system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-21 10:19:04 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Merge OpenSSL 1.0.2h.

Browse source 
Relnotes:	yes
This commit is contained in:
Jung-uk Kim 2016-05-03 18:50:10 +00:00
parent cf05aafc7e 57f1256b1a
commit b8721c1643
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=298998
444 changed files with 2194 additions and 726 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

97
crypto/openssl/CHANGES
View file

@ -2,6 +2,103 @@
OpenSSL CHANGES
_______________
Changes between 1.0.2g and 1.0.2h [3 May 2016]
*) Prevent padding oracle in AES-NI CBC MAC check
A MITM attacker can use a padding oracle attack to decrypt traffic
when the connection uses an AES CBC cipher and the server support
AES-NI.
This issue was introduced as part of the fix for Lucky 13 padding
attack (CVE-2013-0169). The padding check was rewritten to be in
constant time by making sure that always the same bytes are read and
compared against either the MAC or padding bytes. But it no longer
checked that there was enough data to have both the MAC and padding
bytes.
This issue was reported by Juraj Somorovsky using TLS-Attacker.
(CVE-2016-2107)
[Kurt Roeckx]
*) Fix EVP_EncodeUpdate overflow
An overflow can occur in the EVP_EncodeUpdate() function which is used for
Base64 encoding of binary data. If an attacker is able to supply very large
amounts of input data then a length check can overflow resulting in a heap
corruption.
Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by
the PEM_write_bio* family of functions. These are mainly used within the
OpenSSL command line applications, so any application which processes data
from an untrusted source and outputs it as a PEM file should be considered
vulnerable to this issue. User applications that call these APIs directly
with large amounts of untrusted data may also be vulnerable.
This issue was reported by Guido Vranken.
(CVE-2016-2105)
[Matt Caswell]
*) Fix EVP_EncryptUpdate overflow
An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
is able to supply very large amounts of input data after a previous call to
EVP_EncryptUpdate() with a partial block then a length check can overflow
resulting in a heap corruption. Following an analysis of all OpenSSL
internal usage of the EVP_EncryptUpdate() function all usage is one of two
forms. The first form is where the EVP_EncryptUpdate() call is known to be
the first called function after an EVP_EncryptInit(), and therefore that
specific call must be safe. The second form is where the length passed to
EVP_EncryptUpdate() can be seen from the code to be some small value and
therefore there is no possibility of an overflow. Since all instances are
one of these two forms, it is believed that there can be no overflows in
internal code due to this problem. It should be noted that
EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
of these calls have also been analysed too and it is believed there are no
instances in internal usage where an overflow could occur.
This issue was reported by Guido Vranken.
(CVE-2016-2106)
[Matt Caswell]
*) Prevent ASN.1 BIO excessive memory allocation
When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
a short invalid encoding can casuse allocation of large amounts of memory
potentially consuming excessive resources or exhausting memory.
Any application parsing untrusted data through d2i BIO functions is
affected. The memory based functions such as d2i_X509() are *not* affected.
Since the memory based functions are used by the TLS library, TLS
applications are not affected.
This issue was reported by Brian Carpenter.
(CVE-2016-2109)
[Stephen Henson]
*) EBCDIC overread
ASN1 Strings that are over 1024 bytes can cause an overread in applications
using the X509_NAME_oneline() function on EBCDIC systems. This could result
in arbitrary stack data being returned in the buffer.
This issue was reported by Guido Vranken.
(CVE-2016-2176)
[Matt Caswell]
*) Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
[Todd Short]
*) Remove LOW from the DEFAULT cipher list. This removes singles DES from the
default.
[Kurt Roeckx]
*) Only remove the SSLv2 methods with the no-ssl2-method option. When the
methods are enabled and ssl2 is disabled the methods return NULL.
[Kurt Roeckx]
Changes between 1.0.2f and 1.0.2g [1 Mar 2016]
* Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.

2
crypto/openssl/Makefile
View file

@ -4,7 +4,7 @@
## Makefile for OpenSSL
##
VERSION=1.0.2g
VERSION=1.0.2h
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0

13
crypto/openssl/NEWS
View file

@ -5,6 +5,19 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]
o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
o Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
o Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
o EBCDIC overread (CVE-2016-2176)
o Modify behavior of ALPN to invoke callback after SNI/servername
callback, such that updates to the SSL_CTX affect ALPN.
o Remove LOW from the DEFAULT cipher list. This removes singles DES from
the default.
o Only remove the SSLv2 methods with the no-ssl2-method option.
Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]
o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.

2
crypto/openssl/README
View file

@ -1,5 +1,5 @@
OpenSSL 1.0.2g 1 Mar 2016
OpenSSL 1.0.2h 3 May 2016
Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson

12
crypto/openssl/apps/pkcs7.c
View file

@ -235,12 +235,16 @@ int MAIN(int argc, char **argv)
i = OBJ_obj2nid(p7->type);
switch (i) {
case NID_pkcs7_signed:
certs = p7->d.sign->cert;
crls = p7->d.sign->crl;
if (p7->d.sign != NULL) {
certs = p7->d.sign->cert;
crls = p7->d.sign->crl;
}
break;
case NID_pkcs7_signedAndEnveloped:
certs = p7->d.signed_and_enveloped->cert;
crls = p7->d.signed_and_enveloped->crl;
if (p7->d.signed_and_enveloped != NULL) {
certs = p7->d.signed_and_enveloped->cert;
crls = p7->d.signed_and_enveloped->crl;
}
break;
default:
break;

4
crypto/openssl/crypto/aes/asm/aes-ppc.pl
View file

@ -590,7 +590,7 @@ Lenc_loop:
xor $s2,$t2,$acc14
xor $s3,$t3,$acc15
addi $key,$key,16
bdnz- Lenc_loop
bdnz Lenc_loop
addi $Tbl2,$Tbl0,2048
nop
@ -1068,7 +1068,7 @@ Ldec_loop:
xor $s2,$t2,$acc14
xor $s3,$t3,$acc15
addi $key,$key,16
bdnz- Ldec_loop
bdnz Ldec_loop
addi $Tbl2,$Tbl0,2048
nop

29
crypto/openssl/crypto/aes/asm/aes-s390x.pl
View file

@ -818,13 +818,9 @@ $code.=<<___ if (!$softonly);
tmhl %r0,0x4000 # check for message-security assist
jz .Lekey_internal
lghi %r0,0 # query capability vector
la %r1,16($sp)
.long 0xb92f0042 # kmc %r4,%r2
llihh %r1,0x8000
srlg %r1,%r1,0(%r5)
ng %r1,16($sp)
llihh %r0,0x8000
srlg %r0,%r0,0(%r5)
ng %r0,48(%r1) # check kmc capability vector
jz .Lekey_internal
lmg %r0,%r1,0($inp) # just copy 128 bits...
@ -1444,13 +1440,10 @@ $code.=<<___ if (0); ######### kmctr code was measured to be ~12% slower
llgfr $s0,%r0
lgr $s1,%r1
lghi %r0,0
la %r1,16($sp)
.long 0xb92d2042 # kmctr %r4,%r2,%r2
larl %r1,OPENSSL_s390xcap_P
llihh %r0,0x8000 # check if kmctr supports the function code
srlg %r0,%r0,0($s0)
ng %r0,16($sp)
ng %r0,64(%r1) # check kmctr capability vector
lgr %r0,$s0
lgr %r1,$s1
jz .Lctr32_km_loop
@ -1597,12 +1590,10 @@ $code.=<<___ if(1);
llgfr $s0,%r0 # put aside the function code
lghi $s1,0x7f
nr $s1,%r0
lghi %r0,0 # query capability vector
la %r1,$tweak-16($sp)
.long 0xb92e0042 # km %r4,%r2
llihh %r1,0x8000
srlg %r1,%r1,32($s1) # check for 32+function code
ng %r1,$tweak-16($sp)
larl %r1,OPENSSL_s390xcap_P
llihh %r0,0x8000
srlg %r0,%r0,32($s1) # check for 32+function code
ng %r0,32(%r1) # check km capability vector
lgr %r0,$s0 # restore the function code
la %r1,0($key1) # restore $key1
jz .Lxts_km_vanilla
@ -2229,7 +2220,7 @@ ___
}
$code.=<<___;
.string "AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
.comm OPENSSL_s390xcap_P,16,8
.comm OPENSSL_s390xcap_P,80,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;

4
crypto/openssl/crypto/asn1/a_bytes.c
View file

@ -200,13 +200,13 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
} else {
if (len != 0) {
if ((ret->length < len) || (ret->data == NULL)) {
if (ret->data != NULL)
OPENSSL_free(ret->data);
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
if (ret->data != NULL)
OPENSSL_free(ret->data);
} else
s = ret->data;
memcpy(s, p, (int)len);

36
crypto/openssl/crypto/asn1/a_d2i_fp.c
View file

@ -141,6 +141,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
#endif
#define HEADER_SIZE 8
#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
{
BUF_MEM *b;
@ -217,29 +218,44 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
/* suck in c.slen bytes of data */
want = c.slen;
if (want > (len - off)) {
size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
want -= (len - off);
if (want > INT_MAX /* BIO_read takes an int length */ ||
len + want < len) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
goto err;
}
if (!BUF_MEM_grow_clean(b, len + want)) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
while (want > 0) {
i = BIO_read(in, &(b->data[len]), want);
if (i <= 0) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
ASN1_R_NOT_ENOUGH_DATA);
/*
* Read content in chunks of increasing size
* so we can return an error for EOF without
* having to allocate the entire content length
* in one go.
*/
size_t chunk = want > chunk_max ? chunk_max : want;
if (!BUF_MEM_grow_clean(b, len + chunk)) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
want -= chunk;
while (chunk > 0) {
i = BIO_read(in, &(b->data[len]), chunk);
if (i <= 0) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
ASN1_R_NOT_ENOUGH_DATA);
goto err;
}
/*
* This can't overflow because |len+want| didn't
* overflow.
*/
len += i;
want -= i;
len += i;
chunk -= i;
}
if (chunk_max < INT_MAX/2)
chunk_max *= 2;
}
}
if (off + c.slen < off) {

2
crypto/openssl/crypto/asn1/a_type.c
View file

@ -126,9 +126,7 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b)
result = 0; /* They do not have content. */
break;
case V_ASN1_INTEGER:
case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
case V_ASN1_NEG_ENUMERATED:
case V_ASN1_BIT_STRING:
case V_ASN1_OCTET_STRING:
case V_ASN1_SEQUENCE:

18
crypto/openssl/crypto/asn1/asn1_lib.c
View file

@ -63,7 +63,7 @@
#include <openssl/asn1_mac.h>
static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
int max);
long max);
static void asn1_put_length(unsigned char **pp, int length);
const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT;
@ -131,7 +131,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
}
*ptag = tag;
*pclass = xclass;
if (!asn1_get_length(&p, &inf, plength, (int)max))
if (!asn1_get_length(&p, &inf, plength, max))
goto err;
if (inf && !(ret & V_ASN1_CONSTRUCTED))
@ -159,14 +159,14 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
}
static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
int max)
long max)
{
const unsigned char *p = *pp;
unsigned long ret = 0;
unsigned int i;
unsigned long i;
if (max-- < 1)
return (0);
return 0;
if (*p == 0x80) {
*inf = 1;
ret = 0;
@ -175,15 +175,11 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
*inf = 0;
i = *p & 0x7f;
if (*(p++) & 0x80) {
if (i > sizeof(long))
if (i > sizeof(ret) || max < (long)i)
return 0;
if (max-- == 0)
return (0);
while (i-- > 0) {
ret <<= 8L;
ret |= *(p++);
if (max-- == 0)
return (0);
}
} else
ret = i;
@ -192,7 +188,7 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
return 0;
*pp = p;
*rl = (long)ret;
return (1);
return 1;
}
/*

17
crypto/openssl/crypto/asn1/asn1_par.c
View file

@ -173,6 +173,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
goto end;
if (j & V_ASN1_CONSTRUCTED) {
const unsigned char *sp;
ep = p + len;
if (BIO_write(bp, "\n", 1) <= 0)
goto end;
@ -182,6 +184,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
goto end;
}
if ((j == 0x21) && (len == 0)) {
sp = p;
for (;;) {
r = asn1_parse2(bp, &p, (long)(tot - p),
offset + (p - *pp), depth + 1,
@ -190,19 +193,25 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
ret = 0;
goto end;
}
if ((r == 2) || (p >= tot))
if ((r == 2) || (p >= tot)) {
len = p - sp;
break;
}
}
} else
} else {
long tmp = len;
while (p < ep) {
r = asn1_parse2(bp, &p, (long)len,
offset + (p - *pp), depth + 1,
sp = p;
r = asn1_parse2(bp, &p, tmp, offset + (p - *pp), depth + 1,
indent, dump);
if (r == 0) {
ret = 0;
goto end;
}
tmp -= p - sp;
}
}
} else if (xclass != 0) {
p += len;
if (BIO_write(bp, "\n", 1) <= 0)

3
crypto/openssl/crypto/asn1/t_x509.c
View file

@ -140,7 +140,8 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags,
goto err;
bs = X509_get_serialNumber(x);
if (bs->length <= (int)sizeof(long)) {
if (bs->length < (int)sizeof(long)
|| (bs->length == sizeof(long) && (bs->data[0] & 0x80) == 0)) {
l = ASN1_INTEGER_get(bs);
if (bs->type == V_ASN1_NEG_INTEGER) {
l = -l;

2
crypto/openssl/crypto/asn1/tasn_dec.c
View file

@ -901,9 +901,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
break;
case V_ASN1_INTEGER:
case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
case V_ASN1_NEG_ENUMERATED:
tint = (ASN1_INTEGER **)pval;
if (!c2i_ASN1_INTEGER(tint, &cont, len))
goto err;

2
crypto/openssl/crypto/asn1/tasn_enc.c
View file

@ -611,9 +611,7 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
break;
case V_ASN1_INTEGER:
case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
case V_ASN1_NEG_ENUMERATED:
/*
* These are all have the same content format as ASN1_INTEGER
*/

11
crypto/openssl/crypto/asn1/x_name.c
View file

@ -66,6 +66,13 @@
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
/*
* Maximum length of X509_NAME: much larger than anything we should
* ever see in practice.
*/
#define X509_NAME_MAX (1024 * 1024)
static int x509_name_ex_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_ITEM *it,
@ -192,6 +199,10 @@ static int x509_name_ex_d2i(ASN1_VALUE **val,
int i, j, ret;
STACK_OF(X509_NAME_ENTRY) *entries;
X509_NAME_ENTRY *entry;
if (len > X509_NAME_MAX) {
ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
return 0;
}
q = p;
/* Get internal representation of Name */

16
crypto/openssl/crypto/asn1/x_x509.c
View file

@ -201,10 +201,20 @@ X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
int i2d_X509_AUX(X509 *a, unsigned char **pp)
{
int length;
int length, tmplen;
unsigned char *start = pp != NULL ? *pp : NULL;
length = i2d_X509(a, pp);
if (a)
length += i2d_X509_CERT_AUX(a->aux, pp);
if (length < 0 || a == NULL)
return length;
tmplen = i2d_X509_CERT_AUX(a->aux, pp);
if (tmplen < 0) {
if (start != NULL)
*pp = start;
return tmplen;
}
length += tmplen;
return length;
}

10
crypto/openssl/crypto/bn/asm/ppc-mont.pl
View file

@ -191,7 +191,7 @@ L1st:
addi $j,$j,$BNSZ ; j++
addi $tp,$tp,$BNSZ ; tp++
bdnz- L1st
bdnz L1st
;L1st
addc $lo0,$alo,$hi0
addze $hi0,$ahi
@ -253,7 +253,7 @@ Linner:
addze $hi1,$hi1
$ST $lo1,0($tp) ; tp[j-1]
addi $tp,$tp,$BNSZ ; tp++
bdnz- Linner
bdnz Linner
;Linner
$LD $tj,$BNSZ($tp) ; tp[j]
addc $lo0,$alo,$hi0
@ -276,7 +276,7 @@ Linner:
slwi $tj,$num,`log($BNSZ)/log(2)`
$UCMP $i,$tj
addi $i,$i,$BNSZ
ble- Louter
ble Louter
addi $num,$num,2 ; restore $num
subfc $j,$j,$j ; j=0 and "clear" XER[CA]
@ -289,7 +289,7 @@ Lsub: $LDX $tj,$tp,$j
subfe $aj,$nj,$tj ; tp[j]-np[j]
$STX $aj,$rp,$j
addi $j,$j,$BNSZ
bdnz- Lsub
bdnz Lsub
li $j,0
mtctr $num
@ -304,7 +304,7 @@ Lcopy: ; copy or in-place refresh
$STX $tj,$rp,$j
$STX $j,$tp,$j ; zap at once
addi $j,$j,$BNSZ
bdnz- Lcopy
bdnz Lcopy
$POP $tj,0($sp)
li r3,1

10
crypto/openssl/crypto/bn/asm/ppc.pl
View file

@ -1556,7 +1556,7 @@ Lppcasm_sub_mainloop:
# if carry = 1 this is r7-r8. Else it
# is r7-r8 -1 as we need.
$STU r6,$BNSZ(r3)
bdnz- Lppcasm_sub_mainloop
bdnz Lppcasm_sub_mainloop
Lppcasm_sub_adios:
subfze r3,r0 # if carry bit is set then r3 = 0 else -1
andi. r3,r3,1 # keep only last bit.
@ -1603,7 +1603,7 @@ Lppcasm_add_mainloop:
$LDU r8,$BNSZ(r5)
adde r8,r7,r8
$STU r8,$BNSZ(r3)
bdnz- Lppcasm_add_mainloop
bdnz Lppcasm_add_mainloop
Lppcasm_add_adios:
addze r3,r0 #return carry bit.
blr
@ -1762,7 +1762,7 @@ Lppcasm_sqr_mainloop:
$UMULH r8,r6,r6
$STU r7,$BNSZ(r3)
$STU r8,$BNSZ(r3)
bdnz- Lppcasm_sqr_mainloop
bdnz Lppcasm_sqr_mainloop
Lppcasm_sqr_adios:
blr
.long 0
@ -1827,7 +1827,7 @@ Lppcasm_mw_LOOP:
addi r3,r3,`4*$BNSZ`
addi r4,r4,`4*$BNSZ`
bdnz- Lppcasm_mw_LOOP
bdnz Lppcasm_mw_LOOP
Lppcasm_mw_REM:
andi. r5,r5,0x3
@ -1951,7 +1951,7 @@ Lppcasm_maw_mainloop:
$ST r11,`3*$BNSZ`(r3)
addi r3,r3,`4*$BNSZ`
addi r4,r4,`4*$BNSZ`
bdnz- Lppcasm_maw_mainloop
bdnz Lppcasm_maw_mainloop
Lppcasm_maw_leftover:
andi. r5,r5,0x3

12
crypto/openssl/crypto/bn/asm/ppc64-mont.pl
View file

@ -734,7 +734,7 @@ $code.=<<___;
___
}
$code.=<<___;
bdnz- L1st
bdnz L1st
fctid $dota,$dota
fctid $dotb,$dotb
@ -1280,7 +1280,7 @@ $code.=<<___;
___
}
$code.=<<___;
bdnz- Linner
bdnz Linner
fctid $dota,$dota
fctid $dotb,$dotb
@ -1490,7 +1490,7 @@ Lsub: ldx $t0,$tp,$i
stdx $t0,$rp,$i
stdx $t2,$t6,$i
addi $i,$i,16
bdnz- Lsub
bdnz Lsub
li $i,0
subfe $ovf,$i,$ovf ; handle upmost overflow bit
@ -1517,7 +1517,7 @@ Lcopy: ; copy or in-place refresh
stdx $i,$tp,$i ; zap tp at once
stdx $i,$t4,$i
addi $i,$i,16
bdnz- Lcopy
bdnz Lcopy
___
$code.=<<___ if ($SIZE_T==4);
subf $np,$num,$np ; rewind np
@ -1550,7 +1550,7 @@ Lsub: lwz $t0,12($tp) ; load tp[j..j+3] in 64-bit word order
stw $t5,8($rp)
stw $t6,12($rp)
stwu $t7,16($rp)
bdnz- Lsub
bdnz Lsub
li $i,0
subfe $ovf,$i,$ovf ; handle upmost overflow bit
@ -1582,7 +1582,7 @@ Lcopy: ; copy or in-place refresh
stwu $t3,16($rp)
std $i,8($tp) ; zap tp at once
stdu $i,16($tp)
bdnz- Lcopy
bdnz Lcopy
___
$code.=<<___;

15
crypto/openssl/crypto/bn/asm/x86-mont.pl
View file

@ -85,6 +85,21 @@ $frame=32; # size of above frame rounded up to 16n
&and ("esp",-64); # align to cache line
# Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one...
&mov ("eax","ebp");
&sub ("eax","esp");
&and ("eax",-4096);
&set_label("page_walk");
&mov ("edx",&DWP(0,"esp","eax"));
&sub ("eax",4096);
&data_byte(0x2e);
&jnc (&label("page_walk"));
################################# load argument block...
&mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
&mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap

42
crypto/openssl/crypto/bn/asm/x86_64-mont.pl
View file

@ -130,6 +130,20 @@ $code.=<<___;
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
# Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one...
sub %rsp,%r11
and \$-4096,%r11
.Lmul_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x66,0x2e # predict non-taken
jnc .Lmul_page_walk
mov $bp,%r12 # reassign $bp
___
$bp="%r12";
@ -342,6 +356,14 @@ $code.=<<___;
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul4x_body:
sub %rsp,%r11
and \$-4096,%r11
.Lmul4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lmul4x_page_walk
mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
mov %rdx,%r12 # reassign $bp
___
@ -795,6 +817,15 @@ bn_sqr8x_mont:
sub %r11,%rsp
.Lsqr8x_sp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-4096,%r11
.Lsqr8x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lsqr8x_page_walk
mov $num,%r10
neg $num
@ -932,8 +963,17 @@ bn_mulx4x_mont:
sub $num,%r10 # -$num
mov ($n0),$n0 # *n0
lea -72(%rsp,%r10),%rsp # alloca(frame+$num+8)
lea ($bp,$num),%r10
and \$-128,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-4096,%r11
.Lmulx4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x66,0x2e # predict non-taken
jnc .Lmulx4x_page_walk
lea ($bp,$num),%r10
##############################################################
# Stack layout
# +0 num

61
crypto/openssl/crypto/bn/asm/x86_64-mont5.pl
View file

@ -115,6 +115,20 @@ $code.=<<___;
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
# Some OSes, *cough*-dows, insist on stack being "wired" to
# physical memory in strictly sequential manner, i.e. if stack
# allocation spans two pages, then reference to farmost one can
# be punishable by SEGV. But page walking can do good even on
# other OSes, because it guarantees that villain thread hits
# the guard page before it can make damage to innocent one...
sub %rsp,%rax
and \$-4096,%rax
.Lmul_page_walk:
mov (%rsp,%rax),%r11
sub \$4096,%rax
.byte 0x2e # predict non-taken
jnc .Lmul_page_walk
lea 128($bp),%r12 # reassign $bp (+size optimization)
___
$bp="%r12";
@ -469,6 +483,15 @@ $code.=<<___;
sub %r11,%rsp
.Lmul4xsp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-4096,%r11
.Lmul4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lmul4x_page_walk
neg $num
mov %rax,40(%rsp)
@ -1058,6 +1081,15 @@ $code.=<<___;
sub %r11,%rsp
.Lpwr_sp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-4096,%r11
.Lpwr_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lpwr_page_walk
mov $num,%r10
neg $num
@ -2028,7 +2060,16 @@ bn_from_mont8x:
sub %r11,%rsp
.Lfrom_sp_done:
and \$-64,%rsp
mov $num,%r10
mov %rax,%r11
sub %rsp,%r11
and \$-4096,%r11
.Lfrom_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lfrom_page_walk
mov $num,%r10
neg $num
##############################################################
@ -2173,6 +2214,15 @@ bn_mulx4x_mont_gather5:
sub %r11,%rsp
.Lmulx4xsp_done:
and \$-64,%rsp # ensure alignment
mov %rax,%r11
sub %rsp,%r11
and \$-4096,%r11
.Lmulx4x_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lmulx4x_page_walk
##############################################################
# Stack layout
# +0 -num
@ -2619,6 +2669,15 @@ bn_powerx5:
sub %r11,%rsp
.Lpwrx_sp_done:
and \$-64,%rsp
mov %rax,%r11
sub %rsp,%r11
and \$-4096,%r11
.Lpwrx_page_walk:
mov (%rsp,%r11),%r10
sub \$4096,%r11
.byte 0x2e # predict non-taken
jnc .Lpwrx_page_walk
mov $num,%r10
neg $num

4
crypto/openssl/crypto/comp/comp.h
View file

@ -4,6 +4,10 @@
# include <openssl/crypto.h>
# ifdef OPENSSL_NO_COMP
# error COMP is disabled.
# endif
#ifdef __cplusplus
extern "C" {
#endif

13
crypto/openssl/crypto/evp/Makefile
View file

@ -199,8 +199,8 @@ e_aes.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
e_aes_cbc_hmac_sha1.o: ../../e_os.h ../../include/openssl/aes.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
@ -214,9 +214,9 @@ e_aes_cbc_hmac_sha1.o: ../../include/openssl/rand.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
e_aes_cbc_hmac_sha1.o: e_aes_cbc_hmac_sha1.c
e_aes_cbc_hmac_sha256.o: ../../include/openssl/aes.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
e_aes_cbc_hmac_sha1.o: ../modes/modes_lcl.h e_aes_cbc_hmac_sha1.c
e_aes_cbc_hmac_sha256.o: ../../e_os.h ../../include/openssl/aes.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/asn1.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/bio.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/crypto.h
@ -232,7 +232,8 @@ e_aes_cbc_hmac_sha256.o: ../../include/openssl/rand.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/safestack.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/sha.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/stack.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/symhacks.h
e_aes_cbc_hmac_sha256.o: ../constant_time_locl.h ../modes/modes_lcl.h
e_aes_cbc_hmac_sha256.o: e_aes_cbc_hmac_sha256.c
e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h

4
crypto/openssl/crypto/evp/digest.c
View file

@ -212,8 +212,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl)
}
#endif
if (ctx->digest != type) {
if (ctx->digest && ctx->digest->ctx_size)
if (ctx->digest && ctx->digest->ctx_size) {
OPENSSL_free(ctx->md_data);
ctx->md_data = NULL;
}
ctx->digest = type;
if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
ctx->update = type->update;

3
crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c
View file

@ -60,6 +60,7 @@
# include <openssl/sha.h>
# include <openssl/rand.h>
# include "modes_lcl.h"
# include "constant_time_locl.h"
# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
@ -578,6 +579,8 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
ret &= constant_time_ge(maxpad, pad);
inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
inp_len &= mask;

3
crypto/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c
View file

@ -60,6 +60,7 @@
# include <openssl/sha.h>
# include <openssl/rand.h>
# include "modes_lcl.h"
# include "constant_time_locl.h"
# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
@ -589,6 +590,8 @@ static int aesni_cbc_hmac_sha256_cipher(EVP_CIPHER_CTX *ctx,
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
ret &= constant_time_ge(maxpad, pad);
inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
inp_len &= mask;

12
crypto/openssl/crypto/evp/encode.c
View file

@ -57,6 +57,7 @@
*/
#include <stdio.h>
#include <limits.h>
#include "cryptlib.h"
#include <openssl/evp.h>
@ -151,13 +152,13 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl)
{
int i, j;
unsigned int total = 0;
size_t total = 0;
*outl = 0;
if (inl <= 0)
return;
OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
if ((ctx->num + inl) < ctx->length) {
if (ctx->length - ctx->num > inl) {
memcpy(&(ctx->enc_data[ctx->num]), in, inl);
ctx->num += inl;
return;
@ -174,7 +175,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
*out = '\0';
total = j + 1;
}
while (inl >= ctx->length) {
while (inl >= ctx->length && total <= INT_MAX) {
j = EVP_EncodeBlock(out, in, ctx->length);
in += ctx->length;
inl -= ctx->length;
@ -183,6 +184,11 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
*out = '\0';
total += j + 1;
}
if (total > INT_MAX) {
/* Too much output data! */
*outl = 0;
return;
}
if (inl != 0)
memcpy(&(ctx->enc_data[0]), in, inl);
ctx->num = inl;

2
crypto/openssl/crypto/evp/evp_enc.c
View file

@ -347,7 +347,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
bl = ctx->cipher->block_size;
OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
if (i != 0) {
if (i + inl < bl) {
if (bl - i > inl) {
memcpy(&(ctx->buf[i]), in, inl);
ctx->buf_len += inl;
*outl = 0;

4
crypto/openssl/crypto/modes/asm/ghash-s390x.pl
View file

@ -85,9 +85,7 @@ $code.=<<___ if(!$softonly && 0); # hardware is slow for single block...
tmhl %r0,0x4000 # check for message-security-assist
jz .Lsoft_gmult
lghi %r0,0
la %r1,16($sp)
.long 0xb93e0004 # kimd %r0,%r4
lg %r1,24($sp)
lg %r1,24(%r1) # load second word of kimd capabilities vector
tmhh %r1,0x4000 # check for function 65
jz .Lsoft_gmult
stg %r0,16($sp) # arrange 16 bytes of zero input

6
crypto/openssl/crypto/opensslv.h
View file

@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
# define OPENSSL_VERSION_NUMBER 0x1000207fL
# define OPENSSL_VERSION_NUMBER 0x1000208fL
# ifdef OPENSSL_FIPS
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2g-fips 1 Mar 2016"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2h-fips 3 May 2016"
# else
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2g-freebsd 1 Mar 2016"
# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2h-freebsd 3 May 2016"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT

2
crypto/openssl/crypto/pem/pem_lib.c
View file

@ -348,7 +348,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp,
if (enc != NULL) {
objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
if (objstr == NULL) {
if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) {
PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
goto err;
}

7
crypto/openssl/crypto/pem/pvkfmt.c
View file

@ -131,6 +131,10 @@ static int read_lebn(const unsigned char **in, unsigned int nbyte, BIGNUM **r)
# define MS_PVKMAGIC 0xb0b5f11eL
/* Salt length for PVK files */
# define PVK_SALTLEN 0x10
/* Maximum length in PVK header */
# define PVK_MAX_KEYLEN 102400
/* Maximum salt length */
# define PVK_MAX_SALTLEN 10240
static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
unsigned int bitlen, int ispub);
@ -644,6 +648,9 @@ static int do_PVK_header(const unsigned char **in, unsigned int length,
*psaltlen = read_ledword(&p);
*pkeylen = read_ledword(&p);
if (*pkeylen > PVK_MAX_KEYLEN || *psaltlen > PVK_MAX_SALTLEN)
return 0;
if (is_encrypted && !*psaltlen) {
PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
return 0;

2
crypto/openssl/crypto/perlasm/x86_64-xlate.pl
View file

@ -195,6 +195,7 @@ my %globals;
sub out {
my $self = shift;
$self->{value} =~ s/\b(0b[0-1]+)/oct($1)/eig;
if ($gas) {
# Solaris /usr/ccs/bin/as can't handle multiplications
# in $self->{value}
@ -205,7 +206,6 @@ my %globals;
}
sprintf "\$%s",$self->{value};
} else {
$self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
$self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
sprintf "%s",$self->{value};
}

44
crypto/openssl/crypto/s390xcpuid.S
View file

@ -5,14 +5,46 @@
.align 16
OPENSSL_s390x_facilities:
lghi %r0,0
larl %r2,OPENSSL_s390xcap_P
stg %r0,8(%r2)
.long 0xb2b02000 # stfle 0(%r2)
larl %r4,OPENSSL_s390xcap_P
stg %r0,8(%r4) # wipe capability vectors
stg %r0,16(%r4)
stg %r0,24(%r4)
stg %r0,32(%r4)
stg %r0,40(%r4)
stg %r0,48(%r4)
stg %r0,56(%r4)
stg %r0,64(%r4)
stg %r0,72(%r4)
.long 0xb2b04000 # stfle 0(%r4)
brc 8,.Ldone
lghi %r0,1
.long 0xb2b02000 # stfle 0(%r2)
.long 0xb2b04000 # stfle 0(%r4)
.Ldone:
lg %r2,0(%r2)
lmg %r2,%r3,0(%r4)
tmhl %r2,0x4000 # check for message-security-assist
jz .Lret
lghi %r0,0 # query kimd capabilities
la %r1,16(%r4)
.long 0xb93e0002 # kimd %r0,%r2
lghi %r0,0 # query km capability vector
la %r1,32(%r4)
.long 0xb92e0042 # km %r4,%r2
lghi %r0,0 # query kmc capability vector
la %r1,48(%r4)
.long 0xb92f0042 # kmc %r4,%r2
tmhh %r3,0x0004 # check for message-security-assist-4
jz .Lret
lghi %r0,0 # query kmctr capability vector
la %r1,64(%r4)
.long 0xb92d2042 # kmctr %r4,%r2,%r2
.Lret:
br %r14
.size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
@ -96,4 +128,4 @@ OPENSSL_cleanse:
.section .init
brasl %r14,OPENSSL_cpuid_setup
.comm OPENSSL_s390xcap_P,16,8
.comm OPENSSL_s390xcap_P,80,8

6
crypto/openssl/crypto/sha/asm/sha1-ppc.pl
View file

@ -227,7 +227,7 @@ Lunaligned:
srwi. $t1,$t1,6 ; t1/=64
beq Lcross_page
$UCMP $num,$t1
ble- Laligned ; didn't cross the page boundary
ble Laligned ; didn't cross the page boundary
mtctr $t1
subfc $num,$t1,$num
bl Lsha1_block_private
@ -255,7 +255,7 @@ Lmemcpy:
bl Lsha1_block_private
$POP $inp,`$FRAME-$SIZE_T*18`($sp)
addic. $num,$num,-1
bne- Lunaligned
bne Lunaligned
Ldone:
$POP r0,`$FRAME+$LRSAVE`($sp)
@ -329,7 +329,7 @@ $code.=<<___;
stw r20,16($ctx)
mr $E,r20
addi $inp,$inp,`16*4`
bdnz- Lsha1_block_private
bdnz Lsha1_block_private
blr
.long 0
.byte 0,12,0x14,0,0,0,0,0

7
crypto/openssl/crypto/sha/asm/sha1-s390x.pl
View file

@ -167,10 +167,7 @@ $code.=<<___ if ($kimdfunc);
lg %r0,0(%r1)
tmhl %r0,0x4000 # check for message-security assist
jz .Lsoftware
lghi %r0,0
la %r1,`2*$SIZE_T`($sp)
.long 0xb93e0002 # kimd %r0,%r2
lg %r0,`2*$SIZE_T`($sp)
lg %r0,16(%r1) # check kimd capabilities
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc
@ -237,7 +234,7 @@ $code.=<<___;
br %r14
.size sha1_block_data_order,.-sha1_block_data_order
.string "SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
.comm OPENSSL_s390xcap_P,16,8
.comm OPENSSL_s390xcap_P,80,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;

8
crypto/openssl/crypto/sha/asm/sha512-ppc.pl
View file

@ -259,7 +259,7 @@ Lunaligned:
andi. $t1,$t1,`4096-16*$SZ` ; distance to closest page boundary
beq Lcross_page
$UCMP $num,$t1
ble- Laligned ; didn't cross the page boundary
ble Laligned ; didn't cross the page boundary
subfc $num,$t1,$num
add $t1,$inp,$t1
$PUSH $num,`$FRAME-$SIZE_T*25`($sp) ; save real remaining num
@ -317,7 +317,7 @@ $code.=<<___;
$POP $inp,`$FRAME-$SIZE_T*26`($sp) ; restore real inp
$POP $num,`$FRAME-$SIZE_T*25`($sp) ; restore real num
addic. $num,$num,`-16*$SZ` ; num--
bne- Lunaligned
bne Lunaligned
Ldone:
$POP r0,`$FRAME+$LRSAVE`($sp)
@ -396,7 +396,7 @@ for(;$i<32;$i++) {
unshift(@V,pop(@V));
}
$code.=<<___;
bdnz- Lrounds
bdnz Lrounds
$POP $ctx,`$FRAME-$SIZE_T*22`($sp)
$POP $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
@ -644,7 +644,7 @@ for(;$i<32;$i++) {
($a0,$a1,$a2,$a3) = ($a2,$a3,$a0,$a1);
}
$code.=<<___;
bdnz- Lrounds
bdnz Lrounds
$POP $ctx,`$FRAME-$SIZE_T*22`($sp)
$POP $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer

7
crypto/openssl/crypto/sha/asm/sha512-s390x.pl
View file

@ -240,10 +240,7 @@ $code.=<<___ if ($kimdfunc);
lg %r0,0(%r1)
tmhl %r0,0x4000 # check for message-security assist
jz .Lsoftware
lghi %r0,0
la %r1,`2*$SIZE_T`($sp)
.long 0xb93e0002 # kimd %r0,%r2
lg %r0,`2*$SIZE_T`($sp)
lg %r0,16(%r1) # check kimd capabilities
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc
@ -311,7 +308,7 @@ $code.=<<___;
br %r14
.size $Func,.-$Func
.string "SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
.comm OPENSSL_s390xcap_P,16,8
.comm OPENSSL_s390xcap_P,80,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;

1
crypto/openssl/crypto/x509/x509.h
View file

@ -1305,6 +1305,7 @@ void ERR_load_X509_strings(void);
# define X509_R_LOADING_CERT_DIR 103
# define X509_R_LOADING_DEFAULTS 104
# define X509_R_METHOD_NOT_SUPPORTED 124
# define X509_R_NAME_TOO_LONG 134
# define X509_R_NEWER_CRL_NOT_NEWER 132
# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
# define X509_R_NO_CRL_NUMBER 130

1
crypto/openssl/crypto/x509/x509_err.c
View file

@ -151,6 +151,7 @@ static ERR_STRING_DATA X509_str_reasons[] = {
{ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
{ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
{ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
{ERR_REASON(X509_R_NAME_TOO_LONG), "name too long"},
{ERR_REASON(X509_R_NEWER_CRL_NOT_NEWER), "newer crl not newer"},
{ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
"no cert set for us to verify"},

26
crypto/openssl/crypto/x509/x509_obj.c
View file

@ -63,6 +63,13 @@
#include <openssl/x509.h>
#include <openssl/buffer.h>
/*
* Limit to ensure we don't overflow: much greater than
* anything enountered in practice.
*/
#define NAME_ONELINE_MAX (1024 * 1024)
char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
{
X509_NAME_ENTRY *ne;
@ -86,6 +93,8 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
goto err;
b->data[0] = '\0';
len = 200;
} else if (len == 0) {
return NULL;
}
if (a == NULL) {
if (b) {
@ -110,6 +119,10 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
type = ne->value->type;
num = ne->value->length;
if (num > NAME_ONELINE_MAX) {
X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
goto end;
}
q = ne->value->data;
#ifdef CHARSET_EBCDIC
if (type == V_ASN1_GENERALSTRING ||
@ -117,8 +130,9 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
type == V_ASN1_PRINTABLESTRING ||
type == V_ASN1_TELETEXSTRING ||
type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) {
ascii2ebcdic(ebcdic_buf, q, (num > sizeof ebcdic_buf)
? sizeof ebcdic_buf : num);
if (num > (int)sizeof(ebcdic_buf))
num = sizeof(ebcdic_buf);
ascii2ebcdic(ebcdic_buf, q, num);
q = ebcdic_buf;
}
#endif
@ -154,6 +168,10 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
lold = l;
l += 1 + l1 + 1 + l2;
if (l > NAME_ONELINE_MAX) {
X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
goto end;
}
if (b != NULL) {
if (!BUF_MEM_grow(b, l + 1))
goto err;
@ -206,7 +224,7 @@ char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
return (p);
err:
X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
if (b != NULL)
BUF_MEM_free(b);
end:
BUF_MEM_free(b);
return (NULL);
}

2
crypto/openssl/doc/apps/ciphers.pod
View file

@ -107,7 +107,7 @@ The following is a list of all permitted cipher strings and their meanings.
The default cipher list.
This is determined at compile time and is normally
B<ALL:!EXPORT:!aNULL:!eNULL:!SSLv2>.
B<ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2>.
When used, this must be the first cipherstring specified.
=item B<COMPLEMENTOFDEFAULT>

2
crypto/openssl/doc/apps/ocsp.pod
View file

@ -29,7 +29,7 @@ B<openssl> B<ocsp>
[B<-path>]
[B<-CApath dir>]
[B<-CAfile file>]
[B<-no_alt_chains>]]
[B<-no_alt_chains>]
[B<-VAfile file>]
[B<-validity_period n>]
[B<-status_age n>]

127
crypto/openssl/doc/crypto/EVP_EncodeInit.pod Normal file
View file

@ -0,0 +1,127 @@
=pod
=head1 NAME
EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal, EVP_EncodeBlock,
EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal, EVP_DecodeBlock - EVP base 64
encode/decode routines
=head1 SYNOPSIS
#include <openssl/evp.h>
void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl,
const unsigned char *in, int inl);
int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
char *out, int *outl);
int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
=head1 DESCRIPTION
The EVP encode routines provide a high level interface to base 64 encoding and
decoding. Base 64 encoding converts binary data into a printable form that uses
the characters A-Z, a-z, 0-9, "+" and "/" to represent the data. For every 3
bytes of binary data provided 4 bytes of base 64 encoded data will be produced
plus some occasional newlines (see below). If the input data length is not a
multiple of 3 then the output data will be padded at the end using the "="
character.
Encoding of binary data is performed in blocks of 48 input bytes (or less for
the final block). For each 48 byte input block encoded 64 bytes of base 64 data
is output plus an additional newline character (i.e. 65 bytes in total). The
final block (which may be less than 48 bytes) will output 4 bytes for every 3
bytes of input. If the data length is not divisible by 3 then a full 4 bytes is
still output for the final 1 or 2 bytes of input. Similarly a newline character
will also be output.
EVP_EncodeInit() initialises B<ctx> for the start of a new encoding operation.
EVP_EncodeUpdate() encode B<inl> bytes of data found in the buffer pointed to by
B<in>. The output is stored in the buffer B<out> and the number of bytes output
is stored in B<*outl>. It is the caller's responsibility to ensure that the
buffer at B<out> is sufficiently large to accommodate the output data. Only full
blocks of data (48 bytes) will be immediately processed and output by this
function. Any remainder is held in the B<ctx> object and will be processed by a
subsequent call to EVP_EncodeUpdate() or EVP_EncodeFinal(). To calculate the
required size of the output buffer add together the value of B<inl> with the
amount of unprocessed data held in B<ctx> and divide the result by 48 (ignore
any remainder). This gives the number of blocks of data that will be processed.
Ensure the output buffer contains 65 bytes of storage for each block, plus an
additional byte for a NUL terminator. EVP_EncodeUpdate() may be called
repeatedly to process large amounts of input data. In the event of an error
EVP_EncodeUpdate() will set B<*outl> to 0.
EVP_EncodeFinal() must be called at the end of an encoding operation. It will
process any partial block of data remaining in the B<ctx> object. The output
data will be stored in B<out> and the length of the data written will be stored
in B<*outl>. It is the caller's responsibility to ensure that B<out> is
sufficiently large to accommodate the output data which will never be more than
65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).
EVP_EncodeBlock() encodes a full block of input data in B<f> and of length
B<dlen> and stores it in B<t>. For every 3 bytes of input provided 4 bytes of
output data will be produced. If B<dlen> is not divisible by 3 then the block is
encoded as a final block of data and the output is padded such that it is always
divisible by 4. Additionally a NUL terminator character will be added. For
example if 16 bytes of input data is provided then 24 bytes of encoded data is
created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of
the data generated I<without> the NUL terminator is returned from the function.
EVP_DecodeInit() initialises B<ctx> for the start of a new decoding operation.
EVP_DecodeUpdate() decodes B<inl> characters of data found in the buffer pointed
to by B<in>. The output is stored in the buffer B<out> and the number of bytes
output is stored in B<*outl>. It is the caller's responsibility to ensure that
the buffer at B<out> is sufficiently large to accommodate the output data. This
function will attempt to decode as much data as possible in 4 byte chunks. Any
whitespace, newline or carriage return characters are ignored. Any partial chunk
of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in
the B<ctx> object and processed by a subsequent call to EVP_DecodeUpdate(). If
any illegal base 64 characters are encountered or if the base 64 padding
character "=" is encountered in the middle of the data then the function returns
-1 to indicate an error. A return value of 0 or 1 indicates successful
processing of the data. A return value of 0 additionally indicates that the last
input data characters processed included the base 64 padding character "=" and
therefore no more non-padding character data is expected to be processed. For
every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and
line feeds), 3 bytes of binary output data will be produced (or less at the end
of the data where the padding character "=" has been used).
EVP_DecodeFinal() must be called at the end of a decoding operation. If there
is any unprocessed data still in B<ctx> then the input data must not have been
a multiple of 4 and therefore an error has occurred. The function will return -1
in this case. Otherwise the function returns 1 on success.
EVP_DecodeBlock() will decode the block of B<n> characters of base 64 data
contained in B<f> and store the result in B<t>. Any leading whitespace will be
trimmed as will any trailing whitespace, newlines, carriage returns or EOF
characters. After such trimming the length of the data in B<f> must be divisbile
by 4. For every 4 input bytes exactly 3 output bytes will be produced. The
output will be padded with 0 bits if necessary to ensure that the output is
always 3 bytes for every 4 input bytes. This function will return the length of
the data decoded or -1 on error.
=head1 RETURN VALUES
EVP_EncodeBlock() returns the number of bytes encoded excluding the NUL
terminator.
EVP_DecodeUpdate() returns -1 on error and 0 or 1 on success. If 0 is returned
then no more non-padding base 64 characters are expected.
EVP_DecodeFinal() returns -1 on error or 1 on success.
EVP_DecodeBlock() returns the length of the data decoded or -1 on error.
=head1 SEE ALSO
L<evp(3)>
=cut

5
crypto/openssl/doc/crypto/evp.pod
View file

@ -61,6 +61,10 @@ based encryption. Careful selection of the parameters will provide a PKCS#5 PBKD
implementation. However, new applications should not typically use this (preferring, for example,
PBKDF2 from PCKS#5).
The L<B<EVP_Encode>I<...>|EVP_EncodeInit(3)> and
L<B<EVP_Decode>I<...>|EVP_EncodeInit(3)> functions implement base 64 encoding
and decoding.
Algorithms are loaded with L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>.
All the symmetric algorithms (ciphers), digests and asymmetric algorithms
@ -86,6 +90,7 @@ L<EVP_SealInit(3)|EVP_SealInit(3)>,
L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
L<EVP_SignInit(3)|EVP_SignInit(3)>,
L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
L<EVP_EncodeInit(3)>,
L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>,
L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>,
L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>,

126
crypto/openssl/doc/ssl/SSL_CTX_set_alpn_select_cb.pod Normal file
View file

@ -0,0 +1,126 @@
=pod
=head1 NAME
SSL_CTX_set_alpn_protos, SSL_set_alpn_protos, SSL_CTX_set_alpn_select_cb,
SSL_select_next_proto, SSL_get0_alpn_selected - handle application layer
protocol negotiation (ALPN)
=head1 SYNOPSIS
#include <openssl/ssl.h>
int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
unsigned protos_len);
int SSL_set_alpn_protos(SSL *ssl, const unsigned char *protos,
unsigned protos_len);
void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
int (*cb) (SSL *ssl,
const unsigned char **out,
unsigned char *outlen,
const unsigned char *in,
unsigned int inlen,
void *arg), void *arg);
int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
const unsigned char *server,
unsigned int server_len,
const unsigned char *client,
unsigned int client_len)
void SSL_get0_alpn_selected(const SSL *ssl, const unsigned char **data,
unsigned int *len);
=head1 DESCRIPTION
SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() are used by the client to
set the list of protocols available to be negotiated. The B<protos> must be in
protocol-list format, described below. The length of B<protos> is specified in
B<protos_len>.
SSL_CTX_set_alpn_select_cb() sets the application callback B<cb> used by a
server to select which protocol to use for the incoming connection. When B<cb>
is NULL, ALPN is not used. The B<arg> value is a pointer which is passed to
the application callback.
B<cb> is the application defined callback. The B<in>, B<inlen> parameters are a
vector in protocol-list format. The value of the B<out>, B<outlen> vector
should be set to the value of a single protocol selected from the B<in>,
B<inlen> vector. The B<arg> parameter is the pointer set via
SSL_CTX_set_alpn_select_cb().
SSL_select_next_proto() is a helper function used to select protocols. It
implements the standard protocol selection. It is expected that this function
is called from the application callback B<cb>. The protocol data in B<server>,
B<server_len> and B<client>, B<client_len> must be in the protocol-list format
described below. The first item in the B<server>, B<server_len> list that
matches an item in the B<client>, B<client_len> list is selected, and returned
in B<out>, B<outlen>. The B<out> value will point into either B<server> or
B<client>, so it should be copied immediately. If no match is found, the first
item in B<client>, B<client_len> is returned in B<out>, B<outlen>. This
function can also be used in the NPN callback.
SSL_get0_alpn_selected() returns a pointer to the selected protocol in B<data>
with length B<len>. It is not NUL-terminated. B<data> is set to NULL and B<len>
is set to 0 if no protocol has been selected. B<data> must not be freed.
=head1 NOTES
The protocol-lists must be in wire-format, which is defined as a vector of
non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not
included in the length. Each string is limited to 255 bytes. A byte-string
length of 0 is invalid. A truncated byte-string is invalid. The length of the
vector is not in the vector itself, but in a separate variable.
Example:
unsigned char vector[] = {
6, 's', 'p', 'd', 'y', '/', '1',
8, 'h', 't', 't', 'p', '/', '1', '.', '1'
};
unsigned int length = sizeof(vector);
The ALPN callback is executed after the servername callback; as that servername
callback may update the SSL_CTX, and subsequently, the ALPN callback.
If there is no ALPN proposed in the ClientHello, the ALPN callback is not
invoked.
=head1 RETURN VALUES
SSL_CTX_set_alpn_protos() and SSL_set_alpn_protos() return 0 on success, and
non-0 on failure. WARNING: these functions reverse the return value convention.
SSL_select_next_proto() returns one of the following:
=over 4
=item OPENSSL_NPN_NEGOTIATED
A match was found and is returned in B<out>, B<outlen>.
=item OPENSSL_NPN_NO_OVERLAP
No match was found. The first item in B<client>, B<client_len> is returned in
B<out>, B<outlen>.
=back
The ALPN select callback B<cb>, must return one of the following:
=over 4
=item SSL_TLSEXT_ERR_OK
ALPN protocol selected.
=item SSL_TLSEXT_ERR_NOACK
ALPN protocol not selected.
=back
=head1 SEE ALSO
L<ssl(3)>, L<SSL_CTX_set_tlsext_servername_callback(3)>,
L<SSL_CTX_set_tlsext_servername_arg(3)>
=cut

8
crypto/openssl/doc/ssl/SSL_CTX_use_serverinfo.pod
View file

@ -30,6 +30,14 @@ must consist of a 2-byte Extension Type, a 2-byte length, and then length
bytes of extension_data. Each PEM extension name must begin with the phrase
"BEGIN SERVERINFO FOR ".
If more than one certificate (RSA/DSA) is installed using
SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the
last certificate installed. If e.g. the last item was a RSA certificate, the
loaded serverinfo extension data will be loaded for that certificate. To
use the serverinfo extension for multiple certificates,
SSL_CTX_use_serverinfo() needs to be called multiple times, once B<after>
each time a certificate is loaded.
=head1 NOTES
=head1 RETURN VALUES

2
crypto/openssl/ssl/d1_both.c
View file

@ -1459,6 +1459,8 @@ int dtls1_process_heartbeat(SSL *s)
* plus 2 bytes payload length, plus payload, plus padding
*/
buffer = OPENSSL_malloc(write_length);
if (buffer == NULL)
return -1;
bp = buffer;
/* Enter response type, length and copy payload */

16
crypto/openssl/ssl/s2_lib.c
View file

@ -150,7 +150,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP | SSL_MEDIUM,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
@ -167,7 +167,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
@ -184,7 +184,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_RC2,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP | SSL_MEDIUM,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
@ -201,7 +201,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_RC2,
SSL_MD5,
SSL_SSLV2,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
@ -219,7 +219,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_IDEA,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP | SSL_MEDIUM,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
@ -237,7 +237,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_DES,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
0,
56,
56,
@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_3DES,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP | SSL_HIGH,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
0,
112,
168,
@ -271,7 +271,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL2_CF_8_BYTE_ENC,
64,
64,

14
crypto/openssl/ssl/s2_meth.c
View file

@ -57,7 +57,8 @@
*/
#include "ssl_locl.h"
#ifndef OPENSSL_NO_SSL2
#ifndef OPENSSL_NO_SSL2_METHOD
# ifndef OPENSSL_NO_SSL2
# include <stdio.h>
# include <openssl/objects.h>
@ -72,7 +73,16 @@ static const SSL_METHOD *ssl2_get_method(int ver)
IMPLEMENT_ssl2_meth_func(SSLv2_method,
ssl2_accept, ssl2_connect, ssl2_get_method)
#else /* !OPENSSL_NO_SSL2 */
# else /* !OPENSSL_NO_SSL2 */
const SSL_METHOD *SSLv2_method(void) { return NULL; }
const SSL_METHOD *SSLv2_client_method(void) { return NULL; }
const SSL_METHOD *SSLv2_server_method(void) { return NULL; }
# endif
#else /* !OPENSSL_NO_SSL2_METHOD */
# if PEDANTIC
static void *dummy = &dummy;

2
crypto/openssl/ssl/s3_clnt.c
View file

@ -2199,6 +2199,7 @@ int ssl3_get_certificate_request(SSL *s)
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
goto err;
}
xn = NULL;
p += l;
nc += l + 2;
@ -2222,6 +2223,7 @@ int ssl3_get_certificate_request(SSL *s)
err:
s->state = SSL_ST_ERR;
done:
X509_NAME_free(xn);
if (ca_sk != NULL)
sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return (ret);

88
crypto/openssl/ssl/s3_lib.c
View file

@ -208,7 +208,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -258,7 +258,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC2,
SSL_MD5,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -294,7 +294,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@ -312,7 +312,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -347,7 +347,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@ -365,7 +365,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -399,7 +399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@ -417,7 +417,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -452,7 +452,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@ -470,7 +470,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -504,7 +504,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@ -522,7 +522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -556,7 +556,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -573,7 +573,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
SSL_NOT_EXP | SSL_MEDIUM,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@ -590,7 +590,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -608,7 +608,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -625,7 +625,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
@ -695,7 +695,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -761,7 +761,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_MD5,
SSL_SSLV3,
SSL_NOT_EXP | SSL_LOW,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -827,7 +827,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@ -845,7 +845,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC2,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -863,7 +863,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_SHA1,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -881,7 +881,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_MD5,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@ -899,7 +899,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC2,
SSL_MD5,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -917,7 +917,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
SSL_EXPORT | SSL_EXP40,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@ -1011,7 +1011,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@ -1106,7 +1106,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
@ -1302,7 +1302,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_CAMELLIA128,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@ -1322,7 +1322,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_MD5,
SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@ -1338,7 +1338,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC2,
SSL_MD5,
SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@ -1356,7 +1356,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -1374,7 +1374,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_DES,
SSL_SHA1,
SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@ -1392,7 +1392,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@ -1410,7 +1410,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
SSL_EXPORT | SSL_EXP56,
SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@ -1525,7 +1525,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES128,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@ -1541,7 +1541,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES256,
SSL_SHA256,
SSL_TLSV1_2,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
@ -1694,7 +1694,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_CAMELLIA256,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
@ -1860,7 +1860,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_SEED,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@ -2040,7 +2040,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES128GCM,
SSL_AEAD,
SSL_TLSV1_2,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
@ -2056,7 +2056,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES256GCM,
SSL_AEAD,
SSL_TLSV1_2,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256,
@ -2424,7 +2424,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_MEDIUM,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@ -2440,7 +2440,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
@ -2456,7 +2456,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@ -2472,7 +2472,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[] = {
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,

4
crypto/openssl/ssl/ssl.h
View file

@ -338,7 +338,7 @@ extern "C" {
* The following cipher list is used by default. It also is substituted when
* an application-defined cipher list string starts with 'DEFAULT'.
*/
# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2"
# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
/*
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
* starts with a reasonable order, and all we have to do for DEFAULT is
@ -2345,7 +2345,7 @@ const char *SSL_get_version(const SSL *s);
/* This sets the 'default' SSL version that SSL_new() will create */
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
# ifndef OPENSSL_NO_SSL2
# ifndef OPENSSL_NO_SSL2_METHOD
const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */

11
crypto/openssl/ssl/ssl_cert.c
View file

@ -504,6 +504,8 @@ void ssl_cert_free(CERT *c)
#ifndef OPENSSL_NO_TLSEXT
custom_exts_free(&c->cli_ext);
custom_exts_free(&c->srv_ext);
if (c->alpn_proposed)
OPENSSL_free(c->alpn_proposed);
#endif
OPENSSL_free(c);
}
@ -1057,13 +1059,18 @@ static int ssl_add_cert_to_buf(BUF_MEM *buf, unsigned long *l, X509 *x)
unsigned char *p;
n = i2d_X509(x, NULL);
if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
if (n < 0 || !BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
return 0;
}
p = (unsigned char *)&(buf->data[*l]);
l2n3(n, p);
i2d_X509(x, &p);
n = i2d_X509(x, &p);
if (n < 0) {
/* Shouldn't happen */
SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
return 0;
}
*l += n + 3;
return 1;

16
crypto/openssl/ssl/ssl_ciph.c
View file

@ -235,8 +235,7 @@ static const SSL_CIPHER cipher_aliases[] = {
* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
* ALL!)
*/
{0, SSL_TXT_CMPDEF, 0, 0, SSL_aNULL, ~SSL_eNULL, 0, ~SSL_SSLV2,
SSL_EXP_MASK, 0, 0, 0},
{0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},
/*
* key exchange aliases (some of those using only a single bit here
@ -1030,10 +1029,6 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
if (cipher_id && cipher_id != cp->id)
continue;
#endif
if (algo_strength == SSL_EXP_MASK && SSL_C_IS_EXPORT(cp))
goto ok;
if (alg_ssl == ~SSL_SSLV2 && cp->algorithm_ssl == SSL_SSLV2)
goto ok;
if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
continue;
if (alg_auth && !(alg_auth & cp->algorithm_auth))
@ -1050,10 +1045,11 @@ static void ssl_cipher_apply_rule(unsigned long cipher_id,
if ((algo_strength & SSL_STRONG_MASK)
&& !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
continue;
if ((algo_strength & SSL_NOT_DEFAULT)
&& !(cp->algo_strength & SSL_NOT_DEFAULT))
continue;
}
ok:
#ifdef CIPHER_DEBUG
fprintf(stderr, "Action = %d\n", rule);
#endif
@ -1337,6 +1333,10 @@ static int ssl_cipher_process_rulestr(const char *rule_str,
ca_list[j]->algo_strength & SSL_STRONG_MASK;
}
if (ca_list[j]->algo_strength & SSL_NOT_DEFAULT) {
algo_strength |= SSL_NOT_DEFAULT;
}
if (ca_list[j]->valid) {
/*
* explicit ciphersuite found; its protocol version does not

17
crypto/openssl/ssl/ssl_lib.c
View file

@ -244,7 +244,16 @@ int SSL_clear(SSL *s)
ssl_clear_hash_ctx(&s->write_hash);
s->first_packet = 0;
#ifndef OPENSSL_NO_TLSEXT
if (s->cert != NULL) {
if (s->cert->alpn_proposed) {
OPENSSL_free(s->cert->alpn_proposed);
s->cert->alpn_proposed = NULL;
}
s->cert->alpn_proposed_len = 0;
s->cert->alpn_sent = 0;
}
#endif
#if 1
/*
* Check to see if we were changed into a different method, if so, revert
@ -3174,6 +3183,12 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
ocert->ciphers_raw = NULL;
}
#ifndef OPENSSL_NO_TLSEXT
ssl->cert->alpn_proposed = ocert->alpn_proposed;
ssl->cert->alpn_proposed_len = ocert->alpn_proposed_len;
ocert->alpn_proposed = NULL;
ssl->cert->alpn_sent = ocert->alpn_sent;
#endif
ssl_cert_free(ocert);
}

7
crypto/openssl/ssl/ssl_locl.h
View file

@ -436,8 +436,9 @@
# define SSL_MEDIUM 0x00000040L
# define SSL_HIGH 0x00000080L
# define SSL_FIPS 0x00000100L
# define SSL_NOT_DEFAULT 0x00000200L
/* we have used 000001ff - 23 bits left to go */
/* we have used 000003ff - 22 bits left to go */
/*-
* Macros to check the export status and cipher strength for export ciphers.
@ -687,6 +688,10 @@ typedef struct cert_st {
custom_ext_methods cli_ext;
custom_ext_methods srv_ext;
int references; /* >1 only if SSL_copy_session_id is used */
/* non-optimal, but here due to compatibility */
unsigned char *alpn_proposed; /* server */
unsigned int alpn_proposed_len;
int alpn_sent; /* client */
} CERT;
typedef struct sess_cert_st {

28
crypto/openssl/ssl/ssl_rsa.c
View file

@ -841,7 +841,7 @@ static int serverinfo_srv_add_cb(SSL *s, unsigned int ext_type,
return 0; /* No extension found, don't send extension */
return 1; /* Send extension */
}
return -1; /* No serverinfo data found, don't send
return 0; /* No serverinfo data found, don't send
* extension */
}
@ -870,12 +870,26 @@ static int serverinfo_process_buffer(const unsigned char *serverinfo,
/* Register callbacks for extensions */
ext_type = (serverinfo[0] << 8) + serverinfo[1];
if (ctx && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
serverinfo_srv_add_cb,
NULL, NULL,
serverinfo_srv_parse_cb,
NULL))
return 0;
if (ctx) {
int have_ext_cbs = 0;
size_t i;
custom_ext_methods *exts = &ctx->cert->srv_ext;
custom_ext_method *meth = exts->meths;
for (i = 0; i < exts->meths_count; i++, meth++) {
if (ext_type == meth->ext_type) {
have_ext_cbs = 1;
break;
}
}
if (!have_ext_cbs && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
serverinfo_srv_add_cb,
NULL, NULL,
serverinfo_srv_parse_cb,
NULL))
return 0;
}
serverinfo += 2;
serverinfo_length -= 2;

181
crypto/openssl/ssl/ssltest.c
View file

@ -217,6 +217,9 @@
# define TEST_CLIENT_CERT "../apps/client.pem"
#endif
static SSL_CTX *s_ctx = NULL;
static SSL_CTX *s_ctx2 = NULL;
/*
* There is really no standard for this, so let's assign some tentative
* numbers. In any case, these numbers are only for this test
@ -300,9 +303,51 @@ static BIO *bio_err = NULL;
static BIO *bio_stdout = NULL;
static const char *alpn_client;
static const char *alpn_server;
static char *alpn_server;
static char *alpn_server2;
static const char *alpn_expected;
static unsigned char *alpn_selected;
static const char *sn_client;
static const char *sn_server1;
static const char *sn_server2;
static int sn_expect = 0;
static int servername_cb(SSL *s, int *ad, void *arg)
{
const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
if (sn_server2 == NULL) {
BIO_printf(bio_stdout, "Servername 2 is NULL\n");
return SSL_TLSEXT_ERR_NOACK;
}
if (servername != NULL) {
if (s_ctx2 != NULL && sn_server2 != NULL &&
!strcasecmp(servername, sn_server2)) {
BIO_printf(bio_stdout, "Switching server context.\n");
SSL_set_SSL_CTX(s, s_ctx2);
}
}
return SSL_TLSEXT_ERR_OK;
}
static int verify_servername(SSL *client, SSL *server)
{
/* just need to see if sn_context is what we expect */
SSL_CTX* ctx = SSL_get_SSL_CTX(server);
if (sn_expect == 0)
return 0;
if (sn_expect == 1 && ctx == s_ctx)
return 0;
if (sn_expect == 2 && ctx == s_ctx2)
return 0;
BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect);
if (ctx == s_ctx2)
BIO_printf(bio_stdout, "Servername: context is 2\n");
else if (ctx == s_ctx)
BIO_printf(bio_stdout, "Servername: context is 1\n");
else
BIO_printf(bio_stdout, "Servername: context is unknown\n");
return -1;
}
/*-
* next_protos_parse parses a comma separated list of strings into a string
@ -350,11 +395,12 @@ static int cb_server_alpn(SSL *s, const unsigned char **out,
{
unsigned char *protos;
unsigned short protos_len;
char* alpn_str = arg;
protos = next_protos_parse(&protos_len, alpn_server);
protos = next_protos_parse(&protos_len, alpn_str);
if (protos == NULL) {
fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
alpn_server);
alpn_str);
abort();
}
@ -417,8 +463,17 @@ static int verify_alpn(SSL *client, SSL *server)
BIO_printf(bio_stdout, "', server: '");
BIO_write(bio_stdout, server_proto, server_proto_len);
BIO_printf(bio_stdout, "'\n");
BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
alpn_client, alpn_server);
BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: ",
alpn_client);
if (SSL_get_SSL_CTX(server) == s_ctx2) {
BIO_printf(bio_stdout, "'%s'\n",
alpn_server2);
} else if (SSL_get_SSL_CTX(server) == s_ctx){
BIO_printf(bio_stdout, "'%s'\n",
alpn_server);
} else {
BIO_printf(bio_stdout, "unknown\n");
}
return -1;
}
@ -756,8 +811,15 @@ static void sv_usage(void)
" -custom_ext - try various custom extension callbacks\n");
fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n");
fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n");
fprintf(stderr,
" -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
fprintf(stderr, " -sn_client <string> - have client request this servername\n");
fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n");
fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
fprintf(stderr, " -sn_expect1 - expected server 1\n");
fprintf(stderr, " -sn_expect2 - expected server 2\n");
}
static void print_details(SSL *c_ssl, const char *prefix)
@ -896,7 +958,6 @@ int main(int argc, char *argv[])
#ifndef OPENSSL_NO_ECDH
char *named_curve = NULL;
#endif
SSL_CTX *s_ctx = NULL;
SSL_CTX *c_ctx = NULL;
const SSL_METHOD *meth = NULL;
SSL *c_ssl, *s_ssl;
@ -1151,14 +1212,35 @@ int main(int argc, char *argv[])
if (--argc < 1)
goto bad;
alpn_client = *(++argv);
} else if (strcmp(*argv, "-alpn_server") == 0) {
} else if (strcmp(*argv, "-alpn_server") == 0 ||
strcmp(*argv, "-alpn_server1") == 0) {
if (--argc < 1)
goto bad;
alpn_server = *(++argv);
} else if (strcmp(*argv, "-alpn_server2") == 0) {
if (--argc < 1)
goto bad;
alpn_server2 = *(++argv);
} else if (strcmp(*argv, "-alpn_expected") == 0) {
if (--argc < 1)
goto bad;
alpn_expected = *(++argv);
} else if (strcmp(*argv, "-sn_client") == 0) {
if (--argc < 1)
goto bad;
sn_client = *(++argv);
} else if (strcmp(*argv, "-sn_server1") == 0) {
if (--argc < 1)
goto bad;
sn_server1 = *(++argv);
} else if (strcmp(*argv, "-sn_server2") == 0) {
if (--argc < 1)
goto bad;
sn_server2 = *(++argv);
} else if (strcmp(*argv, "-sn_expect1") == 0) {
sn_expect = 1;
} else if (strcmp(*argv, "-sn_expect2") == 0) {
sn_expect = 2;
} else {
fprintf(stderr, "unknown option %s\n", *argv);
badop = 1;
@ -1304,7 +1386,8 @@ int main(int argc, char *argv[])
c_ctx = SSL_CTX_new(meth);
s_ctx = SSL_CTX_new(meth);
if ((c_ctx == NULL) || (s_ctx == NULL)) {
s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */
if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
@ -1312,7 +1395,9 @@ int main(int argc, char *argv[])
if (cipher != NULL) {
SSL_CTX_set_cipher_list(c_ctx, cipher);
SSL_CTX_set_cipher_list(s_ctx, cipher);
SSL_CTX_set_cipher_list(s_ctx2, cipher);
}
#ifndef OPENSSL_NO_DH
if (!no_dhe) {
if (dhe1024dsa) {
@ -1320,12 +1405,14 @@ int main(int argc, char *argv[])
* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
*/
SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_DH_USE);
dh = get_dh1024dsa();
} else if (dhe512)
dh = get_dh512();
else
dh = get_dh1024();
SSL_CTX_set_tmp_dh(s_ctx, dh);
SSL_CTX_set_tmp_dh(s_ctx2, dh);
DH_free(dh);
}
#else
@ -1353,7 +1440,9 @@ int main(int argc, char *argv[])
}
SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
SSL_CTX_set_tmp_ecdh(s_ctx2, ecdh);
SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_ECDH_USE);
EC_KEY_free(ecdh);
}
#else
@ -1362,15 +1451,18 @@ int main(int argc, char *argv[])
#ifndef OPENSSL_NO_RSA
SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
SSL_CTX_set_tmp_rsa_callback(s_ctx2, tmp_rsa_cb);
#endif
#ifdef TLSEXT_TYPE_opaque_prf_input
SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx2, opaque_prf_input_cb);
/* or &co2 or NULL */
SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
/* or &so2 or NULL */
SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx2, &so1);
#endif
if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
@ -1383,6 +1475,16 @@ int main(int argc, char *argv[])
goto end;
}
if (!SSL_CTX_use_certificate_file(s_ctx2, server_cert, SSL_FILETYPE_PEM)) {
ERR_print_errors(bio_err);
} else if (!SSL_CTX_use_PrivateKey_file(s_ctx2,
(server_key ? server_key :
server_cert),
SSL_FILETYPE_PEM)) {
ERR_print_errors(bio_err);
goto end;
}
if (client_auth) {
SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(c_ctx,
@ -1392,6 +1494,8 @@ int main(int argc, char *argv[])
if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
(!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(s_ctx2)) ||
(!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(c_ctx))) {
/* fprintf(stderr,"SSL_load_verify_locations\n"); */
@ -1406,6 +1510,11 @@ int main(int argc, char *argv[])
verify_callback);
SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
&app_verify_arg);
SSL_CTX_set_verify(s_ctx2,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
verify_callback);
SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback,
&app_verify_arg);
}
if (server_auth) {
BIO_printf(bio_err, "server authentication\n");
@ -1418,6 +1527,8 @@ int main(int argc, char *argv[])
int session_id_context = 0;
SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
sizeof session_id_context);
SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
sizeof session_id_context);
}
/* Use PSK only if PSK key is given */
@ -1436,6 +1547,7 @@ int main(int argc, char *argv[])
#ifndef OPENSSL_NO_PSK
SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback);
if (debug)
BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
@ -1443,6 +1555,11 @@ int main(int argc, char *argv[])
ERR_print_errors(bio_err);
goto end;
}
if (!SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) {
BIO_printf(bio_err, "error setting PSK identity hint to s_ctx2\n");
ERR_print_errors(bio_err);
goto end;
}
#endif
}
#ifndef OPENSSL_NO_SRP
@ -1461,8 +1578,11 @@ int main(int argc, char *argv[])
if (srp_server_arg.expected_user != NULL) {
SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback);
SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg);
SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb);
}
#endif
@ -1475,11 +1595,16 @@ int main(int argc, char *argv[])
NULL, NULL, NULL,
serverinfo_cli_parse_cb, NULL);
if (serverinfo_file)
if (serverinfo_file) {
if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
BIO_printf(bio_err, "missing serverinfo file\n");
goto end;
}
if (!SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) {
BIO_printf(bio_err, "missing serverinfo file\n");
goto end;
}
}
if (custom_ext) {
SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
@ -1515,10 +1640,29 @@ int main(int argc, char *argv[])
custom_ext_3_srv_add_cb,
NULL, NULL,
custom_ext_3_srv_parse_cb, NULL);
SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0,
custom_ext_0_srv_add_cb,
NULL, NULL,
custom_ext_0_srv_parse_cb, NULL);
SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1,
custom_ext_1_srv_add_cb,
NULL, NULL,
custom_ext_1_srv_parse_cb, NULL);
SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2,
custom_ext_2_srv_add_cb,
NULL, NULL,
custom_ext_2_srv_parse_cb, NULL);
SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3,
custom_ext_3_srv_add_cb,
NULL, NULL,
custom_ext_3_srv_parse_cb, NULL);
}
if (alpn_server)
SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server);
if (alpn_server2)
SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2);
if (alpn_client) {
unsigned short alpn_len;
@ -1532,9 +1676,15 @@ int main(int argc, char *argv[])
OPENSSL_free(alpn);
}
if (sn_server1 || sn_server2)
SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
c_ssl = SSL_new(c_ctx);
s_ssl = SSL_new(s_ctx);
if (sn_client)
SSL_set_tlsext_host_name(c_ssl, sn_client);
#ifndef OPENSSL_NO_KRB5
if (c_ssl && c_ssl->kssl_ctx) {
char localhost[MAXHOSTNAMELEN + 2];
@ -1588,12 +1738,19 @@ int main(int argc, char *argv[])
#endif
}
if (verify_alpn(c_ssl, s_ssl) < 0)
ret = 1;
if (verify_servername(c_ssl, s_ssl) < 0)
ret = 1;
SSL_free(s_ssl);
SSL_free(c_ssl);
end:
if (s_ctx != NULL)
SSL_CTX_free(s_ctx);
if (s_ctx2 != NULL)
SSL_CTX_free(s_ctx2);
if (c_ctx != NULL)
SSL_CTX_free(c_ctx);
@ -1961,10 +2118,6 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl, long count,
ret = 1;
goto err;
}
if (verify_alpn(c_ssl, s_ssl) < 0) {
ret = 1;
goto err;
}
if (custom_ext_error) {
ret = 1;

94
crypto/openssl/ssl/t1_lib.c
View file

@ -1539,6 +1539,7 @@ unsigned char *ssl_add_clienthello_tlsext(SSL *s, unsigned char *buf,
s2n(s->alpn_client_proto_list_len, ret);
memcpy(ret, s->alpn_client_proto_list, s->alpn_client_proto_list_len);
ret += s->alpn_client_proto_list_len;
s->cert->alpn_sent = 1;
}
# ifndef OPENSSL_NO_SRTP
if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
@ -1906,7 +1907,7 @@ static void ssl_check_for_safari(SSL *s, const unsigned char *data,
# endif /* !OPENSSL_NO_EC */
/*
* tls1_alpn_handle_client_hello is called to process the ALPN extension in a
* tls1_alpn_handle_client_hello is called to save the ALPN extension in a
* ClientHello. data: the contents of the extension, not including the type
* and length. data_len: the number of bytes in |data| al: a pointer to the
* alert value to send in the event of a non-zero return. returns: 0 on
@ -1917,12 +1918,6 @@ static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
{
unsigned i;
unsigned proto_len;
const unsigned char *selected;
unsigned char selected_len;
int r;
if (s->ctx->alpn_select_cb == NULL)
return 0;
if (data_len < 2)
goto parse_error;
@ -1953,19 +1948,15 @@ static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
i += proto_len;
}
r = s->ctx->alpn_select_cb(s, &selected, &selected_len, data, data_len,
s->ctx->alpn_select_cb_arg);
if (r == SSL_TLSEXT_ERR_OK) {
if (s->s3->alpn_selected)
OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = OPENSSL_malloc(selected_len);
if (!s->s3->alpn_selected) {
*al = SSL_AD_INTERNAL_ERROR;
return -1;
}
memcpy(s->s3->alpn_selected, selected, selected_len);
s->s3->alpn_selected_len = selected_len;
if (s->cert->alpn_proposed != NULL)
OPENSSL_free(s->cert->alpn_proposed);
s->cert->alpn_proposed = OPENSSL_malloc(data_len);
if (s->cert->alpn_proposed == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
return -1;
}
memcpy(s->cert->alpn_proposed, data, data_len);
s->cert->alpn_proposed_len = data_len;
return 0;
parse_error:
@ -1973,6 +1964,43 @@ static int tls1_alpn_handle_client_hello(SSL *s, const unsigned char *data,
return -1;
}
/*
* Process the ALPN extension in a ClientHello.
* ret: a pointer to the TLSEXT return value: SSL_TLSEXT_ERR_*
* al: a pointer to the alert value to send in the event of a failure.
* returns 1 on success, 0 on failure: al/ret set only on failure
*/
static int tls1_alpn_handle_client_hello_late(SSL *s, int *ret, int *al)
{
const unsigned char *selected = NULL;
unsigned char selected_len = 0;
if (s->ctx->alpn_select_cb != NULL && s->cert->alpn_proposed != NULL) {
int r = s->ctx->alpn_select_cb(s, &selected, &selected_len,
s->cert->alpn_proposed,
s->cert->alpn_proposed_len,
s->ctx->alpn_select_cb_arg);
if (r == SSL_TLSEXT_ERR_OK) {
OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = OPENSSL_malloc(selected_len);
if (s->s3->alpn_selected == NULL) {
*al = SSL_AD_INTERNAL_ERROR;
*ret = SSL_TLSEXT_ERR_ALERT_FATAL;
return 0;
}
memcpy(s->s3->alpn_selected, selected, selected_len);
s->s3->alpn_selected_len = selected_len;
# ifndef OPENSSL_NO_NEXTPROTONEG
/* ALPN takes precedence over NPN. */
s->s3->next_proto_neg_seen = 0;
# endif
}
}
return 1;
}
static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
unsigned char *limit, int *al)
{
@ -1992,6 +2020,12 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = NULL;
}
s->s3->alpn_selected_len = 0;
if (s->cert->alpn_proposed) {
OPENSSL_free(s->cert->alpn_proposed);
s->cert->alpn_proposed = NULL;
}
s->cert->alpn_proposed_len = 0;
# ifndef OPENSSL_NO_HEARTBEATS
s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
@ -2359,8 +2393,7 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
# endif
# ifndef OPENSSL_NO_NEXTPROTONEG
else if (type == TLSEXT_TYPE_next_proto_neg &&
s->s3->tmp.finish_md_len == 0 &&
s->s3->alpn_selected == NULL) {
s->s3->tmp.finish_md_len == 0) {
/*-
* We shouldn't accept this extension on a
* renegotiation.
@ -2383,13 +2416,9 @@ static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
# endif
else if (type == TLSEXT_TYPE_application_layer_protocol_negotiation &&
s->ctx->alpn_select_cb && s->s3->tmp.finish_md_len == 0) {
s->s3->tmp.finish_md_len == 0) {
if (tls1_alpn_handle_client_hello(s, data, size, al) != 0)
return 0;
# ifndef OPENSSL_NO_NEXTPROTONEG
/* ALPN takes precedence over NPN. */
s->s3->next_proto_neg_seen = 0;
# endif
}
/* session ticket processed earlier */
@ -2698,7 +2727,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, unsigned char **p,
unsigned len;
/* We must have requested it. */
if (s->alpn_client_proto_list == NULL) {
if (!s->cert->alpn_sent) {
*al = TLS1_AD_UNSUPPORTED_EXTENSION;
return 0;
}
@ -2863,6 +2892,7 @@ int ssl_prepare_clienthello_tlsext(SSL *s)
}
# endif
s->cert->alpn_sent = 0;
return 1;
}
@ -3066,6 +3096,10 @@ int ssl_check_clienthello_tlsext_late(SSL *s)
} else
s->tlsext_status_expected = 0;
if (!tls1_alpn_handle_client_hello_late(s, &ret, &al)) {
goto err;
}
err:
switch (ret) {
case SSL_TLSEXT_ERR_ALERT_FATAL:
@ -3415,8 +3449,10 @@ static int tls_decrypt_ticket(SSL *s, const unsigned char *etick,
p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
sdec = OPENSSL_malloc(eticklen);
if (!sdec || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) {
if (sdec == NULL
|| EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) {
EVP_CIPHER_CTX_cleanup(&ctx);
OPENSSL_free(sdec);
return -1;
}
if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
@ -3856,6 +3892,8 @@ int tls1_process_heartbeat(SSL *s)
* plus 2 bytes payload length, plus payload, plus padding
*/
buffer = OPENSSL_malloc(1 + 2 + payload + padding);
if (buffer == NULL)
return -1;
bp = buffer;
/* Enter response type, length and copy payload */

18
crypto/openssl/util/libeay.num
View file

@ -1065,8 +1065,8 @@ d2i_ASN1_BMPSTRING 1092 EXIST::FUNCTION:
i2d_ASN1_BMPSTRING 1093 EXIST::FUNCTION:
BIO_f_ber 1094 NOEXIST::FUNCTION:
BN_init 1095 EXIST::FUNCTION:
COMP_CTX_new 1096 EXIST::FUNCTION:
COMP_CTX_free 1097 EXIST::FUNCTION:
COMP_CTX_new 1096 EXIST::FUNCTION:COMP
COMP_CTX_free 1097 EXIST::FUNCTION:COMP
COMP_CTX_compress_block 1098 NOEXIST::FUNCTION:
COMP_CTX_expand_block 1099 NOEXIST::FUNCTION:
X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION:
@ -1113,10 +1113,10 @@ PKCS7_digest_from_attributes 1140 EXIST::FUNCTION:
PKCS7_get_attribute 1141 EXIST::FUNCTION:
PKCS7_get_issuer_and_serial 1142 EXIST::FUNCTION:
PKCS7_get_signed_attribute 1143 EXIST::FUNCTION:
COMP_compress_block 1144 EXIST::FUNCTION:
COMP_expand_block 1145 EXIST::FUNCTION:
COMP_rle 1146 EXIST::FUNCTION:
COMP_zlib 1147 EXIST::FUNCTION:
COMP_compress_block 1144 EXIST::FUNCTION:COMP
COMP_expand_block 1145 EXIST::FUNCTION:COMP
COMP_rle 1146 EXIST::FUNCTION:COMP
COMP_zlib 1147 EXIST::FUNCTION:COMP
ms_time_diff 1148 NOEXIST::FUNCTION:
ms_time_new 1149 NOEXIST::FUNCTION:
ms_time_free 1150 NOEXIST::FUNCTION:
@ -1945,7 +1945,7 @@ ENGINE_get_ctrl_function 2521 EXIST::FUNCTION:ENGINE
ENGINE_set_ctrl_function 2522 EXIST::FUNCTION:ENGINE
BN_pseudo_rand_range 2523 EXIST::FUNCTION:
X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION:
ERR_load_COMP_strings 2525 EXIST::FUNCTION:
ERR_load_COMP_strings 2525 EXIST::FUNCTION:COMP
PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION:
ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@ -3545,8 +3545,8 @@ X509at_get0_data_by_OBJ 3931 EXIST::FUNCTION:
ASN1_TYPE_set1 3932 EXIST::FUNCTION:
ASN1_STRING_set0 3933 EXIST::FUNCTION:
i2d_X509_ALGORS 3934 EXIST::FUNCTION:
BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION:
COMP_zlib_cleanup 3936 EXIST::FUNCTION:
BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION:COMP
COMP_zlib_cleanup 3936 EXIST::FUNCTION:COMP
d2i_X509_ALGORS 3937 EXIST::FUNCTION:
CMS_ReceiptRequest_free 3938 EXIST::FUNCTION:CMS
PEM_write_CMS 3939 EXIST:!WIN16:FUNCTION:CMS

9
crypto/openssl/util/mk1mf.pl
View file

@ -291,8 +291,9 @@ $cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.=" -DOPENSSL_NO_WEAK_SSL_CIPHERS" if $no_weak_ssl;
$cflags.= " -DZLIB" if $zlib_opt;
$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
$cflags.=" -DZLIB" if $zlib_opt;
$cflags.=" -DZLIB_SHARED" if $zlib_opt == 2;
$cflags.=" -DOPENSSL_NO_COMP" if $no_comp;
if ($no_static_engine)
{
@ -850,6 +851,7 @@ sub var_add
return("") if $no_gost && $dir =~ /\/ccgost/;
return("") if $no_cms && $dir =~ /\/cms/;
return("") if $no_jpake && $dir =~ /\/jpake/;
return("") if $no_comp && $dir =~ /\/comp/;
if ($no_des && $dir =~ /\/des/)
{
if ($val =~ /read_pwd/)
@ -1198,6 +1200,7 @@ sub read_options
"nw-mwasm" => \$nw_mwasm,
"gaswin" => \$gaswin,
"no-ssl2" => \$no_ssl2,
"no-ssl2-method" => 0,
"no-ssl3" => \$no_ssl3,
"no-ssl3-method" => 0,
"no-tlsext" => \$no_tlsext,
@ -1242,6 +1245,7 @@ sub read_options
"no-unit-test" => 0,
"no-libunbound" => 0,
"no-multiblock" => 0,
"no-comp" => \$no_comp,
"fips" => \$fips
);
@ -1259,7 +1263,6 @@ sub read_options
}
}
}
elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; }
elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
elsif (/^enable-zlib-dynamic$/)
{

6
crypto/openssl/util/mkdef.pl
View file

@ -107,6 +107,8 @@ my @known_algorithms = ( "RC2", "RC4", "RC5", "IDEA", "DES", "BF",
"CAPIENG",
# SSL v2
"SSL2",
# SSL v2 method
"SSL2_METHOD",
# SSL v3 method
"SSL3_METHOD",
# JPAKE
@ -145,7 +147,7 @@ my $no_fp_api; my $no_static_engine=1; my $no_gmp; my $no_deprecated;
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace;
my $no_unit_test; my $no_ssl3_method;
my $no_unit_test; my $no_ssl3_method; my $no_ssl2_method;
my $fips;
@ -240,6 +242,7 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; }
elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
elsif (/^no-ssl2$/) { $no_ssl2=1; }
elsif (/^no-ssl2-method$/) { $no_ssl2_method=1; }
elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; }
elsif (/^no-ssl-trace$/) { $no_ssl_trace=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
@ -1215,6 +1218,7 @@ sub is_valid
if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
{ return 0; }
if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
if ($keyword eq "SSL2_METHOD" && $no_ssl2_method) { return 0; }
if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; }
if ($keyword eq "SSL_TRACE" && $no_ssl_trace) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }

9
crypto/openssl/util/shlib_wrap.sh
View file

@ -27,6 +27,15 @@ SunOS|IRIX*)
LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64
preload_var=LD_PRELOAD_64
;;
*ELF\ 32*SPARC*|*ELF\ 32*80386*)
# We only need to change LD_PRELOAD_32 and LD_LIBRARY_PATH_32
# on a multi-arch system. Otherwise, trust the fallbacks.
if [ -f /lib/64/ld.so.1 ]; then
[ -n "$LD_LIBRARY_PATH_32" ] && rld_var=LD_LIBRARY_PATH_32
LD_PRELOAD_32="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_32
preload_var=LD_PRELOAD_32
fi
;;
# Why are newly built .so's preloaded anyway? Because run-time
# .so lookup path embedded into application takes precedence
# over LD_LIBRARY_PATH and as result application ends up linking

6
crypto/openssl/util/ssleay.num
View file

@ -98,9 +98,9 @@ SSLeay_add_ssl_algorithms 109 NOEXIST::FUNCTION:
SSLv23_client_method 110 EXIST::FUNCTION:RSA
SSLv23_method 111 EXIST::FUNCTION:RSA
SSLv23_server_method 112 EXIST::FUNCTION:RSA
SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2
SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2
SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2
SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2_METHOD
SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2_METHOD
SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2_METHOD
SSLv3_client_method 116 EXIST::FUNCTION:SSL3_METHOD
SSLv3_method 117 EXIST::FUNCTION:SSL3_METHOD
SSLv3_server_method 118 EXIST::FUNCTION:SSL3_METHOD

4
secure/lib/libcrypto/Makefile.inc
View file

@ -3,8 +3,8 @@
.include <bsd.own.mk>
# OpenSSL version used for manual page generation
OPENSSL_VER= 1.0.2g
OPENSSL_DATE= 2016-03-01
OPENSSL_VER= 1.0.2h
OPENSSL_DATE= 2016-05-03
LCRYPTO_SRC= ${.CURDIR}/../../../crypto/openssl
LCRYPTO_DOC= ${LCRYPTO_SRC}/doc

8
secure/lib/libcrypto/Makefile.man
View file

@ -101,6 +101,7 @@ MAN+= EVP_BytesToKey.3
MAN+= EVP_DigestInit.3
MAN+= EVP_DigestSignInit.3
MAN+= EVP_DigestVerifyInit.3
MAN+= EVP_EncodeInit.3
MAN+= EVP_EncryptInit.3
MAN+= EVP_OpenInit.3
MAN+= EVP_PKEY_CTX_ctrl.3
@ -633,6 +634,13 @@ MLINKS+= EVP_DigestSignInit.3 EVP_DigestSignUpdate.3
MLINKS+= EVP_DigestSignInit.3 EVP_DigestSignFinal.3
MLINKS+= EVP_DigestVerifyInit.3 EVP_DigestVerifyUpdate.3
MLINKS+= EVP_DigestVerifyInit.3 EVP_DigestVerifyFinal.3
MLINKS+= EVP_EncodeInit.3 EVP_EncodeUpdate.3
MLINKS+= EVP_EncodeInit.3 EVP_EncodeFinal.3
MLINKS+= EVP_EncodeInit.3 EVP_EncodeBlock.3
MLINKS+= EVP_EncodeInit.3 EVP_DecodeInit.3
MLINKS+= EVP_EncodeInit.3 EVP_DecodeUpdate.3
MLINKS+= EVP_EncodeInit.3 EVP_DecodeFinal.3
MLINKS+= EVP_EncodeInit.3 EVP_DecodeBlock.3
MLINKS+= EVP_EncryptInit.3 EVP_CIPHER_CTX_init.3
MLINKS+= EVP_EncryptInit.3 EVP_EncryptInit_ex.3
MLINKS+= EVP_EncryptInit.3 EVP_EncryptUpdate.3

8
secure/lib/libcrypto/amd64/aesni-sha1-x86_64.S
View file

@ -1393,8 +1393,8 @@ aesni_cbc_sha1_enc_shaext:
movups 16(%rcx),%xmm0
leaq 112(%rcx),%rcx
pshufd $0b00011011,%xmm8,%xmm8
pshufd $0b00011011,%xmm9,%xmm9
pshufd $27,%xmm8,%xmm8
pshufd $27,%xmm9,%xmm9
jmp .Loop_shaext
.align 16
@ -1673,8 +1673,8 @@ aesni_cbc_sha1_enc_shaext:
leaq 64(%rdi),%rdi
jnz .Loop_shaext
pshufd $0b00011011,%xmm8,%xmm8
pshufd $0b00011011,%xmm9,%xmm9
pshufd $27,%xmm8,%xmm8
pshufd $27,%xmm9,%xmm9
movups %xmm2,(%r8)
movdqu %xmm8,(%r9)
movd %xmm9,16(%r9)

30
secure/lib/libcrypto/amd64/aesni-x86_64.S
View file

@ -3463,11 +3463,11 @@ __aesni_set_encrypt_key:
movups %xmm0,(%rax)
leaq 16(%rax),%rax
.Lkey_expansion_128_cold:
shufps $0b00010000,%xmm0,%xmm4
shufps $16,%xmm0,%xmm4
xorps %xmm4,%xmm0
shufps $0b10001100,%xmm0,%xmm4
shufps $140,%xmm0,%xmm4
xorps %xmm4,%xmm0
shufps $0b11111111,%xmm1,%xmm1
shufps $255,%xmm1,%xmm1
xorps %xmm1,%xmm0
.byte 0xf3,0xc3
@ -3478,25 +3478,25 @@ __aesni_set_encrypt_key:
.Lkey_expansion_192a_cold:
movaps %xmm2,%xmm5
.Lkey_expansion_192b_warm:
shufps $0b00010000,%xmm0,%xmm4
shufps $16,%xmm0,%xmm4
movdqa %xmm2,%xmm3
xorps %xmm4,%xmm0
shufps $0b10001100,%xmm0,%xmm4
shufps $140,%xmm0,%xmm4
pslldq $4,%xmm3
xorps %xmm4,%xmm0
pshufd $0b01010101,%xmm1,%xmm1
pshufd $85,%xmm1,%xmm1
pxor %xmm3,%xmm2
pxor %xmm1,%xmm0
pshufd $0b11111111,%xmm0,%xmm3
pshufd $255,%xmm0,%xmm3
pxor %xmm3,%xmm2
.byte 0xf3,0xc3
.align 16
.Lkey_expansion_192b:
movaps %xmm0,%xmm3
shufps $0b01000100,%xmm0,%xmm5
shufps $68,%xmm0,%xmm5
movups %xmm5,(%rax)
shufps $0b01001110,%xmm2,%xmm3
shufps $78,%xmm2,%xmm3
movups %xmm3,16(%rax)
leaq 32(%rax),%rax
jmp .Lkey_expansion_192b_warm
@ -3506,11 +3506,11 @@ __aesni_set_encrypt_key:
movups %xmm2,(%rax)
leaq 16(%rax),%rax
.Lkey_expansion_256a_cold:
shufps $0b00010000,%xmm0,%xmm4
shufps $16,%xmm0,%xmm4
xorps %xmm4,%xmm0
shufps $0b10001100,%xmm0,%xmm4
shufps $140,%xmm0,%xmm4
xorps %xmm4,%xmm0
shufps $0b11111111,%xmm1,%xmm1
shufps $255,%xmm1,%xmm1
xorps %xmm1,%xmm0
.byte 0xf3,0xc3
@ -3519,11 +3519,11 @@ __aesni_set_encrypt_key:
movups %xmm0,(%rax)
leaq 16(%rax),%rax
shufps $0b00010000,%xmm2,%xmm4
shufps $16,%xmm2,%xmm4
xorps %xmm4,%xmm2
shufps $0b10001100,%xmm2,%xmm4
shufps $140,%xmm2,%xmm4
xorps %xmm4,%xmm2
shufps $0b10101010,%xmm1,%xmm1
shufps $170,%xmm1,%xmm1
xorps %xmm1,%xmm2
.byte 0xf3,0xc3
.size aesni_set_encrypt_key,.-aesni_set_encrypt_key

48
secure/lib/libcrypto/amd64/ghash-x86_64.S
View file

@ -662,10 +662,10 @@ gcm_ghash_4bit:
gcm_init_clmul:
.L_init_clmul:
movdqu (%rsi),%xmm2
pshufd $0b01001110,%xmm2,%xmm2
pshufd $78,%xmm2,%xmm2
pshufd $0b11111111,%xmm2,%xmm4
pshufd $255,%xmm2,%xmm4
movdqa %xmm2,%xmm3
psllq $1,%xmm2
pxor %xmm5,%xmm5
@ -679,11 +679,11 @@ gcm_init_clmul:
pxor %xmm5,%xmm2
pshufd $0b01001110,%xmm2,%xmm6
pshufd $78,%xmm2,%xmm6
movdqa %xmm2,%xmm0
pxor %xmm2,%xmm6
movdqa %xmm0,%xmm1
pshufd $0b01001110,%xmm0,%xmm3
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
.byte 102,15,58,68,194,0
.byte 102,15,58,68,202,17
@ -719,8 +719,8 @@ gcm_init_clmul:
pxor %xmm4,%xmm0
psrlq $1,%xmm0
pxor %xmm1,%xmm0
pshufd $0b01001110,%xmm2,%xmm3
pshufd $0b01001110,%xmm0,%xmm4
pshufd $78,%xmm2,%xmm3
pshufd $78,%xmm0,%xmm4
pxor %xmm2,%xmm3
movdqu %xmm2,0(%rdi)
pxor %xmm0,%xmm4
@ -728,7 +728,7 @@ gcm_init_clmul:
.byte 102,15,58,15,227,8
movdqu %xmm4,32(%rdi)
movdqa %xmm0,%xmm1
pshufd $0b01001110,%xmm0,%xmm3
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
.byte 102,15,58,68,194,0
.byte 102,15,58,68,202,17
@ -766,7 +766,7 @@ gcm_init_clmul:
pxor %xmm1,%xmm0
movdqa %xmm0,%xmm5
movdqa %xmm0,%xmm1
pshufd $0b01001110,%xmm0,%xmm3
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
.byte 102,15,58,68,194,0
.byte 102,15,58,68,202,17
@ -802,8 +802,8 @@ gcm_init_clmul:
pxor %xmm4,%xmm0
psrlq $1,%xmm0
pxor %xmm1,%xmm0
pshufd $0b01001110,%xmm5,%xmm3
pshufd $0b01001110,%xmm0,%xmm4
pshufd $78,%xmm5,%xmm3
pshufd $78,%xmm0,%xmm4
pxor %xmm5,%xmm3
movdqu %xmm5,48(%rdi)
pxor %xmm0,%xmm4
@ -823,7 +823,7 @@ gcm_gmult_clmul:
movdqu 32(%rsi),%xmm4
.byte 102,15,56,0,197
movdqa %xmm0,%xmm1
pshufd $0b01001110,%xmm0,%xmm3
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
.byte 102,15,58,68,194,0
.byte 102,15,58,68,202,17
@ -900,14 +900,14 @@ gcm_ghash_clmul:
.byte 102,65,15,56,0,218
.byte 102,69,15,56,0,218
movdqa %xmm3,%xmm5
pshufd $0b01001110,%xmm3,%xmm4
pshufd $78,%xmm3,%xmm4
pxor %xmm3,%xmm4
.byte 102,15,58,68,218,0
.byte 102,15,58,68,234,17
.byte 102,15,58,68,231,0
movdqa %xmm11,%xmm13
pshufd $0b01001110,%xmm11,%xmm12
pshufd $78,%xmm11,%xmm12
pxor %xmm11,%xmm12
.byte 102,68,15,58,68,222,0
.byte 102,68,15,58,68,238,17
@ -922,12 +922,12 @@ gcm_ghash_clmul:
.byte 102,69,15,56,0,218
.byte 102,69,15,56,0,194
movdqa %xmm11,%xmm13
pshufd $0b01001110,%xmm11,%xmm12
pshufd $78,%xmm11,%xmm12
pxor %xmm8,%xmm0
pxor %xmm11,%xmm12
.byte 102,69,15,58,68,222,0
movdqa %xmm0,%xmm1
pshufd $0b01001110,%xmm0,%xmm8
pshufd $78,%xmm0,%xmm8
pxor %xmm0,%xmm8
.byte 102,69,15,58,68,238,17
.byte 102,68,15,58,68,231,0
@ -950,14 +950,14 @@ gcm_ghash_clmul:
movdqu 32(%rdx),%xmm3
movdqa %xmm11,%xmm13
.byte 102,68,15,58,68,199,16
pshufd $0b01001110,%xmm11,%xmm12
pshufd $78,%xmm11,%xmm12
xorps %xmm5,%xmm1
pxor %xmm11,%xmm12
.byte 102,65,15,56,0,218
movups 32(%rsi),%xmm7
xorps %xmm4,%xmm8
.byte 102,68,15,58,68,218,0
pshufd $0b01001110,%xmm3,%xmm4
pshufd $78,%xmm3,%xmm4
pxor %xmm0,%xmm8
movdqa %xmm3,%xmm5
@ -1001,7 +1001,7 @@ gcm_ghash_clmul:
movdqa %xmm11,%xmm13
pxor %xmm12,%xmm4
pshufd $0b01001110,%xmm11,%xmm12
pshufd $78,%xmm11,%xmm12
pxor %xmm9,%xmm0
pxor %xmm8,%xmm1
pxor %xmm11,%xmm12
@ -1011,7 +1011,7 @@ gcm_ghash_clmul:
movdqa %xmm0,%xmm1
.byte 102,69,15,58,68,238,17
xorps %xmm11,%xmm3
pshufd $0b01001110,%xmm0,%xmm8
pshufd $78,%xmm0,%xmm8
pxor %xmm0,%xmm8
.byte 102,68,15,58,68,231,0
@ -1080,7 +1080,7 @@ gcm_ghash_clmul:
pxor %xmm8,%xmm0
movdqa %xmm3,%xmm5
pshufd $0b01001110,%xmm3,%xmm4
pshufd $78,%xmm3,%xmm4
pxor %xmm3,%xmm4
.byte 102,15,58,68,218,0
.byte 102,15,58,68,234,17
@ -1097,7 +1097,7 @@ gcm_ghash_clmul:
.Lmod_loop:
movdqa %xmm0,%xmm1
movdqa %xmm4,%xmm8
pshufd $0b01001110,%xmm0,%xmm4
pshufd $78,%xmm0,%xmm4
pxor %xmm0,%xmm4
.byte 102,15,58,68,198,0
@ -1135,7 +1135,7 @@ gcm_ghash_clmul:
pslldq $8,%xmm0
psrldq $8,%xmm8
pxor %xmm9,%xmm0
pshufd $0b01001110,%xmm5,%xmm4
pshufd $78,%xmm5,%xmm4
pxor %xmm8,%xmm1
pxor %xmm5,%xmm4
@ -1157,7 +1157,7 @@ gcm_ghash_clmul:
.Leven_tail:
movdqa %xmm0,%xmm1
movdqa %xmm4,%xmm8
pshufd $0b01001110,%xmm0,%xmm4
pshufd $78,%xmm0,%xmm4
pxor %xmm0,%xmm4
.byte 102,15,58,68,198,0
@ -1205,7 +1205,7 @@ gcm_ghash_clmul:
.byte 102,69,15,56,0,194
pxor %xmm8,%xmm0
movdqa %xmm0,%xmm1
pshufd $0b01001110,%xmm0,%xmm3
pshufd $78,%xmm0,%xmm3
pxor %xmm0,%xmm3
.byte 102,15,58,68,194,0
.byte 102,15,58,68,202,17

12
secure/lib/libcrypto/amd64/sha1-mb-x86_64.S
View file

@ -2600,10 +2600,10 @@ _shaext_shortcut:
punpcklqdq %xmm5,%xmm0
punpckhqdq %xmm5,%xmm8
pshufd $0b00111111,%xmm7,%xmm1
pshufd $0b01111111,%xmm7,%xmm9
pshufd $0b00011011,%xmm0,%xmm0
pshufd $0b00011011,%xmm8,%xmm8
pshufd $63,%xmm7,%xmm1
pshufd $127,%xmm7,%xmm9
pshufd $27,%xmm0,%xmm0
pshufd $27,%xmm8,%xmm8
jmp .Loop_shaext
.align 32
@ -2889,8 +2889,8 @@ _shaext_shortcut:
movl 280(%rsp),%edx
pshufd $0b00011011,%xmm0,%xmm0
pshufd $0b00011011,%xmm8,%xmm8
pshufd $27,%xmm0,%xmm0
pshufd $27,%xmm8,%xmm8
movdqa %xmm0,%xmm6
punpckldq %xmm8,%xmm0

8
secure/lib/libcrypto/amd64/sha1-x86_64.S
View file

@ -1241,9 +1241,9 @@ _shaext_shortcut:
movdqa K_XX_XX+160(%rip),%xmm3
movdqu (%rsi),%xmm4
pshufd $0b00011011,%xmm0,%xmm0
pshufd $27,%xmm0,%xmm0
movdqu 16(%rsi),%xmm5
pshufd $0b00011011,%xmm1,%xmm1
pshufd $27,%xmm1,%xmm1
movdqu 32(%rsi),%xmm6
.byte 102,15,56,0,227
movdqu 48(%rsi),%xmm7
@ -1393,8 +1393,8 @@ _shaext_shortcut:
jnz .Loop_shaext
pshufd $0b00011011,%xmm0,%xmm0
pshufd $0b00011011,%xmm1,%xmm1
pshufd $27,%xmm0,%xmm0
pshufd $27,%xmm1,%xmm1
movdqu %xmm0,(%rdi)
movd %xmm1,16(%rdi)
.byte 0xf3,0xc3

16
secure/lib/libcrypto/amd64/sha256-mb-x86_64.S
View file

@ -2678,10 +2678,10 @@ _shaext_shortcut:
punpckhqdq %xmm8,%xmm14
punpckhqdq %xmm10,%xmm15
pshufd $0b00011011,%xmm12,%xmm12
pshufd $0b00011011,%xmm13,%xmm13
pshufd $0b00011011,%xmm14,%xmm14
pshufd $0b00011011,%xmm15,%xmm15
pshufd $27,%xmm12,%xmm12
pshufd $27,%xmm13,%xmm13
pshufd $27,%xmm14,%xmm14
pshufd $27,%xmm15,%xmm15
jmp .Loop_shaext
.align 32
@ -3067,10 +3067,10 @@ _shaext_shortcut:
movl 280(%rsp),%edx
pshufd $0b00011011,%xmm12,%xmm12
pshufd $0b00011011,%xmm13,%xmm13
pshufd $0b00011011,%xmm14,%xmm14
pshufd $0b00011011,%xmm15,%xmm15
pshufd $27,%xmm12,%xmm12
pshufd $27,%xmm13,%xmm13
pshufd $27,%xmm14,%xmm14
pshufd $27,%xmm15,%xmm15
movdqa %xmm12,%xmm5
movdqa %xmm13,%xmm6

31
secure/lib/libcrypto/amd64/x86_64-mont.S
View file

@ -35,6 +35,20 @@ bn_mul_mont:
movq %r11,8(%rsp,%r9,8)
.Lmul_body:
subq %rsp,%r11
andq $-4096,%r11
.Lmul_page_walk:
movq (%rsp,%r11,1),%r10
subq $4096,%r11
.byte 0x66,0x2e
jnc .Lmul_page_walk
movq %rdx,%r12
movq (%r8),%r8
movq (%r12),%rbx
@ -232,6 +246,14 @@ bn_mul4x_mont:
movq %r11,8(%rsp,%r9,8)
.Lmul4x_body:
subq %rsp,%r11
andq $-4096,%r11
.Lmul4x_page_walk:
movq (%rsp,%r11,1),%r10
subq $4096,%r11
.byte 0x2e
jnc .Lmul4x_page_walk
movq %rdi,16(%rsp,%r9,8)
movq %rdx,%r12
movq (%r8),%r8
@ -654,6 +676,15 @@ bn_sqr8x_mont:
subq %r11,%rsp
.Lsqr8x_sp_done:
andq $-64,%rsp
movq %rax,%r11
subq %rsp,%r11
andq $-4096,%r11
.Lsqr8x_page_walk:
movq (%rsp,%r11,1),%r10
subq $4096,%r11
.byte 0x2e
jnc .Lsqr8x_page_walk
movq %r9,%r10
negq %r9

41
secure/lib/libcrypto/amd64/x86_64-mont5.S
View file

@ -31,6 +31,20 @@ bn_mul_mont_gather5:
movq %rax,8(%rsp,%r9,8)
.Lmul_body:
subq %rsp,%rax
andq $-4096,%rax
.Lmul_page_walk:
movq (%rsp,%rax,1),%r11
subq $4096,%rax
.byte 0x2e
jnc .Lmul_page_walk
leaq 128(%rdx),%r12
movdqa 0(%r10),%xmm0
movdqa 16(%r10),%xmm1
@ -443,6 +457,15 @@ bn_mul4x_mont_gather5:
subq %r11,%rsp
.Lmul4xsp_done:
andq $-64,%rsp
movq %rax,%r11
subq %rsp,%r11
andq $-4096,%r11
.Lmul4x_page_walk:
movq (%rsp,%r11,1),%r10
subq $4096,%r11
.byte 0x2e
jnc .Lmul4x_page_walk
negq %r9
movq %rax,40(%rsp)
@ -1032,6 +1055,15 @@ bn_power5:
subq %r11,%rsp
.Lpwr_sp_done:
andq $-64,%rsp
movq %rax,%r11
subq %rsp,%r11
andq $-4096,%r11
.Lpwr_page_walk:
movq (%rsp,%r11,1),%r10
subq $4096,%r11
.byte 0x2e
jnc .Lpwr_page_walk
movq %r9,%r10
negq %r9
@ -1973,6 +2005,15 @@ bn_from_mont8x:
subq %r11,%rsp
.Lfrom_sp_done:
andq $-64,%rsp
movq %rax,%r11
subq %rsp,%r11
andq $-4096,%r11
.Lfrom_page_walk:
movq (%rsp,%r11,1),%r10
subq $4096,%r11
.byte 0x2e
jnc .Lfrom_page_walk
movq %r9,%r10
negq %r9

78
secure/lib/libcrypto/i386/x86-mont.s
View file

@ -30,6 +30,14 @@ bn_mul_mont:
xorl $2048,%edx
subl %edx,%esp
andl $-64,%esp
movl %ebp,%eax
subl %esp,%eax
andl $-4096,%eax
.L001page_walk:
movl (%esp,%eax,1),%edx
subl $4096,%eax
.byte 46
jnc .L001page_walk
movl (%esi),%eax
movl 4(%esi),%ebx
movl 8(%esi),%ecx
@ -45,7 +53,7 @@ bn_mul_mont:
movl %ebp,24(%esp)
leal OPENSSL_ia32cap_P,%eax
btl $26,(%eax)
jnc .L001non_sse2
jnc .L002non_sse2
movl $-1,%eax
movd %eax,%mm7
movl 8(%esp),%esi
@ -69,7 +77,7 @@ bn_mul_mont:
psrlq $32,%mm3
incl %ecx
.align 16
.L0021st:
.L0031st:
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@ -84,7 +92,7 @@ bn_mul_mont:
psrlq $32,%mm3
leal 1(%ecx),%ecx
cmpl %ebx,%ecx
jl .L0021st
jl .L0031st
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@ -98,7 +106,7 @@ bn_mul_mont:
paddq %mm2,%mm3
movq %mm3,32(%esp,%ebx,4)
incl %edx
.L003outer:
.L004outer:
xorl %ecx,%ecx
movd (%edi,%edx,4),%mm4
movd (%esi),%mm5
@ -120,7 +128,7 @@ bn_mul_mont:
paddq %mm6,%mm2
incl %ecx
decl %ebx
.L004inner:
.L005inner:
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
paddq %mm0,%mm2
@ -137,7 +145,7 @@ bn_mul_mont:
paddq %mm6,%mm2
decl %ebx
leal 1(%ecx),%ecx
jnz .L004inner
jnz .L005inner
movl %ecx,%ebx
pmuludq %mm4,%mm0
pmuludq %mm5,%mm1
@ -155,11 +163,11 @@ bn_mul_mont:
movq %mm3,32(%esp,%ebx,4)
leal 1(%edx),%edx
cmpl %ebx,%edx
jle .L003outer
jle .L004outer
emms
jmp .L005common_tail
jmp .L006common_tail
.align 16
.L001non_sse2:
.L002non_sse2:
movl 8(%esp),%esi
leal 1(%ebx),%ebp
movl 12(%esp),%edi
@ -170,12 +178,12 @@ bn_mul_mont:
leal 4(%edi,%ebx,4),%eax
orl %edx,%ebp
movl (%edi),%edi
jz .L006bn_sqr_mont
jz .L007bn_sqr_mont
movl %eax,28(%esp)
movl (%esi),%eax
xorl %edx,%edx
.align 16
.L007mull:
.L008mull:
movl %edx,%ebp
mull %edi
addl %eax,%ebp
@ -184,7 +192,7 @@ bn_mul_mont:
movl (%esi,%ecx,4),%eax
cmpl %ebx,%ecx
movl %ebp,28(%esp,%ecx,4)
jl .L007mull
jl .L008mull
movl %edx,%ebp
mull %edi
movl 20(%esp),%edi
@ -202,9 +210,9 @@ bn_mul_mont:
movl 4(%esi),%eax
adcl $0,%edx
incl %ecx
jmp .L0082ndmadd
jmp .L0092ndmadd
.align 16
.L0091stmadd:
.L0101stmadd:
movl %edx,%ebp
mull %edi
addl 32(%esp,%ecx,4),%ebp
@ -215,7 +223,7 @@ bn_mul_mont:
adcl $0,%edx
cmpl %ebx,%ecx
movl %ebp,28(%esp,%ecx,4)
jl .L0091stmadd
jl .L0101stmadd
movl %edx,%ebp
mull %edi
addl 32(%esp,%ebx,4),%eax
@ -238,7 +246,7 @@ bn_mul_mont:
adcl $0,%edx
movl $1,%ecx
.align 16
.L0082ndmadd:
.L0092ndmadd:
movl %edx,%ebp
mull %edi
addl 32(%esp,%ecx,4),%ebp
@ -249,7 +257,7 @@ bn_mul_mont:
adcl $0,%edx
cmpl %ebx,%ecx
movl %ebp,24(%esp,%ecx,4)
jl .L0082ndmadd
jl .L0092ndmadd
movl %edx,%ebp
mull %edi
addl 32(%esp,%ebx,4),%ebp
@ -265,16 +273,16 @@ bn_mul_mont:
movl %edx,32(%esp,%ebx,4)
cmpl 28(%esp),%ecx
movl %eax,36(%esp,%ebx,4)
je .L005common_tail
je .L006common_tail
movl (%ecx),%edi
movl 8(%esp),%esi
movl %ecx,12(%esp)
xorl %ecx,%ecx
xorl %edx,%edx
movl (%esi),%eax
jmp .L0091stmadd
jmp .L0101stmadd
.align 16
.L006bn_sqr_mont:
.L007bn_sqr_mont:
movl %ebx,(%esp)
movl %ecx,12(%esp)
movl %edi,%eax
@ -285,7 +293,7 @@ bn_mul_mont:
andl $1,%ebx
incl %ecx
.align 16
.L010sqr:
.L011sqr:
movl (%esi,%ecx,4),%eax
movl %edx,%ebp
mull %edi
@ -297,7 +305,7 @@ bn_mul_mont:
cmpl (%esp),%ecx
movl %eax,%ebx
movl %ebp,28(%esp,%ecx,4)
jl .L010sqr
jl .L011sqr
movl (%esi,%ecx,4),%eax
movl %edx,%ebp
mull %edi
@ -321,7 +329,7 @@ bn_mul_mont:
movl 4(%esi),%eax
movl $1,%ecx
.align 16
.L0113rdmadd:
.L0123rdmadd:
movl %edx,%ebp
mull %edi
addl 32(%esp,%ecx,4),%ebp
@ -340,7 +348,7 @@ bn_mul_mont:
adcl $0,%edx
cmpl %ebx,%ecx
movl %ebp,24(%esp,%ecx,4)
jl .L0113rdmadd
jl .L0123rdmadd
movl %edx,%ebp
mull %edi
addl 32(%esp,%ebx,4),%ebp
@ -356,7 +364,7 @@ bn_mul_mont:
movl %edx,32(%esp,%ebx,4)
cmpl %ebx,%ecx
movl %eax,36(%esp,%ebx,4)
je .L005common_tail
je .L006common_tail
movl 4(%esi,%ecx,4),%edi
leal 1(%ecx),%ecx
movl %edi,%eax
@ -368,12 +376,12 @@ bn_mul_mont:
xorl %ebp,%ebp
cmpl %ebx,%ecx
leal 1(%ecx),%ecx
je .L012sqrlast
je .L013sqrlast
movl %edx,%ebx
shrl $1,%edx
andl $1,%ebx
.align 16
.L013sqradd:
.L014sqradd:
movl (%esi,%ecx,4),%eax
movl %edx,%ebp
mull %edi
@ -389,13 +397,13 @@ bn_mul_mont:
cmpl (%esp),%ecx
movl %ebp,28(%esp,%ecx,4)
movl %eax,%ebx
jle .L013sqradd
jle .L014sqradd
movl %edx,%ebp
addl %edx,%edx
shrl $31,%ebp
addl %ebx,%edx
adcl $0,%ebp
.L012sqrlast:
.L013sqrlast:
movl 20(%esp),%edi
movl 16(%esp),%esi
imull 32(%esp),%edi
@ -410,9 +418,9 @@ bn_mul_mont:
adcl $0,%edx
movl $1,%ecx
movl 4(%esi),%eax
jmp .L0113rdmadd
jmp .L0123rdmadd
.align 16
.L005common_tail:
.L006common_tail:
movl 16(%esp),%ebp
movl 4(%esp),%edi
leal 32(%esp),%esi
@ -420,13 +428,13 @@ bn_mul_mont:
movl %ebx,%ecx
xorl %edx,%edx
.align 16
.L014sub:
.L015sub:
sbbl (%ebp,%edx,4),%eax
movl %eax,(%edi,%edx,4)
decl %ecx
movl 4(%esi,%edx,4),%eax
leal 1(%edx),%edx
jge .L014sub
jge .L015sub
sbbl $0,%eax
andl %eax,%esi
notl %eax
@ -434,12 +442,12 @@ bn_mul_mont:
andl %eax,%ebp
orl %ebp,%esi
.align 16
.L015copy:
.L016copy:
movl (%esi,%ebx,4),%eax
movl %eax,(%edi,%ebx,4)
movl %ecx,32(%esp,%ebx,4)
decl %ebx
jge .L015copy
jge .L016copy
movl 24(%esp),%esp
movl $1,%eax
.L000just_leave:

2
secure/lib/libcrypto/man/ASN1_OBJECT_new.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_OBJECT_new 3"
.TH ASN1_OBJECT_new 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH ASN1_OBJECT_new 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/ASN1_STRING_length.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_length 3"
.TH ASN1_STRING_length 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH ASN1_STRING_length 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/ASN1_STRING_new.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_new 3"
.TH ASN1_STRING_new 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH ASN1_STRING_new 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/ASN1_STRING_print_ex.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_STRING_print_ex 3"
.TH ASN1_STRING_print_ex 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH ASN1_STRING_print_ex 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/ASN1_TIME_set.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_TIME_set 3"
.TH ASN1_TIME_set 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH ASN1_TIME_set 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/ASN1_generate_nconf.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "ASN1_generate_nconf 3"
.TH ASN1_generate_nconf 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH ASN1_generate_nconf 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_ctrl.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_ctrl 3"
.TH BIO_ctrl 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_ctrl 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_f_base64.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_base64 3"
.TH BIO_f_base64 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_f_base64 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_f_buffer.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_buffer 3"
.TH BIO_f_buffer 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_f_buffer 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_f_cipher.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_cipher 3"
.TH BIO_f_cipher 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_f_cipher 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_f_md.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_md 3"
.TH BIO_f_md 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_f_md 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_f_null.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_null 3"
.TH BIO_f_null 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_f_null 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_f_ssl.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_f_ssl 3"
.TH BIO_f_ssl 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_f_ssl 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_find_type.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_find_type 3"
.TH BIO_find_type 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_find_type 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_new.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_new 3"
.TH BIO_new 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_new 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_new_CMS.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_new_CMS 3"
.TH BIO_new_CMS 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_new_CMS 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_push.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_push 3"
.TH BIO_push 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_push 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_read.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_read 3"
.TH BIO_read 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_read 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_s_accept.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_accept 3"
.TH BIO_s_accept 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_s_accept 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_s_bio.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_bio 3"
.TH BIO_s_bio 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_s_bio 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_s_connect.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_connect 3"
.TH BIO_s_connect 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_s_connect 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

2
secure/lib/libcrypto/man/BIO_s_fd.3
View file

@ -133,7 +133,7 @@
.\" ========================================================================
.\"
.IX Title "BIO_s_fd 3"
.TH BIO_s_fd 3 "2016-03-01" "1.0.2g" "OpenSSL"
.TH BIO_s_fd 3 "2016-05-03" "1.0.2h" "OpenSSL"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l

Some files were not shown because too many files have changed in this diff Show more