Date: Wed, 17 Feb 2021 05:08:42 GMT From: Jung-uk Kim <jkim@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: e3a8c0df593b - stable/12 - OpenSSL: Merge OpenSSL 1.1.1j Message-ID: <202102170508.11H58gNd034483@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/12 has been updated by jkim: URL: https://cgit.FreeBSD.org/src/commit/?id=e3a8c0df593b912283303c3be1d5fa81972ee508 commit e3a8c0df593b912283303c3be1d5fa81972ee508 Merge: 42f7f5c5d22c 4f55bd5321b7 Author: Jung-uk Kim <jkim@FreeBSD.org> AuthorDate: 2021-02-17 04:38:21 +0000 Commit: Jung-uk Kim <jkim@FreeBSD.org> CommitDate: 2021-02-17 04:38:21 +0000 OpenSSL: Merge OpenSSL 1.1.1j Merge commit '4f55bd5321b72491d4eff396e4928e9ab0706735' into stable/12 crypto/openssl/AUTHORS | 7 + crypto/openssl/CHANGES | 37 ++ crypto/openssl/CONTRIBUTING | 4 +- crypto/openssl/Configure | 29 +- crypto/openssl/INSTALL | 15 +- crypto/openssl/NEWS | 10 + crypto/openssl/README | 2 +- crypto/openssl/apps/ca.c | 53 +-- crypto/openssl/apps/progs.pl | 0 crypto/openssl/crypto/armcap.c | 19 +- crypto/openssl/crypto/asn1/charmap.h | 2 +- crypto/openssl/crypto/asn1/charmap.pl | 0 crypto/openssl/crypto/bf/asm/bf-586.pl | 0 crypto/openssl/crypto/bn/asm/bn-586.pl | 0 crypto/openssl/crypto/bn/asm/co-586.pl | 0 crypto/openssl/crypto/bn/asm/ppc.pl | 0 crypto/openssl/crypto/bn/bn_prime.h | 2 +- crypto/openssl/crypto/bn/bn_prime.pl | 0 crypto/openssl/crypto/cast/asm/cast-586.pl | 0 crypto/openssl/crypto/conf/conf_def.c | 16 +- crypto/openssl/crypto/conf/conf_def.h | 2 +- crypto/openssl/crypto/conf/keysets.pl | 0 crypto/openssl/crypto/des/asm/crypt586.pl | 0 crypto/openssl/crypto/des/asm/des-586.pl | 0 crypto/openssl/crypto/des/asm/desboth.pl | 0 crypto/openssl/crypto/dh/dh_key.c | 33 +- crypto/openssl/crypto/err/openssl.txt | 3 +- crypto/openssl/crypto/evp/evp_enc.c | 27 ++ crypto/openssl/crypto/evp/evp_err.c | 4 +- .../include/internal/__DECC_INCLUDE_EPILOGUE.H | 16 - .../include/internal/__DECC_INCLUDE_PROLOGUE.H | 20 - crypto/openssl/crypto/include/internal/aria.h | 50 --- crypto/openssl/crypto/include/internal/asn1_int.h | 113 ------ crypto/openssl/crypto/include/internal/async.h | 15 - .../openssl/crypto/include/internal/bn_conf.h.in | 27 -- crypto/openssl/crypto/include/internal/bn_dh.h | 24 -- crypto/openssl/crypto/include/internal/bn_int.h | 90 ----- crypto/openssl/crypto/include/internal/bn_srp.h | 32 -- crypto/openssl/crypto/include/internal/chacha.h | 42 -- .../openssl/crypto/include/internal/cryptlib_int.h | 35 -- crypto/openssl/crypto/include/internal/ctype.h | 82 ---- .../openssl/crypto/include/internal/dso_conf.h.in | 31 -- crypto/openssl/crypto/include/internal/ec_int.h | 53 --- crypto/openssl/crypto/include/internal/engine.h | 20 - crypto/openssl/crypto/include/internal/err_int.h | 19 - crypto/openssl/crypto/include/internal/evp_int.h | 442 --------------------- crypto/openssl/crypto/include/internal/lhash.h | 15 - .../openssl/crypto/include/internal/md32_common.h | 256 ------------ crypto/openssl/crypto/include/internal/objects.h | 12 - crypto/openssl/crypto/include/internal/poly1305.h | 21 - crypto/openssl/crypto/include/internal/rand_int.h | 134 ------- crypto/openssl/crypto/include/internal/sha.h | 19 - crypto/openssl/crypto/include/internal/siphash.h | 25 -- crypto/openssl/crypto/include/internal/sm2.h | 78 ---- crypto/openssl/crypto/include/internal/sm2err.h | 65 --- crypto/openssl/crypto/include/internal/sm3.h | 39 -- crypto/openssl/crypto/include/internal/sm4.h | 37 -- crypto/openssl/crypto/include/internal/store.h | 10 - crypto/openssl/crypto/include/internal/store_int.h | 26 -- crypto/openssl/crypto/include/internal/x509_int.h | 286 ------------- crypto/openssl/crypto/md5/asm/md5-586.pl | 0 crypto/openssl/crypto/mem_sec.c | 8 +- crypto/openssl/crypto/objects/obj_dat.h | 2 +- crypto/openssl/crypto/objects/obj_dat.pl | 0 crypto/openssl/crypto/objects/obj_xref.h | 2 +- crypto/openssl/crypto/objects/objects.pl | 0 crypto/openssl/crypto/perlasm/cbc.pl | 0 crypto/openssl/crypto/perlasm/x86asm.pl | 0 crypto/openssl/crypto/perlasm/x86nasm.pl | 0 .../openssl/crypto/poly1305/asm/poly1305-armv4.pl | 13 +- crypto/openssl/crypto/ppccap.c | 20 +- crypto/openssl/crypto/rc4/asm/rc4-586.pl | 0 crypto/openssl/crypto/rc5/asm/rc5-586.pl | 0 crypto/openssl/crypto/ripemd/asm/rmd-586.pl | 0 crypto/openssl/crypto/rsa/rsa_ssl.c | 10 +- crypto/openssl/crypto/sha/asm/sha1-586.pl | 0 crypto/openssl/crypto/sha/asm/sha1-ia64.pl | 0 crypto/openssl/crypto/srp/srp_lib.c | 13 +- crypto/openssl/crypto/x509/x509_cmp.c | 24 +- crypto/openssl/crypto/x509/x509_vfy.c | 15 +- crypto/openssl/crypto/x509/x_all.c | 4 +- crypto/openssl/crypto/x509/x_attrib.c | 5 +- crypto/openssl/crypto/x509v3/v3_purp.c | 14 +- crypto/openssl/crypto/x86_64cpuid.pl | 0 crypto/openssl/crypto/x86cpuid.pl | 0 crypto/openssl/doc/man1/ca.pod | 4 +- crypto/openssl/doc/man1/cms.pod | 4 +- crypto/openssl/doc/man1/crl2pkcs7.pod | 4 +- crypto/openssl/doc/man1/dgst.pod | 4 +- crypto/openssl/doc/man1/dsa.pod | 6 +- crypto/openssl/doc/man1/ec.pod | 6 +- crypto/openssl/doc/man1/enc.pod | 4 +- crypto/openssl/doc/man1/genpkey.pod | 4 +- crypto/openssl/doc/man1/genrsa.pod | 4 +- crypto/openssl/doc/man1/pkcs12.pod | 14 +- crypto/openssl/doc/man1/pkcs8.pod | 6 +- crypto/openssl/doc/man1/pkey.pod | 6 +- crypto/openssl/doc/man1/pkeyutl.pod | 4 +- crypto/openssl/doc/man1/req.pod | 6 +- crypto/openssl/doc/man1/rsa.pod | 6 +- crypto/openssl/doc/man1/s_client.pod | 4 +- crypto/openssl/doc/man1/s_server.pod | 4 +- crypto/openssl/doc/man1/smime.pod | 4 +- crypto/openssl/doc/man1/spkac.pod | 4 +- crypto/openssl/doc/man1/storeutl.pod | 4 +- crypto/openssl/doc/man1/ts.pod | 4 +- crypto/openssl/doc/man1/x509.pod | 4 +- crypto/openssl/doc/man3/DH_generate_key.pod | 27 +- crypto/openssl/doc/man3/OCSP_sendreq_new.pod | 28 +- crypto/openssl/doc/man3/OPENSSL_malloc.pod | 2 +- .../openssl/doc/man3/X509_get_extension_flags.pod | 11 +- crypto/openssl/include/openssl/evperr.h | 7 +- crypto/openssl/include/openssl/obj_mac.h | 2 +- crypto/openssl/include/openssl/opensslv.h | 6 +- crypto/openssl/include/openssl/x509v3.h | 7 +- crypto/openssl/ssl/d1_lib.c | 11 +- crypto/openssl/ssl/record/rec_layer_d1.c | 5 +- crypto/openssl/ssl/ssl_local.h | 3 +- crypto/openssl/ssl/statem/extensions.c | 5 +- crypto/openssl/ssl/statem/statem_clnt.c | 3 +- crypto/openssl/ssl/statem/statem_lib.c | 15 +- 121 files changed, 434 insertions(+), 2337 deletions(-) diff --cc crypto/openssl/README index 6325127b5693,000000000000..da5629f92c81 mode 100644,000000..100644 --- a/crypto/openssl/README +++ b/crypto/openssl/README @@@ -1,93 -1,0 +1,93 @@@ + - OpenSSL 1.1.1i 8 Dec 2020 ++ OpenSSL 1.1.1j 16 Feb 2021 + + Copyright (c) 1998-2020 The OpenSSL Project + Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson + All rights reserved. + + DESCRIPTION + ----------- + + The OpenSSL Project is a collaborative effort to develop a robust, + commercial-grade, fully featured, and Open Source toolkit implementing the + Transport Layer Security (TLS) protocols (including SSLv3) as well as a + full-strength general purpose cryptographic library. + + OpenSSL is descended from the SSLeay library developed by Eric A. Young + and Tim J. Hudson. The OpenSSL toolkit is licensed under a dual-license (the + OpenSSL license plus the SSLeay license), which means that you are free to + get and use it for commercial and non-commercial purposes as long as you + fulfill the conditions of both licenses. + + OVERVIEW + -------- + + The OpenSSL toolkit includes: + + libssl (with platform specific naming): + Provides the client and server-side implementations for SSLv3 and TLS. + + libcrypto (with platform specific naming): + Provides general cryptographic and X.509 support needed by SSL/TLS but + not logically part of it. + + openssl: + A command line tool that can be used for: + Creation of key parameters + Creation of X.509 certificates, CSRs and CRLs + Calculation of message digests + Encryption and decryption + SSL/TLS client and server tests + Handling of S/MIME signed or encrypted mail + And more... + + INSTALLATION + ------------ + + See the appropriate file: + INSTALL Linux, Unix, Windows, OpenVMS, ... + NOTES.* INSTALL addendums for different platforms + + SUPPORT + ------- + + See the OpenSSL website www.openssl.org for details on how to obtain + commercial technical support. Free community support is available through the + openssl-users email list (see + https://www.openssl.org/community/mailinglists.html for further details). + + If you have any problems with OpenSSL then please take the following steps + first: + + - Download the latest version from the repository + to see if the problem has already been addressed + - Configure with no-asm + - Remove compiler optimization flags + + If you wish to report a bug then please include the following information + and create an issue on GitHub: + + - OpenSSL version: output of 'openssl version -a' + - Configuration data: output of 'perl configdata.pm --dump' + - OS Name, Version, Hardware platform + - Compiler Details (name, version) + - Application Details (name, version) + - Problem Description (steps that will reproduce the problem, if known) + - Stack Traceback (if the application dumps core) + + Just because something doesn't work the way you expect does not mean it + is necessarily a bug in OpenSSL. Use the openssl-users email list for this type + of query. + + HOW TO CONTRIBUTE TO OpenSSL + ---------------------------- + + See CONTRIBUTING + + LEGALITIES + ---------- + + A number of nations restrict the use or export of cryptography. If you + are potentially subject to such restrictions you should seek competent + professional legal advice before attempting to develop or distribute + cryptographic code. diff --cc crypto/openssl/apps/ca.c index 6c9b1e57bc67,390ac37493c8..390ac37493c8 mode 100644,100755..100644 --- a/crypto/openssl/apps/ca.c +++ b/crypto/openssl/apps/ca.c diff --cc crypto/openssl/apps/progs.pl index 57671405dda0,57671405dda0..57671405dda0 mode 100644,100644..100755 --- a/crypto/openssl/apps/progs.pl +++ b/crypto/openssl/apps/progs.pl diff --cc crypto/openssl/crypto/asn1/charmap.pl index dadd8df7749d,dadd8df7749d..dadd8df7749d mode 100644,100644..100755 --- a/crypto/openssl/crypto/asn1/charmap.pl +++ b/crypto/openssl/crypto/asn1/charmap.pl diff --cc crypto/openssl/crypto/bf/asm/bf-586.pl index cddc17bddafa,cddc17bddafa..cddc17bddafa mode 100644,100644..100755 --- a/crypto/openssl/crypto/bf/asm/bf-586.pl +++ b/crypto/openssl/crypto/bf/asm/bf-586.pl diff --cc crypto/openssl/crypto/bn/asm/bn-586.pl index e0422405d5f3,e0422405d5f3..e0422405d5f3 mode 100644,100644..100755 --- a/crypto/openssl/crypto/bn/asm/bn-586.pl +++ b/crypto/openssl/crypto/bn/asm/bn-586.pl diff --cc crypto/openssl/crypto/bn/asm/co-586.pl index 3c34fa885c30,3c34fa885c30..3c34fa885c30 mode 100644,100644..100755 --- a/crypto/openssl/crypto/bn/asm/co-586.pl +++ b/crypto/openssl/crypto/bn/asm/co-586.pl diff --cc crypto/openssl/crypto/bn/asm/ppc.pl index a8d3f14e9b8e,a8d3f14e9b8e..a8d3f14e9b8e mode 100644,100644..100755 --- a/crypto/openssl/crypto/bn/asm/ppc.pl +++ b/crypto/openssl/crypto/bn/asm/ppc.pl diff --cc crypto/openssl/crypto/bn/bn_prime.pl index b0b16087429b,b0b16087429b..b0b16087429b mode 100644,100644..100755 --- a/crypto/openssl/crypto/bn/bn_prime.pl +++ b/crypto/openssl/crypto/bn/bn_prime.pl diff --cc crypto/openssl/crypto/cast/asm/cast-586.pl index 04710819380a,04710819380a..04710819380a mode 100644,100644..100755 --- a/crypto/openssl/crypto/cast/asm/cast-586.pl +++ b/crypto/openssl/crypto/cast/asm/cast-586.pl diff --cc crypto/openssl/crypto/conf/keysets.pl index 27a7214cc519,27a7214cc519..27a7214cc519 mode 100644,100644..100755 --- a/crypto/openssl/crypto/conf/keysets.pl +++ b/crypto/openssl/crypto/conf/keysets.pl diff --cc crypto/openssl/crypto/des/asm/crypt586.pl index d14b9f89b6b6,d14b9f89b6b6..d14b9f89b6b6 mode 100644,100644..100755 --- a/crypto/openssl/crypto/des/asm/crypt586.pl +++ b/crypto/openssl/crypto/des/asm/crypt586.pl diff --cc crypto/openssl/crypto/des/asm/des-586.pl index 07d9d87ac735,07d9d87ac735..07d9d87ac735 mode 100644,100644..100755 --- a/crypto/openssl/crypto/des/asm/des-586.pl +++ b/crypto/openssl/crypto/des/asm/des-586.pl diff --cc crypto/openssl/crypto/des/asm/desboth.pl index ef7054e27506,ef7054e27506..ef7054e27506 mode 100644,100644..100755 --- a/crypto/openssl/crypto/des/asm/desboth.pl +++ b/crypto/openssl/crypto/des/asm/desboth.pl diff --cc crypto/openssl/crypto/md5/asm/md5-586.pl index 7986a2413da2,7986a2413da2..7986a2413da2 mode 100644,100644..100755 --- a/crypto/openssl/crypto/md5/asm/md5-586.pl +++ b/crypto/openssl/crypto/md5/asm/md5-586.pl diff --cc crypto/openssl/crypto/objects/obj_dat.pl index e5d38147eccf,e5d38147eccf..e5d38147eccf mode 100644,100644..100755 --- a/crypto/openssl/crypto/objects/obj_dat.pl +++ b/crypto/openssl/crypto/objects/obj_dat.pl diff --cc crypto/openssl/crypto/objects/objects.pl index d7d1962c9999,d7d1962c9999..d7d1962c9999 mode 100644,100644..100755 --- a/crypto/openssl/crypto/objects/objects.pl +++ b/crypto/openssl/crypto/objects/objects.pl diff --cc crypto/openssl/crypto/perlasm/cbc.pl index 01bafe457d68,01bafe457d68..01bafe457d68 mode 100644,100644..100755 --- a/crypto/openssl/crypto/perlasm/cbc.pl +++ b/crypto/openssl/crypto/perlasm/cbc.pl diff --cc crypto/openssl/crypto/perlasm/x86asm.pl index 29dc1a2cfbc9,29dc1a2cfbc9..29dc1a2cfbc9 mode 100644,100644..100755 --- a/crypto/openssl/crypto/perlasm/x86asm.pl +++ b/crypto/openssl/crypto/perlasm/x86asm.pl diff --cc crypto/openssl/crypto/perlasm/x86nasm.pl index 4e64dad92d12,4e64dad92d12..4e64dad92d12 mode 100644,100644..100755 --- a/crypto/openssl/crypto/perlasm/x86nasm.pl +++ b/crypto/openssl/crypto/perlasm/x86nasm.pl diff --cc crypto/openssl/crypto/rc4/asm/rc4-586.pl index 3a936de1f9a7,3a936de1f9a7..3a936de1f9a7 mode 100644,100644..100755 --- a/crypto/openssl/crypto/rc4/asm/rc4-586.pl +++ b/crypto/openssl/crypto/rc4/asm/rc4-586.pl diff --cc crypto/openssl/crypto/rc5/asm/rc5-586.pl index af11be816259,af11be816259..af11be816259 mode 100644,100644..100755 --- a/crypto/openssl/crypto/rc5/asm/rc5-586.pl +++ b/crypto/openssl/crypto/rc5/asm/rc5-586.pl diff --cc crypto/openssl/crypto/ripemd/asm/rmd-586.pl index e8d02812ba5e,e8d02812ba5e..e8d02812ba5e mode 100644,100644..100755 --- a/crypto/openssl/crypto/ripemd/asm/rmd-586.pl +++ b/crypto/openssl/crypto/ripemd/asm/rmd-586.pl diff --cc crypto/openssl/crypto/sha/asm/sha1-586.pl index b72869b86d4a,b72869b86d4a..b72869b86d4a mode 100644,100644..100755 --- a/crypto/openssl/crypto/sha/asm/sha1-586.pl +++ b/crypto/openssl/crypto/sha/asm/sha1-586.pl diff --cc crypto/openssl/crypto/sha/asm/sha1-ia64.pl index bf1d2ebeb0ab,bf1d2ebeb0ab..bf1d2ebeb0ab mode 100644,100644..100755 --- a/crypto/openssl/crypto/sha/asm/sha1-ia64.pl +++ b/crypto/openssl/crypto/sha/asm/sha1-ia64.pl diff --cc crypto/openssl/crypto/x86_64cpuid.pl index d9536d65768f,d9536d65768f..d9536d65768f mode 100644,100644..100755 --- a/crypto/openssl/crypto/x86_64cpuid.pl +++ b/crypto/openssl/crypto/x86_64cpuid.pl diff --cc crypto/openssl/crypto/x86cpuid.pl index ba4fd80fb32e,ba4fd80fb32e..ba4fd80fb32e mode 100644,100644..100755 --- a/crypto/openssl/crypto/x86cpuid.pl +++ b/crypto/openssl/crypto/x86cpuid.pl diff --cc crypto/openssl/include/openssl/opensslv.h index a2b142388c8a,000000000000..c5f92dac8f8d mode 100644,000000..100644 --- a/crypto/openssl/include/openssl/opensslv.h +++ b/crypto/openssl/include/openssl/opensslv.h @@@ -1,101 -1,0 +1,101 @@@ +/* + * Copyright 1999-2020 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#ifndef HEADER_OPENSSLV_H +# define HEADER_OPENSSLV_H + +#ifdef __cplusplus +extern "C" { +#endif + +/*- + * Numeric release version identifier: + * MNNFFPPS: major minor fix patch status + * The status nibble has one of the values 0 for development, 1 to e for betas + * 1 to 14, and f for release. The patch level is exactly that. + * For example: + * 0.9.3-dev 0x00903000 + * 0.9.3-beta1 0x00903001 + * 0.9.3-beta2-dev 0x00903002 + * 0.9.3-beta2 0x00903002 (same as ...beta2-dev) + * 0.9.3 0x0090300f + * 0.9.3a 0x0090301f + * 0.9.4 0x0090400f + * 1.2.3z 0x102031af + * + * For continuity reasons (because 0.9.5 is already out, and is coded + * 0x00905100), between 0.9.5 and 0.9.6 the coding of the patch level + * part is slightly different, by setting the highest bit. This means + * that 0.9.5a looks like this: 0x0090581f. At 0.9.6, we can start + * with 0x0090600S... + * + * (Prior to 0.9.3-dev a different scheme was used: 0.9.2b is 0x0922.) + * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for + * major minor fix final patch/beta) + */ - # define OPENSSL_VERSION_NUMBER 0x1010109fL - # define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1i-freebsd 8 Dec 2020" ++# define OPENSSL_VERSION_NUMBER 0x101010afL ++# define OPENSSL_VERSION_TEXT "OpenSSL 1.1.1j-freebsd 16 Feb 2021" + +/*- + * The macros below are to be used for shared library (.so, .dll, ...) + * versioning. That kind of versioning works a bit differently between + * operating systems. The most usual scheme is to set a major and a minor + * number, and have the runtime loader check that the major number is equal + * to what it was at application link time, while the minor number has to + * be greater or equal to what it was at application link time. With this + * scheme, the version number is usually part of the file name, like this: + * + * libcrypto.so.0.9 + * + * Some unixen also make a softlink with the major version number only: + * + * libcrypto.so.0 + * + * On Tru64 and IRIX 6.x it works a little bit differently. There, the + * shared library version is stored in the file, and is actually a series + * of versions, separated by colons. The rightmost version present in the + * library when linking an application is stored in the application to be + * matched at run time. When the application is run, a check is done to + * see if the library version stored in the application matches any of the + * versions in the version string of the library itself. + * This version string can be constructed in any way, depending on what + * kind of matching is desired. However, to implement the same scheme as + * the one used in the other unixen, all compatible versions, from lowest + * to highest, should be part of the string. Consecutive builds would + * give the following versions strings: + * + * 3.0 + * 3.0:3.1 + * 3.0:3.1:3.2 + * 4.0 + * 4.0:4.1 + * + * Notice how version 4 is completely incompatible with version, and + * therefore give the breach you can see. + * + * There may be other schemes as well that I haven't yet discovered. + * + * So, here's the way it works here: first of all, the library version + * number doesn't need at all to match the overall OpenSSL version. + * However, it's nice and more understandable if it actually does. + * The current library version is stored in the macro SHLIB_VERSION_NUMBER, + * which is just a piece of text in the format "M.m.e" (Major, minor, edit). + * For the sake of Tru64, IRIX, and any other OS that behaves in similar ways, + * we need to keep a history of version numbers, which is done in the + * macro SHLIB_VERSION_HISTORY. The numbers are separated by colons and + * should only keep the versions that are binary compatible with the current. + */ +# define SHLIB_VERSION_HISTORY "" - # define SHLIB_VERSION_NUMBER "111" ++# define SHLIB_VERSION_NUMBER "1.1" + + +#ifdef __cplusplus +} +#endif +#endif /* HEADER_OPENSSLV_H */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202102170508.11H58gNd034483>