Date: Tue, 10 Sep 2019 17:40:54 +0000 (UTC) From: Jung-uk Kim <jkim@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r352163 - in vendor-crypto/openssl/dist: . apps crypto crypto/aes/asm crypto/asn1 crypto/bio crypto/bn crypto/bn/asm crypto/cms crypto/conf crypto/dh crypto/dsa crypto/dso crypto/ec cry... Message-ID: <201909101740.x8AHeslv054915@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jkim Date: Tue Sep 10 17:40:53 2019 New Revision: 352163 URL: https://svnweb.freebsd.org/changeset/base/352163 Log: Import OpenSSL 1.1.1d. Added: vendor-crypto/openssl/dist/doc/man3/CRYPTO_memcmp.pod vendor-crypto/openssl/dist/doc/man3/X509_cmp.pod Deleted: vendor-crypto/openssl/dist/crypto/aes/asm/aes-586.pl vendor-crypto/openssl/dist/crypto/aes/asm/aes-x86_64.pl vendor-crypto/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl Modified: vendor-crypto/openssl/dist/CHANGES vendor-crypto/openssl/dist/Configure vendor-crypto/openssl/dist/FREEBSD-upgrade vendor-crypto/openssl/dist/INSTALL vendor-crypto/openssl/dist/NEWS vendor-crypto/openssl/dist/README vendor-crypto/openssl/dist/apps/apps.c vendor-crypto/openssl/dist/apps/apps.h vendor-crypto/openssl/dist/apps/ca.c vendor-crypto/openssl/dist/apps/dgst.c vendor-crypto/openssl/dist/apps/enc.c vendor-crypto/openssl/dist/apps/ocsp.c vendor-crypto/openssl/dist/apps/openssl.c vendor-crypto/openssl/dist/apps/pkcs12.c vendor-crypto/openssl/dist/apps/req.c vendor-crypto/openssl/dist/apps/s_apps.h vendor-crypto/openssl/dist/apps/s_cb.c vendor-crypto/openssl/dist/apps/s_client.c vendor-crypto/openssl/dist/apps/speed.c vendor-crypto/openssl/dist/apps/storeutl.c vendor-crypto/openssl/dist/config vendor-crypto/openssl/dist/crypto/aes/asm/aes-s390x.pl vendor-crypto/openssl/dist/crypto/asn1/a_time.c vendor-crypto/openssl/dist/crypto/asn1/a_type.c vendor-crypto/openssl/dist/crypto/asn1/x_bignum.c vendor-crypto/openssl/dist/crypto/bio/b_addr.c vendor-crypto/openssl/dist/crypto/bio/bss_dgram.c vendor-crypto/openssl/dist/crypto/bio/bss_file.c vendor-crypto/openssl/dist/crypto/bio/bss_mem.c vendor-crypto/openssl/dist/crypto/bn/asm/mips.pl vendor-crypto/openssl/dist/crypto/bn/bn_div.c vendor-crypto/openssl/dist/crypto/bn/bn_lcl.h vendor-crypto/openssl/dist/crypto/bn/bn_lib.c vendor-crypto/openssl/dist/crypto/bn/bn_prime.c vendor-crypto/openssl/dist/crypto/bn/bn_rand.c vendor-crypto/openssl/dist/crypto/bn/bn_sqrt.c vendor-crypto/openssl/dist/crypto/cms/cms_att.c vendor-crypto/openssl/dist/crypto/cms/cms_env.c vendor-crypto/openssl/dist/crypto/cms/cms_err.c vendor-crypto/openssl/dist/crypto/cms/cms_lcl.h vendor-crypto/openssl/dist/crypto/cms/cms_sd.c vendor-crypto/openssl/dist/crypto/cms/cms_smime.c vendor-crypto/openssl/dist/crypto/conf/conf_sap.c vendor-crypto/openssl/dist/crypto/ctype.c vendor-crypto/openssl/dist/crypto/dh/dh_check.c vendor-crypto/openssl/dist/crypto/dh/dh_gen.c vendor-crypto/openssl/dist/crypto/dh/dh_key.c vendor-crypto/openssl/dist/crypto/dh/dh_lib.c vendor-crypto/openssl/dist/crypto/dsa/dsa_ameth.c vendor-crypto/openssl/dist/crypto/dsa/dsa_err.c vendor-crypto/openssl/dist/crypto/dsa/dsa_ossl.c vendor-crypto/openssl/dist/crypto/dso/dso_dlfcn.c vendor-crypto/openssl/dist/crypto/ec/asm/ecp_nistz256-sparcv9.pl vendor-crypto/openssl/dist/crypto/ec/asm/ecp_nistz256-x86_64.pl vendor-crypto/openssl/dist/crypto/ec/asm/x25519-ppc64.pl vendor-crypto/openssl/dist/crypto/ec/ec_asn1.c vendor-crypto/openssl/dist/crypto/ec/ec_curve.c vendor-crypto/openssl/dist/crypto/ec/ec_lcl.h vendor-crypto/openssl/dist/crypto/ec/ec_lib.c vendor-crypto/openssl/dist/crypto/ec/ecdh_ossl.c vendor-crypto/openssl/dist/crypto/ec/ecdsa_ossl.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistp224.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistp256.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistp521.c vendor-crypto/openssl/dist/crypto/ec/ecp_nistputil.c vendor-crypto/openssl/dist/crypto/ec/ecx_meth.c vendor-crypto/openssl/dist/crypto/engine/eng_devcrypto.c vendor-crypto/openssl/dist/crypto/engine/eng_openssl.c vendor-crypto/openssl/dist/crypto/err/err.c vendor-crypto/openssl/dist/crypto/err/openssl.txt vendor-crypto/openssl/dist/crypto/evp/bio_ok.c vendor-crypto/openssl/dist/crypto/evp/e_aes.c vendor-crypto/openssl/dist/crypto/evp/e_aria.c vendor-crypto/openssl/dist/crypto/evp/e_chacha20_poly1305.c vendor-crypto/openssl/dist/crypto/evp/e_rc5.c vendor-crypto/openssl/dist/crypto/evp/evp_err.c vendor-crypto/openssl/dist/crypto/evp/evp_lib.c vendor-crypto/openssl/dist/crypto/evp/m_sha3.c vendor-crypto/openssl/dist/crypto/include/internal/ctype.h vendor-crypto/openssl/dist/crypto/include/internal/rand_int.h vendor-crypto/openssl/dist/crypto/include/internal/sm2err.h vendor-crypto/openssl/dist/crypto/init.c vendor-crypto/openssl/dist/crypto/lhash/lhash.c vendor-crypto/openssl/dist/crypto/o_str.c vendor-crypto/openssl/dist/crypto/pem/pvkfmt.c vendor-crypto/openssl/dist/crypto/pkcs7/pk7_doit.c vendor-crypto/openssl/dist/crypto/rand/drbg_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_err.c vendor-crypto/openssl/dist/crypto/rand/rand_lcl.h vendor-crypto/openssl/dist/crypto/rand/rand_lib.c vendor-crypto/openssl/dist/crypto/rand/rand_unix.c vendor-crypto/openssl/dist/crypto/rsa/rsa_ameth.c vendor-crypto/openssl/dist/crypto/rsa/rsa_err.c vendor-crypto/openssl/dist/crypto/rsa/rsa_gen.c vendor-crypto/openssl/dist/crypto/rsa/rsa_lib.c vendor-crypto/openssl/dist/crypto/rsa/rsa_ossl.c vendor-crypto/openssl/dist/crypto/s390xcap.c vendor-crypto/openssl/dist/crypto/sha/asm/keccak1600-armv4.pl vendor-crypto/openssl/dist/crypto/sha/asm/keccak1600-armv8.pl vendor-crypto/openssl/dist/crypto/sha/asm/sha512-sparcv9.pl vendor-crypto/openssl/dist/crypto/sm2/sm2_sign.c vendor-crypto/openssl/dist/crypto/store/loader_file.c vendor-crypto/openssl/dist/crypto/store/store_lib.c vendor-crypto/openssl/dist/crypto/threads_none.c vendor-crypto/openssl/dist/crypto/threads_pthread.c vendor-crypto/openssl/dist/crypto/ui/ui_lib.c vendor-crypto/openssl/dist/crypto/ui/ui_openssl.c vendor-crypto/openssl/dist/crypto/uid.c vendor-crypto/openssl/dist/crypto/whrlpool/wp_block.c vendor-crypto/openssl/dist/crypto/x509/by_dir.c vendor-crypto/openssl/dist/crypto/x509/t_req.c vendor-crypto/openssl/dist/crypto/x509/x509_att.c vendor-crypto/openssl/dist/crypto/x509/x509_cmp.c vendor-crypto/openssl/dist/crypto/x509/x509_err.c vendor-crypto/openssl/dist/crypto/x509/x509_lu.c vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c vendor-crypto/openssl/dist/crypto/x509v3/v3_alt.c vendor-crypto/openssl/dist/crypto/x509v3/v3_purp.c vendor-crypto/openssl/dist/doc/HOWTO/proxy_certificates.txt vendor-crypto/openssl/dist/doc/man1/engine.pod vendor-crypto/openssl/dist/doc/man1/errstr.pod vendor-crypto/openssl/dist/doc/man1/pkcs12.pod vendor-crypto/openssl/dist/doc/man1/pkeyparam.pod vendor-crypto/openssl/dist/doc/man1/s_client.pod vendor-crypto/openssl/dist/doc/man1/s_server.pod vendor-crypto/openssl/dist/doc/man3/ADMISSIONS.pod vendor-crypto/openssl/dist/doc/man3/ASYNC_start_job.pod vendor-crypto/openssl/dist/doc/man3/BIO_connect.pod vendor-crypto/openssl/dist/doc/man3/BIO_f_ssl.pod vendor-crypto/openssl/dist/doc/man3/BIO_find_type.pod vendor-crypto/openssl/dist/doc/man3/BIO_new.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_accept.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_bio.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_connect.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_fd.pod vendor-crypto/openssl/dist/doc/man3/BIO_s_mem.pod vendor-crypto/openssl/dist/doc/man3/BIO_set_callback.pod vendor-crypto/openssl/dist/doc/man3/BN_generate_prime.pod vendor-crypto/openssl/dist/doc/man3/BN_mod_mul_montgomery.pod vendor-crypto/openssl/dist/doc/man3/BN_new.pod vendor-crypto/openssl/dist/doc/man3/CMS_final.pod vendor-crypto/openssl/dist/doc/man3/CRYPTO_THREAD_run_once.pod vendor-crypto/openssl/dist/doc/man3/DES_random_key.pod vendor-crypto/openssl/dist/doc/man3/DSA_generate_key.pod vendor-crypto/openssl/dist/doc/man3/DSA_sign.pod vendor-crypto/openssl/dist/doc/man3/ECDSA_SIG_new.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestSignInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_DigestVerifyInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_CTX_set_tls1_prf_md.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_decrypt.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_derive.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_encrypt.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_sign.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_verify.pod vendor-crypto/openssl/dist/doc/man3/EVP_PKEY_verify_recover.pod vendor-crypto/openssl/dist/doc/man3/EVP_SealInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_SignInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_VerifyInit.pod vendor-crypto/openssl/dist/doc/man3/EVP_aria.pod vendor-crypto/openssl/dist/doc/man3/EVP_md5.pod vendor-crypto/openssl/dist/doc/man3/EVP_rc5_32_12_16_cbc.pod vendor-crypto/openssl/dist/doc/man3/OCSP_REQUEST_new.pod vendor-crypto/openssl/dist/doc/man3/OPENSSL_fork_prepare.pod vendor-crypto/openssl/dist/doc/man3/OSSL_STORE_LOADER.pod vendor-crypto/openssl/dist/doc/man3/OSSL_STORE_expect.pod vendor-crypto/openssl/dist/doc/man3/PKCS12_newpass.pod vendor-crypto/openssl/dist/doc/man3/RAND_DRBG_set_callbacks.pod vendor-crypto/openssl/dist/doc/man3/RAND_set_rand_method.pod vendor-crypto/openssl/dist/doc/man3/RSA_blinding_on.pod vendor-crypto/openssl/dist/doc/man3/RSA_generate_key.pod vendor-crypto/openssl/dist/doc/man3/RSA_padding_add_PKCS1_type_1.pod vendor-crypto/openssl/dist/doc/man3/RSA_public_encrypt.pod vendor-crypto/openssl/dist/doc/man3/RSA_sign_ASN1_OCTET_STRING.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_config.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_dane_enable.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_get0_param.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_new.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_cipher_list.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_generate_session_id.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_session_id_context.pod vendor-crypto/openssl/dist/doc/man3/SSL_CTX_set_verify.pod vendor-crypto/openssl/dist/doc/man3/SSL_SESSION_get0_hostname.pod vendor-crypto/openssl/dist/doc/man3/SSL_get_error.pod vendor-crypto/openssl/dist/doc/man3/SSL_library_init.pod vendor-crypto/openssl/dist/doc/man3/SSL_set1_host.pod vendor-crypto/openssl/dist/doc/man3/SSL_write.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_CTX_get_error.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_CTX_set_verify_cb.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_add_cert.pod vendor-crypto/openssl/dist/doc/man3/X509_STORE_new.pod vendor-crypto/openssl/dist/doc/man3/X509_VERIFY_PARAM_set_flags.pod vendor-crypto/openssl/dist/doc/man3/X509_get_extension_flags.pod vendor-crypto/openssl/dist/doc/man3/d2i_X509.pod vendor-crypto/openssl/dist/doc/man5/x509v3_config.pod vendor-crypto/openssl/dist/doc/man7/Ed25519.pod vendor-crypto/openssl/dist/doc/man7/RAND.pod vendor-crypto/openssl/dist/doc/man7/SM2.pod vendor-crypto/openssl/dist/doc/man7/X25519.pod vendor-crypto/openssl/dist/doc/man7/bio.pod vendor-crypto/openssl/dist/doc/man7/scrypt.pod vendor-crypto/openssl/dist/e_os.h vendor-crypto/openssl/dist/engines/build.info vendor-crypto/openssl/dist/engines/e_afalg.c vendor-crypto/openssl/dist/include/internal/constant_time_locl.h vendor-crypto/openssl/dist/include/internal/cryptlib.h vendor-crypto/openssl/dist/include/internal/dsoerr.h vendor-crypto/openssl/dist/include/internal/refcount.h vendor-crypto/openssl/dist/include/internal/thread_once.h vendor-crypto/openssl/dist/include/internal/tsan_assist.h vendor-crypto/openssl/dist/include/openssl/asn1err.h vendor-crypto/openssl/dist/include/openssl/asyncerr.h vendor-crypto/openssl/dist/include/openssl/bio.h vendor-crypto/openssl/dist/include/openssl/bioerr.h vendor-crypto/openssl/dist/include/openssl/bnerr.h vendor-crypto/openssl/dist/include/openssl/buffererr.h vendor-crypto/openssl/dist/include/openssl/cms.h vendor-crypto/openssl/dist/include/openssl/cmserr.h vendor-crypto/openssl/dist/include/openssl/comperr.h vendor-crypto/openssl/dist/include/openssl/conferr.h vendor-crypto/openssl/dist/include/openssl/cryptoerr.h vendor-crypto/openssl/dist/include/openssl/cterr.h vendor-crypto/openssl/dist/include/openssl/dherr.h vendor-crypto/openssl/dist/include/openssl/dsaerr.h vendor-crypto/openssl/dist/include/openssl/ec.h vendor-crypto/openssl/dist/include/openssl/ecerr.h vendor-crypto/openssl/dist/include/openssl/engineerr.h vendor-crypto/openssl/dist/include/openssl/evp.h vendor-crypto/openssl/dist/include/openssl/evperr.h vendor-crypto/openssl/dist/include/openssl/kdferr.h vendor-crypto/openssl/dist/include/openssl/objectserr.h vendor-crypto/openssl/dist/include/openssl/ocsperr.h vendor-crypto/openssl/dist/include/openssl/opensslv.h vendor-crypto/openssl/dist/include/openssl/pemerr.h vendor-crypto/openssl/dist/include/openssl/pkcs12err.h vendor-crypto/openssl/dist/include/openssl/pkcs7err.h vendor-crypto/openssl/dist/include/openssl/randerr.h vendor-crypto/openssl/dist/include/openssl/rsaerr.h vendor-crypto/openssl/dist/include/openssl/ssl.h vendor-crypto/openssl/dist/include/openssl/sslerr.h vendor-crypto/openssl/dist/include/openssl/store.h vendor-crypto/openssl/dist/include/openssl/storeerr.h vendor-crypto/openssl/dist/include/openssl/tls1.h vendor-crypto/openssl/dist/include/openssl/tserr.h vendor-crypto/openssl/dist/include/openssl/uierr.h vendor-crypto/openssl/dist/include/openssl/x509err.h vendor-crypto/openssl/dist/include/openssl/x509v3.h vendor-crypto/openssl/dist/include/openssl/x509v3err.h vendor-crypto/openssl/dist/ssl/d1_msg.c vendor-crypto/openssl/dist/ssl/record/rec_layer_s3.c vendor-crypto/openssl/dist/ssl/s3_lib.c vendor-crypto/openssl/dist/ssl/ssl_cert.c vendor-crypto/openssl/dist/ssl/ssl_ciph.c vendor-crypto/openssl/dist/ssl/ssl_lib.c vendor-crypto/openssl/dist/ssl/ssl_locl.h vendor-crypto/openssl/dist/ssl/ssl_sess.c vendor-crypto/openssl/dist/ssl/statem/extensions.c vendor-crypto/openssl/dist/ssl/statem/extensions_clnt.c vendor-crypto/openssl/dist/ssl/statem/extensions_srvr.c vendor-crypto/openssl/dist/ssl/statem/statem_clnt.c vendor-crypto/openssl/dist/ssl/statem/statem_lib.c vendor-crypto/openssl/dist/ssl/statem/statem_srvr.c vendor-crypto/openssl/dist/ssl/t1_lib.c vendor-crypto/openssl/dist/ssl/tls13_enc.c Modified: vendor-crypto/openssl/dist/CHANGES ============================================================================== --- vendor-crypto/openssl/dist/CHANGES Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/CHANGES Tue Sep 10 17:40:53 2019 (r352163) @@ -7,6 +7,101 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1c and 1.1.1d [10 Sep 2019] + + *) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random + number generator (RNG). This was intended to include protection in the + event of a fork() system call in order to ensure that the parent and child + processes did not share the same RNG state. However this protection was not + being used in the default case. + + A partial mitigation for this issue is that the output from a high + precision timer is mixed into the RNG state so the likelihood of a parent + and child process sharing state is significantly reduced. + + If an application already calls OPENSSL_init_crypto() explicitly using + OPENSSL_INIT_ATFORK then this problem does not occur at all. + (CVE-2019-1549) + [Matthias St. Pierre] + + *) For built-in EC curves, ensure an EC_GROUP built from the curve name is + used even when parsing explicit parameters, when loading a serialized key + or calling `EC_GROUP_new_from_ecpkparameters()`/ + `EC_GROUP_new_from_ecparameters()`. + This prevents bypass of security hardening and performance gains, + especially for curves with specialized EC_METHODs. + By default, if a key encoded with explicit parameters is loaded and later + serialized, the output is still encoded with explicit parameters, even if + internally a "named" EC_GROUP is used for computation. + [Nicola Tuveri] + + *) Compute ECC cofactors if not provided during EC_GROUP construction. Before + this change, EC_GROUP_set_generator would accept order and/or cofactor as + NULL. After this change, only the cofactor parameter can be NULL. It also + does some minimal sanity checks on the passed order. + (CVE-2019-1547) + [Billy Bob Brumley] + + *) Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey. + An attack is simple, if the first CMS_recipientInfo is valid but the + second CMS_recipientInfo is chosen ciphertext. If the second + recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct + encryption key will be replaced by garbage, and the message cannot be + decoded, but if the RSA decryption fails, the correct encryption key is + used and the recipient will not notice the attack. + As a work around for this potential attack the length of the decrypted + key must be equal to the cipher default key length, in case the + certifiate is not given and all recipientInfo are tried out. + The old behaviour can be re-enabled in the CMS code by setting the + CMS_DEBUG_DECRYPT flag. + (CVE-2019-1563) + [Bernd Edlinger] + + *) Early start up entropy quality from the DEVRANDOM seed source has been + improved for older Linux systems. The RAND subsystem will wait for + /dev/random to be producing output before seeding from /dev/urandom. + The seeded state is stored for future library initialisations using + a system global shared memory segment. The shared memory identifier + can be configured by defining OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID to + the desired value. The default identifier is 114. + [Paul Dale] + + *) Correct the extended master secret constant on EBCDIC systems. Without this + fix TLS connections between an EBCDIC system and a non-EBCDIC system that + negotiate EMS will fail. Unfortunately this also means that TLS connections + between EBCDIC systems with this fix, and EBCDIC systems without this + fix will fail if they negotiate EMS. + [Matt Caswell] + + *) Use Windows installation paths in the mingw builds + + Mingw isn't a POSIX environment per se, which means that Windows + paths should be used for installation. + (CVE-2019-1552) + [Richard Levitte] + + *) Changed DH_check to accept parameters with order q and 2q subgroups. + With order 2q subgroups the bit 0 of the private key is not secret + but DH_generate_key works around that by clearing bit 0 of the + private key for those. This avoids leaking bit 0 of the private key. + [Bernd Edlinger] + + *) Significantly reduce secure memory usage by the randomness pools. + [Paul Dale] + + *) Revert the DEVRANDOM_WAIT feature for Linux systems + + The DEVRANDOM_WAIT feature added a select() call to wait for the + /dev/random device to become readable before reading from the + /dev/urandom device. + + It turned out that this change had negative side effects on + performance which were not acceptable. After some discussion it + was decided to revert this feature and leave it up to the OS + resp. the platform maintainer to ensure a proper initialization + during early boot time. + [Matthias St. Pierre] + Changes between 1.1.1b and 1.1.1c [28 May 2019] *) Add build tests for C++. These are generated files that only do one @@ -75,6 +170,16 @@ (CVE-2019-1543) [Matt Caswell] + *) Add DEVRANDOM_WAIT feature for Linux systems + + On older Linux systems where the getrandom() system call is not available, + OpenSSL normally uses the /dev/urandom device for seeding its CSPRNG. + Contrary to getrandom(), the /dev/urandom device will not block during + early boot when the kernel CSPRNG has not been seeded yet. + + To mitigate this known weakness, use select() to wait for /dev/random to + become readable before reading from /dev/urandom. + *) Ensure that SM2 only uses SM3 as digest algorithm [Paul Yang] @@ -322,7 +427,7 @@ SSL_set_ciphersuites() [Matt Caswell] - *) Memory allocation failures consistenly add an error to the error + *) Memory allocation failures consistently add an error to the error stack. [Rich Salz] @@ -6860,7 +6965,7 @@ reason texts, thereby removing some of the footprint that may not be interesting if those errors aren't displayed anyway. - NOTE: it's still possible for any application or module to have it's + NOTE: it's still possible for any application or module to have its own set of error texts inserted. The routines are there, just not used by default when no-err is given. [Richard Levitte] @@ -8826,7 +8931,7 @@ des-cbc 3624.96k 5258.21k 5530.91k Changes between 0.9.6g and 0.9.6h [5 Dec 2002] *) New function OPENSSL_cleanse(), which is used to cleanse a section of - memory from it's contents. This is done with a counter that will + memory from its contents. This is done with a counter that will place alternating values in each byte. This can be used to solve two issues: 1) the removal of calls to memset() by highly optimizing compilers, and 2) cleansing with other values than 0, since those can Modified: vendor-crypto/openssl/dist/Configure ============================================================================== --- vendor-crypto/openssl/dist/Configure Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/Configure Tue Sep 10 17:40:53 2019 (r352163) @@ -87,9 +87,6 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable- # linked openssl executable has rather debugging value than # production quality. # -# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items -# provided to stack calls. Generates unique stack functions for -# each possible stack type. # BN_LLONG use the type 'long long' in crypto/bn/bn.h # RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h # Following are set automatically by this script @@ -145,13 +142,13 @@ my @gcc_devteam_warn = qw( # -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc # -Wextended-offsetof -- no, needed in CMS ASN1 code my @clang_devteam_warn = qw( + -Wno-unknown-warning-option -Wswitch-default -Wno-parentheses-equality -Wno-language-extension-token -Wno-extended-offsetof -Wconditional-uninitialized -Wincompatible-pointer-types-discards-qualifiers - -Wno-unknown-warning-option -Wmissing-variable-declarations ); Modified: vendor-crypto/openssl/dist/FREEBSD-upgrade ============================================================================== --- vendor-crypto/openssl/dist/FREEBSD-upgrade Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/FREEBSD-upgrade Tue Sep 10 17:40:53 2019 (r352163) @@ -11,7 +11,7 @@ First, read http://wiki.freebsd.org/SubversionPrimer/V # Xlist setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist setenv FSVN "svn+ssh://repo.freebsd.org/base" -setenv OSSLVER 1.1.1c +setenv OSSLVER 1.1.1d ###setenv OSSLTAG v`echo ${OSSLVER} | tr . _` Modified: vendor-crypto/openssl/dist/INSTALL ============================================================================== --- vendor-crypto/openssl/dist/INSTALL Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/INSTALL Tue Sep 10 17:40:53 2019 (r352163) @@ -98,6 +98,9 @@ $ nmake test $ nmake install + Note that in order to perform the install step above you need to have + appropriate permissions to write to the installation directory. + If any of these steps fails, see section Installation in Detail below. This will build and install OpenSSL in the default location, which is: @@ -107,6 +110,12 @@ OpenSSL version number with underscores instead of periods. Windows: C:\Program Files\OpenSSL or C:\Program Files (x86)\OpenSSL + The installation directory should be appropriately protected to ensure + unprivileged users cannot make changes to OpenSSL binaries or files, or install + engines. If you already have a pre-installed version of OpenSSL as part of + your Operating System it is recommended that you do not overwrite the system + version and instead install to somewhere else. + If you want to install it anywhere else, run config like this: On Unix: @@ -135,7 +144,10 @@ Don't build with support for deprecated APIs below the specified version number. For example "--api=1.1.0" will remove support for all APIS that were deprecated in OpenSSL - version 1.1.0 or below. + version 1.1.0 or below. This is a rather specialized option + for developers. If you just intend to remove all deprecated + APIs entirely (up to the current version), it is easier + to add the 'no-deprecated' option instead (see below). --cross-compile-prefix=PREFIX The PREFIX to include in front of commands for your @@ -229,7 +241,7 @@ source exists. getrandom: Use the L<getrandom(2)> or equivalent system call. - devrandom: Use the the first device from the DEVRANDOM list + devrandom: Use the first device from the DEVRANDOM list which can be opened to read random bytes. The DEVRANDOM preprocessor constant expands to "/dev/urandom","/dev/random","/dev/srandom" on @@ -908,8 +920,11 @@ $ mms install ! OpenVMS $ nmake install # Windows - This will install all the software components in this directory - tree under PREFIX (the directory given with --prefix or its + Note that in order to perform the install step above you need to have + appropriate permissions to write to the installation directory. + + The above commands will install all the software components in this + directory tree under PREFIX (the directory given with --prefix or its default): Unix: @@ -964,6 +979,12 @@ private Initially empty, this is the default location for private key files. misc Various scripts. + + The installation directory should be appropriately protected to ensure + unprivileged users cannot make changes to OpenSSL binaries or files, or + install engines. If you already have a pre-installed version of OpenSSL as + part of your Operating System it is recommended that you do not overwrite + the system version and instead install to somewhere else. Package builders who want to configure the library for standard locations, but have the package installed somewhere else so that Modified: vendor-crypto/openssl/dist/NEWS ============================================================================== --- vendor-crypto/openssl/dist/NEWS Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/NEWS Tue Sep 10 17:40:53 2019 (r352163) @@ -5,6 +5,23 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019] + + o Fixed a fork protection issue (CVE-2019-1549) + o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey + (CVE-2019-1563) + o For built-in EC curves, ensure an EC_GROUP built from the curve name is + used even when parsing explicit parameters + o Compute ECC cofactors if not provided during EC_GROUP construction + (CVE-2019-1547) + o Early start up entropy quality from the DEVRANDOM seed source has been + improved for older Linux systems + o Correct the extended master secret constant on EBCDIC systems + o Use Windows installation paths in the mingw builds (CVE-2019-1552) + o Changed DH_check to accept parameters with order q and 2q subgroups + o Significantly reduce secure memory usage by the randomness pools + o Revert the DEVRANDOM_WAIT feature for Linux systems + Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019] o Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543) @@ -601,7 +618,7 @@ Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]: - o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build. + o Give EVP_MAX_MD_SIZE its old value, except for a FIPS build. Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]: Modified: vendor-crypto/openssl/dist/README ============================================================================== --- vendor-crypto/openssl/dist/README Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/README Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ - OpenSSL 1.1.1c 28 May 2019 + OpenSSL 1.1.1d 10 Sep 2019 Copyright (c) 1998-2019 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: vendor-crypto/openssl/dist/apps/apps.c ============================================================================== --- vendor-crypto/openssl/dist/apps/apps.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/apps.c Tue Sep 10 17:40:53 2019 (r352163) @@ -40,12 +40,19 @@ #endif #include <openssl/bn.h> #include <openssl/ssl.h> -#include "s_apps.h" #include "apps.h" #ifdef _WIN32 static int WIN32_rename(const char *from, const char *to); # define rename(from,to) WIN32_rename((from),(to)) +#endif + +#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) +# include <conio.h> +#endif + +#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32) +# define _kbhit kbhit #endif typedef struct { Modified: vendor-crypto/openssl/dist/apps/apps.h ============================================================================== --- vendor-crypto/openssl/dist/apps/apps.h Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/apps.h Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -444,11 +444,9 @@ void destroy_ui_method(void); const UI_METHOD *get_ui_method(void); int chopup_args(ARGS *arg, char *buf); -# ifdef HEADER_X509_H int dump_cert_text(BIO *out, X509 *x); void print_name(BIO *out, const char *title, X509_NAME *nm, unsigned long lflags); -# endif void print_bignum_var(BIO *, const BIGNUM *, const char*, int, unsigned char *); void print_array(BIO *, const char *, int, const unsigned char *); Modified: vendor-crypto/openssl/dist/apps/ca.c ============================================================================== --- vendor-crypto/openssl/dist/apps/ca.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/ca.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -722,7 +722,7 @@ end_of_options: /*****************************************************************/ if (req || gencrl) { - if (spkac_file != NULL) { + if (spkac_file != NULL && outfile != NULL) { output_der = 1; batch = 1; } Modified: vendor-crypto/openssl/dist/apps/dgst.c ============================================================================== --- vendor-crypto/openssl/dist/apps/dgst.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/dgst.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -421,7 +421,7 @@ int do_fp(BIO *out, unsigned char *buf, BIO *bp, int s size_t len; int i; - for (;;) { + while (BIO_pending(bp) || !BIO_eof(bp)) { i = BIO_read(bp, (char *)buf, BUFSIZE); if (i < 0) { BIO_printf(bio_err, "Read Error in %s\n", file); Modified: vendor-crypto/openssl/dist/apps/enc.c ============================================================================== --- vendor-crypto/openssl/dist/apps/enc.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/enc.c Tue Sep 10 17:40:53 2019 (r352163) @@ -586,7 +586,7 @@ int enc_main(int argc, char **argv) if (benc != NULL) wbio = BIO_push(benc, wbio); - for (;;) { + while (BIO_pending(rbio) || !BIO_eof(rbio)) { inl = BIO_read(rbio, (char *)buff, bsize); if (inl <= 0) break; Modified: vendor-crypto/openssl/dist/apps/ocsp.c ============================================================================== --- vendor-crypto/openssl/dist/apps/ocsp.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/ocsp.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1416,9 +1416,11 @@ static int do_responder(OCSP_REQUEST **preq, BIO **pcb *q = '\0'; /* - * Skip "GET / HTTP..." requests often used by load-balancers + * Skip "GET / HTTP..." requests often used by load-balancers. Note: + * 'p' was incremented above to point to the first byte *after* the + * leading slash, so with 'GET / ' it is now an empty string. */ - if (p[1] == '\0') + if (p[0] == '\0') goto out; len = urldecode(p); Modified: vendor-crypto/openssl/dist/apps/openssl.c ============================================================================== --- vendor-crypto/openssl/dist/apps/openssl.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/openssl.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -22,7 +22,6 @@ # include <openssl/engine.h> #endif #include <openssl/err.h> -#include "s_apps.h" /* Needed to get the other O_xxx flags. */ #ifdef OPENSSL_SYS_VMS # include <unixio.h> Modified: vendor-crypto/openssl/dist/apps/pkcs12.c ============================================================================== --- vendor-crypto/openssl/dist/apps/pkcs12.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/pkcs12.c Tue Sep 10 17:40:53 2019 (r352163) @@ -838,7 +838,7 @@ static int alg_print(const X509_ALGOR *alg) goto done; } BIO_printf(bio_err, ", Salt length: %d, Cost(N): %ld, " - "Block size(r): %ld, Paralelizm(p): %ld", + "Block size(r): %ld, Parallelism(p): %ld", ASN1_STRING_length(kdf->salt), ASN1_INTEGER_get(kdf->costParameter), ASN1_INTEGER_get(kdf->blockSize), Modified: vendor-crypto/openssl/dist/apps/req.c ============================================================================== --- vendor-crypto/openssl/dist/apps/req.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/req.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -881,9 +881,19 @@ int req_main(int argc, char **argv) if (text) { if (x509) - X509_print_ex(out, x509ss, get_nameopt(), reqflag); + ret = X509_print_ex(out, x509ss, get_nameopt(), reqflag); else - X509_REQ_print_ex(out, req, get_nameopt(), reqflag); + ret = X509_REQ_print_ex(out, req, get_nameopt(), reqflag); + + if (ret == 0) { + if (x509) + BIO_printf(bio_err, "Error printing certificate\n"); + else + BIO_printf(bio_err, "Error printing certificate request\n"); + + ERR_print_errors(bio_err); + goto end; + } } if (subject) { Modified: vendor-crypto/openssl/dist/apps/s_apps.h ============================================================================== --- vendor-crypto/openssl/dist/apps/s_apps.h Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/s_apps.h Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -9,14 +9,8 @@ #include <openssl/opensslconf.h> -#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS) -# include <conio.h> -#endif +#include <openssl/ssl.h> -#if defined(OPENSSL_SYS_MSDOS) && !defined(_WIN32) -# define _kbhit kbhit -#endif - #define PORT "4433" #define PROTOCOL "tcp" @@ -24,17 +18,15 @@ typedef int (*do_server_cb)(int s, int stype, int prot int do_server(int *accept_sock, const char *host, const char *port, int family, int type, int protocol, do_server_cb cb, unsigned char *context, int naccept, BIO *bio_s_out); -#ifdef HEADER_X509_H + int verify_callback(int ok, X509_STORE_CTX *ctx); -#endif -#ifdef HEADER_SSL_H + int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file); int set_cert_key_stuff(SSL_CTX *ctx, X509 *cert, EVP_PKEY *key, STACK_OF(X509) *chain, int build_chain); int ssl_print_sigalgs(BIO *out, SSL *s); int ssl_print_point_formats(BIO *out, SSL *s); int ssl_print_groups(BIO *out, SSL *s, int noshared); -#endif int ssl_print_tmp_key(BIO *out, SSL *s); int init_client(int *sock, const char *host, const char *port, const char *bindhost, const char *bindport, @@ -44,13 +36,11 @@ int should_retry(int i); long bio_dump_callback(BIO *bio, int cmd, const char *argp, int argi, long argl, long ret); -#ifdef HEADER_SSL_H void apps_ssl_info_callback(const SSL *s, int where, int ret); void msg_cb(int write_p, int version, int content_type, const void *buf, size_t len, SSL *ssl, void *arg); void tlsext_cb(SSL *s, int client_server, int type, const unsigned char *data, int len, void *arg); -#endif int generate_cookie_callback(SSL *ssl, unsigned char *cookie, unsigned int *cookie_len); @@ -75,7 +65,6 @@ int args_excert(int option, SSL_EXCERT **pexc); int load_excert(SSL_EXCERT **pexc); void print_verify_detail(SSL *s, BIO *bio); void print_ssl_summary(SSL *s); -#ifdef HEADER_SSL_H int config_ctx(SSL_CONF_CTX *cctx, STACK_OF(OPENSSL_STRING) *str, SSL_CTX *ctx); int ssl_ctx_add_crls(SSL_CTX *ctx, STACK_OF(X509_CRL) *crls, int crl_download); @@ -86,4 +75,3 @@ int ssl_load_stores(SSL_CTX *ctx, const char *vfyCApat void ssl_ctx_security_debug(SSL_CTX *ctx, int verbose); int set_keylog_file(SSL_CTX *ctx, const char *keylog_file); void print_ca_names(BIO *bio, SSL *s); -#endif Modified: vendor-crypto/openssl/dist/apps/s_cb.c ============================================================================== --- vendor-crypto/openssl/dist/apps/s_cb.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/s_cb.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1525,7 +1525,8 @@ void print_ca_names(BIO *bio, SSL *s) int i; if (sk == NULL || sk_X509_NAME_num(sk) == 0) { - BIO_printf(bio, "---\nNo %s certificate CA names sent\n", cs); + if (!SSL_is_server(s)) + BIO_printf(bio, "---\nNo %s certificate CA names sent\n", cs); return; } Modified: vendor-crypto/openssl/dist/apps/s_client.c ============================================================================== --- vendor-crypto/openssl/dist/apps/s_client.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/s_client.c Tue Sep 10 17:40:53 2019 (r352163) @@ -2345,7 +2345,7 @@ int s_client_main(int argc, char **argv) (void)BIO_flush(fbio); /* * The first line is the HTTP response. According to RFC 7230, - * it's formated exactly like this: + * it's formatted exactly like this: * * HTTP/d.d ddd Reason text\r\n */ Modified: vendor-crypto/openssl/dist/apps/speed.c ============================================================================== --- vendor-crypto/openssl/dist/apps/speed.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/speed.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1790,7 +1790,7 @@ int speed_main(int argc, char **argv) } buflen = lengths[size_num - 1]; - if (buflen < 36) /* size of random vector in RSA bencmark */ + if (buflen < 36) /* size of random vector in RSA benchmark */ buflen = 36; buflen += MAX_MISALIGNMENT + 1; loopargs[i].buf_malloc = app_malloc(buflen, "input buffer"); Modified: vendor-crypto/openssl/dist/apps/storeutl.c ============================================================================== --- vendor-crypto/openssl/dist/apps/storeutl.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/apps/storeutl.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2016-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -125,7 +125,7 @@ int storeutl_main(int argc, char *argv[]) } /* * If expected wasn't set at this point, it means the map - * isn't syncronised with the possible options leading here. + * isn't synchronised with the possible options leading here. */ OPENSSL_assert(expected != 0); } Modified: vendor-crypto/openssl/dist/config ============================================================================== --- vendor-crypto/openssl/dist/config Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/config Tue Sep 10 17:40:53 2019 (r352163) @@ -498,12 +498,12 @@ case "$GUESSOS" in OUT="darwin64-x86_64-cc" fi ;; armv6+7-*-iphoneos) - __CNF_CFLAGS="$__CNF_CFLAGS -arch%20armv6 -arch%20armv7" - __CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch%20armv6 -arch%20armv7" + __CNF_CFLAGS="$__CNF_CFLAGS -arch armv6 -arch armv7" + __CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch armv6 -arch armv7" OUT="iphoneos-cross" ;; *-*-iphoneos) - __CNF_CFLAGS="$__CNF_CFLAGS -arch%20${MACHINE}" - __CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch%20${MACHINE}" + __CNF_CFLAGS="$__CNF_CFLAGS -arch ${MACHINE}" + __CNF_CXXFLAGS="$__CNF_CXXFLAGS -arch ${MACHINE}" OUT="iphoneos-cross" ;; arm64-*-iphoneos|*-*-ios64) OUT="ios64-cross" ;; Modified: vendor-crypto/openssl/dist/crypto/aes/asm/aes-s390x.pl ============================================================================== --- vendor-crypto/openssl/dist/crypto/aes/asm/aes-s390x.pl Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/crypto/aes/asm/aes-s390x.pl Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ #! /usr/bin/env perl -# Copyright 2007-2018 The OpenSSL Project Authors. All Rights Reserved. +# Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved. # # Licensed under the OpenSSL license (the "License"). You may not use # this file except in compliance with the License. You can obtain a copy @@ -38,14 +38,14 @@ # Implement AES_set_[en|de]crypt_key. Key schedule setup is avoided # for 128-bit keys, if hardware support is detected. -# Januray 2009. +# January 2009. # # Add support for hardware AES192/256 and reschedule instructions to # minimize/avoid Address Generation Interlock hazard and to favour # dual-issue z10 pipeline. This gave ~25% improvement on z10 and # almost 50% on z9. The gain is smaller on z10, because being dual- # issue z10 makes it impossible to eliminate the interlock condition: -# critial path is not long enough. Yet it spends ~24 cycles per byte +# critical path is not long enough. Yet it spends ~24 cycles per byte # processed with 128-bit key. # # Unlike previous version hardware support detection takes place only Modified: vendor-crypto/openssl/dist/crypto/asn1/a_time.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/a_time.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/crypto/asn1/a_time.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1999-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -67,7 +67,7 @@ static void determine_days(struct tm *tm) } c = y / 100; y %= 100; - /* Zeller's congruance */ + /* Zeller's congruence */ tm->tm_wday = (d + (13 * m) / 5 + y + y / 4 + c / 4 + 5 * c + 6) % 7; } @@ -79,7 +79,11 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) char *a; int n, i, i2, l, o, min_l = 11, strict = 0, end = 6, btz = 5, md; struct tm tmp; - +#if defined(CHARSET_EBCDIC) + const char upper_z = 0x5A, num_zero = 0x30, period = 0x2E, minus = 0x2D, plus = 0x2B; +#else + const char upper_z = 'Z', num_zero = '0', period = '.', minus = '-', plus = '+'; +#endif /* * ASN1_STRING_FLAG_X509_TIME is used to enforce RFC 5280 * time string format, in which: @@ -120,20 +124,20 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) if (l < min_l) goto err; for (i = 0; i < end; i++) { - if (!strict && (i == btz) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) { + if (!strict && (i == btz) && ((a[o] == upper_z) || (a[o] == plus) || (a[o] == minus))) { i++; break; } - if (!ossl_isdigit(a[o])) + if (!ascii_isdigit(a[o])) goto err; - n = a[o] - '0'; + n = a[o] - num_zero; /* incomplete 2-digital number */ if (++o == l) goto err; - if (!ossl_isdigit(a[o])) + if (!ascii_isdigit(a[o])) goto err; - n = (n * 10) + a[o] - '0'; + n = (n * 10) + a[o] - num_zero; /* no more bytes to read, but we haven't seen time-zone yet */ if (++o == l) goto err; @@ -185,14 +189,14 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) * Optional fractional seconds: decimal point followed by one or more * digits. */ - if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == '.') { + if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == period) { if (strict) /* RFC 5280 forbids fractional seconds */ goto err; if (++o == l) goto err; i = o; - while ((o < l) && ossl_isdigit(a[o])) + while ((o < l) && ascii_isdigit(a[o])) o++; /* Must have at least one digit after decimal point */ if (i == o) @@ -207,10 +211,10 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) * 'o' can point to '\0' is either the subsequent if or the first * else if is true. */ - if (a[o] == 'Z') { + if (a[o] == upper_z) { o++; - } else if (!strict && ((a[o] == '+') || (a[o] == '-'))) { - int offsign = a[o] == '-' ? 1 : -1; + } else if (!strict && ((a[o] == plus) || (a[o] == minus))) { + int offsign = a[o] == minus ? 1 : -1; int offset = 0; o++; @@ -223,13 +227,13 @@ int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) if (o + 4 != l) goto err; for (i = end; i < end + 2; i++) { - if (!ossl_isdigit(a[o])) + if (!ascii_isdigit(a[o])) goto err; - n = a[o] - '0'; + n = a[o] - num_zero; o++; - if (!ossl_isdigit(a[o])) + if (!ascii_isdigit(a[o])) goto err; - n = (n * 10) + a[o] - '0'; + n = (n * 10) + a[o] - num_zero; i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i; if ((n < min[i2]) || (n > max[i2])) goto err; @@ -300,7 +304,7 @@ ASN1_TIME *asn1_time_from_tm(ASN1_TIME *s, struct tm * ts->tm_mday, ts->tm_hour, ts->tm_min, ts->tm_sec); -#ifdef CHARSET_EBCDIC_not +#ifdef CHARSET_EBCDIC ebcdic2ascii(tmps->data, tmps->data, tmps->length); #endif return tmps; @@ -467,6 +471,7 @@ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) char *v; int gmt = 0, l; struct tm stm; + const char upper_z = 0x5A, period = 0x2E; if (!asn1_time_to_tm(&stm, tm)) { /* asn1_time_to_tm will check the time type */ @@ -475,7 +480,7 @@ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) l = tm->length; v = (char *)tm->data; - if (v[l - 1] == 'Z') + if (v[l - 1] == upper_z) gmt = 1; if (tm->type == V_ASN1_GENERALIZEDTIME) { @@ -486,10 +491,10 @@ int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) * Try to parse fractional seconds. '14' is the place of * 'fraction point' in a GeneralizedTime string. */ - if (tm->length > 15 && v[14] == '.') { + if (tm->length > 15 && v[14] == period) { f = &v[14]; f_len = 1; - while (14 + f_len < l && ossl_isdigit(f[f_len])) + while (14 + f_len < l && ascii_isdigit(f[f_len])) ++f_len; } Modified: vendor-crypto/openssl/dist/crypto/asn1/a_type.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/a_type.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/crypto/asn1/a_type.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -15,7 +15,9 @@ int ASN1_TYPE_get(const ASN1_TYPE *a) { - if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL)) + if (a->type == V_ASN1_BOOLEAN + || a->type == V_ASN1_NULL + || a->value.ptr != NULL) return a->type; else return 0; @@ -23,7 +25,9 @@ int ASN1_TYPE_get(const ASN1_TYPE *a) void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) { - if (a->value.ptr != NULL) { + if (a->type != V_ASN1_BOOLEAN + && a->type != V_ASN1_NULL + && a->value.ptr != NULL) { ASN1_TYPE **tmp_a = &a; asn1_primitive_free((ASN1_VALUE **)tmp_a, NULL, 0); } Modified: vendor-crypto/openssl/dist/crypto/asn1/x_bignum.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/asn1/x_bignum.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/crypto/asn1/x_bignum.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -130,9 +130,20 @@ static int bn_c2i(ASN1_VALUE **pval, const unsigned ch static int bn_secure_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) { - if (!*pval) - bn_secure_new(pval, it); - return bn_c2i(pval, cont, len, utype, free_cont, it); + int ret; + BIGNUM *bn; + + if (!*pval && !bn_secure_new(pval, it)) + return 0; + + ret = bn_c2i(pval, cont, len, utype, free_cont, it); + if (!ret) + return 0; + + /* Set constant-time flag for all secure BIGNUMS */ + bn = (BIGNUM *)*pval; + BN_set_flags(bn, BN_FLG_CONSTTIME); + return ret; } static int bn_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, Modified: vendor-crypto/openssl/dist/crypto/bio/b_addr.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/b_addr.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/crypto/bio/b_addr.c Tue Sep 10 17:40:53 2019 (r352163) @@ -675,7 +675,7 @@ int BIO_lookup_ex(const char *host, const char *servic if (1) { #ifdef AI_PASSIVE - int gai_ret = 0; + int gai_ret = 0, old_ret = 0; struct addrinfo hints; memset(&hints, 0, sizeof(hints)); @@ -683,12 +683,12 @@ int BIO_lookup_ex(const char *host, const char *servic hints.ai_family = family; hints.ai_socktype = socktype; hints.ai_protocol = protocol; -#ifdef AI_ADDRCONFIG -#ifdef AF_UNSPEC +# ifdef AI_ADDRCONFIG +# ifdef AF_UNSPEC if (family == AF_UNSPEC) -#endif +# endif hints.ai_flags |= AI_ADDRCONFIG; -#endif +# endif if (lookup_type == BIO_LOOKUP_SERVER) hints.ai_flags |= AI_PASSIVE; @@ -696,6 +696,7 @@ int BIO_lookup_ex(const char *host, const char *servic /* Note that |res| SHOULD be a 'struct addrinfo **' thanks to * macro magic in bio_lcl.h */ + retry: switch ((gai_ret = getaddrinfo(host, service, &hints, res))) { # ifdef EAI_SYSTEM case EAI_SYSTEM: @@ -703,12 +704,25 @@ int BIO_lookup_ex(const char *host, const char *servic BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB); break; # endif +# ifdef EAI_MEMORY + case EAI_MEMORY: + BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_MALLOC_FAILURE); + break; +# endif case 0: ret = 1; /* Success */ break; default: +# if defined(AI_ADDRCONFIG) && defined(AI_NUMERICHOST) + if (hints.ai_flags & AI_ADDRCONFIG) { + hints.ai_flags &= ~AI_ADDRCONFIG; + hints.ai_flags |= AI_NUMERICHOST; + old_ret = gai_ret; + goto retry; + } +# endif BIOerr(BIO_F_BIO_LOOKUP_EX, ERR_R_SYS_LIB); - ERR_add_error_data(1, gai_strerror(gai_ret)); + ERR_add_error_data(1, gai_strerror(old_ret ? old_ret : gai_ret)); break; } } else { Modified: vendor-crypto/openssl/dist/crypto/bio/bss_dgram.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bss_dgram.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/crypto/bio/bss_dgram.c Tue Sep 10 17:40:53 2019 (r352163) @@ -1,5 +1,5 @@ /* - * Copyright 2005-2018 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2005-2019 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -784,7 +784,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void * reasons. When BIO_CTRL_DGRAM_SET_PEEK_MODE was first defined its value * was incorrectly clashing with BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE. The * value has been updated to a non-clashing value. However to preserve - * binary compatiblity we now respond to both the old value and the new one + * binary compatibility we now respond to both the old value and the new one */ case BIO_CTRL_DGRAM_SCTP_SET_IN_HANDSHAKE: case BIO_CTRL_DGRAM_SET_PEEK_MODE: Modified: vendor-crypto/openssl/dist/crypto/bio/bss_file.c ============================================================================== --- vendor-crypto/openssl/dist/crypto/bio/bss_file.c Tue Sep 10 17:31:06 2019 (r352162) +++ vendor-crypto/openssl/dist/crypto/bio/bss_file.c Tue Sep 10 17:40:53 2019 (r352163) @@ -7,10 +7,7 @@ * https://www.openssl.org/source/license.html */ -#ifndef HEADER_BSS_FILE_C -# define HEADER_BSS_FILE_C - -# if defined(__linux) || defined(__sun) || defined(__hpux) +#if defined(__linux) || defined(__sun) || defined(__hpux) /* * Following definition aliases fopen to fopen64 on above mentioned * platforms. This makes it possible to open and sequentially access files @@ -23,17 +20,17 @@ * of 32-bit platforms which allow for sequential access of large files * without extra "magic" comprise *BSD, Darwin, IRIX... */ -# ifndef _FILE_OFFSET_BITS -# define _FILE_OFFSET_BITS 64 -# endif +# ifndef _FILE_OFFSET_BITS +# define _FILE_OFFSET_BITS 64 # endif +#endif -# include <stdio.h> -# include <errno.h> -# include "bio_lcl.h" -# include <openssl/err.h> +#include <stdio.h> +#include <errno.h> +#include "bio_lcl.h" +#include <openssl/err.h> -# if !defined(OPENSSL_NO_STDIO) +#if !defined(OPENSSL_NO_STDIO) static int file_write(BIO *h, const char *buf, int num); static int file_read(BIO *h, char *buf, int size); @@ -72,9 +69,9 @@ BIO *BIO_new_file(const char *filename, const char *mo SYSerr(SYS_F_FOPEN, get_last_sys_error()); ERR_add_error_data(5, "fopen('", filename, "','", mode, "')"); if (errno == ENOENT -# ifdef ENXIO +#ifdef ENXIO || errno == ENXIO -# endif +#endif ) BIOerr(BIO_F_BIO_NEW_FILE, BIO_R_NO_SUCH_FILE); else @@ -212,33 +209,33 @@ static long file_ctrl(BIO *b, int cmd, long num, void b->shutdown = (int)num & BIO_CLOSE; b->ptr = ptr; b->init = 1; -# if BIO_FLAGS_UPLINK!=0 -# if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES) -# define _IOB_ENTRIES 20 -# endif +# if BIO_FLAGS_UPLINK!=0 +# if defined(__MINGW32__) && defined(__MSVCRT__) && !defined(_IOB_ENTRIES) +# define _IOB_ENTRIES 20 +# endif /* Safety net to catch purely internal BIO_set_fp calls */ -# if defined(_MSC_VER) && _MSC_VER>=1900 +# if defined(_MSC_VER) && _MSC_VER>=1900 if (ptr == stdin || ptr == stdout || ptr == stderr) BIO_clear_flags(b, BIO_FLAGS_UPLINK); -# elif defined(_IOB_ENTRIES) +# elif defined(_IOB_ENTRIES) if ((size_t)ptr >= (size_t)stdin && *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201909101740.x8AHeslv054915>