8/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 stable/8/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 stable/8/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 stable/8/secure/lib/libssl/man/SSL_CTX_new.3 stable/8/secure/lib/libssl/man/SSL_CTX_sess_number.3 stable/8/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 stable/8/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_sessions.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_mode.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_options.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_timeout.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_verify.3 stable/8/secure/lib/libssl/man/SSL_CTX_use_certificate.3 stable/8/secure/lib/libssl/man/SSL_SESSION_free.3 stable/8/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 stable/8/secure/lib/libssl/man/SSL_SESSION_get_time.3 stable/8/secure/lib/libssl/man/SSL_accept.3 stable/8/secure/lib/libssl/man/SSL_alert_type_string.3 stable/8/secure/lib/libssl/man/SSL_clear.3 stable/8/secure/lib/libssl/man/SSL_connect.3 stable/8/secure/lib/libssl/man/SSL_do_handshake.3 stable/8/secure/lib/libssl/man/SSL_free.3 stable/8/secure/lib/libssl/man/SSL_get_SSL_CTX.3 stable/8/secure/lib/libssl/man/SSL_get_ciphers.3 stable/8/secure/lib/libssl/man/SSL_get_client_CA_list.3 stable/8/secure/lib/libssl/man/SSL_get_current_cipher.3 stable/8/secure/lib/libssl/man/SSL_get_default_timeout.3 stable/8/secure/lib/libssl/man/SSL_get_error.3 stable/8/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 stable/8/secure/lib/libssl/man/SSL_get_ex_new_index.3 stable/8/secure/lib/libssl/man/SSL_get_fd.3 stable/8/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 stable/8/secure/lib/libssl/man/SSL_get_peer_certificate.3 stable/8/secure/lib/libssl/man/SSL_get_rbio.3 stable/8/secure/lib/libssl/man/SSL_get_session.3 stable/8/secure/lib/libssl/man/SSL_get_verify_result.3 stable/8/secure/lib/libssl/man/SSL_get_version.3 stable/8/secure/lib/libssl/man/SSL_library_init.3 stable/8/secure/lib/libssl/man/SSL_load_client_CA_file.3 stable/8/secure/lib/libssl/man/SSL_new.3 stable/8/secure/lib/libssl/man/SSL_pending.3 stable/8/secure/lib/libssl/man/SSL_read.3 stable/8/secure/lib/libssl/man/SSL_rstate_string.3 stable/8/secure/lib/libssl/man/SSL_session_reused.3 stable/8/secure/lib/libssl/man/SSL_set_bio.3 stable/8/secure/lib/libssl/man/SSL_set_connect_state.3 stable/8/secure/lib/libssl/man/SSL_set_fd.3 stable/8/secure/lib/libssl/man/SSL_set_session.3 stable/8/secure/lib/libssl/man/SSL_set_shutdown.3 stable/8/secure/lib/libssl/man/SSL_set_verify_result.3 stable/8/secure/lib/libssl/man/SSL_shutdown.3 stable/8/secure/lib/libssl/man/SSL_state_string.3 stable/8/secure/lib/libssl/man/SSL_want.3 stable/8/secure/lib/libssl/man/SSL_write.3 stable/8/secure/lib/libssl/man/d2i_SSL_SESSION.3 stable/8/secure/lib/libssl/man/ssl.3 stable/8/secure/usr.bin/openssl/man/CA.pl.1 stable/8/secure/usr.bin/openssl/man/asn1parse.1 stable/8/secure/usr.bin/openssl/man/ca.1 stable/8/secure/usr.bin/openssl/man/ciphers.1 stable/8/secure/usr.bin/openssl/man/crl.1 stable/8/secure/usr.bin/openssl/man/crl2pkcs7.1 stable/8/secure/usr.bin/openssl/man/dgst.1 stable/8/secure/usr.bin/openssl/man/dhparam.1 stable/8/secure/usr.bin/openssl/man/dsa.1 stable/8/secure/usr.bin/openssl/man/dsaparam.1 stable/8/secure/usr.bin/openssl/man/ec.1 stable/8/secure/usr.bin/openssl/man/ecparam.1 stable/8/secure/usr.bin/openssl/man/enc.1 stable/8/secure/usr.bin/openssl/man/errstr.1 stable/8/secure/usr.bin/openssl/man/gendsa.1 stable/8/secure/usr.bin/openssl/man/genrsa.1 stable/8/secure/usr.bin/openssl/man/nseq.1 stable/8/secure/usr.bin/openssl/man/ocsp.1 stable/8/secure/usr.bin/openssl/man/openssl.1 stable/8/secure/usr.bin/openssl/man/passwd.1 stable/8/secure/usr.bin/openssl/man/pkcs12.1 stable/8/secure/usr.bin/openssl/man/pkcs7.1 stable/8/secure/usr.bin/openssl/man/pkcs8.1 stable/8/secure/usr.bin/openssl/man/rand.1 stable/8/secure/usr.bin/openssl/man/req.1 stable/8/secure/usr.bin/openssl/man/rsa.1 stable/8/secure/usr.bin/openssl/man/rsautl.1 stable/8/secure/usr.bin/openssl/man/s_client.1 stable/8/secure/usr.bin/openssl/man/s_server.1 stable/8/secure/usr.bin/openssl/man/s_time.1 stable/8/secure/usr.bin/openssl/man/sess_id.1 stable/8/secure/usr.bin/openssl/man/smime.1 stable/8/secure/usr.bin/openssl/man/speed.1 stable/8/secure/usr.bin/openssl/man/spkac.1 stable/8/secure/usr.bin/openssl/man/verify.1 stable/8/secure/usr.bin/openssl/man/version.1 stable/8/secure/usr.bin/openssl/man/x509.1 stable/8/secure/usr.bin/openssl/man/x509v3_config.1 Directory Properties: stable/8/crypto/openssl/ (props changed) Changes in other areas also in this revision: Added: stable/9/crypto/openssl/crypto/constant_time_locl.h - copied unchanged from r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_locl.h stable/9/crypto/openssl/crypto/constant_time_test.c - copied unchanged from r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_test.c stable/9/crypto/openssl/test/constant_time_test.c - copied unchanged from r273140, vendor-crypto/openssl/dist-0.9.8/test/constant_time_test.c Modified: stable/9/crypto/openssl/CHANGES stable/9/crypto/openssl/Makefile stable/9/crypto/openssl/NEWS stable/9/crypto/openssl/README stable/9/crypto/openssl/apps/s_client.c stable/9/crypto/openssl/crypto/LPdir_vms.c stable/9/crypto/openssl/crypto/LPdir_win.c stable/9/crypto/openssl/crypto/Makefile stable/9/crypto/openssl/crypto/bn/asm/x86_64-gcc.c stable/9/crypto/openssl/crypto/bn/bn_exp.c stable/9/crypto/openssl/crypto/bn/exptest.c stable/9/crypto/openssl/crypto/ec/ec_key.c stable/9/crypto/openssl/crypto/ec/ecp_smpl.c stable/9/crypto/openssl/crypto/err/openssl.ec stable/9/crypto/openssl/crypto/evp/Makefile stable/9/crypto/openssl/crypto/evp/evp_enc.c stable/9/crypto/openssl/crypto/opensslv.h stable/9/crypto/openssl/crypto/rsa/Makefile stable/9/crypto/openssl/crypto/rsa/rsa.h stable/9/crypto/openssl/crypto/rsa/rsa_err.c stable/9/crypto/openssl/crypto/rsa/rsa_oaep.c stable/9/crypto/openssl/crypto/rsa/rsa_pk1.c stable/9/crypto/openssl/crypto/rsa/rsa_sign.c stable/9/crypto/openssl/doc/apps/s_client.pod stable/9/crypto/openssl/doc/ssl/SSL_CTX_set_mode.pod stable/9/crypto/openssl/e_os.h stable/9/crypto/openssl/openssl.spec stable/9/crypto/openssl/ssl/Makefile stable/9/crypto/openssl/ssl/d1_lib.c stable/9/crypto/openssl/ssl/dtls1.h stable/9/crypto/openssl/ssl/s23_clnt.c stable/9/crypto/openssl/ssl/s23_srvr.c stable/9/crypto/openssl/ssl/s2_lib.c stable/9/crypto/openssl/ssl/s3_cbc.c stable/9/crypto/openssl/ssl/s3_clnt.c stable/9/crypto/openssl/ssl/s3_enc.c stable/9/crypto/openssl/ssl/s3_lib.c stable/9/crypto/openssl/ssl/s3_pkt.c stable/9/crypto/openssl/ssl/s3_srvr.c stable/9/crypto/openssl/ssl/ssl.h stable/9/crypto/openssl/ssl/ssl3.h stable/9/crypto/openssl/ssl/ssl_err.c stable/9/crypto/openssl/ssl/ssl_lib.c stable/9/crypto/openssl/ssl/t1_enc.c stable/9/crypto/openssl/ssl/t1_lib.c stable/9/crypto/openssl/ssl/tls1.h stable/9/crypto/openssl/test/Makefile stable/9/secure/lib/libcrypto/Makefile.inc stable/9/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 stable/9/secure/lib/libcrypto/man/ASN1_STRING_length.3 stable/9/secure/lib/libcrypto/man/ASN1_STRING_new.3 stable/9/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 stable/9/secure/lib/libcrypto/man/ASN1_generate_nconf.3 stable/9/secure/lib/libcrypto/man/BIO_ctrl.3 stable/9/secure/lib/libcrypto/man/BIO_f_base64.3 stable/9/secure/lib/libcrypto/man/BIO_f_buffer.3 stable/9/secure/lib/libcrypto/man/BIO_f_cipher.3 stable/9/secure/lib/libcrypto/man/BIO_f_md.3 stable/9/secure/lib/libcrypto/man/BIO_f_null.3 stable/9/secure/lib/libcrypto/man/BIO_f_ssl.3 stable/9/secure/lib/libcrypto/man/BIO_find_type.3 stable/9/secure/lib/libcrypto/man/BIO_new.3 stable/9/secure/lib/libcrypto/man/BIO_push.3 stable/9/secure/lib/libcrypto/man/BIO_read.3 stable/9/secure/lib/libcrypto/man/BIO_s_accept.3 stable/9/secure/lib/libcrypto/man/BIO_s_bio.3 stable/9/secure/lib/libcrypto/man/BIO_s_connect.3 stable/9/secure/lib/libcrypto/man/BIO_s_fd.3 stable/9/secure/lib/libcrypto/man/BIO_s_file.3 stable/9/secure/lib/libcrypto/man/BIO_s_mem.3 stable/9/secure/lib/libcrypto/man/BIO_s_null.3 stable/9/secure/lib/libcrypto/man/BIO_s_socket.3 stable/9/secure/lib/libcrypto/man/BIO_set_callback.3 stable/9/secure/lib/libcrypto/man/BIO_should_retry.3 stable/9/secure/lib/libcrypto/man/BN_BLINDING_new.3 stable/9/secure/lib/libcrypto/man/BN_CTX_new.3 stable/9/secure/lib/libcrypto/man/BN_CTX_start.3 stable/9/secure/lib/libcrypto/man/BN_add.3 stable/9/secure/lib/libcrypto/man/BN_add_word.3 stable/9/secure/lib/libcrypto/man/BN_bn2bin.3 stable/9/secure/lib/libcrypto/man/BN_cmp.3 stable/9/secure/lib/libcrypto/man/BN_copy.3 stable/9/secure/lib/libcrypto/man/BN_generate_prime.3 stable/9/secure/lib/libcrypto/man/BN_mod_inverse.3 stable/9/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 stable/9/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 stable/9/secure/lib/libcrypto/man/BN_new.3 stable/9/secure/lib/libcrypto/man/BN_num_bytes.3 stable/9/secure/lib/libcrypto/man/BN_rand.3 stable/9/secure/lib/libcrypto/man/BN_set_bit.3 stable/9/secure/lib/libcrypto/man/BN_swap.3 stable/9/secure/lib/libcrypto/man/BN_zero.3 stable/9/secure/lib/libcrypto/man/CONF_modules_free.3 stable/9/secure/lib/libcrypto/man/CONF_modules_load_file.3 stable/9/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 stable/9/secure/lib/libcrypto/man/DH_generate_key.3 stable/9/secure/lib/libcrypto/man/DH_generate_parameters.3 stable/9/secure/lib/libcrypto/man/DH_get_ex_new_index.3 stable/9/secure/lib/libcrypto/man/DH_new.3 stable/9/secure/lib/libcrypto/man/DH_set_method.3 stable/9/secure/lib/libcrypto/man/DH_size.3 stable/9/secure/lib/libcrypto/man/DSA_SIG_new.3 stable/9/secure/lib/libcrypto/man/DSA_do_sign.3 stable/9/secure/lib/libcrypto/man/DSA_dup_DH.3 stable/9/secure/lib/libcrypto/man/DSA_generate_key.3 stable/9/secure/lib/libcrypto/man/DSA_generate_parameters.3 stable/9/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 stable/9/secure/lib/libcrypto/man/DSA_new.3 stable/9/secure/lib/libcrypto/man/DSA_set_method.3 stable/9/secure/lib/libcrypto/man/DSA_sign.3 stable/9/secure/lib/libcrypto/man/DSA_size.3 stable/9/secure/lib/libcrypto/man/ERR_GET_LIB.3 stable/9/secure/lib/libcrypto/man/ERR_clear_error.3 stable/9/secure/lib/libcrypto/man/ERR_error_string.3 stable/9/secure/lib/libcrypto/man/ERR_get_error.3 stable/9/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 stable/9/secure/lib/libcrypto/man/ERR_load_strings.3 stable/9/secure/lib/libcrypto/man/ERR_print_errors.3 stable/9/secure/lib/libcrypto/man/ERR_put_error.3 stable/9/secure/lib/libcrypto/man/ERR_remove_state.3 stable/9/secure/lib/libcrypto/man/ERR_set_mark.3 stable/9/secure/lib/libcrypto/man/EVP_BytesToKey.3 stable/9/secure/lib/libcrypto/man/EVP_DigestInit.3 stable/9/secure/lib/libcrypto/man/EVP_EncryptInit.3 stable/9/secure/lib/libcrypto/man/EVP_OpenInit.3 stable/9/secure/lib/libcrypto/man/EVP_PKEY_new.3 stable/9/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 stable/9/secure/lib/libcrypto/man/EVP_SealInit.3 stable/9/secure/lib/libcrypto/man/EVP_SignInit.3 stable/9/secure/lib/libcrypto/man/EVP_VerifyInit.3 stable/9/secure/lib/libcrypto/man/OBJ_nid2obj.3 stable/9/secure/lib/libcrypto/man/OPENSSL_Applink.3 stable/9/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 stable/9/secure/lib/libcrypto/man/OPENSSL_config.3 stable/9/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 stable/9/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 stable/9/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 stable/9/secure/lib/libcrypto/man/PKCS12_create.3 stable/9/secure/lib/libcrypto/man/PKCS12_parse.3 stable/9/secure/lib/libcrypto/man/PKCS7_decrypt.3 stable/9/secure/lib/libcrypto/man/PKCS7_encrypt.3 stable/9/secure/lib/libcrypto/man/PKCS7_sign.3 stable/9/secure/lib/libcrypto/man/PKCS7_verify.3 stable/9/secure/lib/libcrypto/man/RAND_add.3 stable/9/secure/lib/libcrypto/man/RAND_bytes.3 stable/9/secure/lib/libcrypto/man/RAND_cleanup.3 stable/9/secure/lib/libcrypto/man/RAND_egd.3 stable/9/secure/lib/libcrypto/man/RAND_load_file.3 stable/9/secure/lib/libcrypto/man/RAND_set_rand_method.3 stable/9/secure/lib/libcrypto/man/RSA_blinding_on.3 stable/9/secure/lib/libcrypto/man/RSA_check_key.3 stable/9/secure/lib/libcrypto/man/RSA_generate_key.3 stable/9/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 stable/9/secure/lib/libcrypto/man/RSA_new.3 stable/9/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 stable/9/secure/lib/libcrypto/man/RSA_print.3 stable/9/secure/lib/libcrypto/man/RSA_private_encrypt.3 stable/9/secure/lib/libcrypto/man/RSA_public_encrypt.3 stable/9/secure/lib/libcrypto/man/RSA_set_method.3 stable/9/secure/lib/libcrypto/man/RSA_sign.3 stable/9/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 stable/9/secure/lib/libcrypto/man/RSA_size.3 stable/9/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 stable/9/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 stable/9/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 stable/9/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 stable/9/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 stable/9/secure/lib/libcrypto/man/X509_NAME_print_ex.3 stable/9/secure/lib/libcrypto/man/X509_new.3 stable/9/secure/lib/libcrypto/man/bio.3 stable/9/secure/lib/libcrypto/man/blowfish.3 stable/9/secure/lib/libcrypto/man/bn.3 stable/9/secure/lib/libcrypto/man/bn_internal.3 stable/9/secure/lib/libcrypto/man/buffer.3 stable/9/secure/lib/libcrypto/man/crypto.3 stable/9/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 stable/9/secure/lib/libcrypto/man/d2i_DHparams.3 stable/9/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 stable/9/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 stable/9/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 stable/9/secure/lib/libcrypto/man/d2i_X509.3 stable/9/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 stable/9/secure/lib/libcrypto/man/d2i_X509_CRL.3 stable/9/secure/lib/libcrypto/man/d2i_X509_NAME.3 stable/9/secure/lib/libcrypto/man/d2i_X509_REQ.3 stable/9/secure/lib/libcrypto/man/d2i_X509_SIG.3 stable/9/secure/lib/libcrypto/man/des.3 stable/9/secure/lib/libcrypto/man/dh.3 stable/9/secure/lib/libcrypto/man/dsa.3 stable/9/secure/lib/libcrypto/man/ecdsa.3 stable/9/secure/lib/libcrypto/man/engine.3 stable/9/secure/lib/libcrypto/man/err.3 stable/9/secure/lib/libcrypto/man/evp.3 stable/9/secure/lib/libcrypto/man/hmac.3 stable/9/secure/lib/libcrypto/man/lh_stats.3 stable/9/secure/lib/libcrypto/man/lhash.3 stable/9/secure/lib/libcrypto/man/md5.3 stable/9/secure/lib/libcrypto/man/mdc2.3 stable/9/secure/lib/libcrypto/man/pem.3 stable/9/secure/lib/libcrypto/man/rand.3 stable/9/secure/lib/libcrypto/man/rc4.3 stable/9/secure/lib/libcrypto/man/ripemd.3 stable/9/secure/lib/libcrypto/man/rsa.3 stable/9/secure/lib/libcrypto/man/sha.3 stable/9/secure/lib/libcrypto/man/threads.3 stable/9/secure/lib/libcrypto/man/ui.3 stable/9/secure/lib/libcrypto/man/ui_compat.3 stable/9/secure/lib/libcrypto/man/x509.3 stable/9/secure/lib/libssl/man/SSL_CIPHER_get_name.3 stable/9/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 stable/9/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 stable/9/secure/lib/libssl/man/SSL_CTX_add_session.3 stable/9/secure/lib/libssl/man/SSL_CTX_ctrl.3 stable/9/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 stable/9/secure/lib/libssl/man/SSL_CTX_free.3 stable/9/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 stable/9/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 stable/9/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 stable/9/secure/lib/libssl/man/SSL_CTX_new.3 stable/9/secure/lib/libssl/man/SSL_CTX_sess_number.3 stable/9/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 stable/9/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_sessions.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_mode.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_options.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_timeout.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_verify.3 stable/9/secure/lib/libssl/man/SSL_CTX_use_certificate.3 stable/9/secure/lib/libssl/man/SSL_SESSION_free.3 stable/9/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 stable/9/secure/lib/libssl/man/SSL_SESSION_get_time.3 stable/9/secure/lib/libssl/man/SSL_accept.3 stable/9/secure/lib/libssl/man/SSL_alert_type_string.3 stable/9/secure/lib/libssl/man/SSL_clear.3 stable/9/secure/lib/libssl/man/SSL_connect.3 stable/9/secure/lib/libssl/man/SSL_do_handshake.3 stable/9/secure/lib/libssl/man/SSL_free.3 stable/9/secure/lib/libssl/man/SSL_get_SSL_CTX.3 stable/9/secure/lib/libssl/man/SSL_get_ciphers.3 stable/9/secure/lib/libssl/man/SSL_get_client_CA_list.3 stable/9/secure/lib/libssl/man/SSL_get_current_cipher.3 stable/9/secure/lib/libssl/man/SSL_get_default_timeout.3 stable/9/secure/lib/libssl/man/SSL_get_error.3 stable/9/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 stable/9/secure/lib/libssl/man/SSL_get_ex_new_index.3 stable/9/secure/lib/libssl/man/SSL_get_fd.3 stable/9/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 stable/9/secure/lib/libssl/man/SSL_get_peer_certificate.3 stable/9/secure/lib/libssl/man/SSL_get_rbio.3 stable/9/secure/lib/libssl/man/SSL_get_session.3 stable/9/secure/lib/libssl/man/SSL_get_verify_result.3 stable/9/secure/lib/libssl/man/SSL_get_version.3 stable/9/secure/lib/libssl/man/SSL_library_init.3 stable/9/secure/lib/libssl/man/SSL_load_client_CA_file.3 stable/9/secure/lib/libssl/man/SSL_new.3 stable/9/secure/lib/libssl/man/SSL_pending.3 stable/9/secure/lib/libssl/man/SSL_read.3 stable/9/secure/lib/libssl/man/SSL_rstate_string.3 stable/9/secure/lib/libssl/man/SSL_session_reused.3 stable/9/secure/lib/libssl/man/SSL_set_bio.3 stable/9/secure/lib/libssl/man/SSL_set_connect_state.3 stable/9/secure/lib/libssl/man/SSL_set_fd.3 stable/9/secure/lib/libssl/man/SSL_set_session.3 stable/9/secure/lib/libssl/man/SSL_set_shutdown.3 stable/9/secure/lib/libssl/man/SSL_set_verify_result.3 stable/9/secure/lib/libssl/man/SSL_shutdown.3 stable/9/secure/lib/libssl/man/SSL_state_string.3 stable/9/secure/lib/libssl/man/SSL_want.3 stable/9/secure/lib/libssl/man/SSL_write.3 stable/9/secure/lib/libssl/man/d2i_SSL_SESSION.3 stable/9/secure/lib/libssl/man/ssl.3 stable/9/secure/usr.bin/openssl/man/CA.pl.1 stable/9/secure/usr.bin/openssl/man/asn1parse.1 stable/9/secure/usr.bin/openssl/man/ca.1 stable/9/secure/usr.bin/openssl/man/ciphers.1 stable/9/secure/usr.bin/openssl/man/crl.1 stable/9/secure/usr.bin/openssl/man/crl2pkcs7.1 stable/9/secure/usr.bin/openssl/man/dgst.1 stable/9/secure/usr.bin/openssl/man/dhparam.1 stable/9/secure/usr.bin/openssl/man/dsa.1 stable/9/secure/usr.bin/openssl/man/dsaparam.1 stable/9/secure/usr.bin/openssl/man/ec.1 stable/9/secure/usr.bin/openssl/man/ecparam.1 stable/9/secure/usr.bin/openssl/man/enc.1 stable/9/secure/usr.bin/openssl/man/errstr.1 stable/9/secure/usr.bin/openssl/man/gendsa.1 stable/9/secure/usr.bin/openssl/man/genrsa.1 stable/9/secure/usr.bin/openssl/man/nseq.1 stable/9/secure/usr.bin/openssl/man/ocsp.1 stable/9/secure/usr.bin/openssl/man/openssl.1 stable/9/secure/usr.bin/openssl/man/passwd.1 stable/9/secure/usr.bin/openssl/man/pkcs12.1 stable/9/secure/usr.bin/openssl/man/pkcs7.1 stable/9/secure/usr.bin/openssl/man/pkcs8.1 stable/9/secure/usr.bin/openssl/man/rand.1 stable/9/secure/usr.bin/openssl/man/req.1 stable/9/secure/usr.bin/openssl/man/rsa.1 stable/9/secure/usr.bin/openssl/man/rsautl.1 stable/9/secure/usr.bin/openssl/man/s_client.1 stable/9/secure/usr.bin/openssl/man/s_server.1 stable/9/secure/usr.bin/openssl/man/s_time.1 stable/9/secure/usr.bin/openssl/man/sess_id.1 stable/9/secure/usr.bin/openssl/man/smime.1 stable/9/secure/usr.bin/openssl/man/speed.1 stable/9/secure/usr.bin/openssl/man/spkac.1 stable/9/secure/usr.bin/openssl/man/verify.1 stable/9/secure/usr.bin/openssl/man/version.1 stable/9/secure/usr.bin/openssl/man/x509.1 stable/9/secure/usr.bin/openssl/man/x509v3_config.1 Directory Properties: stable/9/crypto/openssl/ (props changed) Modified: stable/8/crypto/openssl/CHANGES ============================================================================== --- stable/8/crypto/openssl/CHANGES Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/CHANGES Wed Oct 15 20:28:31 2014 (r273151) @@ -2,6 +2,43 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8zb and 0.9.8zc [15 Oct 2014] + + *) Session Ticket Memory Leak. + + When an OpenSSL SSL/TLS/DTLS server receives a session ticket the + integrity of that ticket is first verified. In the event of a session + ticket integrity check failing, OpenSSL will fail to free memory + causing a memory leak. By sending a large number of invalid session + tickets an attacker could exploit this issue in a Denial Of Service + attack. + (CVE-2014-3567) + [Steve Henson] + + *) Build option no-ssl3 is incomplete. + + When OpenSSL is configured with "no-ssl3" as a build option, servers + could accept and complete a SSL 3.0 handshake, and clients could be + configured to send them. + (CVE-2014-3568) + [Akamai and the OpenSSL team] + + *) Add support for TLS_FALLBACK_SCSV. + Client applications doing fallback retries should call + SSL_set_mode(s, SSL_MODE_SEND_FALLBACK_SCSV). + (CVE-2014-3566) + [Adam Langley, Bodo Moeller] + + *) Add additional DigestInfo checks. + + Reencode DigestInto in DER and check against the original when + verifying RSA signature: this will reject any improperly encoded + DigestInfo structures. + + Note: this is a precautionary measure and no attacks are currently known. + + [Steve Henson] + Changes between 0.9.8za and 0.9.8zb [6 Aug 2014] *) OpenSSL DTLS clients enabling anonymous (EC)DH ciphersuites are subject Modified: stable/8/crypto/openssl/Makefile ============================================================================== --- stable/8/crypto/openssl/Makefile Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/Makefile Wed Oct 15 20:28:31 2014 (r273151) @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=0.9.8zb +VERSION=0.9.8zc MAJOR=0 MINOR=9.8 SHLIB_VERSION_NUMBER=0.9.8 Modified: stable/8/crypto/openssl/NEWS ============================================================================== --- stable/8/crypto/openssl/NEWS Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/NEWS Wed Oct 15 20:28:31 2014 (r273151) @@ -5,6 +5,13 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.8zb and OpenSSL 0.9.8zc [15 Oct 2014]: + + o Fix for CVE-2014-3513 + o Fix for CVE-2014-3567 + o Mitigation for CVE-2014-3566 (SSL protocol vulnerability) + o Fix for CVE-2014-3568 + Major changes between OpenSSL 0.9.8za and OpenSSL 0.9.8zb [6 Aug 2014]: o Fix for CVE-2014-3510 Modified: stable/8/crypto/openssl/README ============================================================================== --- stable/8/crypto/openssl/README Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/README Wed Oct 15 20:28:31 2014 (r273151) @@ -1,5 +1,5 @@ - OpenSSL 0.9.8zb 6 Aug 2014 + OpenSSL 0.9.8zc 15 Oct 2014 Copyright (c) 1998-2011 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: stable/8/crypto/openssl/apps/s_client.c ============================================================================== --- stable/8/crypto/openssl/apps/s_client.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/apps/s_client.c Wed Oct 15 20:28:31 2014 (r273151) @@ -226,6 +226,7 @@ static void sc_usage(void) BIO_printf(bio_err," -ssl3 - just use SSLv3\n"); BIO_printf(bio_err," -tls1 - just use TLSv1\n"); BIO_printf(bio_err," -dtls1 - just use DTLSv1\n"); + BIO_printf(bio_err," -fallback_scsv - send TLS_FALLBACK_SCSV\n"); BIO_printf(bio_err," -mtu - set the link layer MTU\n"); BIO_printf(bio_err," -no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol\n"); BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n"); @@ -339,6 +340,7 @@ int MAIN(int argc, char **argv) char *sess_out = NULL; struct sockaddr peer; int peerlen = sizeof(peer); + int fallback_scsv = 0; int enable_timeouts = 0 ; long socket_mtu = 0; #ifndef OPENSSL_NO_JPAKE @@ -488,6 +490,10 @@ int MAIN(int argc, char **argv) socket_mtu = atol(*(++argv)); } #endif + else if (strcmp(*argv,"-fallback_scsv") == 0) + { + fallback_scsv = 1; + } else if (strcmp(*argv,"-bugs") == 0) bugs=1; else if (strcmp(*argv,"-keyform") == 0) @@ -778,6 +784,10 @@ bad: SSL_set_session(con, sess); SSL_SESSION_free(sess); } + + if (fallback_scsv) + SSL_set_mode(con, SSL_MODE_SEND_FALLBACK_SCSV); + #ifndef OPENSSL_NO_TLSEXT if (servername != NULL) { Modified: stable/8/crypto/openssl/crypto/LPdir_vms.c ============================================================================== --- stable/8/crypto/openssl/crypto/LPdir_vms.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/LPdir_vms.c Wed Oct 15 20:28:31 2014 (r273151) @@ -1,4 +1,3 @@ -/* $LP: LPlib/source/LPdir_vms.c,v 1.20 2004/08/26 13:36:05 _cvs_levitte Exp $ */ /* * Copyright (c) 2004, Richard Levitte <richard@levitte.org> * All rights reserved. @@ -82,6 +81,12 @@ const char *LP_find_file(LP_DIR_CTX **ct size_t filespeclen = strlen(directory); char *filespec = NULL; + if (filespeclen == 0) + { + errno = ENOENT; + return 0; + } + /* MUST be a VMS directory specification! Let's estimate if it is. */ if (directory[filespeclen-1] != ']' && directory[filespeclen-1] != '>' Modified: stable/8/crypto/openssl/crypto/LPdir_win.c ============================================================================== --- stable/8/crypto/openssl/crypto/LPdir_win.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/LPdir_win.c Wed Oct 15 20:28:31 2014 (r273151) @@ -1,4 +1,3 @@ -/* $LP: LPlib/source/LPdir_win.c,v 1.10 2004/08/26 13:36:05 _cvs_levitte Exp $ */ /* * Copyright (c) 2004, Richard Levitte <richard@levitte.org> * All rights reserved. @@ -65,6 +64,16 @@ const char *LP_find_file(LP_DIR_CTX **ct errno = 0; if (*ctx == NULL) { + const char *extdir = directory; + char *extdirbuf = NULL; + size_t dirlen = strlen (directory); + + if (dirlen == 0) + { + errno = ENOENT; + return 0; + } + *ctx = (LP_DIR_CTX *)malloc(sizeof(LP_DIR_CTX)); if (*ctx == NULL) { @@ -73,15 +82,35 @@ const char *LP_find_file(LP_DIR_CTX **ct } memset(*ctx, '\0', sizeof(LP_DIR_CTX)); + if (directory[dirlen-1] != '*') + { + extdirbuf = (char *)malloc(dirlen + 3); + if (extdirbuf == NULL) + { + free(*ctx); + *ctx = NULL; + errno = ENOMEM; + return 0; + } + if (directory[dirlen-1] != '/' && directory[dirlen-1] != '\\') + extdir = strcat(strcpy (extdirbuf,directory),"/*"); + else + extdir = strcat(strcpy (extdirbuf,directory),"*"); + } + if (sizeof(TCHAR) != sizeof(char)) { TCHAR *wdir = NULL; /* len_0 denotes string length *with* trailing 0 */ - size_t index = 0,len_0 = strlen(directory) + 1; + size_t index = 0,len_0 = strlen(extdir) + 1; - wdir = (TCHAR *)malloc(len_0 * sizeof(TCHAR)); + wdir = (TCHAR *)calloc(len_0, sizeof(TCHAR)); if (wdir == NULL) { + if (extdirbuf != NULL) + { + free (extdirbuf); + } free(*ctx); *ctx = NULL; errno = ENOMEM; @@ -89,17 +118,23 @@ const char *LP_find_file(LP_DIR_CTX **ct } #ifdef LP_MULTIBYTE_AVAILABLE - if (!MultiByteToWideChar(CP_ACP, 0, directory, len_0, (WCHAR *)wdir, len_0)) + if (!MultiByteToWideChar(CP_ACP, 0, extdir, len_0, (WCHAR *)wdir, len_0)) #endif for (index = 0; index < len_0; index++) - wdir[index] = (TCHAR)directory[index]; + wdir[index] = (TCHAR)extdir[index]; (*ctx)->handle = FindFirstFile(wdir, &(*ctx)->ctx); free(wdir); } else - (*ctx)->handle = FindFirstFile((TCHAR *)directory, &(*ctx)->ctx); + { + (*ctx)->handle = FindFirstFile((TCHAR *)extdir, &(*ctx)->ctx); + } + if (extdirbuf != NULL) + { + free (extdirbuf); + } if ((*ctx)->handle == INVALID_HANDLE_VALUE) { @@ -116,7 +151,6 @@ const char *LP_find_file(LP_DIR_CTX **ct return 0; } } - if (sizeof(TCHAR) != sizeof(char)) { TCHAR *wdir = (*ctx)->ctx.cFileName; Modified: stable/8/crypto/openssl/crypto/Makefile ============================================================================== --- stable/8/crypto/openssl/crypto/Makefile Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/Makefile Wed Oct 15 20:28:31 2014 (r273151) @@ -30,6 +30,7 @@ AFLAGS=$(ASFLAGS) LIBS= GENERAL=Makefile README crypto-lib.com install.com +TEST=constant_time_test.c LIB= $(TOP)/libcrypto.a SHARED_LIB= libcrypto$(SHLIB_EXT) Modified: stable/8/crypto/openssl/crypto/bn/asm/x86_64-gcc.c ============================================================================== --- stable/8/crypto/openssl/crypto/bn/asm/x86_64-gcc.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/bn/asm/x86_64-gcc.c Wed Oct 15 20:28:31 2014 (r273151) @@ -185,7 +185,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con if (n <= 0) return 0; - asm ( + asm volatile ( " subq %2,%2 \n" ".align 16 \n" "1: movq (%4,%2,8),%0 \n" @@ -196,7 +196,7 @@ BN_ULONG bn_add_words (BN_ULONG *rp, con " sbbq %0,%0 \n" : "=&a"(ret),"+c"(n),"=&r"(i) : "r"(rp),"r"(ap),"r"(bp) - : "cc" + : "cc", "memory" ); return ret&1; @@ -208,7 +208,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con if (n <= 0) return 0; - asm ( + asm volatile ( " subq %2,%2 \n" ".align 16 \n" "1: movq (%4,%2,8),%0 \n" @@ -219,7 +219,7 @@ BN_ULONG bn_sub_words (BN_ULONG *rp, con " sbbq %0,%0 \n" : "=&a"(ret),"+c"(n),"=&r"(i) : "r"(rp),"r"(ap),"r"(bp) - : "cc" + : "cc", "memory" ); return ret&1; Modified: stable/8/crypto/openssl/crypto/bn/bn_exp.c ============================================================================== --- stable/8/crypto/openssl/crypto/bn/bn_exp.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/bn/bn_exp.c Wed Oct 15 20:28:31 2014 (r273151) @@ -767,7 +767,14 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ bits = BN_num_bits(p); if (bits == 0) { - ret = BN_one(rr); + /* x**0 mod 1 is still zero. */ + if (BN_is_one(m)) + { + ret = 1; + BN_zero(rr); + } + else + ret = BN_one(rr); return ret; } if (a == 0) Modified: stable/8/crypto/openssl/crypto/bn/exptest.c ============================================================================== --- stable/8/crypto/openssl/crypto/bn/exptest.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/bn/exptest.c Wed Oct 15 20:28:31 2014 (r273151) @@ -71,6 +71,43 @@ static const char rnd_seed[] = "string to make the random number generator think it has entropy"; +/* test_exp_mod_zero tests that x**0 mod 1 == 0. It returns zero on success. */ +static int test_exp_mod_zero() { + BIGNUM a, p, m; + BIGNUM r; + BN_CTX *ctx = BN_CTX_new(); + int ret = 1; + + BN_init(&m); + BN_one(&m); + + BN_init(&a); + BN_one(&a); + + BN_init(&p); + BN_zero(&p); + + BN_init(&r); + BN_mod_exp(&r, &a, &p, &m, ctx); + BN_CTX_free(ctx); + + if (BN_is_zero(&r)) + ret = 0; + else + { + printf("1**0 mod 1 = "); + BN_print_fp(stdout, &r); + printf(", should be 0\n"); + } + + BN_free(&r); + BN_free(&a); + BN_free(&p); + BN_free(&m); + + return ret; +} + int main(int argc, char *argv[]) { BN_CTX *ctx; @@ -190,7 +227,13 @@ int main(int argc, char *argv[]) ERR_remove_state(0); CRYPTO_mem_leaks(out); BIO_free(out); - printf(" done\n"); + printf("\n"); + + if (test_exp_mod_zero() != 0) + goto err; + + printf("done\n"); + EXIT(0); err: ERR_load_crypto_strings(); Copied: stable/8/crypto/openssl/crypto/constant_time_locl.h (from r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_locl.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/8/crypto/openssl/crypto/constant_time_locl.h Wed Oct 15 20:28:31 2014 (r273151, copy of r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_locl.h) @@ -0,0 +1,216 @@ +/* crypto/constant_time_locl.h */ +/* + * Utilities for constant-time cryptography. + * + * Author: Emilia Kasper (emilia@openssl.org) + * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley + * (Google). + * ==================================================================== + * Copyright (c) 2014 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#ifndef HEADER_CONSTANT_TIME_LOCL_H +#define HEADER_CONSTANT_TIME_LOCL_H + +#include "e_os.h" /* For 'inline' */ + +#ifdef __cplusplus +extern "C" { +#endif + +/* + * The boolean methods return a bitmask of all ones (0xff...f) for true + * and 0 for false. This is useful for choosing a value based on the result + * of a conditional in constant time. For example, + * + * if (a < b) { + * c = a; + * } else { + * c = b; + * } + * + * can be written as + * + * unsigned int lt = constant_time_lt(a, b); + * c = constant_time_select(lt, a, b); + */ + +/* + * Returns the given value with the MSB copied to all the other + * bits. Uses the fact that arithmetic shift shifts-in the sign bit. + * However, this is not ensured by the C standard so you may need to + * replace this with something else on odd CPUs. + */ +static inline unsigned int constant_time_msb(unsigned int a); + +/* + * Returns 0xff..f if a < b and 0 otherwise. + */ +static inline unsigned int constant_time_lt(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b); + +/* + * Returns 0xff..f if a >= b and 0 otherwise. + */ +static inline unsigned int constant_time_ge(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b); + +/* + * Returns 0xff..f if a == 0 and 0 otherwise. + */ +static inline unsigned int constant_time_is_zero(unsigned int a); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_is_zero_8(unsigned int a); + + +/* + * Returns 0xff..f if a == b and 0 otherwise. + */ +static inline unsigned int constant_time_eq(unsigned int a, unsigned int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b); +/* Signed integers. */ +static inline unsigned int constant_time_eq_int(int a, int b); +/* Convenience method for getting an 8-bit mask. */ +static inline unsigned char constant_time_eq_int_8(int a, int b); + + +/* + * Returns (mask & a) | (~mask & b). + * + * When |mask| is all 1s or all 0s (as returned by the methods above), + * the select methods return either |a| (if |mask| is nonzero) or |b| + * (if |mask| is zero). + */ +static inline unsigned int constant_time_select(unsigned int mask, + unsigned int a, unsigned int b); +/* Convenience method for unsigned chars. */ +static inline unsigned char constant_time_select_8(unsigned char mask, + unsigned char a, unsigned char b); +/* Convenience method for signed integers. */ +static inline int constant_time_select_int(unsigned int mask, int a, int b); + +static inline unsigned int constant_time_msb(unsigned int a) + { + return (unsigned int)((int)(a) >> (sizeof(int) * 8 - 1)); + } + +static inline unsigned int constant_time_lt(unsigned int a, unsigned int b) + { + unsigned int lt; + /* Case 1: msb(a) == msb(b). a < b iff the MSB of a - b is set.*/ + lt = ~(a ^ b) & (a - b); + /* Case 2: msb(a) != msb(b). a < b iff the MSB of b is set. */ + lt |= ~a & b; + return constant_time_msb(lt); + } + +static inline unsigned char constant_time_lt_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_lt(a, b)); + } + +static inline unsigned int constant_time_ge(unsigned int a, unsigned int b) + { + unsigned int ge; + /* Case 1: msb(a) == msb(b). a >= b iff the MSB of a - b is not set.*/ + ge = ~((a ^ b) | (a - b)); + /* Case 2: msb(a) != msb(b). a >= b iff the MSB of a is set. */ + ge |= a & ~b; + return constant_time_msb(ge); + } + +static inline unsigned char constant_time_ge_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_ge(a, b)); + } + +static inline unsigned int constant_time_is_zero(unsigned int a) + { + return constant_time_msb(~a & (a - 1)); + } + +static inline unsigned char constant_time_is_zero_8(unsigned int a) + { + return (unsigned char)(constant_time_is_zero(a)); + } + +static inline unsigned int constant_time_eq(unsigned int a, unsigned int b) + { + return constant_time_is_zero(a ^ b); + } + +static inline unsigned char constant_time_eq_8(unsigned int a, unsigned int b) + { + return (unsigned char)(constant_time_eq(a, b)); + } + +static inline unsigned int constant_time_eq_int(int a, int b) + { + return constant_time_eq((unsigned)(a), (unsigned)(b)); + } + +static inline unsigned char constant_time_eq_int_8(int a, int b) + { + return constant_time_eq_8((unsigned)(a), (unsigned)(b)); + } + +static inline unsigned int constant_time_select(unsigned int mask, + unsigned int a, unsigned int b) + { + return (mask & a) | (~mask & b); + } + +static inline unsigned char constant_time_select_8(unsigned char mask, + unsigned char a, unsigned char b) + { + return (unsigned char)(constant_time_select(mask, a, b)); + } + +inline int constant_time_select_int(unsigned int mask, int a, int b) + { + return (int)(constant_time_select(mask, (unsigned)(a), (unsigned)(b))); + } + +#ifdef __cplusplus +} +#endif + +#endif /* HEADER_CONSTANT_TIME_LOCL_H */ Copied: stable/8/crypto/openssl/crypto/constant_time_test.c (from r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_test.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/8/crypto/openssl/crypto/constant_time_test.c Wed Oct 15 20:28:31 2014 (r273151, copy of r273140, vendor-crypto/openssl/dist-0.9.8/crypto/constant_time_test.c) @@ -0,0 +1,330 @@ +/* crypto/constant_time_test.c */ +/* + * Utilities for constant-time cryptography. + * + * Author: Emilia Kasper (emilia@openssl.org) + * Based on previous work by Bodo Moeller, Emilia Kasper, Adam Langley + * (Google). + * ==================================================================== + * Copyright (c) 2014 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * "This product includes cryptographic software written by + * Eric Young (eay@cryptsoft.com)" + * The word 'cryptographic' can be left out if the rouines from the library + * being used are not cryptographic related :-). + * 4. If you include any Windows specific code (or a derivative thereof) from + * the apps directory (application code) you must include an acknowledgement: + * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" + * + * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * The licence and distribution terms for any publically available version or + * derivative of this code cannot be changed. i.e. this code cannot simply be + * copied and put under another distribution licence + * [including the GNU Public Licence.] + */ + +#include "../crypto/constant_time_locl.h" + +#include <limits.h> +#include <stdio.h> +#include <stdlib.h> + +static const unsigned int CONSTTIME_TRUE = (unsigned)(~0); +static const unsigned int CONSTTIME_FALSE = 0; +static const unsigned char CONSTTIME_TRUE_8 = 0xff; +static const unsigned char CONSTTIME_FALSE_8 = 0; + +static int test_binary_op(unsigned int (*op)(unsigned int a, unsigned int b), + const char* op_name, unsigned int a, unsigned int b, int is_true) + { + unsigned c = op(a, b); + if (is_true && c != CONSTTIME_TRUE) + { + fprintf(stderr, "Test failed for %s(%du, %du): expected %du " + "(TRUE), got %du\n", op_name, a, b, CONSTTIME_TRUE, c); + return 1; + } + else if (!is_true && c != CONSTTIME_FALSE) + { + fprintf(stderr, "Test failed for %s(%du, %du): expected %du " + "(FALSE), got %du\n", op_name, a, b, CONSTTIME_FALSE, + c); + return 1; + } + return 0; + } + +static int test_binary_op_8(unsigned char (*op)(unsigned int a, unsigned int b), + const char* op_name, unsigned int a, unsigned int b, int is_true) + { + unsigned char c = op(a, b); + if (is_true && c != CONSTTIME_TRUE_8) + { + fprintf(stderr, "Test failed for %s(%du, %du): expected %u " + "(TRUE), got %u\n", op_name, a, b, CONSTTIME_TRUE_8, c); + return 1; + } + else if (!is_true && c != CONSTTIME_FALSE_8) + { + fprintf(stderr, "Test failed for %s(%du, %du): expected %u " + "(FALSE), got %u\n", op_name, a, b, CONSTTIME_FALSE_8, + c); + return 1; + } + return 0; + } + +static int test_is_zero(unsigned int a) + { + unsigned int c = constant_time_is_zero(a); + if (a == 0 && c != CONSTTIME_TRUE) + { + fprintf(stderr, "Test failed for constant_time_is_zero(%du): " + "expected %du (TRUE), got %du\n", a, CONSTTIME_TRUE, c); + return 1; + } + else if (a != 0 && c != CONSTTIME_FALSE) + { + fprintf(stderr, "Test failed for constant_time_is_zero(%du): " + "expected %du (FALSE), got %du\n", a, CONSTTIME_FALSE, + c); + return 1; + } + return 0; + } + +static int test_is_zero_8(unsigned int a) + { + unsigned char c = constant_time_is_zero_8(a); + if (a == 0 && c != CONSTTIME_TRUE_8) + { + fprintf(stderr, "Test failed for constant_time_is_zero(%du): " + "expected %u (TRUE), got %u\n", a, CONSTTIME_TRUE_8, c); + return 1; + } + else if (a != 0 && c != CONSTTIME_FALSE) + { + fprintf(stderr, "Test failed for constant_time_is_zero(%du): " + "expected %u (FALSE), got %u\n", a, CONSTTIME_FALSE_8, + c); + return 1; + } + return 0; + } + +static int test_select(unsigned int a, unsigned int b) + { + unsigned int selected = constant_time_select(CONSTTIME_TRUE, a, b); + if (selected != a) + { + fprintf(stderr, "Test failed for constant_time_select(%du, %du," + "%du): expected %du(first value), got %du\n", + CONSTTIME_TRUE, a, b, a, selected); + return 1; + } + selected = constant_time_select(CONSTTIME_FALSE, a, b); + if (selected != b) + { + fprintf(stderr, "Test failed for constant_time_select(%du, %du," + "%du): expected %du(second value), got %du\n", + CONSTTIME_FALSE, a, b, b, selected); + return 1; + } + return 0; + } + +static int test_select_8(unsigned char a, unsigned char b) + { + unsigned char selected = constant_time_select_8(CONSTTIME_TRUE_8, a, b); + if (selected != a) + { + fprintf(stderr, "Test failed for constant_time_select(%u, %u," + "%u): expected %u(first value), got %u\n", + CONSTTIME_TRUE, a, b, a, selected); + return 1; + } + selected = constant_time_select_8(CONSTTIME_FALSE_8, a, b); + if (selected != b) + { + fprintf(stderr, "Test failed for constant_time_select(%u, %u," + "%u): expected %u(second value), got %u\n", + CONSTTIME_FALSE, a, b, b, selected); + return 1; + } + return 0; + } + +static int test_select_int(int a, int b) + { + int selected = constant_time_select_int(CONSTTIME_TRUE, a, b); + if (selected != a) + { + fprintf(stderr, "Test failed for constant_time_select(%du, %d," + "%d): expected %d(first value), got %d\n", + CONSTTIME_TRUE, a, b, a, selected); + return 1; + } + selected = constant_time_select_int(CONSTTIME_FALSE, a, b); + if (selected != b) + { + fprintf(stderr, "Test failed for constant_time_select(%du, %d," + "%d): expected %d(second value), got %d\n", + CONSTTIME_FALSE, a, b, b, selected); + return 1; + } + return 0; + } + +static int test_eq_int(int a, int b) + { + unsigned int equal = constant_time_eq_int(a, b); + if (a == b && equal != CONSTTIME_TRUE) + { + fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): " + "expected %du(TRUE), got %du\n", + a, b, CONSTTIME_TRUE, equal); + return 1; + } + else if (a != b && equal != CONSTTIME_FALSE) + { + fprintf(stderr, "Test failed for constant_time_eq_int(%d, %d): " + "expected %du(FALSE), got %du\n", + a, b, CONSTTIME_FALSE, equal); + return 1; + } + return 0; + } + +static int test_eq_int_8(int a, int b) + { + unsigned char equal = constant_time_eq_int_8(a, b); + if (a == b && equal != CONSTTIME_TRUE_8) + { + fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): " + "expected %u(TRUE), got %u\n", + a, b, CONSTTIME_TRUE_8, equal); + return 1; + } + else if (a != b && equal != CONSTTIME_FALSE_8) + { + fprintf(stderr, "Test failed for constant_time_eq_int_8(%d, %d): " + "expected %u(FALSE), got %u\n", + a, b, CONSTTIME_FALSE_8, equal); + return 1; + } + return 0; + } + +static unsigned int test_values[] = {0, 1, 1024, 12345, 32000, UINT_MAX/2-1, + UINT_MAX/2, UINT_MAX/2+1, UINT_MAX-1, + UINT_MAX}; + +static unsigned char test_values_8[] = {0, 1, 2, 20, 32, 127, 128, 129, 255}; + +static int signed_test_values[] = {0, 1, -1, 1024, -1024, 12345, -12345, + 32000, -32000, INT_MAX, INT_MIN, INT_MAX-1, + INT_MIN+1}; + + +int main(int argc, char *argv[]) + { + unsigned int a, b, i, j; + int c, d; + unsigned char e, f; + int num_failed = 0, num_all = 0; + fprintf(stdout, "Testing constant time operations...\n"); + + for (i = 0; i < sizeof(test_values)/sizeof(int); ++i) + { + a = test_values[i]; + num_failed += test_is_zero(a); + num_failed += test_is_zero_8(a); + num_all += 2; + for (j = 0; j < sizeof(test_values)/sizeof(int); ++j) + { + b = test_values[j]; + num_failed += test_binary_op(&constant_time_lt, + "constant_time_lt", a, b, a < b); + num_failed += test_binary_op_8(&constant_time_lt_8, + "constant_time_lt_8", a, b, a < b); + num_failed += test_binary_op(&constant_time_lt, + "constant_time_lt_8", b, a, b < a); + num_failed += test_binary_op_8(&constant_time_lt_8, + "constant_time_lt_8", b, a, b < a); + num_failed += test_binary_op(&constant_time_ge, + "constant_time_ge", a, b, a >= b); + num_failed += test_binary_op_8(&constant_time_ge_8, + "constant_time_ge_8", a, b, a >= b); + num_failed += test_binary_op(&constant_time_ge, + "constant_time_ge", b, a, b >= a); + num_failed += test_binary_op_8(&constant_time_ge_8, + "constant_time_ge_8", b, a, b >= a); + num_failed += test_binary_op(&constant_time_eq, + "constant_time_eq", a, b, a == b); + num_failed += test_binary_op_8(&constant_time_eq_8, + "constant_time_eq_8", a, b, a == b); + num_failed += test_binary_op(&constant_time_eq, + "constant_time_eq", b, a, b == a); + num_failed += test_binary_op_8(&constant_time_eq_8, + "constant_time_eq_8", b, a, b == a); + num_failed += test_select(a, b); + num_all += 13; + } + } + + for (i = 0; i < sizeof(signed_test_values)/sizeof(int); ++i) + { + c = signed_test_values[i]; + for (j = 0; j < sizeof(signed_test_values)/sizeof(int); ++j) + { + d = signed_test_values[j]; + num_failed += test_select_int(c, d); + num_failed += test_eq_int(c, d); + num_failed += test_eq_int_8(c, d); + num_all += 3; + } + } + + for (i = 0; i < sizeof(test_values_8); ++i) + { + e = test_values_8[i]; + for (j = 0; j < sizeof(test_values_8); ++j) + { + f = test_values_8[j]; + num_failed += test_select_8(e, f); + num_all += 1; + } + } + + if (!num_failed) + { + fprintf(stdout, "ok (ran %d tests)\n", num_all); + return EXIT_SUCCESS; + } + else + { + fprintf(stdout, "%d of %d tests failed!\n", num_failed, num_all); + return EXIT_FAILURE; + } + } Modified: stable/8/crypto/openssl/crypto/ec/ec_key.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ec_key.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/ec/ec_key.c Wed Oct 15 20:28:31 2014 (r273151) @@ -64,7 +64,6 @@ #include <string.h> #include "ec_lcl.h" #include <openssl/err.h> -#include <string.h> EC_KEY *EC_KEY_new(void) { Modified: stable/8/crypto/openssl/crypto/ec/ecp_smpl.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ecp_smpl.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/ec/ecp_smpl.c Wed Oct 15 20:28:31 2014 (r273151) @@ -1676,8 +1676,8 @@ int ec_GFp_simple_points_make_affine(con { for (i = 0; i < num; i++) { - if (prod_Z[i] != NULL) - BN_clear_free(prod_Z[i]); + if (prod_Z[i] == NULL) break; + BN_clear_free(prod_Z[i]); } OPENSSL_free(prod_Z); } Modified: stable/8/crypto/openssl/crypto/err/openssl.ec ============================================================================== --- stable/8/crypto/openssl/crypto/err/openssl.ec Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/err/openssl.ec Wed Oct 15 20:28:31 2014 (r273151) @@ -69,6 +69,7 @@ R SSL_R_TLSV1_ALERT_EXPORT_RESTRICTION R SSL_R_TLSV1_ALERT_PROTOCOL_VERSION 1070 R SSL_R_TLSV1_ALERT_INSUFFICIENT_SECURITY 1071 R SSL_R_TLSV1_ALERT_INTERNAL_ERROR 1080 +R SSL_R_TLSV1_ALERT_INAPPROPRIATE_FALLBACK 1086 R SSL_R_TLSV1_ALERT_USER_CANCELLED 1090 R SSL_R_TLSV1_ALERT_NO_RENEGOTIATION 1100 R SSL_R_TLSV1_UNSUPPORTED_EXTENSION 1110 Modified: stable/8/crypto/openssl/crypto/evp/Makefile ============================================================================== --- stable/8/crypto/openssl/crypto/evp/Makefile Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/evp/Makefile Wed Oct 15 20:28:31 2014 (r273151) @@ -385,7 +385,8 @@ evp_enc.o: ../../include/openssl/ossl_ty evp_enc.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h evp_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h evp_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -evp_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h evp_enc.c evp_locl.h +evp_enc.o: ../../include/openssl/x509_vfy.h ../constant_time_locl.h +evp_enc.o: ../cryptlib.h evp_enc.c evp_locl.h evp_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h evp_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h Modified: stable/8/crypto/openssl/crypto/evp/evp_enc.c ============================================================================== --- stable/8/crypto/openssl/crypto/evp/evp_enc.c Wed Oct 15 20:04:21 2014 (r273150) +++ stable/8/crypto/openssl/crypto/evp/evp_enc.c Wed Oct 15 20:28:31 2014 (r273151) @@ -64,6 +64,7 @@ #ifndef OPENSSL_NO_ENGINE #include <openssl/engine.h> #endif +#include "../constant_time_locl.h" #include "evp_locl.h" #ifdef OPENSSL_FIPS @@ -301,11 +302,11 @@ int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl) { - int i,n; - unsigned int b; + unsigned int i, b; + unsigned char pad, padding_good; *outl=0; - b=ctx->cipher->block_size; + b=(unsigned int)(ctx->cipher->block_size); if (ctx->flags & EVP_CIPH_NO_PADDING) { if(ctx->buf_len) @@ -324,28 +325,34 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX * return(0); } OPENSSL_assert(b <= sizeof ctx->final); - n=ctx->final[b-1]; - if (n == 0 || n > (int)b) - { - EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_BAD_DECRYPT); - return(0); - } - for (i=0; i<n; i++) + pad=ctx->final[b-1]; *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201410152028.s9FKSWSc044057>