From owner-svn-src-stable-10@FreeBSD.ORG Fri Mar 20 21:54:50 2015 Return-Path: Delivered-To: svn-src-stable-10@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 757D36F8; Fri, 20 Mar 2015 21:54:50 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5A5F814E; Fri, 20 Mar 2015 21:54:50 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t2KLsoZN081170; Fri, 20 Mar 2015 21:54:50 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t2KLsl8w081162; Fri, 20 Mar 2015 21:54:47 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201503202154.t2KLsl8w081162@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Fri, 20 Mar 2015 21:54:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r280304 - in stable/10: crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/aes crypto/openssl/crypto/asn1 crypto/openssl/crypto/bf crypto/openssl/crypto/bio ... X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Mar 2015 21:54:50 -0000 Author: jkim Date: Fri Mar 20 21:54:45 2015 New Revision: 280304 URL: https://svnweb.freebsd.org/changeset/base/280304 Log: MFC: r280297 Merge OpenSSL 1.0.1m. Relnotes: yes Added: stable/10/crypto/openssl/crypto/evp/evp_extra_test.c - copied unchanged from r280297, head/crypto/openssl/crypto/evp/evp_extra_test.c stable/10/crypto/openssl/doc/crypto/d2i_CMS_ContentInfo.pod - copied unchanged from r280297, head/crypto/openssl/doc/crypto/d2i_CMS_ContentInfo.pod stable/10/crypto/openssl/doc/crypto/d2i_ECPrivateKey.pod - copied unchanged from r280297, head/crypto/openssl/doc/crypto/d2i_ECPrivateKey.pod stable/10/crypto/openssl/doc/ssl/SSL_CTX_set_read_ahead.pod - copied unchanged from r280297, head/crypto/openssl/doc/ssl/SSL_CTX_set_read_ahead.pod stable/10/crypto/openssl/util/indent.pro - copied unchanged from r280297, head/crypto/openssl/util/indent.pro stable/10/crypto/openssl/util/openssl-format-source - copied unchanged from r280297, head/crypto/openssl/util/openssl-format-source stable/10/crypto/openssl/util/su-filter.pl - copied unchanged from r280297, head/crypto/openssl/util/su-filter.pl stable/10/secure/lib/libcrypto/man/d2i_CMS_ContentInfo.3 - copied unchanged from r280297, head/secure/lib/libcrypto/man/d2i_CMS_ContentInfo.3 stable/10/secure/lib/libcrypto/man/d2i_ECPrivateKey.3 - copied unchanged from r280297, head/secure/lib/libcrypto/man/d2i_ECPrivateKey.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_read_ahead.3 - copied unchanged from r280297, head/secure/lib/libssl/man/SSL_CTX_set_read_ahead.3 Modified: stable/10/crypto/openssl/CHANGES stable/10/crypto/openssl/Configure stable/10/crypto/openssl/Makefile stable/10/crypto/openssl/NEWS stable/10/crypto/openssl/README stable/10/crypto/openssl/apps/app_rand.c stable/10/crypto/openssl/apps/apps.c stable/10/crypto/openssl/apps/apps.h stable/10/crypto/openssl/apps/asn1pars.c stable/10/crypto/openssl/apps/ca.c stable/10/crypto/openssl/apps/ciphers.c stable/10/crypto/openssl/apps/cms.c stable/10/crypto/openssl/apps/crl.c stable/10/crypto/openssl/apps/crl2p7.c stable/10/crypto/openssl/apps/dgst.c stable/10/crypto/openssl/apps/dh.c stable/10/crypto/openssl/apps/dhparam.c stable/10/crypto/openssl/apps/dsa.c stable/10/crypto/openssl/apps/dsaparam.c stable/10/crypto/openssl/apps/ec.c stable/10/crypto/openssl/apps/ecparam.c stable/10/crypto/openssl/apps/enc.c stable/10/crypto/openssl/apps/engine.c stable/10/crypto/openssl/apps/errstr.c stable/10/crypto/openssl/apps/gendh.c stable/10/crypto/openssl/apps/gendsa.c stable/10/crypto/openssl/apps/genpkey.c stable/10/crypto/openssl/apps/genrsa.c stable/10/crypto/openssl/apps/nseq.c stable/10/crypto/openssl/apps/ocsp.c stable/10/crypto/openssl/apps/openssl.c stable/10/crypto/openssl/apps/passwd.c stable/10/crypto/openssl/apps/pkcs12.c stable/10/crypto/openssl/apps/pkcs7.c stable/10/crypto/openssl/apps/pkcs8.c stable/10/crypto/openssl/apps/pkey.c stable/10/crypto/openssl/apps/pkeyparam.c stable/10/crypto/openssl/apps/pkeyutl.c stable/10/crypto/openssl/apps/prime.c stable/10/crypto/openssl/apps/progs.h stable/10/crypto/openssl/apps/rand.c stable/10/crypto/openssl/apps/req.c stable/10/crypto/openssl/apps/rsa.c stable/10/crypto/openssl/apps/rsautl.c stable/10/crypto/openssl/apps/s_apps.h stable/10/crypto/openssl/apps/s_cb.c stable/10/crypto/openssl/apps/s_client.c stable/10/crypto/openssl/apps/s_server.c stable/10/crypto/openssl/apps/s_socket.c stable/10/crypto/openssl/apps/s_time.c stable/10/crypto/openssl/apps/sess_id.c stable/10/crypto/openssl/apps/smime.c stable/10/crypto/openssl/apps/speed.c stable/10/crypto/openssl/apps/spkac.c stable/10/crypto/openssl/apps/srp.c stable/10/crypto/openssl/apps/testdsa.h stable/10/crypto/openssl/apps/testrsa.h stable/10/crypto/openssl/apps/timeouts.h stable/10/crypto/openssl/apps/ts.c stable/10/crypto/openssl/apps/verify.c stable/10/crypto/openssl/apps/version.c stable/10/crypto/openssl/apps/x509.c stable/10/crypto/openssl/crypto/LPdir_unix.c stable/10/crypto/openssl/crypto/aes/aes.h stable/10/crypto/openssl/crypto/aes/aes_cbc.c stable/10/crypto/openssl/crypto/aes/aes_cfb.c stable/10/crypto/openssl/crypto/aes/aes_core.c stable/10/crypto/openssl/crypto/aes/aes_ctr.c stable/10/crypto/openssl/crypto/aes/aes_ecb.c stable/10/crypto/openssl/crypto/aes/aes_ige.c stable/10/crypto/openssl/crypto/aes/aes_locl.h stable/10/crypto/openssl/crypto/aes/aes_misc.c stable/10/crypto/openssl/crypto/aes/aes_ofb.c stable/10/crypto/openssl/crypto/aes/aes_wrap.c stable/10/crypto/openssl/crypto/aes/aes_x86core.c stable/10/crypto/openssl/crypto/arm_arch.h stable/10/crypto/openssl/crypto/armcap.c stable/10/crypto/openssl/crypto/asn1/a_bitstr.c stable/10/crypto/openssl/crypto/asn1/a_bool.c stable/10/crypto/openssl/crypto/asn1/a_bytes.c stable/10/crypto/openssl/crypto/asn1/a_d2i_fp.c stable/10/crypto/openssl/crypto/asn1/a_digest.c stable/10/crypto/openssl/crypto/asn1/a_dup.c stable/10/crypto/openssl/crypto/asn1/a_enum.c stable/10/crypto/openssl/crypto/asn1/a_gentm.c stable/10/crypto/openssl/crypto/asn1/a_i2d_fp.c stable/10/crypto/openssl/crypto/asn1/a_int.c stable/10/crypto/openssl/crypto/asn1/a_mbstr.c stable/10/crypto/openssl/crypto/asn1/a_object.c stable/10/crypto/openssl/crypto/asn1/a_octet.c stable/10/crypto/openssl/crypto/asn1/a_print.c stable/10/crypto/openssl/crypto/asn1/a_set.c stable/10/crypto/openssl/crypto/asn1/a_sign.c stable/10/crypto/openssl/crypto/asn1/a_strex.c stable/10/crypto/openssl/crypto/asn1/a_strnid.c stable/10/crypto/openssl/crypto/asn1/a_time.c stable/10/crypto/openssl/crypto/asn1/a_type.c stable/10/crypto/openssl/crypto/asn1/a_utctm.c stable/10/crypto/openssl/crypto/asn1/a_utf8.c stable/10/crypto/openssl/crypto/asn1/a_verify.c stable/10/crypto/openssl/crypto/asn1/ameth_lib.c stable/10/crypto/openssl/crypto/asn1/asn1.h stable/10/crypto/openssl/crypto/asn1/asn1_err.c stable/10/crypto/openssl/crypto/asn1/asn1_gen.c stable/10/crypto/openssl/crypto/asn1/asn1_lib.c stable/10/crypto/openssl/crypto/asn1/asn1_locl.h stable/10/crypto/openssl/crypto/asn1/asn1_mac.h stable/10/crypto/openssl/crypto/asn1/asn1_par.c stable/10/crypto/openssl/crypto/asn1/asn1t.h stable/10/crypto/openssl/crypto/asn1/asn_mime.c stable/10/crypto/openssl/crypto/asn1/asn_moid.c stable/10/crypto/openssl/crypto/asn1/asn_pack.c stable/10/crypto/openssl/crypto/asn1/bio_asn1.c stable/10/crypto/openssl/crypto/asn1/bio_ndef.c stable/10/crypto/openssl/crypto/asn1/charmap.h stable/10/crypto/openssl/crypto/asn1/d2i_pr.c stable/10/crypto/openssl/crypto/asn1/d2i_pu.c stable/10/crypto/openssl/crypto/asn1/evp_asn1.c stable/10/crypto/openssl/crypto/asn1/f_enum.c stable/10/crypto/openssl/crypto/asn1/f_int.c stable/10/crypto/openssl/crypto/asn1/f_string.c stable/10/crypto/openssl/crypto/asn1/i2d_pr.c stable/10/crypto/openssl/crypto/asn1/i2d_pu.c stable/10/crypto/openssl/crypto/asn1/n_pkey.c stable/10/crypto/openssl/crypto/asn1/nsseq.c stable/10/crypto/openssl/crypto/asn1/p5_pbe.c stable/10/crypto/openssl/crypto/asn1/p5_pbev2.c stable/10/crypto/openssl/crypto/asn1/p8_pkey.c stable/10/crypto/openssl/crypto/asn1/t_bitst.c stable/10/crypto/openssl/crypto/asn1/t_crl.c stable/10/crypto/openssl/crypto/asn1/t_pkey.c stable/10/crypto/openssl/crypto/asn1/t_req.c stable/10/crypto/openssl/crypto/asn1/t_spki.c stable/10/crypto/openssl/crypto/asn1/t_x509.c stable/10/crypto/openssl/crypto/asn1/t_x509a.c stable/10/crypto/openssl/crypto/asn1/tasn_dec.c stable/10/crypto/openssl/crypto/asn1/tasn_enc.c stable/10/crypto/openssl/crypto/asn1/tasn_fre.c stable/10/crypto/openssl/crypto/asn1/tasn_new.c stable/10/crypto/openssl/crypto/asn1/tasn_prn.c stable/10/crypto/openssl/crypto/asn1/tasn_typ.c stable/10/crypto/openssl/crypto/asn1/tasn_utl.c stable/10/crypto/openssl/crypto/asn1/x_algor.c stable/10/crypto/openssl/crypto/asn1/x_attrib.c stable/10/crypto/openssl/crypto/asn1/x_bignum.c stable/10/crypto/openssl/crypto/asn1/x_crl.c stable/10/crypto/openssl/crypto/asn1/x_exten.c stable/10/crypto/openssl/crypto/asn1/x_info.c stable/10/crypto/openssl/crypto/asn1/x_long.c stable/10/crypto/openssl/crypto/asn1/x_name.c stable/10/crypto/openssl/crypto/asn1/x_nx509.c stable/10/crypto/openssl/crypto/asn1/x_pkey.c stable/10/crypto/openssl/crypto/asn1/x_pubkey.c stable/10/crypto/openssl/crypto/asn1/x_req.c stable/10/crypto/openssl/crypto/asn1/x_sig.c stable/10/crypto/openssl/crypto/asn1/x_spki.c stable/10/crypto/openssl/crypto/asn1/x_val.c stable/10/crypto/openssl/crypto/asn1/x_x509.c stable/10/crypto/openssl/crypto/asn1/x_x509a.c stable/10/crypto/openssl/crypto/bf/bf_cbc.c stable/10/crypto/openssl/crypto/bf/bf_cfb64.c stable/10/crypto/openssl/crypto/bf/bf_ecb.c stable/10/crypto/openssl/crypto/bf/bf_enc.c stable/10/crypto/openssl/crypto/bf/bf_locl.h stable/10/crypto/openssl/crypto/bf/bf_ofb64.c stable/10/crypto/openssl/crypto/bf/bf_opts.c stable/10/crypto/openssl/crypto/bf/bf_pi.h stable/10/crypto/openssl/crypto/bf/bf_skey.c stable/10/crypto/openssl/crypto/bf/bfspeed.c stable/10/crypto/openssl/crypto/bf/bftest.c stable/10/crypto/openssl/crypto/bf/blowfish.h stable/10/crypto/openssl/crypto/bio/b_dump.c stable/10/crypto/openssl/crypto/bio/b_print.c stable/10/crypto/openssl/crypto/bio/b_sock.c stable/10/crypto/openssl/crypto/bio/bf_buff.c stable/10/crypto/openssl/crypto/bio/bf_lbuf.c stable/10/crypto/openssl/crypto/bio/bf_nbio.c stable/10/crypto/openssl/crypto/bio/bf_null.c stable/10/crypto/openssl/crypto/bio/bio.h stable/10/crypto/openssl/crypto/bio/bio_cb.c stable/10/crypto/openssl/crypto/bio/bio_err.c stable/10/crypto/openssl/crypto/bio/bio_lcl.h stable/10/crypto/openssl/crypto/bio/bio_lib.c stable/10/crypto/openssl/crypto/bio/bss_acpt.c stable/10/crypto/openssl/crypto/bio/bss_bio.c stable/10/crypto/openssl/crypto/bio/bss_conn.c stable/10/crypto/openssl/crypto/bio/bss_dgram.c stable/10/crypto/openssl/crypto/bio/bss_fd.c stable/10/crypto/openssl/crypto/bio/bss_file.c stable/10/crypto/openssl/crypto/bio/bss_log.c stable/10/crypto/openssl/crypto/bio/bss_mem.c stable/10/crypto/openssl/crypto/bio/bss_null.c stable/10/crypto/openssl/crypto/bio/bss_rtcp.c stable/10/crypto/openssl/crypto/bio/bss_sock.c stable/10/crypto/openssl/crypto/bn/asm/x86_64-gcc.c stable/10/crypto/openssl/crypto/bn/bn.h stable/10/crypto/openssl/crypto/bn/bn_add.c stable/10/crypto/openssl/crypto/bn/bn_asm.c stable/10/crypto/openssl/crypto/bn/bn_blind.c stable/10/crypto/openssl/crypto/bn/bn_const.c stable/10/crypto/openssl/crypto/bn/bn_ctx.c stable/10/crypto/openssl/crypto/bn/bn_depr.c stable/10/crypto/openssl/crypto/bn/bn_div.c stable/10/crypto/openssl/crypto/bn/bn_err.c stable/10/crypto/openssl/crypto/bn/bn_exp.c stable/10/crypto/openssl/crypto/bn/bn_exp2.c stable/10/crypto/openssl/crypto/bn/bn_gcd.c stable/10/crypto/openssl/crypto/bn/bn_gf2m.c stable/10/crypto/openssl/crypto/bn/bn_kron.c stable/10/crypto/openssl/crypto/bn/bn_lcl.h stable/10/crypto/openssl/crypto/bn/bn_lib.c stable/10/crypto/openssl/crypto/bn/bn_mod.c stable/10/crypto/openssl/crypto/bn/bn_mont.c stable/10/crypto/openssl/crypto/bn/bn_mpi.c stable/10/crypto/openssl/crypto/bn/bn_mul.c stable/10/crypto/openssl/crypto/bn/bn_nist.c stable/10/crypto/openssl/crypto/bn/bn_prime.c stable/10/crypto/openssl/crypto/bn/bn_prime.h stable/10/crypto/openssl/crypto/bn/bn_print.c stable/10/crypto/openssl/crypto/bn/bn_rand.c stable/10/crypto/openssl/crypto/bn/bn_recp.c stable/10/crypto/openssl/crypto/bn/bn_shift.c stable/10/crypto/openssl/crypto/bn/bn_sqr.c stable/10/crypto/openssl/crypto/bn/bn_sqrt.c stable/10/crypto/openssl/crypto/bn/bn_word.c stable/10/crypto/openssl/crypto/bn/bn_x931p.c stable/10/crypto/openssl/crypto/bn/bnspeed.c stable/10/crypto/openssl/crypto/bn/bntest.c stable/10/crypto/openssl/crypto/bn/divtest.c stable/10/crypto/openssl/crypto/bn/exp.c stable/10/crypto/openssl/crypto/bn/expspeed.c stable/10/crypto/openssl/crypto/bn/exptest.c stable/10/crypto/openssl/crypto/buffer/buf_err.c stable/10/crypto/openssl/crypto/buffer/buf_str.c stable/10/crypto/openssl/crypto/buffer/buffer.c stable/10/crypto/openssl/crypto/buffer/buffer.h stable/10/crypto/openssl/crypto/camellia/camellia.c stable/10/crypto/openssl/crypto/camellia/camellia.h stable/10/crypto/openssl/crypto/camellia/cmll_cbc.c stable/10/crypto/openssl/crypto/camellia/cmll_cfb.c stable/10/crypto/openssl/crypto/camellia/cmll_ctr.c stable/10/crypto/openssl/crypto/camellia/cmll_ecb.c stable/10/crypto/openssl/crypto/camellia/cmll_locl.h stable/10/crypto/openssl/crypto/camellia/cmll_misc.c stable/10/crypto/openssl/crypto/camellia/cmll_ofb.c stable/10/crypto/openssl/crypto/camellia/cmll_utl.c stable/10/crypto/openssl/crypto/cast/c_cfb64.c stable/10/crypto/openssl/crypto/cast/c_ecb.c stable/10/crypto/openssl/crypto/cast/c_enc.c stable/10/crypto/openssl/crypto/cast/c_ofb64.c stable/10/crypto/openssl/crypto/cast/c_skey.c stable/10/crypto/openssl/crypto/cast/cast.h stable/10/crypto/openssl/crypto/cast/cast_lcl.h stable/10/crypto/openssl/crypto/cast/cast_s.h stable/10/crypto/openssl/crypto/cast/cast_spd.c stable/10/crypto/openssl/crypto/cast/castopts.c stable/10/crypto/openssl/crypto/cast/casttest.c stable/10/crypto/openssl/crypto/cmac/cm_ameth.c stable/10/crypto/openssl/crypto/cmac/cm_pmeth.c stable/10/crypto/openssl/crypto/cmac/cmac.c stable/10/crypto/openssl/crypto/cmac/cmac.h stable/10/crypto/openssl/crypto/cms/cms.h stable/10/crypto/openssl/crypto/cms/cms_asn1.c stable/10/crypto/openssl/crypto/cms/cms_att.c stable/10/crypto/openssl/crypto/cms/cms_cd.c stable/10/crypto/openssl/crypto/cms/cms_dd.c stable/10/crypto/openssl/crypto/cms/cms_enc.c stable/10/crypto/openssl/crypto/cms/cms_env.c stable/10/crypto/openssl/crypto/cms/cms_err.c stable/10/crypto/openssl/crypto/cms/cms_ess.c stable/10/crypto/openssl/crypto/cms/cms_io.c stable/10/crypto/openssl/crypto/cms/cms_lcl.h stable/10/crypto/openssl/crypto/cms/cms_lib.c stable/10/crypto/openssl/crypto/cms/cms_pwri.c stable/10/crypto/openssl/crypto/cms/cms_sd.c stable/10/crypto/openssl/crypto/cms/cms_smime.c stable/10/crypto/openssl/crypto/comp/c_rle.c stable/10/crypto/openssl/crypto/comp/c_zlib.c stable/10/crypto/openssl/crypto/comp/comp.h stable/10/crypto/openssl/crypto/comp/comp_err.c stable/10/crypto/openssl/crypto/comp/comp_lib.c stable/10/crypto/openssl/crypto/conf/cnf_save.c stable/10/crypto/openssl/crypto/conf/conf.h stable/10/crypto/openssl/crypto/conf/conf_api.c stable/10/crypto/openssl/crypto/conf/conf_api.h stable/10/crypto/openssl/crypto/conf/conf_def.c stable/10/crypto/openssl/crypto/conf/conf_def.h stable/10/crypto/openssl/crypto/conf/conf_err.c stable/10/crypto/openssl/crypto/conf/conf_lib.c stable/10/crypto/openssl/crypto/conf/conf_mall.c stable/10/crypto/openssl/crypto/conf/conf_mod.c stable/10/crypto/openssl/crypto/conf/conf_sap.c stable/10/crypto/openssl/crypto/conf/test.c stable/10/crypto/openssl/crypto/constant_time_locl.h stable/10/crypto/openssl/crypto/constant_time_test.c stable/10/crypto/openssl/crypto/cpt_err.c stable/10/crypto/openssl/crypto/cryptlib.c stable/10/crypto/openssl/crypto/cryptlib.h stable/10/crypto/openssl/crypto/crypto.h stable/10/crypto/openssl/crypto/cversion.c stable/10/crypto/openssl/crypto/des/cbc3_enc.c stable/10/crypto/openssl/crypto/des/cbc_cksm.c stable/10/crypto/openssl/crypto/des/cbc_enc.c stable/10/crypto/openssl/crypto/des/cfb64ede.c stable/10/crypto/openssl/crypto/des/cfb64enc.c stable/10/crypto/openssl/crypto/des/cfb_enc.c stable/10/crypto/openssl/crypto/des/des.c stable/10/crypto/openssl/crypto/des/des.h stable/10/crypto/openssl/crypto/des/des_enc.c stable/10/crypto/openssl/crypto/des/des_locl.h stable/10/crypto/openssl/crypto/des/des_old.c stable/10/crypto/openssl/crypto/des/des_old.h stable/10/crypto/openssl/crypto/des/des_old2.c stable/10/crypto/openssl/crypto/des/des_opts.c stable/10/crypto/openssl/crypto/des/des_ver.h stable/10/crypto/openssl/crypto/des/destest.c stable/10/crypto/openssl/crypto/des/ecb3_enc.c stable/10/crypto/openssl/crypto/des/ecb_enc.c stable/10/crypto/openssl/crypto/des/ede_cbcm_enc.c stable/10/crypto/openssl/crypto/des/enc_read.c stable/10/crypto/openssl/crypto/des/enc_writ.c stable/10/crypto/openssl/crypto/des/fcrypt.c stable/10/crypto/openssl/crypto/des/fcrypt_b.c stable/10/crypto/openssl/crypto/des/ncbc_enc.c stable/10/crypto/openssl/crypto/des/ofb64ede.c stable/10/crypto/openssl/crypto/des/ofb64enc.c stable/10/crypto/openssl/crypto/des/ofb_enc.c stable/10/crypto/openssl/crypto/des/pcbc_enc.c stable/10/crypto/openssl/crypto/des/qud_cksm.c stable/10/crypto/openssl/crypto/des/rand_key.c stable/10/crypto/openssl/crypto/des/read2pwd.c stable/10/crypto/openssl/crypto/des/read_pwd.c stable/10/crypto/openssl/crypto/des/rpc_des.h stable/10/crypto/openssl/crypto/des/rpc_enc.c stable/10/crypto/openssl/crypto/des/rpw.c stable/10/crypto/openssl/crypto/des/set_key.c stable/10/crypto/openssl/crypto/des/speed.c stable/10/crypto/openssl/crypto/des/spr.h stable/10/crypto/openssl/crypto/des/str2key.c stable/10/crypto/openssl/crypto/des/xcbc_enc.c stable/10/crypto/openssl/crypto/dh/dh.h stable/10/crypto/openssl/crypto/dh/dh_ameth.c stable/10/crypto/openssl/crypto/dh/dh_asn1.c stable/10/crypto/openssl/crypto/dh/dh_check.c stable/10/crypto/openssl/crypto/dh/dh_depr.c stable/10/crypto/openssl/crypto/dh/dh_err.c stable/10/crypto/openssl/crypto/dh/dh_gen.c stable/10/crypto/openssl/crypto/dh/dh_key.c stable/10/crypto/openssl/crypto/dh/dh_lib.c stable/10/crypto/openssl/crypto/dh/dh_pmeth.c stable/10/crypto/openssl/crypto/dh/dh_prn.c stable/10/crypto/openssl/crypto/dh/dhtest.c stable/10/crypto/openssl/crypto/dh/p1024.c stable/10/crypto/openssl/crypto/dh/p192.c stable/10/crypto/openssl/crypto/dh/p512.c stable/10/crypto/openssl/crypto/dsa/dsa.h stable/10/crypto/openssl/crypto/dsa/dsa_ameth.c stable/10/crypto/openssl/crypto/dsa/dsa_asn1.c stable/10/crypto/openssl/crypto/dsa/dsa_depr.c stable/10/crypto/openssl/crypto/dsa/dsa_err.c stable/10/crypto/openssl/crypto/dsa/dsa_gen.c stable/10/crypto/openssl/crypto/dsa/dsa_key.c stable/10/crypto/openssl/crypto/dsa/dsa_lib.c stable/10/crypto/openssl/crypto/dsa/dsa_locl.h stable/10/crypto/openssl/crypto/dsa/dsa_ossl.c stable/10/crypto/openssl/crypto/dsa/dsa_pmeth.c stable/10/crypto/openssl/crypto/dsa/dsa_prn.c stable/10/crypto/openssl/crypto/dsa/dsa_sign.c stable/10/crypto/openssl/crypto/dsa/dsa_vrf.c stable/10/crypto/openssl/crypto/dsa/dsagen.c stable/10/crypto/openssl/crypto/dsa/dsatest.c stable/10/crypto/openssl/crypto/dso/dso.h stable/10/crypto/openssl/crypto/dso/dso_beos.c stable/10/crypto/openssl/crypto/dso/dso_dl.c stable/10/crypto/openssl/crypto/dso/dso_dlfcn.c stable/10/crypto/openssl/crypto/dso/dso_err.c stable/10/crypto/openssl/crypto/dso/dso_lib.c stable/10/crypto/openssl/crypto/dso/dso_null.c stable/10/crypto/openssl/crypto/dso/dso_openssl.c stable/10/crypto/openssl/crypto/ebcdic.c stable/10/crypto/openssl/crypto/ebcdic.h stable/10/crypto/openssl/crypto/ec/ec.h stable/10/crypto/openssl/crypto/ec/ec2_mult.c stable/10/crypto/openssl/crypto/ec/ec2_oct.c stable/10/crypto/openssl/crypto/ec/ec2_smpl.c stable/10/crypto/openssl/crypto/ec/ec_ameth.c stable/10/crypto/openssl/crypto/ec/ec_asn1.c stable/10/crypto/openssl/crypto/ec/ec_check.c stable/10/crypto/openssl/crypto/ec/ec_curve.c stable/10/crypto/openssl/crypto/ec/ec_cvt.c stable/10/crypto/openssl/crypto/ec/ec_err.c stable/10/crypto/openssl/crypto/ec/ec_key.c stable/10/crypto/openssl/crypto/ec/ec_lcl.h stable/10/crypto/openssl/crypto/ec/ec_lib.c stable/10/crypto/openssl/crypto/ec/ec_mult.c stable/10/crypto/openssl/crypto/ec/ec_oct.c stable/10/crypto/openssl/crypto/ec/ec_pmeth.c stable/10/crypto/openssl/crypto/ec/ec_print.c stable/10/crypto/openssl/crypto/ec/eck_prn.c stable/10/crypto/openssl/crypto/ec/ecp_mont.c stable/10/crypto/openssl/crypto/ec/ecp_nist.c stable/10/crypto/openssl/crypto/ec/ecp_nistp224.c stable/10/crypto/openssl/crypto/ec/ecp_nistp256.c stable/10/crypto/openssl/crypto/ec/ecp_nistp521.c stable/10/crypto/openssl/crypto/ec/ecp_nistputil.c stable/10/crypto/openssl/crypto/ec/ecp_oct.c stable/10/crypto/openssl/crypto/ec/ecp_smpl.c stable/10/crypto/openssl/crypto/ec/ectest.c stable/10/crypto/openssl/crypto/ecdh/ecdh.h stable/10/crypto/openssl/crypto/ecdh/ecdhtest.c stable/10/crypto/openssl/crypto/ecdh/ech_err.c stable/10/crypto/openssl/crypto/ecdh/ech_key.c stable/10/crypto/openssl/crypto/ecdh/ech_lib.c stable/10/crypto/openssl/crypto/ecdh/ech_locl.h stable/10/crypto/openssl/crypto/ecdh/ech_ossl.c stable/10/crypto/openssl/crypto/ecdsa/ecdsa.h stable/10/crypto/openssl/crypto/ecdsa/ecdsatest.c stable/10/crypto/openssl/crypto/ecdsa/ecs_asn1.c stable/10/crypto/openssl/crypto/ecdsa/ecs_err.c stable/10/crypto/openssl/crypto/ecdsa/ecs_lib.c stable/10/crypto/openssl/crypto/ecdsa/ecs_locl.h stable/10/crypto/openssl/crypto/ecdsa/ecs_ossl.c stable/10/crypto/openssl/crypto/ecdsa/ecs_sign.c stable/10/crypto/openssl/crypto/ecdsa/ecs_vrf.c stable/10/crypto/openssl/crypto/engine/eng_all.c stable/10/crypto/openssl/crypto/engine/eng_cnf.c stable/10/crypto/openssl/crypto/engine/eng_cryptodev.c stable/10/crypto/openssl/crypto/engine/eng_ctrl.c stable/10/crypto/openssl/crypto/engine/eng_dyn.c stable/10/crypto/openssl/crypto/engine/eng_err.c stable/10/crypto/openssl/crypto/engine/eng_fat.c stable/10/crypto/openssl/crypto/engine/eng_init.c stable/10/crypto/openssl/crypto/engine/eng_int.h stable/10/crypto/openssl/crypto/engine/eng_lib.c stable/10/crypto/openssl/crypto/engine/eng_list.c stable/10/crypto/openssl/crypto/engine/eng_openssl.c stable/10/crypto/openssl/crypto/engine/eng_pkey.c stable/10/crypto/openssl/crypto/engine/eng_rdrand.c stable/10/crypto/openssl/crypto/engine/eng_rsax.c stable/10/crypto/openssl/crypto/engine/eng_table.c stable/10/crypto/openssl/crypto/engine/engine.h stable/10/crypto/openssl/crypto/engine/enginetest.c stable/10/crypto/openssl/crypto/engine/tb_asnmth.c stable/10/crypto/openssl/crypto/engine/tb_cipher.c stable/10/crypto/openssl/crypto/engine/tb_dh.c stable/10/crypto/openssl/crypto/engine/tb_digest.c stable/10/crypto/openssl/crypto/engine/tb_dsa.c stable/10/crypto/openssl/crypto/engine/tb_ecdh.c stable/10/crypto/openssl/crypto/engine/tb_ecdsa.c stable/10/crypto/openssl/crypto/engine/tb_pkmeth.c stable/10/crypto/openssl/crypto/engine/tb_rand.c stable/10/crypto/openssl/crypto/engine/tb_rsa.c stable/10/crypto/openssl/crypto/engine/tb_store.c stable/10/crypto/openssl/crypto/err/err.c stable/10/crypto/openssl/crypto/err/err.h stable/10/crypto/openssl/crypto/err/err_all.c stable/10/crypto/openssl/crypto/err/err_prn.c stable/10/crypto/openssl/crypto/evp/Makefile stable/10/crypto/openssl/crypto/evp/bio_b64.c stable/10/crypto/openssl/crypto/evp/bio_enc.c stable/10/crypto/openssl/crypto/evp/bio_md.c stable/10/crypto/openssl/crypto/evp/bio_ok.c stable/10/crypto/openssl/crypto/evp/c_all.c stable/10/crypto/openssl/crypto/evp/c_allc.c stable/10/crypto/openssl/crypto/evp/c_alld.c stable/10/crypto/openssl/crypto/evp/digest.c stable/10/crypto/openssl/crypto/evp/e_aes.c stable/10/crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c stable/10/crypto/openssl/crypto/evp/e_bf.c stable/10/crypto/openssl/crypto/evp/e_camellia.c stable/10/crypto/openssl/crypto/evp/e_cast.c stable/10/crypto/openssl/crypto/evp/e_des.c stable/10/crypto/openssl/crypto/evp/e_des3.c stable/10/crypto/openssl/crypto/evp/e_dsa.c stable/10/crypto/openssl/crypto/evp/e_idea.c stable/10/crypto/openssl/crypto/evp/e_null.c stable/10/crypto/openssl/crypto/evp/e_old.c stable/10/crypto/openssl/crypto/evp/e_rc2.c stable/10/crypto/openssl/crypto/evp/e_rc4.c stable/10/crypto/openssl/crypto/evp/e_rc4_hmac_md5.c stable/10/crypto/openssl/crypto/evp/e_rc5.c stable/10/crypto/openssl/crypto/evp/e_seed.c stable/10/crypto/openssl/crypto/evp/e_xcbc_d.c stable/10/crypto/openssl/crypto/evp/encode.c stable/10/crypto/openssl/crypto/evp/evp.h stable/10/crypto/openssl/crypto/evp/evp_acnf.c stable/10/crypto/openssl/crypto/evp/evp_cnf.c stable/10/crypto/openssl/crypto/evp/evp_enc.c stable/10/crypto/openssl/crypto/evp/evp_err.c stable/10/crypto/openssl/crypto/evp/evp_fips.c stable/10/crypto/openssl/crypto/evp/evp_key.c stable/10/crypto/openssl/crypto/evp/evp_lib.c stable/10/crypto/openssl/crypto/evp/evp_locl.h stable/10/crypto/openssl/crypto/evp/evp_pbe.c stable/10/crypto/openssl/crypto/evp/evp_pkey.c stable/10/crypto/openssl/crypto/evp/evp_test.c stable/10/crypto/openssl/crypto/evp/m_dss.c stable/10/crypto/openssl/crypto/evp/m_dss1.c stable/10/crypto/openssl/crypto/evp/m_ecdsa.c stable/10/crypto/openssl/crypto/evp/m_md2.c stable/10/crypto/openssl/crypto/evp/m_md4.c stable/10/crypto/openssl/crypto/evp/m_md5.c stable/10/crypto/openssl/crypto/evp/m_mdc2.c stable/10/crypto/openssl/crypto/evp/m_null.c stable/10/crypto/openssl/crypto/evp/m_ripemd.c stable/10/crypto/openssl/crypto/evp/m_sha.c stable/10/crypto/openssl/crypto/evp/m_sha1.c stable/10/crypto/openssl/crypto/evp/m_sigver.c stable/10/crypto/openssl/crypto/evp/m_wp.c stable/10/crypto/openssl/crypto/evp/names.c stable/10/crypto/openssl/crypto/evp/openbsd_hw.c stable/10/crypto/openssl/crypto/evp/p5_crpt.c stable/10/crypto/openssl/crypto/evp/p5_crpt2.c stable/10/crypto/openssl/crypto/evp/p_dec.c stable/10/crypto/openssl/crypto/evp/p_enc.c stable/10/crypto/openssl/crypto/evp/p_lib.c stable/10/crypto/openssl/crypto/evp/p_open.c stable/10/crypto/openssl/crypto/evp/p_seal.c stable/10/crypto/openssl/crypto/evp/p_sign.c stable/10/crypto/openssl/crypto/evp/p_verify.c stable/10/crypto/openssl/crypto/evp/pmeth_fn.c stable/10/crypto/openssl/crypto/evp/pmeth_gn.c stable/10/crypto/openssl/crypto/evp/pmeth_lib.c stable/10/crypto/openssl/crypto/ex_data.c stable/10/crypto/openssl/crypto/fips_err.h stable/10/crypto/openssl/crypto/fips_ers.c stable/10/crypto/openssl/crypto/hmac/hm_ameth.c stable/10/crypto/openssl/crypto/hmac/hm_pmeth.c stable/10/crypto/openssl/crypto/hmac/hmac.c stable/10/crypto/openssl/crypto/hmac/hmac.h stable/10/crypto/openssl/crypto/hmac/hmactest.c stable/10/crypto/openssl/crypto/idea/i_cbc.c stable/10/crypto/openssl/crypto/idea/i_cfb64.c stable/10/crypto/openssl/crypto/idea/i_ecb.c stable/10/crypto/openssl/crypto/idea/i_ofb64.c stable/10/crypto/openssl/crypto/idea/i_skey.c stable/10/crypto/openssl/crypto/idea/idea.h stable/10/crypto/openssl/crypto/idea/idea_lcl.h stable/10/crypto/openssl/crypto/idea/idea_spd.c stable/10/crypto/openssl/crypto/idea/ideatest.c stable/10/crypto/openssl/crypto/jpake/jpake.c stable/10/crypto/openssl/crypto/jpake/jpake.h stable/10/crypto/openssl/crypto/jpake/jpake_err.c stable/10/crypto/openssl/crypto/jpake/jpaketest.c stable/10/crypto/openssl/crypto/krb5/krb5_asn.c stable/10/crypto/openssl/crypto/krb5/krb5_asn.h stable/10/crypto/openssl/crypto/lhash/lh_stats.c stable/10/crypto/openssl/crypto/lhash/lh_test.c stable/10/crypto/openssl/crypto/lhash/lhash.c stable/10/crypto/openssl/crypto/lhash/lhash.h stable/10/crypto/openssl/crypto/md2/md2.c stable/10/crypto/openssl/crypto/md2/md2.h stable/10/crypto/openssl/crypto/md2/md2_dgst.c stable/10/crypto/openssl/crypto/md2/md2_one.c stable/10/crypto/openssl/crypto/md2/md2test.c stable/10/crypto/openssl/crypto/md32_common.h stable/10/crypto/openssl/crypto/md4/md4.c stable/10/crypto/openssl/crypto/md4/md4.h stable/10/crypto/openssl/crypto/md4/md4_dgst.c stable/10/crypto/openssl/crypto/md4/md4_locl.h stable/10/crypto/openssl/crypto/md4/md4_one.c stable/10/crypto/openssl/crypto/md4/md4test.c stable/10/crypto/openssl/crypto/md5/md5.c stable/10/crypto/openssl/crypto/md5/md5.h stable/10/crypto/openssl/crypto/md5/md5_dgst.c stable/10/crypto/openssl/crypto/md5/md5_locl.h stable/10/crypto/openssl/crypto/md5/md5_one.c stable/10/crypto/openssl/crypto/md5/md5test.c stable/10/crypto/openssl/crypto/mdc2/mdc2.h stable/10/crypto/openssl/crypto/mdc2/mdc2_one.c stable/10/crypto/openssl/crypto/mdc2/mdc2dgst.c stable/10/crypto/openssl/crypto/mdc2/mdc2test.c stable/10/crypto/openssl/crypto/mem.c stable/10/crypto/openssl/crypto/mem_clr.c stable/10/crypto/openssl/crypto/mem_dbg.c stable/10/crypto/openssl/crypto/modes/cbc128.c stable/10/crypto/openssl/crypto/modes/ccm128.c stable/10/crypto/openssl/crypto/modes/cfb128.c stable/10/crypto/openssl/crypto/modes/ctr128.c stable/10/crypto/openssl/crypto/modes/cts128.c stable/10/crypto/openssl/crypto/modes/gcm128.c stable/10/crypto/openssl/crypto/modes/modes.h stable/10/crypto/openssl/crypto/modes/modes_lcl.h stable/10/crypto/openssl/crypto/modes/ofb128.c stable/10/crypto/openssl/crypto/modes/xts128.c stable/10/crypto/openssl/crypto/o_dir.c stable/10/crypto/openssl/crypto/o_dir.h stable/10/crypto/openssl/crypto/o_dir_test.c stable/10/crypto/openssl/crypto/o_fips.c stable/10/crypto/openssl/crypto/o_init.c stable/10/crypto/openssl/crypto/o_str.c stable/10/crypto/openssl/crypto/o_str.h stable/10/crypto/openssl/crypto/o_time.c stable/10/crypto/openssl/crypto/o_time.h stable/10/crypto/openssl/crypto/objects/o_names.c stable/10/crypto/openssl/crypto/objects/obj_dat.c stable/10/crypto/openssl/crypto/objects/obj_err.c stable/10/crypto/openssl/crypto/objects/obj_lib.c stable/10/crypto/openssl/crypto/objects/obj_mac.h stable/10/crypto/openssl/crypto/objects/obj_xref.c stable/10/crypto/openssl/crypto/objects/obj_xref.h stable/10/crypto/openssl/crypto/objects/objects.h stable/10/crypto/openssl/crypto/objects/objects.pl stable/10/crypto/openssl/crypto/objects/objxref.pl stable/10/crypto/openssl/crypto/ocsp/ocsp.h stable/10/crypto/openssl/crypto/ocsp/ocsp_asn.c stable/10/crypto/openssl/crypto/ocsp/ocsp_cl.c stable/10/crypto/openssl/crypto/ocsp/ocsp_err.c stable/10/crypto/openssl/crypto/ocsp/ocsp_ext.c stable/10/crypto/openssl/crypto/ocsp/ocsp_ht.c stable/10/crypto/openssl/crypto/ocsp/ocsp_lib.c stable/10/crypto/openssl/crypto/ocsp/ocsp_prn.c stable/10/crypto/openssl/crypto/ocsp/ocsp_srv.c stable/10/crypto/openssl/crypto/ocsp/ocsp_vfy.c stable/10/crypto/openssl/crypto/opensslv.h stable/10/crypto/openssl/crypto/ossl_typ.h stable/10/crypto/openssl/crypto/pem/pem.h stable/10/crypto/openssl/crypto/pem/pem2.h stable/10/crypto/openssl/crypto/pem/pem_all.c stable/10/crypto/openssl/crypto/pem/pem_err.c stable/10/crypto/openssl/crypto/pem/pem_info.c stable/10/crypto/openssl/crypto/pem/pem_lib.c stable/10/crypto/openssl/crypto/pem/pem_oth.c stable/10/crypto/openssl/crypto/pem/pem_pk8.c stable/10/crypto/openssl/crypto/pem/pem_pkey.c stable/10/crypto/openssl/crypto/pem/pem_seal.c stable/10/crypto/openssl/crypto/pem/pem_sign.c stable/10/crypto/openssl/crypto/pem/pem_x509.c stable/10/crypto/openssl/crypto/pem/pem_xaux.c stable/10/crypto/openssl/crypto/pem/pvkfmt.c stable/10/crypto/openssl/crypto/pkcs12/p12_add.c stable/10/crypto/openssl/crypto/pkcs12/p12_asn.c stable/10/crypto/openssl/crypto/pkcs12/p12_attr.c stable/10/crypto/openssl/crypto/pkcs12/p12_crpt.c stable/10/crypto/openssl/crypto/pkcs12/p12_crt.c stable/10/crypto/openssl/crypto/pkcs12/p12_decr.c stable/10/crypto/openssl/crypto/pkcs12/p12_init.c stable/10/crypto/openssl/crypto/pkcs12/p12_key.c stable/10/crypto/openssl/crypto/pkcs12/p12_kiss.c stable/10/crypto/openssl/crypto/pkcs12/p12_mutl.c stable/10/crypto/openssl/crypto/pkcs12/p12_npas.c stable/10/crypto/openssl/crypto/pkcs12/p12_p8d.c stable/10/crypto/openssl/crypto/pkcs12/p12_p8e.c stable/10/crypto/openssl/crypto/pkcs12/p12_utl.c stable/10/crypto/openssl/crypto/pkcs12/pk12err.c stable/10/crypto/openssl/crypto/pkcs12/pkcs12.h stable/10/crypto/openssl/crypto/pkcs7/bio_pk7.c stable/10/crypto/openssl/crypto/pkcs7/pk7_asn1.c stable/10/crypto/openssl/crypto/pkcs7/pk7_attr.c stable/10/crypto/openssl/crypto/pkcs7/pk7_dgst.c stable/10/crypto/openssl/crypto/pkcs7/pk7_doit.c stable/10/crypto/openssl/crypto/pkcs7/pk7_enc.c stable/10/crypto/openssl/crypto/pkcs7/pk7_lib.c stable/10/crypto/openssl/crypto/pkcs7/pk7_mime.c stable/10/crypto/openssl/crypto/pkcs7/pk7_smime.c stable/10/crypto/openssl/crypto/pkcs7/pkcs7.h stable/10/crypto/openssl/crypto/pkcs7/pkcs7err.c stable/10/crypto/openssl/crypto/ppccap.c stable/10/crypto/openssl/crypto/pqueue/pq_test.c stable/10/crypto/openssl/crypto/pqueue/pqueue.c stable/10/crypto/openssl/crypto/pqueue/pqueue.h stable/10/crypto/openssl/crypto/rand/md_rand.c stable/10/crypto/openssl/crypto/rand/rand.h stable/10/crypto/openssl/crypto/rand/rand_egd.c stable/10/crypto/openssl/crypto/rand/rand_err.c stable/10/crypto/openssl/crypto/rand/rand_lcl.h stable/10/crypto/openssl/crypto/rand/rand_lib.c stable/10/crypto/openssl/crypto/rand/rand_unix.c stable/10/crypto/openssl/crypto/rand/randfile.c stable/10/crypto/openssl/crypto/rand/randtest.c stable/10/crypto/openssl/crypto/rc2/rc2.h stable/10/crypto/openssl/crypto/rc2/rc2_cbc.c stable/10/crypto/openssl/crypto/rc2/rc2_ecb.c stable/10/crypto/openssl/crypto/rc2/rc2_locl.h stable/10/crypto/openssl/crypto/rc2/rc2_skey.c stable/10/crypto/openssl/crypto/rc2/rc2cfb64.c stable/10/crypto/openssl/crypto/rc2/rc2ofb64.c stable/10/crypto/openssl/crypto/rc2/rc2speed.c stable/10/crypto/openssl/crypto/rc2/rc2test.c stable/10/crypto/openssl/crypto/rc2/tab.c stable/10/crypto/openssl/crypto/rc4/rc4.c stable/10/crypto/openssl/crypto/rc4/rc4.h stable/10/crypto/openssl/crypto/rc4/rc4_enc.c stable/10/crypto/openssl/crypto/rc4/rc4_locl.h stable/10/crypto/openssl/crypto/rc4/rc4_skey.c stable/10/crypto/openssl/crypto/rc4/rc4_utl.c stable/10/crypto/openssl/crypto/rc4/rc4speed.c stable/10/crypto/openssl/crypto/rc4/rc4test.c stable/10/crypto/openssl/crypto/rc5/rc5.h stable/10/crypto/openssl/crypto/rc5/rc5_ecb.c stable/10/crypto/openssl/crypto/rc5/rc5_enc.c stable/10/crypto/openssl/crypto/rc5/rc5_locl.h stable/10/crypto/openssl/crypto/rc5/rc5_skey.c stable/10/crypto/openssl/crypto/rc5/rc5cfb64.c stable/10/crypto/openssl/crypto/rc5/rc5ofb64.c stable/10/crypto/openssl/crypto/rc5/rc5speed.c stable/10/crypto/openssl/crypto/rc5/rc5test.c stable/10/crypto/openssl/crypto/ripemd/ripemd.h stable/10/crypto/openssl/crypto/ripemd/rmd160.c stable/10/crypto/openssl/crypto/ripemd/rmd_dgst.c stable/10/crypto/openssl/crypto/ripemd/rmd_locl.h stable/10/crypto/openssl/crypto/ripemd/rmd_one.c stable/10/crypto/openssl/crypto/ripemd/rmdconst.h stable/10/crypto/openssl/crypto/ripemd/rmdtest.c stable/10/crypto/openssl/crypto/rsa/rsa.h stable/10/crypto/openssl/crypto/rsa/rsa_ameth.c stable/10/crypto/openssl/crypto/rsa/rsa_asn1.c stable/10/crypto/openssl/crypto/rsa/rsa_chk.c stable/10/crypto/openssl/crypto/rsa/rsa_crpt.c stable/10/crypto/openssl/crypto/rsa/rsa_depr.c stable/10/crypto/openssl/crypto/rsa/rsa_eay.c stable/10/crypto/openssl/crypto/rsa/rsa_err.c stable/10/crypto/openssl/crypto/rsa/rsa_gen.c stable/10/crypto/openssl/crypto/rsa/rsa_lib.c stable/10/crypto/openssl/crypto/rsa/rsa_locl.h stable/10/crypto/openssl/crypto/rsa/rsa_none.c stable/10/crypto/openssl/crypto/rsa/rsa_null.c stable/10/crypto/openssl/crypto/rsa/rsa_oaep.c stable/10/crypto/openssl/crypto/rsa/rsa_pk1.c stable/10/crypto/openssl/crypto/rsa/rsa_pmeth.c stable/10/crypto/openssl/crypto/rsa/rsa_prn.c stable/10/crypto/openssl/crypto/rsa/rsa_pss.c stable/10/crypto/openssl/crypto/rsa/rsa_saos.c stable/10/crypto/openssl/crypto/rsa/rsa_sign.c stable/10/crypto/openssl/crypto/rsa/rsa_ssl.c stable/10/crypto/openssl/crypto/rsa/rsa_test.c stable/10/crypto/openssl/crypto/rsa/rsa_x931.c stable/10/crypto/openssl/crypto/s390xcap.c stable/10/crypto/openssl/crypto/seed/seed.c stable/10/crypto/openssl/crypto/seed/seed.h stable/10/crypto/openssl/crypto/seed/seed_cbc.c stable/10/crypto/openssl/crypto/seed/seed_cfb.c stable/10/crypto/openssl/crypto/seed/seed_ecb.c stable/10/crypto/openssl/crypto/seed/seed_locl.h stable/10/crypto/openssl/crypto/seed/seed_ofb.c stable/10/crypto/openssl/crypto/sha/sha.c stable/10/crypto/openssl/crypto/sha/sha.h stable/10/crypto/openssl/crypto/sha/sha1.c stable/10/crypto/openssl/crypto/sha/sha1_one.c stable/10/crypto/openssl/crypto/sha/sha1dgst.c stable/10/crypto/openssl/crypto/sha/sha1test.c stable/10/crypto/openssl/crypto/sha/sha256.c stable/10/crypto/openssl/crypto/sha/sha256t.c stable/10/crypto/openssl/crypto/sha/sha512.c stable/10/crypto/openssl/crypto/sha/sha512t.c stable/10/crypto/openssl/crypto/sha/sha_dgst.c stable/10/crypto/openssl/crypto/sha/sha_locl.h stable/10/crypto/openssl/crypto/sha/sha_one.c stable/10/crypto/openssl/crypto/sha/shatest.c stable/10/crypto/openssl/crypto/sparcv9cap.c stable/10/crypto/openssl/crypto/srp/srp.h stable/10/crypto/openssl/crypto/srp/srp_grps.h stable/10/crypto/openssl/crypto/srp/srp_lcl.h stable/10/crypto/openssl/crypto/srp/srp_lib.c stable/10/crypto/openssl/crypto/srp/srp_vfy.c stable/10/crypto/openssl/crypto/srp/srptest.c stable/10/crypto/openssl/crypto/stack/safestack.h stable/10/crypto/openssl/crypto/stack/stack.c stable/10/crypto/openssl/crypto/stack/stack.h stable/10/crypto/openssl/crypto/store/store.h stable/10/crypto/openssl/crypto/store/str_err.c stable/10/crypto/openssl/crypto/store/str_lib.c stable/10/crypto/openssl/crypto/store/str_locl.h stable/10/crypto/openssl/crypto/store/str_mem.c stable/10/crypto/openssl/crypto/store/str_meth.c stable/10/crypto/openssl/crypto/symhacks.h stable/10/crypto/openssl/crypto/threads/mttest.c stable/10/crypto/openssl/crypto/threads/th-lock.c stable/10/crypto/openssl/crypto/ts/ts.h stable/10/crypto/openssl/crypto/ts/ts_asn1.c stable/10/crypto/openssl/crypto/ts/ts_conf.c stable/10/crypto/openssl/crypto/ts/ts_err.c stable/10/crypto/openssl/crypto/ts/ts_lib.c stable/10/crypto/openssl/crypto/ts/ts_req_print.c stable/10/crypto/openssl/crypto/ts/ts_req_utils.c stable/10/crypto/openssl/crypto/ts/ts_rsp_print.c stable/10/crypto/openssl/crypto/ts/ts_rsp_sign.c stable/10/crypto/openssl/crypto/ts/ts_rsp_utils.c stable/10/crypto/openssl/crypto/ts/ts_rsp_verify.c stable/10/crypto/openssl/crypto/ts/ts_verify_ctx.c stable/10/crypto/openssl/crypto/txt_db/txt_db.c stable/10/crypto/openssl/crypto/txt_db/txt_db.h stable/10/crypto/openssl/crypto/ui/ui.h stable/10/crypto/openssl/crypto/ui/ui_compat.c stable/10/crypto/openssl/crypto/ui/ui_compat.h stable/10/crypto/openssl/crypto/ui/ui_err.c stable/10/crypto/openssl/crypto/ui/ui_lib.c stable/10/crypto/openssl/crypto/ui/ui_locl.h stable/10/crypto/openssl/crypto/ui/ui_openssl.c stable/10/crypto/openssl/crypto/ui/ui_util.c stable/10/crypto/openssl/crypto/uid.c stable/10/crypto/openssl/crypto/vms_rms.h stable/10/crypto/openssl/crypto/whrlpool/whrlpool.h stable/10/crypto/openssl/crypto/whrlpool/wp_block.c stable/10/crypto/openssl/crypto/whrlpool/wp_dgst.c stable/10/crypto/openssl/crypto/whrlpool/wp_locl.h stable/10/crypto/openssl/crypto/whrlpool/wp_test.c stable/10/crypto/openssl/crypto/x509/by_dir.c stable/10/crypto/openssl/crypto/x509/by_file.c stable/10/crypto/openssl/crypto/x509/x509.h stable/10/crypto/openssl/crypto/x509/x509_att.c stable/10/crypto/openssl/crypto/x509/x509_cmp.c stable/10/crypto/openssl/crypto/x509/x509_d2.c stable/10/crypto/openssl/crypto/x509/x509_def.c stable/10/crypto/openssl/crypto/x509/x509_err.c stable/10/crypto/openssl/crypto/x509/x509_ext.c stable/10/crypto/openssl/crypto/x509/x509_lu.c stable/10/crypto/openssl/crypto/x509/x509_obj.c stable/10/crypto/openssl/crypto/x509/x509_r2x.c stable/10/crypto/openssl/crypto/x509/x509_req.c stable/10/crypto/openssl/crypto/x509/x509_set.c stable/10/crypto/openssl/crypto/x509/x509_trs.c stable/10/crypto/openssl/crypto/x509/x509_txt.c stable/10/crypto/openssl/crypto/x509/x509_v3.c stable/10/crypto/openssl/crypto/x509/x509_vfy.c stable/10/crypto/openssl/crypto/x509/x509_vfy.h stable/10/crypto/openssl/crypto/x509/x509_vpm.c stable/10/crypto/openssl/crypto/x509/x509cset.c stable/10/crypto/openssl/crypto/x509/x509name.c stable/10/crypto/openssl/crypto/x509/x509rset.c stable/10/crypto/openssl/crypto/x509/x509spki.c stable/10/crypto/openssl/crypto/x509/x509type.c stable/10/crypto/openssl/crypto/x509/x_all.c stable/10/crypto/openssl/crypto/x509v3/ext_dat.h stable/10/crypto/openssl/crypto/x509v3/pcy_cache.c stable/10/crypto/openssl/crypto/x509v3/pcy_data.c stable/10/crypto/openssl/crypto/x509v3/pcy_int.h stable/10/crypto/openssl/crypto/x509v3/pcy_lib.c stable/10/crypto/openssl/crypto/x509v3/pcy_map.c stable/10/crypto/openssl/crypto/x509v3/pcy_node.c stable/10/crypto/openssl/crypto/x509v3/pcy_tree.c stable/10/crypto/openssl/crypto/x509v3/tabtest.c stable/10/crypto/openssl/crypto/x509v3/v3_addr.c stable/10/crypto/openssl/crypto/x509v3/v3_akey.c stable/10/crypto/openssl/crypto/x509v3/v3_akeya.c stable/10/crypto/openssl/crypto/x509v3/v3_alt.c stable/10/crypto/openssl/crypto/x509v3/v3_asid.c stable/10/crypto/openssl/crypto/x509v3/v3_bcons.c stable/10/crypto/openssl/crypto/x509v3/v3_bitst.c stable/10/crypto/openssl/crypto/x509v3/v3_conf.c stable/10/crypto/openssl/crypto/x509v3/v3_cpols.c stable/10/crypto/openssl/crypto/x509v3/v3_crld.c stable/10/crypto/openssl/crypto/x509v3/v3_enum.c stable/10/crypto/openssl/crypto/x509v3/v3_extku.c stable/10/crypto/openssl/crypto/x509v3/v3_genn.c stable/10/crypto/openssl/crypto/x509v3/v3_ia5.c stable/10/crypto/openssl/crypto/x509v3/v3_info.c stable/10/crypto/openssl/crypto/x509v3/v3_int.c stable/10/crypto/openssl/crypto/x509v3/v3_lib.c stable/10/crypto/openssl/crypto/x509v3/v3_ncons.c stable/10/crypto/openssl/crypto/x509v3/v3_ocsp.c stable/10/crypto/openssl/crypto/x509v3/v3_pci.c stable/10/crypto/openssl/crypto/x509v3/v3_pcia.c stable/10/crypto/openssl/crypto/x509v3/v3_pcons.c stable/10/crypto/openssl/crypto/x509v3/v3_pku.c stable/10/crypto/openssl/crypto/x509v3/v3_pmaps.c stable/10/crypto/openssl/crypto/x509v3/v3_prn.c stable/10/crypto/openssl/crypto/x509v3/v3_purp.c stable/10/crypto/openssl/crypto/x509v3/v3_skey.c stable/10/crypto/openssl/crypto/x509v3/v3_sxnet.c stable/10/crypto/openssl/crypto/x509v3/v3_utl.c stable/10/crypto/openssl/crypto/x509v3/v3conf.c stable/10/crypto/openssl/crypto/x509v3/v3err.c stable/10/crypto/openssl/crypto/x509v3/v3prin.c stable/10/crypto/openssl/crypto/x509v3/x509v3.h stable/10/crypto/openssl/doc/apps/ciphers.pod stable/10/crypto/openssl/doc/apps/config.pod stable/10/crypto/openssl/doc/apps/ocsp.pod stable/10/crypto/openssl/doc/crypto/CMS_get0_type.pod stable/10/crypto/openssl/doc/crypto/CONF_modules_load_file.pod stable/10/crypto/openssl/doc/crypto/OPENSSL_config.pod stable/10/crypto/openssl/doc/crypto/d2i_X509.pod stable/10/crypto/openssl/doc/ssl/SSL_pending.pod stable/10/crypto/openssl/doc/ssl/ssl.pod stable/10/crypto/openssl/e_os.h stable/10/crypto/openssl/e_os2.h stable/10/crypto/openssl/engines/ccgost/e_gost_err.c stable/10/crypto/openssl/engines/ccgost/e_gost_err.h stable/10/crypto/openssl/engines/ccgost/gost2001.c stable/10/crypto/openssl/engines/ccgost/gost2001_keyx.c stable/10/crypto/openssl/engines/ccgost/gost2001_keyx.h stable/10/crypto/openssl/engines/ccgost/gost89.c stable/10/crypto/openssl/engines/ccgost/gost89.h stable/10/crypto/openssl/engines/ccgost/gost94_keyx.c stable/10/crypto/openssl/engines/ccgost/gost_ameth.c stable/10/crypto/openssl/engines/ccgost/gost_asn1.c stable/10/crypto/openssl/engines/ccgost/gost_crypt.c stable/10/crypto/openssl/engines/ccgost/gost_ctl.c stable/10/crypto/openssl/engines/ccgost/gost_eng.c stable/10/crypto/openssl/engines/ccgost/gost_keywrap.c stable/10/crypto/openssl/engines/ccgost/gost_keywrap.h stable/10/crypto/openssl/engines/ccgost/gost_lcl.h stable/10/crypto/openssl/engines/ccgost/gost_md.c stable/10/crypto/openssl/engines/ccgost/gost_params.c stable/10/crypto/openssl/engines/ccgost/gost_params.h stable/10/crypto/openssl/engines/ccgost/gost_pmeth.c stable/10/crypto/openssl/engines/ccgost/gost_sign.c stable/10/crypto/openssl/engines/ccgost/gosthash.c stable/10/crypto/openssl/engines/ccgost/gosthash.h stable/10/crypto/openssl/engines/ccgost/gostsum.c stable/10/crypto/openssl/engines/e_4758cca.c stable/10/crypto/openssl/engines/e_4758cca_err.c stable/10/crypto/openssl/engines/e_4758cca_err.h stable/10/crypto/openssl/engines/e_aep.c stable/10/crypto/openssl/engines/e_aep_err.c stable/10/crypto/openssl/engines/e_aep_err.h stable/10/crypto/openssl/engines/e_atalla.c stable/10/crypto/openssl/engines/e_atalla_err.c stable/10/crypto/openssl/engines/e_atalla_err.h stable/10/crypto/openssl/engines/e_capi.c stable/10/crypto/openssl/engines/e_capi_err.c stable/10/crypto/openssl/engines/e_capi_err.h stable/10/crypto/openssl/engines/e_chil.c stable/10/crypto/openssl/engines/e_chil_err.c stable/10/crypto/openssl/engines/e_chil_err.h stable/10/crypto/openssl/engines/e_cswift.c stable/10/crypto/openssl/engines/e_cswift_err.c stable/10/crypto/openssl/engines/e_cswift_err.h stable/10/crypto/openssl/engines/e_gmp.c stable/10/crypto/openssl/engines/e_gmp_err.c stable/10/crypto/openssl/engines/e_gmp_err.h stable/10/crypto/openssl/engines/e_nuron.c stable/10/crypto/openssl/engines/e_nuron_err.c stable/10/crypto/openssl/engines/e_nuron_err.h stable/10/crypto/openssl/engines/e_padlock.c stable/10/crypto/openssl/engines/e_sureware.c stable/10/crypto/openssl/engines/e_sureware_err.c stable/10/crypto/openssl/engines/e_sureware_err.h stable/10/crypto/openssl/engines/e_ubsec.c stable/10/crypto/openssl/engines/e_ubsec_err.c stable/10/crypto/openssl/engines/e_ubsec_err.h stable/10/crypto/openssl/engines/vendor_defns/aep.h stable/10/crypto/openssl/engines/vendor_defns/atalla.h stable/10/crypto/openssl/engines/vendor_defns/cswift.h stable/10/crypto/openssl/engines/vendor_defns/hw_4758_cca.h stable/10/crypto/openssl/engines/vendor_defns/hw_ubsec.h stable/10/crypto/openssl/engines/vendor_defns/hwcryptohook.h stable/10/crypto/openssl/engines/vendor_defns/sureware.h stable/10/crypto/openssl/ssl/bio_ssl.c stable/10/crypto/openssl/ssl/d1_both.c stable/10/crypto/openssl/ssl/d1_clnt.c stable/10/crypto/openssl/ssl/d1_enc.c stable/10/crypto/openssl/ssl/d1_lib.c stable/10/crypto/openssl/ssl/d1_meth.c stable/10/crypto/openssl/ssl/d1_pkt.c stable/10/crypto/openssl/ssl/d1_srtp.c stable/10/crypto/openssl/ssl/d1_srvr.c stable/10/crypto/openssl/ssl/dtls1.h stable/10/crypto/openssl/ssl/heartbeat_test.c stable/10/crypto/openssl/ssl/kssl.c stable/10/crypto/openssl/ssl/kssl.h stable/10/crypto/openssl/ssl/kssl_lcl.h stable/10/crypto/openssl/ssl/s23_clnt.c stable/10/crypto/openssl/ssl/s23_lib.c stable/10/crypto/openssl/ssl/s23_meth.c stable/10/crypto/openssl/ssl/s23_pkt.c stable/10/crypto/openssl/ssl/s23_srvr.c stable/10/crypto/openssl/ssl/s2_clnt.c stable/10/crypto/openssl/ssl/s2_enc.c stable/10/crypto/openssl/ssl/s2_lib.c stable/10/crypto/openssl/ssl/s2_meth.c stable/10/crypto/openssl/ssl/s2_pkt.c stable/10/crypto/openssl/ssl/s2_srvr.c stable/10/crypto/openssl/ssl/s3_both.c stable/10/crypto/openssl/ssl/s3_cbc.c stable/10/crypto/openssl/ssl/s3_clnt.c stable/10/crypto/openssl/ssl/s3_enc.c stable/10/crypto/openssl/ssl/s3_lib.c stable/10/crypto/openssl/ssl/s3_meth.c stable/10/crypto/openssl/ssl/s3_pkt.c stable/10/crypto/openssl/ssl/s3_srvr.c stable/10/crypto/openssl/ssl/srtp.h stable/10/crypto/openssl/ssl/ssl.h stable/10/crypto/openssl/ssl/ssl2.h stable/10/crypto/openssl/ssl/ssl23.h stable/10/crypto/openssl/ssl/ssl3.h stable/10/crypto/openssl/ssl/ssl_algs.c stable/10/crypto/openssl/ssl/ssl_asn1.c stable/10/crypto/openssl/ssl/ssl_cert.c stable/10/crypto/openssl/ssl/ssl_ciph.c stable/10/crypto/openssl/ssl/ssl_err.c stable/10/crypto/openssl/ssl/ssl_err2.c stable/10/crypto/openssl/ssl/ssl_lib.c stable/10/crypto/openssl/ssl/ssl_locl.h stable/10/crypto/openssl/ssl/ssl_rsa.c stable/10/crypto/openssl/ssl/ssl_sess.c stable/10/crypto/openssl/ssl/ssl_stat.c stable/10/crypto/openssl/ssl/ssl_task.c stable/10/crypto/openssl/ssl/ssl_txt.c stable/10/crypto/openssl/ssl/ssl_utst.c stable/10/crypto/openssl/ssl/ssltest.c stable/10/crypto/openssl/ssl/t1_clnt.c stable/10/crypto/openssl/ssl/t1_enc.c stable/10/crypto/openssl/ssl/t1_lib.c stable/10/crypto/openssl/ssl/t1_meth.c stable/10/crypto/openssl/ssl/t1_reneg.c stable/10/crypto/openssl/ssl/t1_srvr.c stable/10/crypto/openssl/ssl/tls1.h stable/10/crypto/openssl/ssl/tls_srp.c stable/10/crypto/openssl/util/ck_errf.pl stable/10/crypto/openssl/util/libeay.num stable/10/crypto/openssl/util/mkerr.pl stable/10/secure/lib/libcrypto/Makefile.inc stable/10/secure/lib/libcrypto/Makefile.man stable/10/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 stable/10/secure/lib/libcrypto/man/ASN1_STRING_length.3 stable/10/secure/lib/libcrypto/man/ASN1_STRING_new.3 stable/10/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 stable/10/secure/lib/libcrypto/man/ASN1_generate_nconf.3 stable/10/secure/lib/libcrypto/man/BIO_ctrl.3 stable/10/secure/lib/libcrypto/man/BIO_f_base64.3 stable/10/secure/lib/libcrypto/man/BIO_f_buffer.3 stable/10/secure/lib/libcrypto/man/BIO_f_cipher.3 stable/10/secure/lib/libcrypto/man/BIO_f_md.3 stable/10/secure/lib/libcrypto/man/BIO_f_null.3 stable/10/secure/lib/libcrypto/man/BIO_f_ssl.3 stable/10/secure/lib/libcrypto/man/BIO_find_type.3 stable/10/secure/lib/libcrypto/man/BIO_new.3 stable/10/secure/lib/libcrypto/man/BIO_new_CMS.3 stable/10/secure/lib/libcrypto/man/BIO_push.3 stable/10/secure/lib/libcrypto/man/BIO_read.3 stable/10/secure/lib/libcrypto/man/BIO_s_accept.3 stable/10/secure/lib/libcrypto/man/BIO_s_bio.3 stable/10/secure/lib/libcrypto/man/BIO_s_connect.3 stable/10/secure/lib/libcrypto/man/BIO_s_fd.3 stable/10/secure/lib/libcrypto/man/BIO_s_file.3 stable/10/secure/lib/libcrypto/man/BIO_s_mem.3 stable/10/secure/lib/libcrypto/man/BIO_s_null.3 stable/10/secure/lib/libcrypto/man/BIO_s_socket.3 stable/10/secure/lib/libcrypto/man/BIO_set_callback.3 stable/10/secure/lib/libcrypto/man/BIO_should_retry.3 stable/10/secure/lib/libcrypto/man/BN_BLINDING_new.3 stable/10/secure/lib/libcrypto/man/BN_CTX_new.3 stable/10/secure/lib/libcrypto/man/BN_CTX_start.3 stable/10/secure/lib/libcrypto/man/BN_add.3 stable/10/secure/lib/libcrypto/man/BN_add_word.3 stable/10/secure/lib/libcrypto/man/BN_bn2bin.3 stable/10/secure/lib/libcrypto/man/BN_cmp.3 stable/10/secure/lib/libcrypto/man/BN_copy.3 stable/10/secure/lib/libcrypto/man/BN_generate_prime.3 stable/10/secure/lib/libcrypto/man/BN_mod_inverse.3 stable/10/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 stable/10/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 stable/10/secure/lib/libcrypto/man/BN_new.3 stable/10/secure/lib/libcrypto/man/BN_num_bytes.3 stable/10/secure/lib/libcrypto/man/BN_rand.3 stable/10/secure/lib/libcrypto/man/BN_set_bit.3 stable/10/secure/lib/libcrypto/man/BN_swap.3 stable/10/secure/lib/libcrypto/man/BN_zero.3 stable/10/secure/lib/libcrypto/man/CMS_add0_cert.3 stable/10/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3 stable/10/secure/lib/libcrypto/man/CMS_add1_signer.3 stable/10/secure/lib/libcrypto/man/CMS_compress.3 stable/10/secure/lib/libcrypto/man/CMS_decrypt.3 stable/10/secure/lib/libcrypto/man/CMS_encrypt.3 stable/10/secure/lib/libcrypto/man/CMS_final.3 stable/10/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3 stable/10/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3 stable/10/secure/lib/libcrypto/man/CMS_get0_type.3 stable/10/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 stable/10/secure/lib/libcrypto/man/CMS_sign.3 stable/10/secure/lib/libcrypto/man/CMS_sign_receipt.3 stable/10/secure/lib/libcrypto/man/CMS_uncompress.3 stable/10/secure/lib/libcrypto/man/CMS_verify.3 stable/10/secure/lib/libcrypto/man/CMS_verify_receipt.3 stable/10/secure/lib/libcrypto/man/CONF_modules_free.3 stable/10/secure/lib/libcrypto/man/CONF_modules_load_file.3 stable/10/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 stable/10/secure/lib/libcrypto/man/DH_generate_key.3 stable/10/secure/lib/libcrypto/man/DH_generate_parameters.3 stable/10/secure/lib/libcrypto/man/DH_get_ex_new_index.3 stable/10/secure/lib/libcrypto/man/DH_new.3 stable/10/secure/lib/libcrypto/man/DH_set_method.3 stable/10/secure/lib/libcrypto/man/DH_size.3 stable/10/secure/lib/libcrypto/man/DSA_SIG_new.3 stable/10/secure/lib/libcrypto/man/DSA_do_sign.3 stable/10/secure/lib/libcrypto/man/DSA_dup_DH.3 stable/10/secure/lib/libcrypto/man/DSA_generate_key.3 stable/10/secure/lib/libcrypto/man/DSA_generate_parameters.3 stable/10/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 stable/10/secure/lib/libcrypto/man/DSA_new.3 stable/10/secure/lib/libcrypto/man/DSA_set_method.3 stable/10/secure/lib/libcrypto/man/DSA_sign.3 stable/10/secure/lib/libcrypto/man/DSA_size.3 stable/10/secure/lib/libcrypto/man/ERR_GET_LIB.3 stable/10/secure/lib/libcrypto/man/ERR_clear_error.3 stable/10/secure/lib/libcrypto/man/ERR_error_string.3 stable/10/secure/lib/libcrypto/man/ERR_get_error.3 stable/10/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 stable/10/secure/lib/libcrypto/man/ERR_load_strings.3 stable/10/secure/lib/libcrypto/man/ERR_print_errors.3 stable/10/secure/lib/libcrypto/man/ERR_put_error.3 stable/10/secure/lib/libcrypto/man/ERR_remove_state.3 stable/10/secure/lib/libcrypto/man/ERR_set_mark.3 stable/10/secure/lib/libcrypto/man/EVP_BytesToKey.3 stable/10/secure/lib/libcrypto/man/EVP_DigestInit.3 stable/10/secure/lib/libcrypto/man/EVP_DigestSignInit.3 stable/10/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3 stable/10/secure/lib/libcrypto/man/EVP_EncryptInit.3 stable/10/secure/lib/libcrypto/man/EVP_OpenInit.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_cmp.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_derive.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_keygen.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_new.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_print_private.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_sign.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_verify.3 stable/10/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3 stable/10/secure/lib/libcrypto/man/EVP_SealInit.3 stable/10/secure/lib/libcrypto/man/EVP_SignInit.3 stable/10/secure/lib/libcrypto/man/EVP_VerifyInit.3 stable/10/secure/lib/libcrypto/man/OBJ_nid2obj.3 stable/10/secure/lib/libcrypto/man/OPENSSL_Applink.3 stable/10/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 stable/10/secure/lib/libcrypto/man/OPENSSL_config.3 stable/10/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 stable/10/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 stable/10/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 stable/10/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 stable/10/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 stable/10/secure/lib/libcrypto/man/PKCS12_create.3 stable/10/secure/lib/libcrypto/man/PKCS12_parse.3 stable/10/secure/lib/libcrypto/man/PKCS7_decrypt.3 stable/10/secure/lib/libcrypto/man/PKCS7_encrypt.3 stable/10/secure/lib/libcrypto/man/PKCS7_sign.3 stable/10/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3 stable/10/secure/lib/libcrypto/man/PKCS7_verify.3 stable/10/secure/lib/libcrypto/man/RAND_add.3 stable/10/secure/lib/libcrypto/man/RAND_bytes.3 stable/10/secure/lib/libcrypto/man/RAND_cleanup.3 stable/10/secure/lib/libcrypto/man/RAND_egd.3 stable/10/secure/lib/libcrypto/man/RAND_load_file.3 stable/10/secure/lib/libcrypto/man/RAND_set_rand_method.3 stable/10/secure/lib/libcrypto/man/RSA_blinding_on.3 stable/10/secure/lib/libcrypto/man/RSA_check_key.3 stable/10/secure/lib/libcrypto/man/RSA_generate_key.3 stable/10/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 stable/10/secure/lib/libcrypto/man/RSA_new.3 stable/10/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 stable/10/secure/lib/libcrypto/man/RSA_print.3 stable/10/secure/lib/libcrypto/man/RSA_private_encrypt.3 stable/10/secure/lib/libcrypto/man/RSA_public_encrypt.3 stable/10/secure/lib/libcrypto/man/RSA_set_method.3 stable/10/secure/lib/libcrypto/man/RSA_sign.3 stable/10/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 stable/10/secure/lib/libcrypto/man/RSA_size.3 stable/10/secure/lib/libcrypto/man/SMIME_read_CMS.3 stable/10/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 stable/10/secure/lib/libcrypto/man/SMIME_write_CMS.3 stable/10/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 stable/10/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 stable/10/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 stable/10/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 stable/10/secure/lib/libcrypto/man/X509_NAME_print_ex.3 stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3 stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_get_ex_new_index.3 stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_new.3 stable/10/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 stable/10/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 stable/10/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 stable/10/secure/lib/libcrypto/man/X509_new.3 stable/10/secure/lib/libcrypto/man/X509_verify_cert.3 stable/10/secure/lib/libcrypto/man/bio.3 stable/10/secure/lib/libcrypto/man/blowfish.3 stable/10/secure/lib/libcrypto/man/bn.3 stable/10/secure/lib/libcrypto/man/bn_internal.3 stable/10/secure/lib/libcrypto/man/buffer.3 stable/10/secure/lib/libcrypto/man/crypto.3 stable/10/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 stable/10/secure/lib/libcrypto/man/d2i_DHparams.3 stable/10/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 stable/10/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 stable/10/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 stable/10/secure/lib/libcrypto/man/d2i_X509.3 stable/10/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 stable/10/secure/lib/libcrypto/man/d2i_X509_CRL.3 stable/10/secure/lib/libcrypto/man/d2i_X509_NAME.3 stable/10/secure/lib/libcrypto/man/d2i_X509_REQ.3 stable/10/secure/lib/libcrypto/man/d2i_X509_SIG.3 stable/10/secure/lib/libcrypto/man/des.3 stable/10/secure/lib/libcrypto/man/dh.3 stable/10/secure/lib/libcrypto/man/dsa.3 stable/10/secure/lib/libcrypto/man/ecdsa.3 stable/10/secure/lib/libcrypto/man/engine.3 stable/10/secure/lib/libcrypto/man/err.3 stable/10/secure/lib/libcrypto/man/evp.3 stable/10/secure/lib/libcrypto/man/hmac.3 stable/10/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3 stable/10/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 stable/10/secure/lib/libcrypto/man/lh_stats.3 stable/10/secure/lib/libcrypto/man/lhash.3 stable/10/secure/lib/libcrypto/man/md5.3 stable/10/secure/lib/libcrypto/man/mdc2.3 stable/10/secure/lib/libcrypto/man/pem.3 stable/10/secure/lib/libcrypto/man/rand.3 stable/10/secure/lib/libcrypto/man/rc4.3 stable/10/secure/lib/libcrypto/man/ripemd.3 stable/10/secure/lib/libcrypto/man/rsa.3 stable/10/secure/lib/libcrypto/man/sha.3 stable/10/secure/lib/libcrypto/man/threads.3 stable/10/secure/lib/libcrypto/man/ui.3 stable/10/secure/lib/libcrypto/man/ui_compat.3 stable/10/secure/lib/libcrypto/man/x509.3 stable/10/secure/lib/libcrypto/opensslconf-arm.h stable/10/secure/lib/libcrypto/opensslconf-mips.h stable/10/secure/lib/libcrypto/opensslconf-powerpc.h stable/10/secure/lib/libcrypto/opensslconf-sparc64.h stable/10/secure/lib/libcrypto/opensslconf-x86.h stable/10/secure/lib/libssl/Makefile.man stable/10/secure/lib/libssl/man/SSL_CIPHER_get_name.3 stable/10/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 stable/10/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 stable/10/secure/lib/libssl/man/SSL_CTX_add_session.3 stable/10/secure/lib/libssl/man/SSL_CTX_ctrl.3 stable/10/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 stable/10/secure/lib/libssl/man/SSL_CTX_free.3 stable/10/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 stable/10/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 stable/10/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 stable/10/secure/lib/libssl/man/SSL_CTX_new.3 stable/10/secure/lib/libssl/man/SSL_CTX_sess_number.3 stable/10/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 stable/10/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 stable/10/secure/lib/libssl/man/SSL_CTX_sessions.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_mode.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_options.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_psk_client_callback.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_timeout.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 stable/10/secure/lib/libssl/man/SSL_CTX_set_verify.3 stable/10/secure/lib/libssl/man/SSL_CTX_use_certificate.3 stable/10/secure/lib/libssl/man/SSL_CTX_use_psk_identity_hint.3 stable/10/secure/lib/libssl/man/SSL_SESSION_free.3 stable/10/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 stable/10/secure/lib/libssl/man/SSL_SESSION_get_time.3 stable/10/secure/lib/libssl/man/SSL_accept.3 stable/10/secure/lib/libssl/man/SSL_alert_type_string.3 stable/10/secure/lib/libssl/man/SSL_clear.3 stable/10/secure/lib/libssl/man/SSL_connect.3 stable/10/secure/lib/libssl/man/SSL_do_handshake.3 stable/10/secure/lib/libssl/man/SSL_free.3 stable/10/secure/lib/libssl/man/SSL_get_SSL_CTX.3 stable/10/secure/lib/libssl/man/SSL_get_ciphers.3 stable/10/secure/lib/libssl/man/SSL_get_client_CA_list.3 stable/10/secure/lib/libssl/man/SSL_get_current_cipher.3 stable/10/secure/lib/libssl/man/SSL_get_default_timeout.3 stable/10/secure/lib/libssl/man/SSL_get_error.3 stable/10/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 stable/10/secure/lib/libssl/man/SSL_get_ex_new_index.3 stable/10/secure/lib/libssl/man/SSL_get_fd.3 stable/10/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 stable/10/secure/lib/libssl/man/SSL_get_peer_certificate.3 stable/10/secure/lib/libssl/man/SSL_get_psk_identity.3 stable/10/secure/lib/libssl/man/SSL_get_rbio.3 stable/10/secure/lib/libssl/man/SSL_get_session.3 stable/10/secure/lib/libssl/man/SSL_get_verify_result.3 stable/10/secure/lib/libssl/man/SSL_get_version.3 stable/10/secure/lib/libssl/man/SSL_library_init.3 stable/10/secure/lib/libssl/man/SSL_load_client_CA_file.3 stable/10/secure/lib/libssl/man/SSL_new.3 stable/10/secure/lib/libssl/man/SSL_pending.3 stable/10/secure/lib/libssl/man/SSL_read.3 stable/10/secure/lib/libssl/man/SSL_rstate_string.3 stable/10/secure/lib/libssl/man/SSL_session_reused.3 stable/10/secure/lib/libssl/man/SSL_set_bio.3 stable/10/secure/lib/libssl/man/SSL_set_connect_state.3 stable/10/secure/lib/libssl/man/SSL_set_fd.3 stable/10/secure/lib/libssl/man/SSL_set_session.3 stable/10/secure/lib/libssl/man/SSL_set_shutdown.3 stable/10/secure/lib/libssl/man/SSL_set_verify_result.3 stable/10/secure/lib/libssl/man/SSL_shutdown.3 stable/10/secure/lib/libssl/man/SSL_state_string.3 stable/10/secure/lib/libssl/man/SSL_want.3 stable/10/secure/lib/libssl/man/SSL_write.3 stable/10/secure/lib/libssl/man/d2i_SSL_SESSION.3 stable/10/secure/lib/libssl/man/ssl.3 stable/10/secure/usr.bin/openssl/man/CA.pl.1 stable/10/secure/usr.bin/openssl/man/asn1parse.1 stable/10/secure/usr.bin/openssl/man/c_rehash.1 stable/10/secure/usr.bin/openssl/man/ca.1 stable/10/secure/usr.bin/openssl/man/ciphers.1 stable/10/secure/usr.bin/openssl/man/cms.1 stable/10/secure/usr.bin/openssl/man/crl.1 stable/10/secure/usr.bin/openssl/man/crl2pkcs7.1 stable/10/secure/usr.bin/openssl/man/dgst.1 stable/10/secure/usr.bin/openssl/man/dhparam.1 stable/10/secure/usr.bin/openssl/man/dsa.1 stable/10/secure/usr.bin/openssl/man/dsaparam.1 stable/10/secure/usr.bin/openssl/man/ec.1 stable/10/secure/usr.bin/openssl/man/ecparam.1 stable/10/secure/usr.bin/openssl/man/enc.1 stable/10/secure/usr.bin/openssl/man/errstr.1 stable/10/secure/usr.bin/openssl/man/gendsa.1 stable/10/secure/usr.bin/openssl/man/genpkey.1 stable/10/secure/usr.bin/openssl/man/genrsa.1 stable/10/secure/usr.bin/openssl/man/nseq.1 stable/10/secure/usr.bin/openssl/man/ocsp.1 stable/10/secure/usr.bin/openssl/man/openssl.1 stable/10/secure/usr.bin/openssl/man/passwd.1 stable/10/secure/usr.bin/openssl/man/pkcs12.1 stable/10/secure/usr.bin/openssl/man/pkcs7.1 stable/10/secure/usr.bin/openssl/man/pkcs8.1 stable/10/secure/usr.bin/openssl/man/pkey.1 stable/10/secure/usr.bin/openssl/man/pkeyparam.1 stable/10/secure/usr.bin/openssl/man/pkeyutl.1 stable/10/secure/usr.bin/openssl/man/rand.1 stable/10/secure/usr.bin/openssl/man/req.1 stable/10/secure/usr.bin/openssl/man/rsa.1 stable/10/secure/usr.bin/openssl/man/rsautl.1 stable/10/secure/usr.bin/openssl/man/s_client.1 stable/10/secure/usr.bin/openssl/man/s_server.1 stable/10/secure/usr.bin/openssl/man/s_time.1 stable/10/secure/usr.bin/openssl/man/sess_id.1 stable/10/secure/usr.bin/openssl/man/smime.1 stable/10/secure/usr.bin/openssl/man/speed.1 stable/10/secure/usr.bin/openssl/man/spkac.1 stable/10/secure/usr.bin/openssl/man/ts.1 stable/10/secure/usr.bin/openssl/man/tsget.1 stable/10/secure/usr.bin/openssl/man/verify.1 stable/10/secure/usr.bin/openssl/man/version.1 stable/10/secure/usr.bin/openssl/man/x509.1 stable/10/secure/usr.bin/openssl/man/x509v3_config.1 Directory Properties: stable/10/ (props changed) Modified: stable/10/crypto/openssl/CHANGES ============================================================================== --- stable/10/crypto/openssl/CHANGES Fri Mar 20 21:09:03 2015 (r280303) +++ stable/10/crypto/openssl/CHANGES Fri Mar 20 21:54:45 2015 (r280304) @@ -2,6 +2,83 @@ OpenSSL CHANGES _______________ + Changes between 1.0.1l and 1.0.1m [19 Mar 2015] + + *) Segmentation fault in ASN1_TYPE_cmp fix + + The function ASN1_TYPE_cmp will crash with an invalid read if an attempt is + made to compare ASN.1 boolean types. Since ASN1_TYPE_cmp is used to check + certificate signature algorithm consistency this can be used to crash any + certificate verification operation and exploited in a DoS attack. Any + application which performs certificate verification is vulnerable including + OpenSSL clients and servers which enable client authentication. + (CVE-2015-0286) + [Stephen Henson] + + *) ASN.1 structure reuse memory corruption fix + + Reusing a structure in ASN.1 parsing may allow an attacker to cause + memory corruption via an invalid write. Such reuse is and has been + strongly discouraged and is believed to be rare. + + Applications that parse structures containing CHOICE or ANY DEFINED BY + components may be affected. Certificate parsing (d2i_X509 and related + functions) are however not affected. OpenSSL clients and servers are + not affected. + (CVE-2015-0287) + [Stephen Henson] + + *) PKCS7 NULL pointer dereferences fix + + The PKCS#7 parsing code does not handle missing outer ContentInfo + correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs with + missing content and trigger a NULL pointer dereference on parsing. + + Applications that verify PKCS#7 signatures, decrypt PKCS#7 data or + otherwise parse PKCS#7 structures from untrusted sources are + affected. OpenSSL clients and servers are not affected. + + This issue was reported to OpenSSL by Michal Zalewski (Google). + (CVE-2015-0289) + [Emilia Käsper] + + *) DoS via reachable assert in SSLv2 servers fix + + A malicious client can trigger an OPENSSL_assert (i.e., an abort) in + servers that both support SSLv2 and enable export cipher suites by sending + a specially crafted SSLv2 CLIENT-MASTER-KEY message. + + This issue was discovered by Sean Burford (Google) and Emilia Käsper + (OpenSSL development team). + (CVE-2015-0293) + [Emilia Käsper] + + *) Use After Free following d2i_ECPrivatekey error fix + + A malformed EC private key file consumed via the d2i_ECPrivateKey function + could cause a use after free condition. This, in turn, could cause a double + free in several private key parsing functions (such as d2i_PrivateKey + or EVP_PKCS82PKEY) and could lead to a DoS attack or memory corruption + for applications that receive EC private keys from untrusted + sources. This scenario is considered rare. + + This issue was discovered by the BoringSSL project and fixed in their + commit 517073cd4b. + (CVE-2015-0209) + [Matt Caswell] + + *) X509_to_X509_REQ NULL pointer deref fix + + The function X509_to_X509_REQ will crash with a NULL pointer dereference if + the certificate key is invalid. This function is rarely used in practice. + + This issue was discovered by Brian Carpenter. + (CVE-2015-0288) + [Stephen Henson] + + *) Removed the export ciphers from the DEFAULT ciphers + [Kurt Roeckx] + Changes between 1.0.1k and 1.0.1l [15 Jan 2015] *) Build fixes for the Windows and OpenVMS platforms @@ -771,63 +848,6 @@ Add command line options to s_client/s_server. [Steve Henson] - Changes between 1.0.0j and 1.0.0k [5 Feb 2013] - - *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time. - - This addresses the flaw in CBC record processing discovered by - Nadhem Alfardan and Kenny Paterson. Details of this attack can be found - at: http://www.isg.rhul.ac.uk/tls/ - - Thanks go to Nadhem Alfardan and Kenny Paterson of the Information - Security Group at Royal Holloway, University of London - (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and - Emilia Käsper for the initial patch. - (CVE-2013-0169) - [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson] - - *) Return an error when checking OCSP signatures when key is NULL. - This fixes a DoS attack. (CVE-2013-0166) - [Steve Henson] - - *) Call OCSP Stapling callback after ciphersuite has been chosen, so - the right response is stapled. Also change SSL_get_certificate() - so it returns the certificate actually sent. - See http://rt.openssl.org/Ticket/Display.html?id=2836. - (This is a backport) - [Rob Stradling ] - - *) Fix possible deadlock when decoding public keys. - [Steve Henson] - - Changes between 1.0.0i and 1.0.0j [10 May 2012] - - [NB: OpenSSL 1.0.0i and later 1.0.0 patch levels were released after - OpenSSL 1.0.1.] - - *) Sanity check record length before skipping explicit IV in DTLS - to fix DoS attack. - - Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic - fuzzing as a service testing platform. - (CVE-2012-2333) - [Steve Henson] - - *) Initialise tkeylen properly when encrypting CMS messages. - Thanks to Solar Designer of Openwall for reporting this issue. - [Steve Henson] - - Changes between 1.0.0h and 1.0.0i [19 Apr 2012] - - *) Check for potentially exploitable overflows in asn1_d2i_read_bio - BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer - in CRYPTO_realloc_clean. - - Thanks to Tavis Ormandy, Google Security Team, for discovering this - issue and to Adam Langley for fixing it. - (CVE-2012-2110) - [Adam Langley (Google), Tavis Ormandy, Google Security Team] - Changes between 1.0.0g and 1.0.0h [12 Mar 2012] *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness @@ -1818,228 +1838,6 @@ *) Change 'Configure' script to enable Camellia by default. [NTT] - Changes between 0.9.8x and 0.9.8y [5 Feb 2013] - - *) Make the decoding of SSLv3, TLS and DTLS CBC records constant time. - - This addresses the flaw in CBC record processing discovered by - Nadhem Alfardan and Kenny Paterson. Details of this attack can be found - at: http://www.isg.rhul.ac.uk/tls/ - - Thanks go to Nadhem Alfardan and Kenny Paterson of the Information - Security Group at Royal Holloway, University of London - (www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and - Emilia Käsper for the initial patch. - (CVE-2013-0169) - [Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson] - - *) Return an error when checking OCSP signatures when key is NULL. - This fixes a DoS attack. (CVE-2013-0166) - [Steve Henson] - - *) Call OCSP Stapling callback after ciphersuite has been chosen, so - the right response is stapled. Also change SSL_get_certificate() - so it returns the certificate actually sent. - See http://rt.openssl.org/Ticket/Display.html?id=2836. - (This is a backport) - [Rob Stradling ] - - *) Fix possible deadlock when decoding public keys. - [Steve Henson] - - Changes between 0.9.8w and 0.9.8x [10 May 2012] - - *) Sanity check record length before skipping explicit IV in DTLS - to fix DoS attack. - - Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic - fuzzing as a service testing platform. - (CVE-2012-2333) - [Steve Henson] - - *) Initialise tkeylen properly when encrypting CMS messages. - Thanks to Solar Designer of Openwall for reporting this issue. - [Steve Henson] - - Changes between 0.9.8v and 0.9.8w [23 Apr 2012] - - *) The fix for CVE-2012-2110 did not take into account that the - 'len' argument to BUF_MEM_grow and BUF_MEM_grow_clean is an - int in OpenSSL 0.9.8, making it still vulnerable. Fix by - rejecting negative len parameter. (CVE-2012-2131) - [Tomas Hoger ] - - Changes between 0.9.8u and 0.9.8v [19 Apr 2012] - - *) Check for potentially exploitable overflows in asn1_d2i_read_bio - BUF_mem_grow and BUF_mem_grow_clean. Refuse attempts to shrink buffer - in CRYPTO_realloc_clean. - - Thanks to Tavis Ormandy, Google Security Team, for discovering this - issue and to Adam Langley for fixing it. - (CVE-2012-2110) - [Adam Langley (Google), Tavis Ormandy, Google Security Team] - - Changes between 0.9.8t and 0.9.8u [12 Mar 2012] - - *) Fix MMA (Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) weakness - in CMS and PKCS7 code. When RSA decryption fails use a random key for - content decryption and always return the same error. Note: this attack - needs on average 2^20 messages so it only affects automated senders. The - old behaviour can be reenabled in the CMS code by setting the - CMS_DEBUG_DECRYPT flag: this is useful for debugging and testing where - an MMA defence is not necessary. - Thanks to Ivan Nestlerode for discovering - this issue. (CVE-2012-0884) - [Steve Henson] - - *) Fix CVE-2011-4619: make sure we really are receiving a - client hello before rejecting multiple SGC restarts. Thanks to - Ivan Nestlerode for discovering this bug. - [Steve Henson] - - Changes between 0.9.8s and 0.9.8t [18 Jan 2012] - - *) Fix for DTLS DoS issue introduced by fix for CVE-2011-4109. - Thanks to Antonio Martin, Enterprise Secure Access Research and - Development, Cisco Systems, Inc. for discovering this bug and - preparing a fix. (CVE-2012-0050) - [Antonio Martin] - - Changes between 0.9.8r and 0.9.8s [4 Jan 2012] - - *) Nadhem Alfardan and Kenny Paterson have discovered an extension - of the Vaudenay padding oracle attack on CBC mode encryption - which enables an efficient plaintext recovery attack against - the OpenSSL implementation of DTLS. Their attack exploits timing - differences arising during decryption processing. A research - paper describing this attack can be found at: - http://www.isg.rhul.ac.uk/~kp/dtls.pdf - Thanks go to Nadhem Alfardan and Kenny Paterson of the Information - Security Group at Royal Holloway, University of London - (www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann - and Michael Tuexen - for preparing the fix. (CVE-2011-4108) - [Robin Seggelmann, Michael Tuexen] - - *) Stop policy check failure freeing same buffer twice. (CVE-2011-4109) - [Ben Laurie, Kasper ] - - *) Clear bytes used for block padding of SSL 3.0 records. - (CVE-2011-4576) - [Adam Langley (Google)] - - *) Only allow one SGC handshake restart for SSL/TLS. Thanks to George - Kadianakis for discovering this issue and - Adam Langley for preparing the fix. (CVE-2011-4619) - [Adam Langley (Google)] - - *) Prevent malformed RFC3779 data triggering an assertion failure. - Thanks to Andrew Chi, BBN Technologies, for discovering the flaw - and Rob Austein for fixing it. (CVE-2011-4577) - [Rob Austein ] - - *) Fix ssl_ciph.c set-up race. - [Adam Langley (Google)] - - *) Fix spurious failures in ecdsatest.c. - [Emilia Käsper (Google)] - - *) Fix the BIO_f_buffer() implementation (which was mixing different - interpretations of the '..._len' fields). - [Adam Langley (Google)] - - *) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than - BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent - threads won't reuse the same blinding coefficients. - - This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING - lock to call BN_BLINDING_invert_ex, and avoids one use of - BN_BLINDING_update for each BN_BLINDING structure (previously, - the last update always remained unused). - [Emilia Käsper (Google)] - - *) Fix SSL memory handling for (EC)DH ciphersuites, in particular - for multi-threaded use of ECDH. - [Adam Langley (Google)] - - *) Fix x509_name_ex_d2i memory leak on bad inputs. - [Bodo Moeller] - - *) Add protection against ECDSA timing attacks as mentioned in the paper - by Billy Bob Brumley and Nicola Tuveri, see: - - http://eprint.iacr.org/2011/232.pdf - - [Billy Bob Brumley and Nicola Tuveri] - - Changes between 0.9.8q and 0.9.8r [8 Feb 2011] - - *) Fix parsing of OCSP stapling ClientHello extension. CVE-2011-0014 - [Neel Mehta, Adam Langley, Bodo Moeller (Google)] - - *) Fix bug in string printing code: if *any* escaping is enabled we must - escape the escape character (backslash) or the resulting string is - ambiguous. - [Steve Henson] - - Changes between 0.9.8p and 0.9.8q [2 Dec 2010] - - *) Disable code workaround for ancient and obsolete Netscape browsers - and servers: an attacker can use it in a ciphersuite downgrade attack. - Thanks to Martin Rex for discovering this bug. CVE-2010-4180 - [Steve Henson] - - *) Fixed J-PAKE implementation error, originally discovered by - Sebastien Martini, further info and confirmation from Stefan - Arentz and Feng Hao. Note that this fix is a security fix. CVE-2010-4252 - [Ben Laurie] - - Changes between 0.9.8o and 0.9.8p [16 Nov 2010] - - *) Fix extension code to avoid race conditions which can result in a buffer - overrun vulnerability: resumed sessions must not be modified as they can - be shared by multiple threads. CVE-2010-3864 - [Steve Henson] - - *) Fix for double free bug in ssl/s3_clnt.c CVE-2010-2939 - [Steve Henson] - - *) Don't reencode certificate when calculating signature: cache and use - the original encoding instead. This makes signature verification of - some broken encodings work correctly. - [Steve Henson] - - *) ec2_GF2m_simple_mul bugfix: compute correct result if the output EC_POINT - is also one of the inputs. - [Emilia Käsper (Google)] - - *) Don't repeatedly append PBE algorithms to table if they already exist. - Sort table on each new add. This effectively makes the table read only - after all algorithms are added and subsequent calls to PKCS12_pbe_add - etc are non-op. - [Steve Henson] - - Changes between 0.9.8n and 0.9.8o [01 Jun 2010] - - [NB: OpenSSL 0.9.8o and later 0.9.8 patch levels were released after - OpenSSL 1.0.0.] - - *) Correct a typo in the CMS ASN1 module which can result in invalid memory - access or freeing data twice (CVE-2010-0742) - [Steve Henson, Ronald Moesbergen ] - - *) Add SHA2 algorithms to SSL_library_init(). SHA2 is becoming far more - common in certificates and some applications which only call - SSL_library_init and not OpenSSL_add_all_algorithms() will fail. - [Steve Henson] - - *) VMS fixes: - Reduce copying into .apps and .test in makevms.com - Don't try to use blank CA certificate in CA.com - Allow use of C files from original directories in maketests.com - [Steven M. Schweda" ] - Changes between 0.9.8m and 0.9.8n [24 Mar 2010] *) When rejecting SSL/TLS records due to an incorrect version number, never Modified: stable/10/crypto/openssl/Configure ============================================================================== --- stable/10/crypto/openssl/Configure Fri Mar 20 21:09:03 2015 (r280303) +++ stable/10/crypto/openssl/Configure Fri Mar 20 21:54:45 2015 (r280304) @@ -185,18 +185,18 @@ my %table=( "debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", -"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", -"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -DTERMIO -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", +"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"debug-linux-ppro","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -mcpu=pentiumpro -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", +"debug-linux-elf","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-lefence -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-elf-noefence","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -g -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-ia32-aes", "gcc:-DAES_EXPERIMENTAL -DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:x86cpuid.o:bn-586.o co-586.o x86-mont.o:des-586.o crypt586.o:aes_x86core.o aes_cbc.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o::ghash-x86.o::elf:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-generic32","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-generic64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-linux-x86_64","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -m64 -DL_ENDIAN -g -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", "dist", "cc:-O::(unknown)::::::", # Basic configs that should work on any (32 and less bit) box @@ -256,16 +256,16 @@ my %table=( #### IRIX 5.x configs # -mips2 flag is added by ./config when appropriate. -"irix-gcc","gcc:-O3 -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"irix-cc", "cc:-O2 -use_readonly_const -DTERMIOS -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-gcc","gcc:-O3 -DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK DES_UNROLL DES_RISC2 DES_PTR BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"irix-cc", "cc:-O2 -use_readonly_const -DB_ENDIAN::(unknown):::BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC2 DES_UNROLL BF_PTR:${mips32_asm}:o32:dlfcn:irix-shared:::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### IRIX 6.x configs # Only N32 and N64 ABIs are supported. If you need O32 ABI build, invoke # './Configure irix-cc -o32' manually. -"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32", -"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32", +"irix-mips3-gcc","gcc:-mabi=n32 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::MD2_CHAR RC4_INDEX RC4_CHAR RC4_CHUNK_LL DES_UNROLL DES_RISC2 DES_PTR BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-mabi=n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32", +"irix-mips3-cc", "cc:-n32 -mips3 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::DES_PTR RC4_CHAR RC4_CHUNK_LL DES_RISC2 DES_UNROLL BF_PTR SIXTY_FOUR_BIT:${mips64_asm}:n32:dlfcn:irix-shared::-n32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::32", # N64 ABI builds. -"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DTERMIOS -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", +"irix64-mips4-gcc","gcc:-mabi=64 -mips4 -O3 -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-mabi=64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", +"irix64-mips4-cc", "cc:-64 -mips4 -O2 -use_readonly_const -G0 -rdata_shared -DB_ENDIAN -DBN_DIV3W::-D_SGI_MP_SOURCE:::RC4_CHAR RC4_CHUNK DES_RISC2 DES_UNROLL SIXTY_FOUR_BIT_LONG:${mips64_asm}:64:dlfcn:irix-shared::-64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", #### Unified HP-UX ANSI C configs. # Special notes: @@ -345,23 +345,23 @@ my %table=( #### # *-generic* is endian-neutral target, but ./config is free to # throw in -D[BL]_ENDIAN, whichever appropriate... -"linux-generic32","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-generic32","gcc:-O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ppc", "gcc:-DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc32_asm}:linux32:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # It's believed that majority of ARM toolchains predefine appropriate -march. # If you compiler does not, do complement config command line with one! -"linux-armv4", "gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-armv4", "gcc:-O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### IA-32 targets... -"linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out", +"linux-ia32-icc", "icc:-DL_ENDIAN -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-aout", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out", #### -"linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ppc64", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -"linux-ia64", "gcc:-DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ia64-ecc","ecc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-ia64-icc","icc:-DL_ENDIAN -DTERMIO -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-x86_64", "gcc:-m64 -DL_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", -"linux64-s390x", "gcc:-m64 -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", +"linux-generic64","gcc:-O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ppc64", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${ppc64_asm}:linux64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", +"linux-ia64", "gcc:-DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64-ecc","ecc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-ia64-icc","icc:-DL_ENDIAN -O2 -Wall -no_cpprt::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_INT:${ia64_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-x86_64", "gcc:-m64 -DL_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", +"linux64-s390x", "gcc:-m64 -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:${s390x_asm}:64:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", #### So called "highgprs" target for z/Architecture CPUs # "Highgprs" is kernel feature first implemented in Linux 2.6.32, see # /proc/cpuinfo. The idea is to preserve most significant bits of @@ -375,16 +375,16 @@ my %table=( # ldconfig and run-time linker to autodiscover. Unfortunately it # doesn't work just yet, because of couple of bugs in glibc # sysdeps/s390/dl-procinfo.c affecting ldconfig and ld.so.1... -"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs", +"linux32-s390x", "gcc:-m31 -Wa,-mzarch -DB_ENDIAN -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$s390x_asm;$asm=~s/bn\-s390x\.o/bn_asm.o/;$asm}.":31:dlfcn:linux-shared:-fPIC:-m31:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/highgprs", #### SPARC Linux setups # Ray Miller has patiently # assisted with debugging of following two configs. -"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-sparcv8","gcc:-mv8 -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # it's a real mess with -mcpu=ultrasparc option under Linux, but # -Wa,-Av8plus should do the trick no matter what. -"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-sparcv9","gcc:-m32 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall -Wa,-Av8plus -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # GCC 3.1 is a requirement -"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", +"linux64-sparcv9","gcc:-m64 -mcpu=ultrasparc -DB_ENDIAN -O3 -fomit-frame-pointer -Wall::-D_REENTRANT:ULTRASPARC:-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", #### Alpha Linux with GNU C and Compaq C setups # Special notes: # - linux-alpha+bwx-gcc is ment to be used from ./config only. If you @@ -398,30 +398,30 @@ my %table=( # # # -"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN -DTERMIO::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", -"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN -DTERMIO::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", +"linux-alpha-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-alpha+bwx-gcc","gcc:-O3 -DL_ENDIAN::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", +"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", -# Android: linux-* but without -DTERMIO and pointers to headers and libs. +# Android: linux-* but without pointers to headers and libs. "android","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "android-x86","gcc:-mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:".eval{my $asm=${x86_elf_asm};$asm=~s/:elf/:android/;$asm}.":dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "android-armv7","gcc:-march=armv7-a -mandroid -I\$(ANDROID_DEV)/include -B\$(ANDROID_DEV)/lib -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", #### *BSD [do see comment about ${BSDthreads} above!] -"BSD-generic32","gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"BSD-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"BSD-sparcv8", "gcc:-DB_ENDIAN -DTERMIOS -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-generic32","gcc:-O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -Wall::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"debug-BSD-x86-elf", "gcc:-DL_ENDIAN -O3 -Wall -g::${BSDthreads}:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-sparcv8", "gcc:-DB_ENDIAN -O3 -mv8 -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_INDEX DES_INT DES_UNROLL:${sparcv8_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"BSD-generic64","gcc:-DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-generic64","gcc:-O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # -DMD32_REG_T=int doesn't actually belong in sparc64 target, it # simply *happens* to work around a compiler bug in gcc 3.3.3, # triggered by RIPEMD160 code. -"BSD-sparc64", "gcc:-DB_ENDIAN -DTERMIOS -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"BSD-ia64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"BSD-x86_64", "gcc:-DL_ENDIAN -DTERMIOS -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-sparc64", "gcc:-DB_ENDIAN -O3 -DMD32_REG_T=int -Wall::${BSDthreads}:::BN_LLONG RC2_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC2 BF_PTR:${sparcv9_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-ia64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_UNROLL DES_INT:${ia64_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"BSD-x86_64", "gcc:-DL_ENDIAN -O3 -Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "bsdi-elf-gcc", "gcc:-DPERL5 -DL_ENDIAN -fomit-frame-pointer -O3 -march=i486 -Wall::(unknown)::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", @@ -433,8 +433,8 @@ my %table=( # QNX "qnx4", "cc:-DL_ENDIAN -DTERMIO::(unknown):::${x86_gcc_des} ${x86_gcc_opts}:", -"QNX6", "gcc:-DTERMIOS::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -"QNX6-i386", "gcc:-DL_ENDIAN -DTERMIOS -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"QNX6", "gcc:::::-lsocket::${no_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +"QNX6-i386", "gcc:-DL_ENDIAN -O2 -Wall::::-lsocket:${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", # BeOS "beos-x86-r5", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mcpu=pentium -Wall::-D_REENTRANT:BEOS:-lbe -lnet:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:beos:beos-shared:-fPIC -DPIC:-shared:.so", @@ -507,7 +507,7 @@ my %table=( "SINIX-N","/usr/ucb/cc:-O2 -misaligned::(unknown)::-lucb:RC4_INDEX RC4_CHAR:::", # SIEMENS BS2000/OSD: an EBCDIC-based mainframe -"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DTERMIOS -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::", +"BS2000-OSD","c89:-O -XLLML -XLLMK -XL -DB_ENDIAN -DCHARSET_EBCDIC::(unknown)::-lsocket -lnsl:THIRTY_TWO_BIT DES_PTR DES_UNROLL MD2_CHAR RC4_INDEX RC4_CHAR BF_PTR:::", # OS/390 Unix an EBCDIC-based Unix system on IBM mainframe # You need to compile using the c89.sh wrapper in the tools directory, because the @@ -567,7 +567,7 @@ my %table=( "netware-libc-bsdsock-gcc", "i586-netware-gcc:-nostdinc -I/ndk/libc/include -DNETWARE_BSDSOCK -DL_ENDIAN -DNETWARE_LIBC -DOPENSSL_SYSNAME_NETWARE -DTERMIO -O2 -Wall:::::BN_LLONG ${x86_gcc_opts}::", # DJGPP -"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:", +"DJGPP", "gcc:-I/dev/env/WATT_ROOT/inc -DTERMIO -DL_ENDIAN -fomit-frame-pointer -O2 -Wall:::MSDOS:-L/dev/env/WATT_ROOT/lib -lwatt:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out:", # Ultrix from Bernhard Simon "ultrix-cc","cc:-std1 -O -Olimit 2500 -DL_ENDIAN::(unknown):::::::", @@ -593,7 +593,7 @@ my %table=( "newsos4-gcc","gcc:-O -DB_ENDIAN::(unknown):NEWS4:-lmld -liberty:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR::::", ##### GNU Hurd -"hurd-x86", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC", +"hurd-x86", "gcc:-DL_ENDIAN -O3 -fomit-frame-pointer -march=i486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC", ##### OS/2 EMX "OS2-EMX", "gcc::::::::", Modified: stable/10/crypto/openssl/Makefile ============================================================================== --- stable/10/crypto/openssl/Makefile Fri Mar 20 21:09:03 2015 (r280303) +++ stable/10/crypto/openssl/Makefile Fri Mar 20 21:54:45 2015 (r280304) @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=1.0.1l +VERSION=1.0.1m MAJOR=1 MINOR=0.1 SHLIB_VERSION_NUMBER=1.0.0 Modified: stable/10/crypto/openssl/NEWS ============================================================================== --- stable/10/crypto/openssl/NEWS Fri Mar 20 21:09:03 2015 (r280303) +++ stable/10/crypto/openssl/NEWS Fri Mar 20 21:54:45 2015 (r280304) @@ -5,6 +5,16 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.0.1l and OpenSSL 1.0.1m [19 Mar 2015] + + o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) + o ASN.1 structure reuse memory corruption fix (CVE-2015-0287) + o PKCS7 NULL pointer dereferences fix (CVE-2015-0289) + o DoS via reachable assert in SSLv2 servers fix (CVE-2015-0293) + o Use After Free following d2i_ECPrivatekey error fix (CVE-2015-0209) + o X509_to_X509_REQ NULL pointer deref fix (CVE-2015-0288) + o Removed the export ciphers from the DEFAULT ciphers + Major changes between OpenSSL 1.0.1k and OpenSSL 1.0.1l [15 Jan 2015] o Build fixes for the Windows and OpenVMS platforms @@ -103,19 +113,6 @@ o Preliminary FIPS capability for unvalidated 2.0 FIPS module. o SRP support. - Major changes between OpenSSL 1.0.0j and OpenSSL 1.0.0k [5 Feb 2013]: - - o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 - o Fix OCSP bad key DoS attack CVE-2013-0166 - - Major changes between OpenSSL 1.0.0i and OpenSSL 1.0.0j [10 May 2012]: - - o Fix DTLS record length checking bug CVE-2012-2333 - - Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.0i [19 Apr 2012]: - - o Fix for ASN1 overflow bug CVE-2012-2110 - Major changes between OpenSSL 1.0.0g and OpenSSL 1.0.0h [12 Mar 2012]: o Fix for CMS/PKCS#7 MMA CVE-2012-0884 @@ -188,62 +185,6 @@ o Opaque PRF Input TLS extension support. o Updated time routines to avoid OS limitations. - Major changes between OpenSSL 0.9.8x and OpenSSL 0.9.8y [5 Feb 2013]: - - o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169 - o Fix OCSP bad key DoS attack CVE-2013-0166 - - Major changes between OpenSSL 0.9.8w and OpenSSL 0.9.8x [10 May 2012]: - - o Fix DTLS record length checking bug CVE-2012-2333 - - Major changes between OpenSSL 0.9.8v and OpenSSL 0.9.8w [23 Apr 2012]: - - o Fix for CVE-2012-2131 (corrected fix for 0.9.8 and CVE-2012-2110) - - Major changes between OpenSSL 0.9.8u and OpenSSL 0.9.8v [19 Apr 2012]: - - o Fix for ASN1 overflow bug CVE-2012-2110 - - Major changes between OpenSSL 0.9.8t and OpenSSL 0.9.8u [12 Mar 2012]: - - o Fix for CMS/PKCS#7 MMA CVE-2012-0884 - o Corrected fix for CVE-2011-4619 - o Various DTLS fixes. - - Major changes between OpenSSL 0.9.8s and OpenSSL 0.9.8t [18 Jan 2012]: - - o Fix for DTLS DoS issue CVE-2012-0050 - - Major changes between OpenSSL 0.9.8r and OpenSSL 0.9.8s [4 Jan 2012]: - - o Fix for DTLS plaintext recovery attack CVE-2011-4108 - o Fix policy check double free error CVE-2011-4109 - o Clear block padding bytes of SSL 3.0 records CVE-2011-4576 - o Only allow one SGC handshake restart for SSL/TLS CVE-2011-4619 - o Check for malformed RFC3779 data CVE-2011-4577 - - Major changes between OpenSSL 0.9.8q and OpenSSL 0.9.8r [8 Feb 2011]: - - o Fix for security issue CVE-2011-0014 - - Major changes between OpenSSL 0.9.8p and OpenSSL 0.9.8q [2 Dec 2010]: - - o Fix for security issue CVE-2010-4180 - o Fix for CVE-2010-4252 - - Major changes between OpenSSL 0.9.8o and OpenSSL 0.9.8p [16 Nov 2010]: - - o Fix for security issue CVE-2010-3864. - - Major changes between OpenSSL 0.9.8n and OpenSSL 0.9.8o [1 Jun 2010]: - - o Fix for security issue CVE-2010-0742. - o Various DTLS fixes. - o Recognise SHA2 certificates if only SSL algorithms added. - o Fix for no-rc4 compilation. - o Chil ENGINE unload workaround. - Major changes between OpenSSL 0.9.8m and OpenSSL 0.9.8n [24 Mar 2010]: o CFB cipher definition fixes. Modified: stable/10/crypto/openssl/README ============================================================================== --- stable/10/crypto/openssl/README Fri Mar 20 21:09:03 2015 (r280303) +++ stable/10/crypto/openssl/README Fri Mar 20 21:54:45 2015 (r280304) @@ -1,5 +1,5 @@ - OpenSSL 1.0.1l 15 Jan 2015 + OpenSSL 1.0.1m 19 Mar 2015 Copyright (c) 1998-2011 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: stable/10/crypto/openssl/apps/app_rand.c ============================================================================== --- stable/10/crypto/openssl/apps/app_rand.c Fri Mar 20 21:09:03 2015 (r280303) +++ stable/10/crypto/openssl/apps/app_rand.c Fri Mar 20 21:54:45 2015 (r280304) @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -63,7 +63,7 @@ * are met: * * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. + * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in @@ -115,104 +115,106 @@ #include #include - static int seeded = 0; static int egdsocket = 0; int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) - { - int consider_randfile = (file == NULL); - char buffer[200]; - +{ + int consider_randfile = (file == NULL); + char buffer[200]; + #ifdef OPENSSL_SYS_WINDOWS - BIO_printf(bio_e,"Loading 'screen' into random state -"); - BIO_flush(bio_e); - RAND_screen(); - BIO_printf(bio_e," done\n"); + BIO_printf(bio_e, "Loading 'screen' into random state -"); + BIO_flush(bio_e); + RAND_screen(); + BIO_printf(bio_e, " done\n"); #endif - if (file == NULL) - file = RAND_file_name(buffer, sizeof buffer); - else if (RAND_egd(file) > 0) - { - /* we try if the given filename is an EGD socket. - if it is, we don't write anything back to the file. */ - egdsocket = 1; - return 1; - } - if (file == NULL || !RAND_load_file(file, -1)) - { - if (RAND_status() == 0) - { - if (!dont_warn) - { - BIO_printf(bio_e,"unable to load 'random state'\n"); - BIO_printf(bio_e,"This means that the random number generator has not been seeded\n"); - BIO_printf(bio_e,"with much random data.\n"); - if (consider_randfile) /* explanation does not apply when a file is explicitly named */ - { - BIO_printf(bio_e,"Consider setting the RANDFILE environment variable to point at a file that\n"); - BIO_printf(bio_e,"'random' data can be kept in (the file will be overwritten).\n"); - } - } - return 0; - } - } - seeded = 1; - return 1; - } + if (file == NULL) + file = RAND_file_name(buffer, sizeof buffer); + else if (RAND_egd(file) > 0) { + /* + * we try if the given filename is an EGD socket. if it is, we don't + * write anything back to the file. + */ + egdsocket = 1; + return 1; + } + if (file == NULL || !RAND_load_file(file, -1)) { + if (RAND_status() == 0) { + if (!dont_warn) { + BIO_printf(bio_e, "unable to load 'random state'\n"); + BIO_printf(bio_e, + "This means that the random number generator has not been seeded\n"); + BIO_printf(bio_e, "with much random data.\n"); + if (consider_randfile) { /* explanation does not apply when a + * file is explicitly named */ + BIO_printf(bio_e, + "Consider setting the RANDFILE environment variable to point at a file that\n"); + BIO_printf(bio_e, + "'random' data can be kept in (the file will be overwritten).\n"); + } + } + return 0; + } + } + seeded = 1; + return 1; +} long app_RAND_load_files(char *name) - { - char *p,*n; - int last; - long tot=0; - int egd; - - for (;;) - { - last=0; - for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++); - if (*p == '\0') last=1; - *p='\0'; - n=name; - name=p+1; - if (*n == '\0') break; - - egd=RAND_egd(n); - if (egd > 0) - tot+=egd; - else - tot+=RAND_load_file(n,-1); - if (last) break; - } - if (tot > 512) - app_RAND_allow_write_file(); - return(tot); - } +{ + char *p, *n; + int last; + long tot = 0; + int egd; + + for (;;) { + last = 0; + for (p = name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++) ; + if (*p == '\0') + last = 1; + *p = '\0'; + n = name; + name = p + 1; + if (*n == '\0') + break; + + egd = RAND_egd(n); + if (egd > 0) + tot += egd; + else + tot += RAND_load_file(n, -1); + if (last) + break; + } + if (tot > 512) + app_RAND_allow_write_file(); + return (tot); +} int app_RAND_write_file(const char *file, BIO *bio_e) - { - char buffer[200]; - - if (egdsocket || !seeded) - /* If we did not manage to read the seed file, - * we should not write a low-entropy seed file back -- - * it would suppress a crucial warning the next time - * we want to use it. */ - return 0; - - if (file == NULL) - file = RAND_file_name(buffer, sizeof buffer); - if (file == NULL || !RAND_write_file(file)) - { - BIO_printf(bio_e,"unable to write 'random state'\n"); - return 0; - } - return 1; - } +{ + char buffer[200]; + + if (egdsocket || !seeded) + /* + * If we did not manage to read the seed file, we should not write a + * low-entropy seed file back -- it would suppress a crucial warning + * the next time we want to use it. + */ + return 0; + + if (file == NULL) + file = RAND_file_name(buffer, sizeof buffer); + if (file == NULL || !RAND_write_file(file)) { + BIO_printf(bio_e, "unable to write 'random state'\n"); + return 0; + } + return 1; +} void app_RAND_allow_write_file(void) - { - seeded = 1; - } +{ + seeded = 1; +} Modified: stable/10/crypto/openssl/apps/apps.c ============================================================================== --- stable/10/crypto/openssl/apps/apps.c Fri Mar 20 21:09:03 2015 (r280303) +++ stable/10/crypto/openssl/apps/apps.c Fri Mar 20 21:54:45 2015 (r280304) @@ -5,21 +5,21 @@ * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. - * + * * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to. The following conditions * apply to all code found in this distribution, be it the RC4, RSA, * lhash, DES, etc., code; not just the SSL code. The SSL documentation * included with this distribution is covered by the same copyright terms * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * + * * Copyright remains Eric Young's, and as such any Copyright notices in * the code are not to be removed. * If this package is used in a product, Eric Young should be given attribution * as the author of the parts of the library used. * This can be in the form of a textual message at program startup or * in documentation (online or textual) provided with the package. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,10 +34,10 @@ * Eric Young (eay@cryptsoft.com)" * The word 'cryptographic' can be left out if the rouines from the library * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from + * 4. If you include any Windows specific code (or a derivative thereof) from * the apps directory (application code) you must include an acknowledgement: * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * + * * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE @@ -49,7 +49,7 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * + * * The licence and distribution terms for any publically available version or * derivative of this code cannot be changed. i.e. this code cannot simply be * copied and put under another distribution licence @@ -63,7 +63,7 @@ * are met: *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***