moritzruth/void-packages
1
0
Fork 0
Code Releases Activity Actions 2
void-packages/srcpkgs/nodejs/patches/openssl-1.0.2.h.patch
Enno Boland be07c91012 nodejs: update openssl to 1.0.2h. 
fixes:

- CVE-2016-2108
- CVE-2016-2107
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
2016-05-04 08:07:49 +02:00

3418 lines
121 KiB
Diff
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Only in deps/openssl/openssl.old: .CHANGES.swp
diff -upr deps/openssl/openssl.old/CHANGES deps/openssl/openssl/CHANGES
--- deps/openssl/openssl.old/CHANGES 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/CHANGES 2016-05-03 15:46:41.000000000 +0200
@@ -2,6 +2,103 @@
OpenSSL CHANGES
_______________
+ Changes between 1.0.2g and 1.0.2h [3 May 2016]
+
+ *) Prevent padding oracle in AES-NI CBC MAC check
+
+ A MITM attacker can use a padding oracle attack to decrypt traffic
+ when the connection uses an AES CBC cipher and the server support
+ AES-NI.
+
+ This issue was introduced as part of the fix for Lucky 13 padding
+ attack (CVE-2013-0169). The padding check was rewritten to be in
+ constant time by making sure that always the same bytes are read and
+ compared against either the MAC or padding bytes. But it no longer
+ checked that there was enough data to have both the MAC and padding
+ bytes.
+
+ This issue was reported by Juraj Somorovsky using TLS-Attacker.
+ (CVE-2016-2107)
+ [Kurt Roeckx]
+
+ *) Fix EVP_EncodeUpdate overflow
+
+ An overflow can occur in the EVP_EncodeUpdate() function which is used for
+ Base64 encoding of binary data. If an attacker is able to supply very large
+ amounts of input data then a length check can overflow resulting in a heap
+ corruption.
+
+ Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by
+ the PEM_write_bio* family of functions. These are mainly used within the
+ OpenSSL command line applications, so any application which processes data
+ from an untrusted source and outputs it as a PEM file should be considered
+ vulnerable to this issue. User applications that call these APIs directly
+ with large amounts of untrusted data may also be vulnerable.
+
+ This issue was reported by Guido Vranken.
+ (CVE-2016-2105)
+ [Matt Caswell]
+
+ *) Fix EVP_EncryptUpdate overflow
+
+ An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
+ is able to supply very large amounts of input data after a previous call to
+ EVP_EncryptUpdate() with a partial block then a length check can overflow
+ resulting in a heap corruption. Following an analysis of all OpenSSL
+ internal usage of the EVP_EncryptUpdate() function all usage is one of two
+ forms. The first form is where the EVP_EncryptUpdate() call is known to be
+ the first called function after an EVP_EncryptInit(), and therefore that
+ specific call must be safe. The second form is where the length passed to
+ EVP_EncryptUpdate() can be seen from the code to be some small value and
+ therefore there is no possibility of an overflow. Since all instances are
+ one of these two forms, it is believed that there can be no overflows in
+ internal code due to this problem. It should be noted that
+ EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
+ Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
+ of these calls have also been analysed too and it is believed there are no
+ instances in internal usage where an overflow could occur.
+
+ This issue was reported by Guido Vranken.
+ (CVE-2016-2106)
+ [Matt Caswell]
+
+ *) Prevent ASN.1 BIO excessive memory allocation
+
+ When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
+ a short invalid encoding can casuse allocation of large amounts of memory
+ potentially consuming excessive resources or exhausting memory.
+
+ Any application parsing untrusted data through d2i BIO functions is
+ affected. The memory based functions such as d2i_X509() are *not* affected.
+ Since the memory based functions are used by the TLS library, TLS
+ applications are not affected.
+
+ This issue was reported by Brian Carpenter.
+ (CVE-2016-2109)
+ [Stephen Henson]
+
+ *) EBCDIC overread
+
+ ASN1 Strings that are over 1024 bytes can cause an overread in applications
+ using the X509_NAME_oneline() function on EBCDIC systems. This could result
+ in arbitrary stack data being returned in the buffer.
+
+ This issue was reported by Guido Vranken.
+ (CVE-2016-2176)
+ [Matt Caswell]
+
+ *) Modify behavior of ALPN to invoke callback after SNI/servername
+ callback, such that updates to the SSL_CTX affect ALPN.
+ [Todd Short]
+
+ *) Remove LOW from the DEFAULT cipher list. This removes singles DES from the
+ default.
+ [Kurt Roeckx]
+
+ *) Only remove the SSLv2 methods with the no-ssl2-method option. When the
+ methods are enabled and ssl2 is disabled the methods return NULL.
+ [Kurt Roeckx]
+
Changes between 1.0.2f and 1.0.2g [1 Mar 2016]
* Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
@@ -8572,7 +8669,7 @@ des-cbc 3624.96k 5258.21k
*) Source code cleanups: use const where appropriate, eliminate casts,
use void * instead of char * in lhash.
- [Ulf Möller]
+ [Ulf Möller]
*) Bugfix: ssl3_send_server_key_exchange was not restartable
(the state was not changed to SSL3_ST_SW_KEY_EXCH_B, and because of
Only in deps/openssl/openssl: Makefile
Only in deps/openssl/openssl: Makefile.bak
diff -upr deps/openssl/openssl.old/NEWS deps/openssl/openssl/NEWS
--- deps/openssl/openssl.old/NEWS 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/NEWS 2016-05-03 15:46:41.000000000 +0200
@@ -5,6 +5,19 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.0.2g and OpenSSL 1.0.2h [3 May 2016]
+
+ o Prevent padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
+ o Fix EVP_EncodeUpdate overflow (CVE-2016-2105)
+ o Fix EVP_EncryptUpdate overflow (CVE-2016-2106)
+ o Prevent ASN.1 BIO excessive memory allocation (CVE-2016-2109)
+ o EBCDIC overread (CVE-2016-2176)
+ o Modify behavior of ALPN to invoke callback after SNI/servername
+ callback, such that updates to the SSL_CTX affect ALPN.
+ o Remove LOW from the DEFAULT cipher list. This removes singles DES from
+ the default.
+ o Only remove the SSLv2 methods with the no-ssl2-method option.
+
Major changes between OpenSSL 1.0.2f and OpenSSL 1.0.2g [1 Mar 2016]
o Disable weak ciphers in SSLv3 and up in default builds of OpenSSL.
diff -upr deps/openssl/openssl.old/README deps/openssl/openssl/README
--- deps/openssl/openssl.old/README 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/README 2016-05-03 15:46:41.000000000 +0200
@@ -1,5 +1,5 @@
- OpenSSL 1.0.2g 1 Mar 2016
+ OpenSSL 1.0.2h 3 May 2016
Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Only in deps/openssl/openssl/apps: CA.pl
diff -upr deps/openssl/openssl.old/apps/app_rand.c deps/openssl/openssl/apps/app_rand.c
--- deps/openssl/openssl.old/apps/app_rand.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/apps/app_rand.c 2016-05-03 15:44:42.000000000 +0200
@@ -124,16 +124,7 @@ int app_RAND_load_file(const char *file,
char buffer[200];
#ifdef OPENSSL_SYS_WINDOWS
- /*
- * allocate 2 to dont_warn not to use RAND_screen() via
- * -no_rand_screen option in s_client
- */
- if (dont_warn != 2) {
- BIO_printf(bio_e, "Loading 'screen' into random state -");
- BIO_flush(bio_e);
- RAND_screen();
- BIO_printf(bio_e, " done\n");
- }
+ RAND_screen();
#endif
if (file == NULL)
diff -upr deps/openssl/openssl.old/apps/pkcs7.c deps/openssl/openssl/apps/pkcs7.c
--- deps/openssl/openssl.old/apps/pkcs7.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/apps/pkcs7.c 2016-05-03 15:44:42.000000000 +0200
@@ -235,12 +235,16 @@ int MAIN(int argc, char **argv)
i = OBJ_obj2nid(p7->type);
switch (i) {
case NID_pkcs7_signed:
- certs = p7->d.sign->cert;
- crls = p7->d.sign->crl;
+ if (p7->d.sign != NULL) {
+ certs = p7->d.sign->cert;
+ crls = p7->d.sign->crl;
+ }
break;
case NID_pkcs7_signedAndEnveloped:
- certs = p7->d.signed_and_enveloped->cert;
- crls = p7->d.signed_and_enveloped->crl;
+ if (p7->d.signed_and_enveloped != NULL) {
+ certs = p7->d.signed_and_enveloped->cert;
+ crls = p7->d.signed_and_enveloped->crl;
+ }
break;
default:
break;
diff -upr deps/openssl/openssl.old/apps/pkeyutl.c deps/openssl/openssl/apps/pkeyutl.c
--- deps/openssl/openssl.old/apps/pkeyutl.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/apps/pkeyutl.c 2016-05-03 15:44:42.000000000 +0200
@@ -446,14 +446,14 @@ static EVP_PKEY_CTX *init_ctx(int *pkeys
if (!pkey)
goto end;
-
+
#ifndef OPENSSL_NO_ENGINE
if (engine_impl)
impl = e;
#endif
-
+
ctx = EVP_PKEY_CTX_new(pkey, impl);
-
+
EVP_PKEY_free(pkey);
if (!ctx)
diff -upr deps/openssl/openssl.old/apps/s_client.c deps/openssl/openssl/apps/s_client.c
--- deps/openssl/openssl.old/apps/s_client.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/apps/s_client.c 2016-05-03 15:44:42.000000000 +0200
@@ -180,13 +180,6 @@ typedef unsigned int u_int;
# include <fcntl.h>
#endif
-/* Use Windows API with STD_INPUT_HANDLE when checking for input?
- Don't look at OPENSSL_SYS_MSDOS for this, since it is always defined if
- OPENSSL_SYS_WINDOWS is defined */
-#if defined(OPENSSL_SYS_WINDOWS) && !defined(OPENSSL_SYS_WINCE) && defined(STD_INPUT_HANDLE)
-#define OPENSSL_USE_STD_INPUT_HANDLE
-#endif
-
#undef PROG
#define PROG s_client_main
@@ -236,7 +229,6 @@ static BIO *bio_c_msg = NULL;
static int c_quiet = 0;
static int c_ign_eof = 0;
static int c_brief = 0;
-static int c_no_rand_screen = 0;
#ifndef OPENSSL_NO_PSK
/* Default PSK identity and key */
@@ -455,10 +447,6 @@ static void sc_usage(void)
" -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err,
" -keymatexportlen len - Export len bytes of keying material (default 20)\n");
-#ifdef OPENSSL_SYS_WINDOWS
- BIO_printf(bio_err,
- " -no_rand_screen - Do not use RAND_screen() to initialize random state\n");
-#endif
}
#ifndef OPENSSL_NO_TLSEXT
@@ -1138,10 +1126,6 @@ int MAIN(int argc, char **argv)
keymatexportlen = atoi(*(++argv));
if (keymatexportlen == 0)
goto bad;
-#ifdef OPENSSL_SYS_WINDOWS
- } else if (strcmp(*argv, "-no_rand_screen") == 0) {
- c_no_rand_screen = 1;
-#endif
} else {
BIO_printf(bio_err, "unknown option %s\n", *argv);
badop = 1;
@@ -1247,7 +1231,7 @@ int MAIN(int argc, char **argv)
if (!load_excert(&exc, bio_err))
goto end;
- if (!app_RAND_load_file(NULL, bio_err, ++c_no_rand_screen) && inrand == NULL
+ if (!app_RAND_load_file(NULL, bio_err, 1) && inrand == NULL
&& !RAND_status()) {
BIO_printf(bio_err,
"warning, not much extra random data, consider using the -rand option\n");
@@ -1780,7 +1764,10 @@ int MAIN(int argc, char **argv)
tv.tv_usec = 0;
i = select(width, (void *)&readfds, (void *)&writefds,
NULL, &tv);
-#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
+# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+ if (!i && (!_kbhit() || !read_tty))
+ continue;
+# else
if (!i && (!((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle
@@ -1788,8 +1775,6 @@ int MAIN(int argc, char **argv)
0)))
|| !read_tty))
continue;
-#else
- if(!i && (!_kbhit() || !read_tty) ) continue;
# endif
} else
i = select(width, (void *)&readfds, (void *)&writefds,
@@ -1991,12 +1976,12 @@ int MAIN(int argc, char **argv)
}
}
#if defined(OPENSSL_SYS_WINDOWS) || defined(OPENSSL_SYS_MSDOS)
-#if defined(OPENSSL_USE_STD_INPUT_HANDLE)
+# if defined(OPENSSL_SYS_WINCE) || defined(OPENSSL_SYS_MSDOS)
+ else if (_kbhit())
+# else
else if ((_kbhit())
|| (WAIT_OBJECT_0 ==
WaitForSingleObject(GetStdHandle(STD_INPUT_HANDLE), 0)))
-#else
- else if (_kbhit())
# endif
#elif defined (OPENSSL_SYS_NETWARE)
else if (_kbhit())
diff -upr deps/openssl/openssl.old/crypto/aes/asm/aes-ppc.pl deps/openssl/openssl/crypto/aes/asm/aes-ppc.pl
--- deps/openssl/openssl.old/crypto/aes/asm/aes-ppc.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/aes/asm/aes-ppc.pl 2016-05-03 15:38:19.000000000 +0200
@@ -590,7 +590,7 @@ Lenc_loop:
xor $s2,$t2,$acc14
xor $s3,$t3,$acc15
addi $key,$key,16
- bdnz- Lenc_loop
+ bdnz Lenc_loop
addi $Tbl2,$Tbl0,2048
nop
@@ -1068,7 +1068,7 @@ Ldec_loop:
xor $s2,$t2,$acc14
xor $s3,$t3,$acc15
addi $key,$key,16
- bdnz- Ldec_loop
+ bdnz Ldec_loop
addi $Tbl2,$Tbl0,2048
nop
diff -upr deps/openssl/openssl.old/crypto/aes/asm/aes-s390x.pl deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
--- deps/openssl/openssl.old/crypto/aes/asm/aes-s390x.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl 2016-05-03 15:44:42.000000000 +0200
@@ -818,13 +818,9 @@ $code.=<<___ if (!$softonly);
tmhl %r0,0x4000 # check for message-security assist
jz .Lekey_internal
- lghi %r0,0 # query capability vector
- la %r1,16($sp)
- .long 0xb92f0042 # kmc %r4,%r2
-
- llihh %r1,0x8000
- srlg %r1,%r1,0(%r5)
- ng %r1,16($sp)
+ llihh %r0,0x8000
+ srlg %r0,%r0,0(%r5)
+ ng %r0,48(%r1) # check kmc capability vector
jz .Lekey_internal
lmg %r0,%r1,0($inp) # just copy 128 bits...
@@ -1444,13 +1440,10 @@ $code.=<<___ if (0); ######### kmctr cod
llgfr $s0,%r0
lgr $s1,%r1
- lghi %r0,0
- la %r1,16($sp)
- .long 0xb92d2042 # kmctr %r4,%r2,%r2
-
+ larl %r1,OPENSSL_s390xcap_P
llihh %r0,0x8000 # check if kmctr supports the function code
srlg %r0,%r0,0($s0)
- ng %r0,16($sp)
+ ng %r0,64(%r1) # check kmctr capability vector
lgr %r0,$s0
lgr %r1,$s1
jz .Lctr32_km_loop
@@ -1597,12 +1590,10 @@ $code.=<<___ if(1);
llgfr $s0,%r0 # put aside the function code
lghi $s1,0x7f
nr $s1,%r0
- lghi %r0,0 # query capability vector
- la %r1,$tweak-16($sp)
- .long 0xb92e0042 # km %r4,%r2
- llihh %r1,0x8000
- srlg %r1,%r1,32($s1) # check for 32+function code
- ng %r1,$tweak-16($sp)
+ larl %r1,OPENSSL_s390xcap_P
+ llihh %r0,0x8000
+ srlg %r0,%r0,32($s1) # check for 32+function code
+ ng %r0,32(%r1) # check km capability vector
lgr %r0,$s0 # restore the function code
la %r1,0($key1) # restore $key1
jz .Lxts_km_vanilla
@@ -2229,7 +2220,7 @@ ___
}
$code.=<<___;
.string "AES for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm OPENSSL_s390xcap_P,16,8
+.comm OPENSSL_s390xcap_P,80,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff -upr deps/openssl/openssl.old/crypto/asn1/a_bytes.c deps/openssl/openssl/crypto/asn1/a_bytes.c
--- deps/openssl/openssl.old/crypto/asn1/a_bytes.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/a_bytes.c 2016-05-03 15:44:42.000000000 +0200
@@ -200,13 +200,13 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING
} else {
if (len != 0) {
if ((ret->length < len) || (ret->data == NULL)) {
- if (ret->data != NULL)
- OPENSSL_free(ret->data);
s = (unsigned char *)OPENSSL_malloc((int)len + 1);
if (s == NULL) {
i = ERR_R_MALLOC_FAILURE;
goto err;
}
+ if (ret->data != NULL)
+ OPENSSL_free(ret->data);
} else
s = ret->data;
memcpy(s, p, (int)len);
diff -upr deps/openssl/openssl.old/crypto/asn1/a_d2i_fp.c deps/openssl/openssl/crypto/asn1/a_d2i_fp.c
--- deps/openssl/openssl.old/crypto/asn1/a_d2i_fp.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/a_d2i_fp.c 2016-05-03 15:44:42.000000000 +0200
@@ -141,6 +141,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *
#endif
#define HEADER_SIZE 8
+#define ASN1_CHUNK_INITIAL_SIZE (16 * 1024)
static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
{
BUF_MEM *b;
@@ -217,29 +218,44 @@ static int asn1_d2i_read_bio(BIO *in, BU
/* suck in c.slen bytes of data */
want = c.slen;
if (want > (len - off)) {
+ size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE;
+
want -= (len - off);
if (want > INT_MAX /* BIO_read takes an int length */ ||
len + want < len) {
ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
goto err;
}
- if (!BUF_MEM_grow_clean(b, len + want)) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
- goto err;
- }
while (want > 0) {
- i = BIO_read(in, &(b->data[len]), want);
- if (i <= 0) {
- ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
- ASN1_R_NOT_ENOUGH_DATA);
+ /*
+ * Read content in chunks of increasing size
+ * so we can return an error for EOF without
+ * having to allocate the entire content length
+ * in one go.
+ */
+ size_t chunk = want > chunk_max ? chunk_max : want;
+
+ if (!BUF_MEM_grow_clean(b, len + chunk)) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
goto err;
}
+ want -= chunk;
+ while (chunk > 0) {
+ i = BIO_read(in, &(b->data[len]), chunk);
+ if (i <= 0) {
+ ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
+ ASN1_R_NOT_ENOUGH_DATA);
+ goto err;
+ }
/*
* This can't overflow because |len+want| didn't
* overflow.
*/
- len += i;
- want -= i;
+ len += i;
+ chunk -= i;
+ }
+ if (chunk_max < INT_MAX/2)
+ chunk_max *= 2;
}
}
if (off + c.slen < off) {
diff -upr deps/openssl/openssl.old/crypto/asn1/a_type.c deps/openssl/openssl/crypto/asn1/a_type.c
--- deps/openssl/openssl.old/crypto/asn1/a_type.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/a_type.c 2016-05-03 15:44:47.000000000 +0200
@@ -126,9 +126,7 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, co
result = 0; /* They do not have content. */
break;
case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
case V_ASN1_BIT_STRING:
case V_ASN1_OCTET_STRING:
case V_ASN1_SEQUENCE:
diff -upr deps/openssl/openssl.old/crypto/asn1/asn1_lib.c deps/openssl/openssl/crypto/asn1/asn1_lib.c
--- deps/openssl/openssl.old/crypto/asn1/asn1_lib.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/asn1_lib.c 2016-05-03 15:44:42.000000000 +0200
@@ -63,7 +63,7 @@
#include <openssl/asn1_mac.h>
static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
- int max);
+ long max);
static void asn1_put_length(unsigned char **pp, int length);
const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT;
@@ -131,7 +131,7 @@ int ASN1_get_object(const unsigned char
}
*ptag = tag;
*pclass = xclass;
- if (!asn1_get_length(&p, &inf, plength, (int)max))
+ if (!asn1_get_length(&p, &inf, plength, max))
goto err;
if (inf && !(ret & V_ASN1_CONSTRUCTED))
@@ -159,14 +159,14 @@ int ASN1_get_object(const unsigned char
}
static int asn1_get_length(const unsigned char **pp, int *inf, long *rl,
- int max)
+ long max)
{
const unsigned char *p = *pp;
unsigned long ret = 0;
- unsigned int i;
+ unsigned long i;
if (max-- < 1)
- return (0);
+ return 0;
if (*p == 0x80) {
*inf = 1;
ret = 0;
@@ -175,15 +175,11 @@ static int asn1_get_length(const unsigne
*inf = 0;
i = *p & 0x7f;
if (*(p++) & 0x80) {
- if (i > sizeof(long))
+ if (i > sizeof(ret) || max < (long)i)
return 0;
- if (max-- == 0)
- return (0);
while (i-- > 0) {
ret <<= 8L;
ret |= *(p++);
- if (max-- == 0)
- return (0);
}
} else
ret = i;
@@ -192,7 +188,7 @@ static int asn1_get_length(const unsigne
return 0;
*pp = p;
*rl = (long)ret;
- return (1);
+ return 1;
}
/*
diff -upr deps/openssl/openssl.old/crypto/asn1/asn1_par.c deps/openssl/openssl/crypto/asn1/asn1_par.c
--- deps/openssl/openssl.old/crypto/asn1/asn1_par.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/asn1_par.c 2016-05-03 15:44:42.000000000 +0200
@@ -173,6 +173,8 @@ static int asn1_parse2(BIO *bp, const un
if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
goto end;
if (j & V_ASN1_CONSTRUCTED) {
+ const unsigned char *sp;
+
ep = p + len;
if (BIO_write(bp, "\n", 1) <= 0)
goto end;
@@ -182,6 +184,7 @@ static int asn1_parse2(BIO *bp, const un
goto end;
}
if ((j == 0x21) && (len == 0)) {
+ sp = p;
for (;;) {
r = asn1_parse2(bp, &p, (long)(tot - p),
offset + (p - *pp), depth + 1,
@@ -190,19 +193,25 @@ static int asn1_parse2(BIO *bp, const un
ret = 0;
goto end;
}
- if ((r == 2) || (p >= tot))
+ if ((r == 2) || (p >= tot)) {
+ len = p - sp;
break;
+ }
}
- } else
+ } else {
+ long tmp = len;
+
while (p < ep) {
- r = asn1_parse2(bp, &p, (long)len,
- offset + (p - *pp), depth + 1,
+ sp = p;
+ r = asn1_parse2(bp, &p, tmp, offset + (p - *pp), depth + 1,
indent, dump);
if (r == 0) {
ret = 0;
goto end;
}
+ tmp -= p - sp;
}
+ }
} else if (xclass != 0) {
p += len;
if (BIO_write(bp, "\n", 1) <= 0)
diff -upr deps/openssl/openssl.old/crypto/asn1/t_x509.c deps/openssl/openssl/crypto/asn1/t_x509.c
--- deps/openssl/openssl.old/crypto/asn1/t_x509.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/t_x509.c 2016-05-03 15:44:42.000000000 +0200
@@ -140,7 +140,8 @@ int X509_print_ex(BIO *bp, X509 *x, unsi
goto err;
bs = X509_get_serialNumber(x);
- if (bs->length <= (int)sizeof(long)) {
+ if (bs->length < (int)sizeof(long)
+ || (bs->length == sizeof(long) && (bs->data[0] & 0x80) == 0)) {
l = ASN1_INTEGER_get(bs);
if (bs->type == V_ASN1_NEG_INTEGER) {
l = -l;
diff -upr deps/openssl/openssl.old/crypto/asn1/tasn_dec.c deps/openssl/openssl/crypto/asn1/tasn_dec.c
--- deps/openssl/openssl.old/crypto/asn1/tasn_dec.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/tasn_dec.c 2016-05-03 15:44:47.000000000 +0200
@@ -901,9 +901,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const
break;
case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
tint = (ASN1_INTEGER **)pval;
if (!c2i_ASN1_INTEGER(tint, &cont, len))
goto err;
diff -upr deps/openssl/openssl.old/crypto/asn1/tasn_enc.c deps/openssl/openssl/crypto/asn1/tasn_enc.c
--- deps/openssl/openssl.old/crypto/asn1/tasn_enc.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/tasn_enc.c 2016-05-03 15:44:47.000000000 +0200
@@ -611,9 +611,7 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsig
break;
case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
/*
* These are all have the same content format as ASN1_INTEGER
*/
diff -upr deps/openssl/openssl.old/crypto/asn1/x_name.c deps/openssl/openssl/crypto/asn1/x_name.c
--- deps/openssl/openssl.old/crypto/asn1/x_name.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/x_name.c 2016-05-03 15:44:42.000000000 +0200
@@ -66,6 +66,13 @@
typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
+/*
+ * Maximum length of X509_NAME: much larger than anything we should
+ * ever see in practice.
+ */
+
+#define X509_NAME_MAX (1024 * 1024)
+
static int x509_name_ex_d2i(ASN1_VALUE **val,
const unsigned char **in, long len,
const ASN1_ITEM *it,
@@ -192,6 +199,10 @@ static int x509_name_ex_d2i(ASN1_VALUE *
int i, j, ret;
STACK_OF(X509_NAME_ENTRY) *entries;
X509_NAME_ENTRY *entry;
+ if (len > X509_NAME_MAX) {
+ ASN1err(ASN1_F_X509_NAME_EX_D2I, ASN1_R_TOO_LONG);
+ return 0;
+ }
q = p;
/* Get internal representation of Name */
diff -upr deps/openssl/openssl.old/crypto/asn1/x_x509.c deps/openssl/openssl/crypto/asn1/x_x509.c
--- deps/openssl/openssl.old/crypto/asn1/x_x509.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/asn1/x_x509.c 2016-05-03 15:44:42.000000000 +0200
@@ -201,10 +201,20 @@ X509 *d2i_X509_AUX(X509 **a, const unsig
int i2d_X509_AUX(X509 *a, unsigned char **pp)
{
- int length;
+ int length, tmplen;
+ unsigned char *start = pp != NULL ? *pp : NULL;
length = i2d_X509(a, pp);
- if (a)
- length += i2d_X509_CERT_AUX(a->aux, pp);
+ if (length < 0 || a == NULL)
+ return length;
+
+ tmplen = i2d_X509_CERT_AUX(a->aux, pp);
+ if (tmplen < 0) {
+ if (start != NULL)
+ *pp = start;
+ return tmplen;
+ }
+ length += tmplen;
+
return length;
}
diff -upr deps/openssl/openssl.old/crypto/bn/asm/ppc-mont.pl deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl
--- deps/openssl/openssl.old/crypto/bn/asm/ppc-mont.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/bn/asm/ppc-mont.pl 2016-05-03 15:38:19.000000000 +0200
@@ -191,7 +191,7 @@ L1st:
addi $j,$j,$BNSZ ; j++
addi $tp,$tp,$BNSZ ; tp++
- bdnz- L1st
+ bdnz L1st
;L1st
addc $lo0,$alo,$hi0
addze $hi0,$ahi
@@ -253,7 +253,7 @@ Linner:
addze $hi1,$hi1
$ST $lo1,0($tp) ; tp[j-1]
addi $tp,$tp,$BNSZ ; tp++
- bdnz- Linner
+ bdnz Linner
;Linner
$LD $tj,$BNSZ($tp) ; tp[j]
addc $lo0,$alo,$hi0
@@ -276,7 +276,7 @@ Linner:
slwi $tj,$num,`log($BNSZ)/log(2)`
$UCMP $i,$tj
addi $i,$i,$BNSZ
- ble- Louter
+ ble Louter
addi $num,$num,2 ; restore $num
subfc $j,$j,$j ; j=0 and "clear" XER[CA]
@@ -289,7 +289,7 @@ Lsub: $LDX $tj,$tp,$j
subfe $aj,$nj,$tj ; tp[j]-np[j]
$STX $aj,$rp,$j
addi $j,$j,$BNSZ
- bdnz- Lsub
+ bdnz Lsub
li $j,0
mtctr $num
@@ -304,7 +304,7 @@ Lcopy: ; copy or in-place refresh
$STX $tj,$rp,$j
$STX $j,$tp,$j ; zap at once
addi $j,$j,$BNSZ
- bdnz- Lcopy
+ bdnz Lcopy
$POP $tj,0($sp)
li r3,1
diff -upr deps/openssl/openssl.old/crypto/bn/asm/ppc.pl deps/openssl/openssl/crypto/bn/asm/ppc.pl
--- deps/openssl/openssl.old/crypto/bn/asm/ppc.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/bn/asm/ppc.pl 2016-05-03 15:44:42.000000000 +0200
@@ -1556,7 +1556,7 @@ Lppcasm_sub_mainloop:
# if carry = 1 this is r7-r8. Else it
# is r7-r8 -1 as we need.
$STU r6,$BNSZ(r3)
- bdnz- Lppcasm_sub_mainloop
+ bdnz Lppcasm_sub_mainloop
Lppcasm_sub_adios:
subfze r3,r0 # if carry bit is set then r3 = 0 else -1
andi. r3,r3,1 # keep only last bit.
@@ -1603,7 +1603,7 @@ Lppcasm_add_mainloop:
$LDU r8,$BNSZ(r5)
adde r8,r7,r8
$STU r8,$BNSZ(r3)
- bdnz- Lppcasm_add_mainloop
+ bdnz Lppcasm_add_mainloop
Lppcasm_add_adios:
addze r3,r0 #return carry bit.
blr
@@ -1762,7 +1762,7 @@ Lppcasm_sqr_mainloop:
$UMULH r8,r6,r6
$STU r7,$BNSZ(r3)
$STU r8,$BNSZ(r3)
- bdnz- Lppcasm_sqr_mainloop
+ bdnz Lppcasm_sqr_mainloop
Lppcasm_sqr_adios:
blr
.long 0
@@ -1827,7 +1827,7 @@ Lppcasm_mw_LOOP:
addi r3,r3,`4*$BNSZ`
addi r4,r4,`4*$BNSZ`
- bdnz- Lppcasm_mw_LOOP
+ bdnz Lppcasm_mw_LOOP
Lppcasm_mw_REM:
andi. r5,r5,0x3
@@ -1951,7 +1951,7 @@ Lppcasm_maw_mainloop:
$ST r11,`3*$BNSZ`(r3)
addi r3,r3,`4*$BNSZ`
addi r4,r4,`4*$BNSZ`
- bdnz- Lppcasm_maw_mainloop
+ bdnz Lppcasm_maw_mainloop
Lppcasm_maw_leftover:
andi. r5,r5,0x3
diff -upr deps/openssl/openssl.old/crypto/bn/asm/ppc64-mont.pl deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl
--- deps/openssl/openssl.old/crypto/bn/asm/ppc64-mont.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/bn/asm/ppc64-mont.pl 2016-05-03 15:38:19.000000000 +0200
@@ -734,7 +734,7 @@ $code.=<<___;
___
}
$code.=<<___;
- bdnz- L1st
+ bdnz L1st
fctid $dota,$dota
fctid $dotb,$dotb
@@ -1280,7 +1280,7 @@ $code.=<<___;
___
}
$code.=<<___;
- bdnz- Linner
+ bdnz Linner
fctid $dota,$dota
fctid $dotb,$dotb
@@ -1490,7 +1490,7 @@ Lsub: ldx $t0,$tp,$i
stdx $t0,$rp,$i
stdx $t2,$t6,$i
addi $i,$i,16
- bdnz- Lsub
+ bdnz Lsub
li $i,0
subfe $ovf,$i,$ovf ; handle upmost overflow bit
@@ -1517,7 +1517,7 @@ Lcopy: ; copy or in-place refresh
stdx $i,$tp,$i ; zap tp at once
stdx $i,$t4,$i
addi $i,$i,16
- bdnz- Lcopy
+ bdnz Lcopy
___
$code.=<<___ if ($SIZE_T==4);
subf $np,$num,$np ; rewind np
@@ -1550,7 +1550,7 @@ Lsub: lwz $t0,12($tp) ; load tp[j..j+3]
stw $t5,8($rp)
stw $t6,12($rp)
stwu $t7,16($rp)
- bdnz- Lsub
+ bdnz Lsub
li $i,0
subfe $ovf,$i,$ovf ; handle upmost overflow bit
@@ -1582,7 +1582,7 @@ Lcopy: ; copy or in-place refresh
stwu $t3,16($rp)
std $i,8($tp) ; zap tp at once
stdu $i,16($tp)
- bdnz- Lcopy
+ bdnz Lcopy
___
$code.=<<___;
diff -upr deps/openssl/openssl.old/crypto/bn/asm/x86-mont.pl deps/openssl/openssl/crypto/bn/asm/x86-mont.pl
--- deps/openssl/openssl.old/crypto/bn/asm/x86-mont.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/bn/asm/x86-mont.pl 2016-05-03 15:44:42.000000000 +0200
@@ -85,6 +85,21 @@ $frame=32; # size of above frame roun
&and ("esp",-64); # align to cache line
+ # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # physical memory in strictly sequential manner, i.e. if stack
+ # allocation spans two pages, then reference to farmost one can
+ # be punishable by SEGV. But page walking can do good even on
+ # other OSes, because it guarantees that villain thread hits
+ # the guard page before it can make damage to innocent one...
+ &mov ("eax","ebp");
+ &sub ("eax","esp");
+ &and ("eax",-4096);
+&set_label("page_walk");
+ &mov ("edx",&DWP(0,"esp","eax"));
+ &sub ("eax",4096);
+ &data_byte(0x2e);
+ &jnc (&label("page_walk"));
+
################################# load argument block...
&mov ("eax",&DWP(0*4,"esi"));# BN_ULONG *rp
&mov ("ebx",&DWP(1*4,"esi"));# const BN_ULONG *ap
diff -upr deps/openssl/openssl.old/crypto/bn/asm/x86_64-mont.pl deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
--- deps/openssl/openssl.old/crypto/bn/asm/x86_64-mont.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl 2016-05-03 15:44:42.000000000 +0200
@@ -130,6 +130,20 @@ $code.=<<___;
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
+ # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # physical memory in strictly sequential manner, i.e. if stack
+ # allocation spans two pages, then reference to farmost one can
+ # be punishable by SEGV. But page walking can do good even on
+ # other OSes, because it guarantees that villain thread hits
+ # the guard page before it can make damage to innocent one...
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lmul_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x66,0x2e # predict non-taken
+ jnc .Lmul_page_walk
+
mov $bp,%r12 # reassign $bp
___
$bp="%r12";
@@ -342,6 +356,14 @@ $code.=<<___;
mov %r11,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul4x_body:
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lmul4x_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lmul4x_page_walk
+
mov $rp,16(%rsp,$num,8) # tp[num+2]=$rp
mov %rdx,%r12 # reassign $bp
___
@@ -795,6 +817,15 @@ bn_sqr8x_mont:
sub %r11,%rsp
.Lsqr8x_sp_done:
and \$-64,%rsp
+ mov %rax,%r11
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lsqr8x_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lsqr8x_page_walk
+
mov $num,%r10
neg $num
@@ -932,8 +963,17 @@ bn_mulx4x_mont:
sub $num,%r10 # -$num
mov ($n0),$n0 # *n0
lea -72(%rsp,%r10),%rsp # alloca(frame+$num+8)
- lea ($bp,$num),%r10
and \$-128,%rsp
+ mov %rax,%r11
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lmulx4x_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x66,0x2e # predict non-taken
+ jnc .Lmulx4x_page_walk
+
+ lea ($bp,$num),%r10
##############################################################
# Stack layout
# +0 num
diff -upr deps/openssl/openssl.old/crypto/bn/asm/x86_64-mont5.pl deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl
--- deps/openssl/openssl.old/crypto/bn/asm/x86_64-mont5.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl 2016-05-03 15:44:42.000000000 +0200
@@ -115,6 +115,20 @@ $code.=<<___;
mov %rax,8(%rsp,$num,8) # tp[num+1]=%rsp
.Lmul_body:
+ # Some OSes, *cough*-dows, insist on stack being "wired" to
+ # physical memory in strictly sequential manner, i.e. if stack
+ # allocation spans two pages, then reference to farmost one can
+ # be punishable by SEGV. But page walking can do good even on
+ # other OSes, because it guarantees that villain thread hits
+ # the guard page before it can make damage to innocent one...
+ sub %rsp,%rax
+ and \$-4096,%rax
+.Lmul_page_walk:
+ mov (%rsp,%rax),%r11
+ sub \$4096,%rax
+ .byte 0x2e # predict non-taken
+ jnc .Lmul_page_walk
+
lea 128($bp),%r12 # reassign $bp (+size optimization)
___
$bp="%r12";
@@ -469,6 +483,15 @@ $code.=<<___;
sub %r11,%rsp
.Lmul4xsp_done:
and \$-64,%rsp
+ mov %rax,%r11
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lmul4x_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lmul4x_page_walk
+
neg $num
mov %rax,40(%rsp)
@@ -1058,6 +1081,15 @@ $code.=<<___;
sub %r11,%rsp
.Lpwr_sp_done:
and \$-64,%rsp
+ mov %rax,%r11
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lpwr_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lpwr_page_walk
+
mov $num,%r10
neg $num
@@ -2028,7 +2060,16 @@ bn_from_mont8x:
sub %r11,%rsp
.Lfrom_sp_done:
and \$-64,%rsp
- mov $num,%r10
+ mov %rax,%r11
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lfrom_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lfrom_page_walk
+
+ mov $num,%r10
neg $num
##############################################################
@@ -2173,6 +2214,15 @@ bn_mulx4x_mont_gather5:
sub %r11,%rsp
.Lmulx4xsp_done:
and \$-64,%rsp # ensure alignment
+ mov %rax,%r11
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lmulx4x_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lmulx4x_page_walk
+
##############################################################
# Stack layout
# +0 -num
@@ -2619,6 +2669,15 @@ bn_powerx5:
sub %r11,%rsp
.Lpwrx_sp_done:
and \$-64,%rsp
+ mov %rax,%r11
+ sub %rsp,%r11
+ and \$-4096,%r11
+.Lpwrx_page_walk:
+ mov (%rsp,%r11),%r10
+ sub \$4096,%r11
+ .byte 0x2e # predict non-taken
+ jnc .Lpwrx_page_walk
+
mov $num,%r10
neg $num
diff -upr deps/openssl/openssl.old/crypto/comp/comp.h deps/openssl/openssl/crypto/comp/comp.h
--- deps/openssl/openssl.old/crypto/comp/comp.h 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/comp/comp.h 2016-05-03 15:44:42.000000000 +0200
@@ -4,6 +4,10 @@
# include <openssl/crypto.h>
+# ifdef OPENSSL_NO_COMP
+# error COMP is disabled.
+# endif
+
#ifdef __cplusplus
extern "C" {
#endif
Only in deps/openssl/openssl/crypto/des: t
diff -upr deps/openssl/openssl.old/crypto/evp/Makefile deps/openssl/openssl/crypto/evp/Makefile
--- deps/openssl/openssl.old/crypto/evp/Makefile 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/evp/Makefile 2016-05-03 15:46:33.000000000 +0200
@@ -199,8 +199,8 @@ e_aes.o: ../../include/openssl/opensslv.
e_aes.o: ../../include/openssl/rand.h ../../include/openssl/safestack.h
e_aes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
e_aes.o: ../modes/modes_lcl.h e_aes.c evp_locl.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/bio.h
+e_aes_cbc_hmac_sha1.o: ../../e_os.h ../../include/openssl/aes.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/crypto.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/e_os2.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/evp.h
@@ -214,9 +214,9 @@ e_aes_cbc_hmac_sha1.o: ../../include/ope
e_aes_cbc_hmac_sha1.o: ../../include/openssl/safestack.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/sha.h
e_aes_cbc_hmac_sha1.o: ../../include/openssl/stack.h
-e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
-e_aes_cbc_hmac_sha1.o: e_aes_cbc_hmac_sha1.c
-e_aes_cbc_hmac_sha256.o: ../../include/openssl/aes.h
+e_aes_cbc_hmac_sha1.o: ../../include/openssl/symhacks.h ../constant_time_locl.h
+e_aes_cbc_hmac_sha1.o: ../modes/modes_lcl.h e_aes_cbc_hmac_sha1.c
+e_aes_cbc_hmac_sha256.o: ../../e_os.h ../../include/openssl/aes.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/asn1.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/bio.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/crypto.h
@@ -232,7 +232,8 @@ e_aes_cbc_hmac_sha256.o: ../../include/o
e_aes_cbc_hmac_sha256.o: ../../include/openssl/safestack.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/sha.h
e_aes_cbc_hmac_sha256.o: ../../include/openssl/stack.h
-e_aes_cbc_hmac_sha256.o: ../../include/openssl/symhacks.h ../modes/modes_lcl.h
+e_aes_cbc_hmac_sha256.o: ../../include/openssl/symhacks.h
+e_aes_cbc_hmac_sha256.o: ../constant_time_locl.h ../modes/modes_lcl.h
e_aes_cbc_hmac_sha256.o: e_aes_cbc_hmac_sha256.c
e_bf.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
e_bf.o: ../../include/openssl/blowfish.h ../../include/openssl/buffer.h
diff -upr deps/openssl/openssl.old/crypto/evp/digest.c deps/openssl/openssl/crypto/evp/digest.c
--- deps/openssl/openssl.old/crypto/evp/digest.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/evp/digest.c 2016-05-03 15:44:42.000000000 +0200
@@ -212,8 +212,10 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
}
#endif
if (ctx->digest != type) {
- if (ctx->digest && ctx->digest->ctx_size)
+ if (ctx->digest && ctx->digest->ctx_size) {
OPENSSL_free(ctx->md_data);
+ ctx->md_data = NULL;
+ }
ctx->digest = type;
if (!(ctx->flags & EVP_MD_CTX_FLAG_NO_INIT) && type->ctx_size) {
ctx->update = type->update;
diff -upr deps/openssl/openssl.old/crypto/evp/e_aes_cbc_hmac_sha1.c deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c
--- deps/openssl/openssl.old/crypto/evp/e_aes_cbc_hmac_sha1.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c 2016-05-03 15:44:47.000000000 +0200
@@ -60,6 +60,7 @@
# include <openssl/sha.h>
# include <openssl/rand.h>
# include "modes_lcl.h"
+# include "constant_time_locl.h"
# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
@@ -578,6 +579,8 @@ static int aesni_cbc_hmac_sha1_cipher(EV
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
+ ret &= constant_time_ge(maxpad, pad);
+
inp_len = len - (SHA_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
inp_len &= mask;
diff -upr deps/openssl/openssl.old/crypto/evp/e_aes_cbc_hmac_sha256.c deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c
--- deps/openssl/openssl.old/crypto/evp/e_aes_cbc_hmac_sha256.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha256.c 2016-05-03 15:44:47.000000000 +0200
@@ -60,6 +60,7 @@
# include <openssl/sha.h>
# include <openssl/rand.h>
# include "modes_lcl.h"
+# include "constant_time_locl.h"
# ifndef EVP_CIPH_FLAG_AEAD_CIPHER
# define EVP_CIPH_FLAG_AEAD_CIPHER 0x200000
@@ -589,6 +590,8 @@ static int aesni_cbc_hmac_sha256_cipher(
maxpad |= (255 - maxpad) >> (sizeof(maxpad) * 8 - 8);
maxpad &= 255;
+ ret &= constant_time_ge(maxpad, pad);
+
inp_len = len - (SHA256_DIGEST_LENGTH + pad + 1);
mask = (0 - ((inp_len - len) >> (sizeof(inp_len) * 8 - 1)));
inp_len &= mask;
diff -upr deps/openssl/openssl.old/crypto/evp/encode.c deps/openssl/openssl/crypto/evp/encode.c
--- deps/openssl/openssl.old/crypto/evp/encode.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/evp/encode.c 2016-05-03 15:44:42.000000000 +0200
@@ -57,6 +57,7 @@
*/
#include <stdio.h>
+#include <limits.h>
#include "cryptlib.h"
#include <openssl/evp.h>
@@ -151,13 +152,13 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct
const unsigned char *in, int inl)
{
int i, j;
- unsigned int total = 0;
+ size_t total = 0;
*outl = 0;
if (inl <= 0)
return;
OPENSSL_assert(ctx->length <= (int)sizeof(ctx->enc_data));
- if ((ctx->num + inl) < ctx->length) {
+ if (ctx->length - ctx->num > inl) {
memcpy(&(ctx->enc_data[ctx->num]), in, inl);
ctx->num += inl;
return;
@@ -174,7 +175,7 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct
*out = '\0';
total = j + 1;
}
- while (inl >= ctx->length) {
+ while (inl >= ctx->length && total <= INT_MAX) {
j = EVP_EncodeBlock(out, in, ctx->length);
in += ctx->length;
inl -= ctx->length;
@@ -183,6 +184,11 @@ void EVP_EncodeUpdate(EVP_ENCODE_CTX *ct
*out = '\0';
total += j + 1;
}
+ if (total > INT_MAX) {
+ /* Too much output data! */
+ *outl = 0;
+ return;
+ }
if (inl != 0)
memcpy(&(ctx->enc_data[0]), in, inl);
ctx->num = inl;
diff -upr deps/openssl/openssl.old/crypto/evp/evp_enc.c deps/openssl/openssl/crypto/evp/evp_enc.c
--- deps/openssl/openssl.old/crypto/evp/evp_enc.c 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/evp/evp_enc.c 2016-05-03 15:44:42.000000000 +0200
@@ -347,7 +347,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ct
bl = ctx->cipher->block_size;
OPENSSL_assert(bl <= (int)sizeof(ctx->buf));
if (i != 0) {
- if (i + inl < bl) {
+ if (bl - i > inl) {
memcpy(&(ctx->buf[i]), in, inl);
ctx->buf_len += inl;
*outl = 0;
diff -upr deps/openssl/openssl.old/crypto/modes/asm/ghash-s390x.pl deps/openssl/openssl/crypto/modes/asm/ghash-s390x.pl
--- deps/openssl/openssl.old/crypto/modes/asm/ghash-s390x.pl 2016-04-26 21:50:09.000000000 +0200
+++ deps/openssl/openssl/crypto/modes/asm/ghash-s390x.pl 2016-05-03 15:44:42.000000000 +0200
@@ -85,9 +85,7 @@ $code.=<<___ if(!$softonly && 0); # hard
tmhl %r0,0x4000 # check for message-security-assist
jz .Lsoft_gmult
lghi %r0,0
- la %r1,16($sp)
- .long 0xb93e0004 # kimd %r0,%r4
- lg %r1,24($sp)
+ lg %r1,24(%r1) # load second word of kimd capabilities vector
tmhh %r1,0x4000 # check for function 65
jz .Lsoft_gmult
stg %r0,16($sp) # arrange 16 bytes of zero input
diff -upr deps/openssl/openssl.old/crypto/opensslconf.h deps/openssl/openssl/crypto/opensslconf.h
--- deps/openssl/openssl.old/crypto/opensslconf.h 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/opensslconf.h 2016-05-03 15:46:42.000000000 +0200
@@ -1 +1,265 @@
-#include "../../config/opensslconf.h"
+/* opensslconf.h */
+/* WARNING: Generated automatically from opensslconf.h.in by Configure. */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+/* OpenSSL was configured with the following options: */
+#ifndef OPENSSL_DOING_MAKEDEPEND
+
+
+#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
+# define OPENSSL_NO_EC_NISTP_64_GCC_128
+#endif
+#ifndef OPENSSL_NO_GMP
+# define OPENSSL_NO_GMP
+#endif
+#ifndef OPENSSL_NO_JPAKE
+# define OPENSSL_NO_JPAKE
+#endif
+#ifndef OPENSSL_NO_KRB5
+# define OPENSSL_NO_KRB5
+#endif
+#ifndef OPENSSL_NO_LIBUNBOUND
+# define OPENSSL_NO_LIBUNBOUND
+#endif
+#ifndef OPENSSL_NO_MD2
+# define OPENSSL_NO_MD2
+#endif
+#ifndef OPENSSL_NO_RC5
+# define OPENSSL_NO_RC5
+#endif
+#ifndef OPENSSL_NO_RFC3779
+# define OPENSSL_NO_RFC3779
+#endif
+#ifndef OPENSSL_NO_SCTP
+# define OPENSSL_NO_SCTP
+#endif
+#ifndef OPENSSL_NO_SSL_TRACE
+# define OPENSSL_NO_SSL_TRACE
+#endif
+#ifndef OPENSSL_NO_SSL2
+# define OPENSSL_NO_SSL2
+#endif
+#ifndef OPENSSL_NO_STORE
+# define OPENSSL_NO_STORE
+#endif
+#ifndef OPENSSL_NO_UNIT_TEST
+# define OPENSSL_NO_UNIT_TEST
+#endif
+#ifndef OPENSSL_NO_WEAK_SSL_CIPHERS
+# define OPENSSL_NO_WEAK_SSL_CIPHERS
+#endif
+
+#endif /* OPENSSL_DOING_MAKEDEPEND */
+
+#ifndef OPENSSL_NO_DYNAMIC_ENGINE
+# define OPENSSL_NO_DYNAMIC_ENGINE
+#endif
+
+/* The OPENSSL_NO_* macros are also defined as NO_* if the application
+ asks for it. This is a transient feature that is provided for those
+ who haven't had the time to do the appropriate changes in their
+ applications. */
+#ifdef OPENSSL_ALGORITHM_DEFINES
+# if defined(OPENSSL_NO_EC_NISTP_64_GCC_128) && !defined(NO_EC_NISTP_64_GCC_128)
+# define NO_EC_NISTP_64_GCC_128
+# endif
+# if defined(OPENSSL_NO_GMP) && !defined(NO_GMP)
+# define NO_GMP
+# endif
+# if defined(OPENSSL_NO_JPAKE) && !defined(NO_JPAKE)
+# define NO_JPAKE
+# endif
+# if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5)
+# define NO_KRB5
+# endif
+# if defined(OPENSSL_NO_LIBUNBOUND) && !defined(NO_LIBUNBOUND)
+# define NO_LIBUNBOUND
+# endif
+# if defined(OPENSSL_NO_MD2) && !defined(NO_MD2)
+# define NO_MD2
+# endif
+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5)
+# define NO_RC5
+# endif
+# if defined(OPENSSL_NO_RFC3779) && !defined(NO_RFC3779)
+# define NO_RFC3779
+# endif
+# if defined(OPENSSL_NO_SCTP) && !defined(NO_SCTP)
+# define NO_SCTP
+# endif
+# if defined(OPENSSL_NO_SSL_TRACE) && !defined(NO_SSL_TRACE)
+# define NO_SSL_TRACE
+# endif
+# if defined(OPENSSL_NO_SSL2) && !defined(NO_SSL2)
+# define NO_SSL2
+# endif
+# if defined(OPENSSL_NO_STORE) && !defined(NO_STORE)
+# define NO_STORE
+# endif
+# if defined(OPENSSL_NO_UNIT_TEST) && !defined(NO_UNIT_TEST)
+# define NO_UNIT_TEST
+# endif
+# if defined(OPENSSL_NO_WEAK_SSL_CIPHERS) && !defined(NO_WEAK_SSL_CIPHERS)
+# define NO_WEAK_SSL_CIPHERS
+# endif
+#endif
+
+/* crypto/opensslconf.h.in */
+
+/* Generate 80386 code? */
+#undef I386_ONLY
+
+#if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */
+#if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
+#define ENGINESDIR "/usr/local/ssl/lib/engines"
+#define OPENSSLDIR "/usr/local/ssl"
+#endif
+#endif
+
+#undef OPENSSL_UNISTD
+#define OPENSSL_UNISTD <unistd.h>
+
+#undef OPENSSL_EXPORT_VAR_AS_FUNCTION
+
+#if defined(HEADER_IDEA_H) && !defined(IDEA_INT)
+#define IDEA_INT unsigned int
+#endif
+
+#if defined(HEADER_MD2_H) && !defined(MD2_INT)
+#define MD2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC2_H) && !defined(RC2_INT)
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+#endif
+
+#if defined(HEADER_RC4_H)
+#if !defined(RC4_INT)
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+/*
+ * I don't know what does "most" mean, but declaring "int" is a must on:
+ * - Intel P6 because partial register stalls are very expensive;
+ * - elder Alpha because it lacks byte load/store instructions;
+ */
+#define RC4_INT unsigned int
+#endif
+#if !defined(RC4_CHUNK)
+/*
+ * This enables code handling data aligned at natural CPU word
+ * boundary. See crypto/rc4/rc4_enc.c for further details.
+ */
+#undef RC4_CHUNK
+#endif
+#endif
+
+#if (defined(HEADER_NEW_DES_H) || defined(HEADER_DES_H)) && !defined(DES_LONG)
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+#endif
+
+#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H)
+#define CONFIG_HEADER_BN_H
+#undef BN_LLONG
+
+/* Should we define BN_DIV2W here? */
+
+/* Only one for the following should be defined */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#endif
+
+#if defined(HEADER_RC4_LOCL_H) && !defined(CONFIG_HEADER_RC4_LOCL_H)
+#define CONFIG_HEADER_RC4_LOCL_H
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+#endif
+
+#if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H)
+#define CONFIG_HEADER_BF_LOCL_H
+#undef BF_PTR
+#endif /* HEADER_BF_LOCL_H */
+
+#if defined(HEADER_DES_LOCL_H) && !defined(CONFIG_HEADER_DES_LOCL_H)
+#define CONFIG_HEADER_DES_LOCL_H
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+#error YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( __sun ) || defined ( sun ) /* Newer Sparc's */
+# define DES_PTR
+# define DES_RISC1
+# define DES_UNROLL
+#elif defined( __ultrix ) /* Older MIPS */
+# define DES_PTR
+# define DES_RISC2
+# define DES_UNROLL
+#elif defined( __osf1__ ) /* Alpha */
+# define DES_PTR
+# define DES_RISC2
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* Unknown */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+# define DES_UNROLL
+#elif defined( __sgi ) /* Newer MIPS */
+# define DES_PTR
+# define DES_RISC2
+# define DES_UNROLL
+#elif defined(i386) || defined(__i386__) /* x86 boxes, should be gcc */
+# define DES_PTR
+# define DES_RISC1
+# define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+#endif /* HEADER_DES_LOCL_H */
+#ifdef __cplusplus
+}
+#endif
diff -upr deps/openssl/openssl.old/crypto/opensslv.h deps/openssl/openssl/crypto/opensslv.h
--- deps/openssl/openssl.old/crypto/opensslv.h 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/opensslv.h 2016-05-03 15:46:41.000000000 +0200
@@ -30,11 +30,11 @@ extern "C" {
* (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
* major minor fix final patch/beta)
*/
-# define OPENSSL_VERSION_NUMBER 0x1000207fL
+# define OPENSSL_VERSION_NUMBER 0x1000208fL
# ifdef OPENSSL_FIPS
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2g-fips 1 Mar 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2h-fips 3 May 2016"
# else
-# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2g 1 Mar 2016"
+# define OPENSSL_VERSION_TEXT "OpenSSL 1.0.2h 3 May 2016"
# endif
# define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT
diff -upr deps/openssl/openssl.old/crypto/pem/pem_lib.c deps/openssl/openssl/crypto/pem/pem_lib.c
--- deps/openssl/openssl.old/crypto/pem/pem_lib.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/pem/pem_lib.c 2016-05-03 15:44:42.000000000 +0200
@@ -348,7 +348,7 @@ int PEM_ASN1_write_bio(i2d_of_void *i2d,
if (enc != NULL) {
objstr = OBJ_nid2sn(EVP_CIPHER_nid(enc));
- if (objstr == NULL) {
+ if (objstr == NULL || EVP_CIPHER_iv_length(enc) == 0) {
PEMerr(PEM_F_PEM_ASN1_WRITE_BIO, PEM_R_UNSUPPORTED_CIPHER);
goto err;
}
diff -upr deps/openssl/openssl.old/crypto/pem/pvkfmt.c deps/openssl/openssl/crypto/pem/pvkfmt.c
--- deps/openssl/openssl.old/crypto/pem/pvkfmt.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/pem/pvkfmt.c 2016-05-03 15:44:42.000000000 +0200
@@ -131,6 +131,10 @@ static int read_lebn(const unsigned char
# define MS_PVKMAGIC 0xb0b5f11eL
/* Salt length for PVK files */
# define PVK_SALTLEN 0x10
+/* Maximum length in PVK header */
+# define PVK_MAX_KEYLEN 102400
+/* Maximum salt length */
+# define PVK_MAX_SALTLEN 10240
static EVP_PKEY *b2i_rsa(const unsigned char **in, unsigned int length,
unsigned int bitlen, int ispub);
@@ -644,6 +648,9 @@ static int do_PVK_header(const unsigned
*psaltlen = read_ledword(&p);
*pkeylen = read_ledword(&p);
+ if (*pkeylen > PVK_MAX_KEYLEN || *psaltlen > PVK_MAX_SALTLEN)
+ return 0;
+
if (is_encrypted && !*psaltlen) {
PEMerr(PEM_F_DO_PVK_HEADER, PEM_R_INCONSISTENT_HEADER);
return 0;
diff -upr deps/openssl/openssl.old/crypto/perlasm/x86_64-xlate.pl deps/openssl/openssl/crypto/perlasm/x86_64-xlate.pl
--- deps/openssl/openssl.old/crypto/perlasm/x86_64-xlate.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/perlasm/x86_64-xlate.pl 2016-05-03 15:44:42.000000000 +0200
@@ -195,6 +195,7 @@ my %globals;
sub out {
my $self = shift;
+ $self->{value} =~ s/\b(0b[0-1]+)/oct($1)/eig;
if ($gas) {
# Solaris /usr/ccs/bin/as can't handle multiplications
# in $self->{value}
@@ -205,7 +206,6 @@ my %globals;
}
sprintf "\$%s",$self->{value};
} else {
- $self->{value} =~ s/(0b[0-1]+)/oct($1)/eig;
$self->{value} =~ s/0x([0-9a-f]+)/0$1h/ig if ($masm);
sprintf "%s",$self->{value};
}
diff -upr deps/openssl/openssl.old/crypto/perlasm/x86masm.pl deps/openssl/openssl/crypto/perlasm/x86masm.pl
--- deps/openssl/openssl.old/crypto/perlasm/x86masm.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/perlasm/x86masm.pl 2016-05-03 15:44:42.000000000 +0200
@@ -18,10 +18,10 @@ sub ::generic
if ($opcode =~ /lea/ && @arg[1] =~ s/.*PTR\s+(\(.*\))$/OFFSET $1/) # no []
{ $opcode="mov"; }
- elsif ($opcode !~ /mov[dq]$/)
+ elsif ($opcode !~ /movq/)
{ # fix xmm references
- $arg[0] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[-1]=~/\bxmm[0-7]\b/i);
- $arg[-1] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[0]=~/\bxmm[0-7]\b/i);
+ $arg[0] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[1]=~/\bxmm[0-7]\b/i);
+ $arg[1] =~ s/\b[A-Z]+WORD\s+PTR/XMMWORD PTR/i if ($arg[0]=~/\bxmm[0-7]\b/i);
}
&::emit($opcode,@arg);
@@ -82,7 +82,7 @@ TITLE $_[0].asm
IF \@Version LT 800
ECHO MASM version 8.00 or later is strongly recommended.
ENDIF
-.686
+.486
.MODEL FLAT
OPTION DOTNAME
IF \@Version LT 800
@@ -160,13 +160,13 @@ sub ::public_label
{ push(@out,"PUBLIC\t".&::LABEL($_[0],$nmdecor.$_[0])."\n"); }
sub ::data_byte
-{ push(@out,("DB\t").join(',',splice(@_,0,16))."\n") while(@_); }
+{ push(@out,("DB\t").join(',',@_)."\n"); }
sub ::data_short
-{ push(@out,("DW\t").join(',',splice(@_,0,8))."\n") while(@_); }
+{ push(@out,("DW\t").join(',',@_)."\n"); }
sub ::data_word
-{ push(@out,("DD\t").join(',',splice(@_,0,4))."\n") while(@_); }
+{ push(@out,("DD\t").join(',',@_)."\n"); }
sub ::align
{ push(@out,"ALIGN\t$_[0]\n"); }
diff -upr deps/openssl/openssl.old/crypto/s390xcpuid.S deps/openssl/openssl/crypto/s390xcpuid.S
--- deps/openssl/openssl.old/crypto/s390xcpuid.S 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/s390xcpuid.S 2016-05-03 15:44:42.000000000 +0200
@@ -5,14 +5,46 @@
.align 16
OPENSSL_s390x_facilities:
lghi %r0,0
- larl %r2,OPENSSL_s390xcap_P
- stg %r0,8(%r2)
- .long 0xb2b02000 # stfle 0(%r2)
+ larl %r4,OPENSSL_s390xcap_P
+ stg %r0,8(%r4) # wipe capability vectors
+ stg %r0,16(%r4)
+ stg %r0,24(%r4)
+ stg %r0,32(%r4)
+ stg %r0,40(%r4)
+ stg %r0,48(%r4)
+ stg %r0,56(%r4)
+ stg %r0,64(%r4)
+ stg %r0,72(%r4)
+
+ .long 0xb2b04000 # stfle 0(%r4)
brc 8,.Ldone
lghi %r0,1
- .long 0xb2b02000 # stfle 0(%r2)
+ .long 0xb2b04000 # stfle 0(%r4)
.Ldone:
- lg %r2,0(%r2)
+ lmg %r2,%r3,0(%r4)
+ tmhl %r2,0x4000 # check for message-security-assist
+ jz .Lret
+
+ lghi %r0,0 # query kimd capabilities
+ la %r1,16(%r4)
+ .long 0xb93e0002 # kimd %r0,%r2
+
+ lghi %r0,0 # query km capability vector
+ la %r1,32(%r4)
+ .long 0xb92e0042 # km %r4,%r2
+
+ lghi %r0,0 # query kmc capability vector
+ la %r1,48(%r4)
+ .long 0xb92f0042 # kmc %r4,%r2
+
+ tmhh %r3,0x0004 # check for message-security-assist-4
+ jz .Lret
+
+ lghi %r0,0 # query kmctr capability vector
+ la %r1,64(%r4)
+ .long 0xb92d2042 # kmctr %r4,%r2,%r2
+
+.Lret:
br %r14
.size OPENSSL_s390x_facilities,.-OPENSSL_s390x_facilities
@@ -96,4 +128,4 @@ OPENSSL_cleanse:
.section .init
brasl %r14,OPENSSL_cpuid_setup
-.comm OPENSSL_s390xcap_P,16,8
+.comm OPENSSL_s390xcap_P,80,8
diff -upr deps/openssl/openssl.old/crypto/sha/asm/sha1-ppc.pl deps/openssl/openssl/crypto/sha/asm/sha1-ppc.pl
--- deps/openssl/openssl.old/crypto/sha/asm/sha1-ppc.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/sha/asm/sha1-ppc.pl 2016-05-03 15:38:19.000000000 +0200
@@ -227,7 +227,7 @@ Lunaligned:
srwi. $t1,$t1,6 ; t1/=64
beq Lcross_page
$UCMP $num,$t1
- ble- Laligned ; didn't cross the page boundary
+ ble Laligned ; didn't cross the page boundary
mtctr $t1
subfc $num,$t1,$num
bl Lsha1_block_private
@@ -255,7 +255,7 @@ Lmemcpy:
bl Lsha1_block_private
$POP $inp,`$FRAME-$SIZE_T*18`($sp)
addic. $num,$num,-1
- bne- Lunaligned
+ bne Lunaligned
Ldone:
$POP r0,`$FRAME+$LRSAVE`($sp)
@@ -329,7 +329,7 @@ $code.=<<___;
stw r20,16($ctx)
mr $E,r20
addi $inp,$inp,`16*4`
- bdnz- Lsha1_block_private
+ bdnz Lsha1_block_private
blr
.long 0
.byte 0,12,0x14,0,0,0,0,0
diff -upr deps/openssl/openssl.old/crypto/sha/asm/sha1-s390x.pl deps/openssl/openssl/crypto/sha/asm/sha1-s390x.pl
--- deps/openssl/openssl.old/crypto/sha/asm/sha1-s390x.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/sha/asm/sha1-s390x.pl 2016-05-03 15:44:42.000000000 +0200
@@ -167,10 +167,7 @@ $code.=<<___ if ($kimdfunc);
lg %r0,0(%r1)
tmhl %r0,0x4000 # check for message-security assist
jz .Lsoftware
- lghi %r0,0
- la %r1,`2*$SIZE_T`($sp)
- .long 0xb93e0002 # kimd %r0,%r2
- lg %r0,`2*$SIZE_T`($sp)
+ lg %r0,16(%r1) # check kimd capabilities
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc
@@ -237,7 +234,7 @@ $code.=<<___;
br %r14
.size sha1_block_data_order,.-sha1_block_data_order
.string "SHA1 block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm OPENSSL_s390xcap_P,16,8
+.comm OPENSSL_s390xcap_P,80,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff -upr deps/openssl/openssl.old/crypto/sha/asm/sha512-ppc.pl deps/openssl/openssl/crypto/sha/asm/sha512-ppc.pl
--- deps/openssl/openssl.old/crypto/sha/asm/sha512-ppc.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/sha/asm/sha512-ppc.pl 2016-05-03 15:38:19.000000000 +0200
@@ -259,7 +259,7 @@ Lunaligned:
andi. $t1,$t1,`4096-16*$SZ` ; distance to closest page boundary
beq Lcross_page
$UCMP $num,$t1
- ble- Laligned ; didn't cross the page boundary
+ ble Laligned ; didn't cross the page boundary
subfc $num,$t1,$num
add $t1,$inp,$t1
$PUSH $num,`$FRAME-$SIZE_T*25`($sp) ; save real remaining num
@@ -317,7 +317,7 @@ $code.=<<___;
$POP $inp,`$FRAME-$SIZE_T*26`($sp) ; restore real inp
$POP $num,`$FRAME-$SIZE_T*25`($sp) ; restore real num
addic. $num,$num,`-16*$SZ` ; num--
- bne- Lunaligned
+ bne Lunaligned
Ldone:
$POP r0,`$FRAME+$LRSAVE`($sp)
@@ -396,7 +396,7 @@ for(;$i<32;$i++) {
unshift(@V,pop(@V));
}
$code.=<<___;
- bdnz- Lrounds
+ bdnz Lrounds
$POP $ctx,`$FRAME-$SIZE_T*22`($sp)
$POP $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
@@ -644,7 +644,7 @@ for(;$i<32;$i++) {
($a0,$a1,$a2,$a3) = ($a2,$a3,$a0,$a1);
}
$code.=<<___;
- bdnz- Lrounds
+ bdnz Lrounds
$POP $ctx,`$FRAME-$SIZE_T*22`($sp)
$POP $inp,`$FRAME-$SIZE_T*23`($sp) ; inp pointer
diff -upr deps/openssl/openssl.old/crypto/sha/asm/sha512-s390x.pl deps/openssl/openssl/crypto/sha/asm/sha512-s390x.pl
--- deps/openssl/openssl.old/crypto/sha/asm/sha512-s390x.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/sha/asm/sha512-s390x.pl 2016-05-03 15:44:42.000000000 +0200
@@ -240,10 +240,7 @@ $code.=<<___ if ($kimdfunc);
lg %r0,0(%r1)
tmhl %r0,0x4000 # check for message-security assist
jz .Lsoftware
- lghi %r0,0
- la %r1,`2*$SIZE_T`($sp)
- .long 0xb93e0002 # kimd %r0,%r2
- lg %r0,`2*$SIZE_T`($sp)
+ lg %r0,16(%r1) # check kimd capabilities
tmhh %r0,`0x8000>>$kimdfunc`
jz .Lsoftware
lghi %r0,$kimdfunc
@@ -311,7 +308,7 @@ $code.=<<___;
br %r14
.size $Func,.-$Func
.string "SHA${label} block transform for s390x, CRYPTOGAMS by <appro\@openssl.org>"
-.comm OPENSSL_s390xcap_P,16,8
+.comm OPENSSL_s390xcap_P,80,8
___
$code =~ s/\`([^\`]*)\`/eval $1/gem;
diff -upr deps/openssl/openssl.old/crypto/x509/x509.h deps/openssl/openssl/crypto/x509/x509.h
--- deps/openssl/openssl.old/crypto/x509/x509.h 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/x509/x509.h 2016-05-03 15:44:42.000000000 +0200
@@ -1305,6 +1305,7 @@ void ERR_load_X509_strings(void);
# define X509_R_LOADING_CERT_DIR 103
# define X509_R_LOADING_DEFAULTS 104
# define X509_R_METHOD_NOT_SUPPORTED 124
+# define X509_R_NAME_TOO_LONG 134
# define X509_R_NEWER_CRL_NOT_NEWER 132
# define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
# define X509_R_NO_CRL_NUMBER 130
diff -upr deps/openssl/openssl.old/crypto/x509/x509_err.c deps/openssl/openssl/crypto/x509/x509_err.c
--- deps/openssl/openssl.old/crypto/x509/x509_err.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/x509/x509_err.c 2016-05-03 15:44:42.000000000 +0200
@@ -151,6 +151,7 @@ static ERR_STRING_DATA X509_str_reasons[
{ERR_REASON(X509_R_LOADING_CERT_DIR), "loading cert dir"},
{ERR_REASON(X509_R_LOADING_DEFAULTS), "loading defaults"},
{ERR_REASON(X509_R_METHOD_NOT_SUPPORTED), "method not supported"},
+ {ERR_REASON(X509_R_NAME_TOO_LONG), "name too long"},
{ERR_REASON(X509_R_NEWER_CRL_NOT_NEWER), "newer crl not newer"},
{ERR_REASON(X509_R_NO_CERT_SET_FOR_US_TO_VERIFY),
"no cert set for us to verify"},
diff -upr deps/openssl/openssl.old/crypto/x509/x509_obj.c deps/openssl/openssl/crypto/x509/x509_obj.c
--- deps/openssl/openssl.old/crypto/x509/x509_obj.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/crypto/x509/x509_obj.c 2016-05-03 15:44:42.000000000 +0200
@@ -63,6 +63,13 @@
#include <openssl/x509.h>
#include <openssl/buffer.h>
+/*
+ * Limit to ensure we don't overflow: much greater than
+ * anything enountered in practice.
+ */
+
+#define NAME_ONELINE_MAX (1024 * 1024)
+
char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
{
X509_NAME_ENTRY *ne;
@@ -86,6 +93,8 @@ char *X509_NAME_oneline(X509_NAME *a, ch
goto err;
b->data[0] = '\0';
len = 200;
+ } else if (len == 0) {
+ return NULL;
}
if (a == NULL) {
if (b) {
@@ -110,6 +119,10 @@ char *X509_NAME_oneline(X509_NAME *a, ch
type = ne->value->type;
num = ne->value->length;
+ if (num > NAME_ONELINE_MAX) {
+ X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
+ goto end;
+ }
q = ne->value->data;
#ifdef CHARSET_EBCDIC
if (type == V_ASN1_GENERALSTRING ||
@@ -117,8 +130,9 @@ char *X509_NAME_oneline(X509_NAME *a, ch
type == V_ASN1_PRINTABLESTRING ||
type == V_ASN1_TELETEXSTRING ||
type == V_ASN1_VISIBLESTRING || type == V_ASN1_IA5STRING) {
- ascii2ebcdic(ebcdic_buf, q, (num > sizeof ebcdic_buf)
- ? sizeof ebcdic_buf : num);
+ if (num > (int)sizeof(ebcdic_buf))
+ num = sizeof(ebcdic_buf);
+ ascii2ebcdic(ebcdic_buf, q, num);
q = ebcdic_buf;
}
#endif
@@ -154,6 +168,10 @@ char *X509_NAME_oneline(X509_NAME *a, ch
lold = l;
l += 1 + l1 + 1 + l2;
+ if (l > NAME_ONELINE_MAX) {
+ X509err(X509_F_X509_NAME_ONELINE, X509_R_NAME_TOO_LONG);
+ goto end;
+ }
if (b != NULL) {
if (!BUF_MEM_grow(b, l + 1))
goto err;
@@ -206,7 +224,7 @@ char *X509_NAME_oneline(X509_NAME *a, ch
return (p);
err:
X509err(X509_F_X509_NAME_ONELINE, ERR_R_MALLOC_FAILURE);
- if (b != NULL)
- BUF_MEM_free(b);
+ end:
+ BUF_MEM_free(b);
return (NULL);
}
Only in deps/openssl/openssl: demos
Only in deps/openssl/openssl: doc
Only in deps/openssl/openssl.old/include: openssl
diff -upr deps/openssl/openssl.old/openssl.spec deps/openssl/openssl/openssl.spec
--- deps/openssl/openssl.old/openssl.spec 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/openssl.spec 2016-05-03 15:46:41.000000000 +0200
@@ -6,7 +6,7 @@ Release: 1
Summary: Secure Sockets Layer and cryptography libraries and tools
Name: openssl
-Version: 1.0.2g
+Version: 1.0.2h
Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz
License: OpenSSL
Group: System Environment/Libraries
diff -upr deps/openssl/openssl.old/ssl/d1_both.c deps/openssl/openssl/ssl/d1_both.c
--- deps/openssl/openssl.old/ssl/d1_both.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/d1_both.c 2016-05-03 15:44:42.000000000 +0200
@@ -1459,6 +1459,8 @@ int dtls1_process_heartbeat(SSL *s)
* plus 2 bytes payload length, plus payload, plus padding
*/
buffer = OPENSSL_malloc(write_length);
+ if (buffer == NULL)
+ return -1;
bp = buffer;
/* Enter response type, length and copy payload */
diff -upr deps/openssl/openssl.old/ssl/s2_lib.c deps/openssl/openssl/ssl/s2_lib.c
--- deps/openssl/openssl.old/ssl/s2_lib.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/s2_lib.c 2016-05-03 15:44:42.000000000 +0200
@@ -150,7 +150,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
@@ -167,7 +167,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
@@ -184,7 +184,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_RC2,
SSL_MD5,
SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
@@ -201,7 +201,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_RC2,
SSL_MD5,
SSL_SSLV2,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL2_CF_5_BYTE_ENC,
40,
128,
@@ -219,7 +219,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_IDEA,
SSL_MD5,
SSL_SSLV2,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
0,
128,
128,
@@ -237,7 +237,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_DES,
SSL_MD5,
SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
0,
56,
56,
@@ -254,7 +254,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_3DES,
SSL_MD5,
SSL_SSLV2,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
0,
112,
168,
@@ -271,7 +271,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl2_cip
SSL_RC4,
SSL_MD5,
SSL_SSLV2,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL2_CF_8_BYTE_ENC,
64,
64,
diff -upr deps/openssl/openssl.old/ssl/s2_meth.c deps/openssl/openssl/ssl/s2_meth.c
--- deps/openssl/openssl.old/ssl/s2_meth.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/s2_meth.c 2016-05-03 15:44:42.000000000 +0200
@@ -57,7 +57,8 @@
*/
#include "ssl_locl.h"
-#ifndef OPENSSL_NO_SSL2
+#ifndef OPENSSL_NO_SSL2_METHOD
+# ifndef OPENSSL_NO_SSL2
# include <stdio.h>
# include <openssl/objects.h>
@@ -72,7 +73,16 @@ static const SSL_METHOD *ssl2_get_method
IMPLEMENT_ssl2_meth_func(SSLv2_method,
ssl2_accept, ssl2_connect, ssl2_get_method)
-#else /* !OPENSSL_NO_SSL2 */
+
+# else /* !OPENSSL_NO_SSL2 */
+
+const SSL_METHOD *SSLv2_method(void) { return NULL; }
+const SSL_METHOD *SSLv2_client_method(void) { return NULL; }
+const SSL_METHOD *SSLv2_server_method(void) { return NULL; }
+
+# endif
+
+#else /* !OPENSSL_NO_SSL2_METHOD */
# if PEDANTIC
static void *dummy = &dummy;
diff -upr deps/openssl/openssl.old/ssl/s3_clnt.c deps/openssl/openssl/ssl/s3_clnt.c
--- deps/openssl/openssl.old/ssl/s3_clnt.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/s3_clnt.c 2016-05-03 15:44:42.000000000 +0200
@@ -2199,6 +2199,7 @@ int ssl3_get_certificate_request(SSL *s)
SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST, ERR_R_MALLOC_FAILURE);
goto err;
}
+ xn = NULL;
p += l;
nc += l + 2;
@@ -2222,6 +2223,7 @@ int ssl3_get_certificate_request(SSL *s)
err:
s->state = SSL_ST_ERR;
done:
+ X509_NAME_free(xn);
if (ca_sk != NULL)
sk_X509_NAME_pop_free(ca_sk, X509_NAME_free);
return (ret);
diff -upr deps/openssl/openssl.old/ssl/s3_lib.c deps/openssl/openssl/ssl/s3_lib.c
--- deps/openssl/openssl.old/ssl/s3_lib.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/s3_lib.c 2016-05-03 15:44:42.000000000 +0200
@@ -208,7 +208,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -258,7 +258,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC2,
SSL_MD5,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -294,7 +294,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@@ -312,7 +312,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -347,7 +347,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@@ -365,7 +365,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -399,7 +399,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@@ -417,7 +417,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -452,7 +452,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@@ -470,7 +470,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -504,7 +504,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@@ -522,7 +522,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -556,7 +556,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -573,7 +573,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@@ -590,7 +590,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -608,7 +608,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -625,7 +625,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_3DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
@@ -695,7 +695,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -761,7 +761,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_MD5,
SSL_SSLV3,
- SSL_NOT_EXP | SSL_LOW,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_LOW,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -827,7 +827,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@@ -845,7 +845,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC2,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -863,7 +863,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_SHA1,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -881,7 +881,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_MD5,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
56,
@@ -899,7 +899,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC2,
SSL_MD5,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -917,7 +917,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_MD5,
SSL_SSLV3,
- SSL_EXPORT | SSL_EXP40,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP40,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
40,
128,
@@ -1011,7 +1011,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@@ -1106,7 +1106,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
@@ -1302,7 +1302,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_CAMELLIA128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@@ -1322,7 +1322,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_MD5,
SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@@ -1338,7 +1338,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC2,
SSL_MD5,
SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@@ -1356,7 +1356,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -1374,7 +1374,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
56,
@@ -1392,7 +1392,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@@ -1410,7 +1410,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_EXPORT | SSL_EXP56,
+ SSL_NOT_DEFAULT | SSL_EXPORT | SSL_EXP56,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
56,
128,
@@ -1525,7 +1525,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES128,
SSL_SHA256,
SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@@ -1541,7 +1541,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES256,
SSL_SHA256,
SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
@@ -1694,7 +1694,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_CAMELLIA256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
@@ -1860,7 +1860,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_SEED,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@@ -2040,7 +2040,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES128GCM,
SSL_AEAD,
SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA256 | TLS1_PRF_SHA256,
128,
128,
@@ -2056,7 +2056,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES256GCM,
SSL_AEAD,
SSL_TLSV1_2,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
256,
256,
@@ -2424,7 +2424,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_RC4,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_MEDIUM,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_MEDIUM,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@@ -2440,7 +2440,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_3DES,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
112,
168,
@@ -2456,7 +2456,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES128,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
128,
128,
@@ -2472,7 +2472,7 @@ OPENSSL_GLOBAL SSL_CIPHER ssl3_ciphers[]
SSL_AES256,
SSL_SHA1,
SSL_TLSV1,
- SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
+ SSL_NOT_DEFAULT | SSL_NOT_EXP | SSL_HIGH | SSL_FIPS,
SSL_HANDSHAKE_MAC_DEFAULT | TLS1_PRF,
256,
256,
diff -upr deps/openssl/openssl.old/ssl/ssl.h deps/openssl/openssl/ssl/ssl.h
--- deps/openssl/openssl.old/ssl/ssl.h 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/ssl.h 2016-05-03 15:44:42.000000000 +0200
@@ -338,7 +338,7 @@ extern "C" {
* The following cipher list is used by default. It also is substituted when
* an application-defined cipher list string starts with 'DEFAULT'.
*/
-# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!aNULL:!eNULL:!SSLv2"
+# define SSL_DEFAULT_CIPHER_LIST "ALL:!EXPORT:!LOW:!aNULL:!eNULL:!SSLv2"
/*
* As of OpenSSL 1.0.0, ssl_create_cipher_list() in ssl/ssl_ciph.c always
* starts with a reasonable order, and all we have to do for DEFAULT is
@@ -2345,7 +2345,7 @@ const char *SSL_get_version(const SSL *s
/* This sets the 'default' SSL version that SSL_new() will create */
int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth);
-# ifndef OPENSSL_NO_SSL2
+# ifndef OPENSSL_NO_SSL2_METHOD
const SSL_METHOD *SSLv2_method(void); /* SSLv2 */
const SSL_METHOD *SSLv2_server_method(void); /* SSLv2 */
const SSL_METHOD *SSLv2_client_method(void); /* SSLv2 */
diff -upr deps/openssl/openssl.old/ssl/ssl_cert.c deps/openssl/openssl/ssl/ssl_cert.c
--- deps/openssl/openssl.old/ssl/ssl_cert.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/ssl_cert.c 2016-05-03 15:44:42.000000000 +0200
@@ -504,6 +504,8 @@ void ssl_cert_free(CERT *c)
#ifndef OPENSSL_NO_TLSEXT
custom_exts_free(&c->cli_ext);
custom_exts_free(&c->srv_ext);
+ if (c->alpn_proposed)
+ OPENSSL_free(c->alpn_proposed);
#endif
OPENSSL_free(c);
}
@@ -1057,13 +1059,18 @@ static int ssl_add_cert_to_buf(BUF_MEM *
unsigned char *p;
n = i2d_X509(x, NULL);
- if (!BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
+ if (n < 0 || !BUF_MEM_grow_clean(buf, (int)(n + (*l) + 3))) {
SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
return 0;
}
p = (unsigned char *)&(buf->data[*l]);
l2n3(n, p);
- i2d_X509(x, &p);
+ n = i2d_X509(x, &p);
+ if (n < 0) {
+ /* Shouldn't happen */
+ SSLerr(SSL_F_SSL_ADD_CERT_TO_BUF, ERR_R_BUF_LIB);
+ return 0;
+ }
*l += n + 3;
return 1;
diff -upr deps/openssl/openssl.old/ssl/ssl_ciph.c deps/openssl/openssl/ssl/ssl_ciph.c
--- deps/openssl/openssl.old/ssl/ssl_ciph.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/ssl_ciph.c 2016-05-03 15:44:42.000000000 +0200
@@ -235,8 +235,7 @@ static const SSL_CIPHER cipher_aliases[]
* "COMPLEMENTOFDEFAULT" (does *not* include ciphersuites not found in
* ALL!)
*/
- {0, SSL_TXT_CMPDEF, 0, 0, SSL_aNULL, ~SSL_eNULL, 0, ~SSL_SSLV2,
- SSL_EXP_MASK, 0, 0, 0},
+ {0, SSL_TXT_CMPDEF, 0, 0, 0, 0, 0, 0, SSL_NOT_DEFAULT, 0, 0, 0},
/*
* key exchange aliases (some of those using only a single bit here
@@ -1030,10 +1029,6 @@ static void ssl_cipher_apply_rule(unsign
if (cipher_id && cipher_id != cp->id)
continue;
#endif
- if (algo_strength == SSL_EXP_MASK && SSL_C_IS_EXPORT(cp))
- goto ok;
- if (alg_ssl == ~SSL_SSLV2 && cp->algorithm_ssl == SSL_SSLV2)
- goto ok;
if (alg_mkey && !(alg_mkey & cp->algorithm_mkey))
continue;
if (alg_auth && !(alg_auth & cp->algorithm_auth))
@@ -1050,10 +1045,11 @@ static void ssl_cipher_apply_rule(unsign
if ((algo_strength & SSL_STRONG_MASK)
&& !(algo_strength & SSL_STRONG_MASK & cp->algo_strength))
continue;
+ if ((algo_strength & SSL_NOT_DEFAULT)
+ && !(cp->algo_strength & SSL_NOT_DEFAULT))
+ continue;
}
- ok:
-
#ifdef CIPHER_DEBUG
fprintf(stderr, "Action = %d\n", rule);
#endif
@@ -1337,6 +1333,10 @@ static int ssl_cipher_process_rulestr(co
ca_list[j]->algo_strength & SSL_STRONG_MASK;
}
+ if (ca_list[j]->algo_strength & SSL_NOT_DEFAULT) {
+ algo_strength |= SSL_NOT_DEFAULT;
+ }
+
if (ca_list[j]->valid) {
/*
* explicit ciphersuite found; its protocol version does not
diff -upr deps/openssl/openssl.old/ssl/ssl_lib.c deps/openssl/openssl/ssl/ssl_lib.c
--- deps/openssl/openssl.old/ssl/ssl_lib.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/ssl_lib.c 2016-05-03 15:44:42.000000000 +0200
@@ -244,7 +244,16 @@ int SSL_clear(SSL *s)
ssl_clear_hash_ctx(&s->write_hash);
s->first_packet = 0;
-
+#ifndef OPENSSL_NO_TLSEXT
+ if (s->cert != NULL) {
+ if (s->cert->alpn_proposed) {
+ OPENSSL_free(s->cert->alpn_proposed);
+ s->cert->alpn_proposed = NULL;
+ }
+ s->cert->alpn_proposed_len = 0;
+ s->cert->alpn_sent = 0;
+ }
+#endif
#if 1
/*
* Check to see if we were changed into a different method, if so, revert
@@ -3174,6 +3183,12 @@ SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_C
ssl->cert->ciphers_rawlen = ocert->ciphers_rawlen;
ocert->ciphers_raw = NULL;
}
+#ifndef OPENSSL_NO_TLSEXT
+ ssl->cert->alpn_proposed = ocert->alpn_proposed;
+ ssl->cert->alpn_proposed_len = ocert->alpn_proposed_len;
+ ocert->alpn_proposed = NULL;
+ ssl->cert->alpn_sent = ocert->alpn_sent;
+#endif
ssl_cert_free(ocert);
}
diff -upr deps/openssl/openssl.old/ssl/ssl_locl.h deps/openssl/openssl/ssl/ssl_locl.h
--- deps/openssl/openssl.old/ssl/ssl_locl.h 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/ssl_locl.h 2016-05-03 15:44:42.000000000 +0200
@@ -436,8 +436,9 @@
# define SSL_MEDIUM 0x00000040L
# define SSL_HIGH 0x00000080L
# define SSL_FIPS 0x00000100L
+# define SSL_NOT_DEFAULT 0x00000200L
-/* we have used 000001ff - 23 bits left to go */
+/* we have used 000003ff - 22 bits left to go */
/*-
* Macros to check the export status and cipher strength for export ciphers.
@@ -687,6 +688,10 @@ typedef struct cert_st {
custom_ext_methods cli_ext;
custom_ext_methods srv_ext;
int references; /* >1 only if SSL_copy_session_id is used */
+ /* non-optimal, but here due to compatibility */
+ unsigned char *alpn_proposed; /* server */
+ unsigned int alpn_proposed_len;
+ int alpn_sent; /* client */
} CERT;
typedef struct sess_cert_st {
diff -upr deps/openssl/openssl.old/ssl/ssl_rsa.c deps/openssl/openssl/ssl/ssl_rsa.c
--- deps/openssl/openssl.old/ssl/ssl_rsa.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/ssl_rsa.c 2016-05-03 15:44:42.000000000 +0200
@@ -841,7 +841,7 @@ static int serverinfo_srv_add_cb(SSL *s,
return 0; /* No extension found, don't send extension */
return 1; /* Send extension */
}
- return -1; /* No serverinfo data found, don't send
+ return 0; /* No serverinfo data found, don't send
* extension */
}
@@ -870,12 +870,26 @@ static int serverinfo_process_buffer(con
/* Register callbacks for extensions */
ext_type = (serverinfo[0] << 8) + serverinfo[1];
- if (ctx && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
- serverinfo_srv_add_cb,
- NULL, NULL,
- serverinfo_srv_parse_cb,
- NULL))
- return 0;
+ if (ctx) {
+ int have_ext_cbs = 0;
+ size_t i;
+ custom_ext_methods *exts = &ctx->cert->srv_ext;
+ custom_ext_method *meth = exts->meths;
+
+ for (i = 0; i < exts->meths_count; i++, meth++) {
+ if (ext_type == meth->ext_type) {
+ have_ext_cbs = 1;
+ break;
+ }
+ }
+
+ if (!have_ext_cbs && !SSL_CTX_add_server_custom_ext(ctx, ext_type,
+ serverinfo_srv_add_cb,
+ NULL, NULL,
+ serverinfo_srv_parse_cb,
+ NULL))
+ return 0;
+ }
serverinfo += 2;
serverinfo_length -= 2;
diff -upr deps/openssl/openssl.old/ssl/ssltest.c deps/openssl/openssl/ssl/ssltest.c
--- deps/openssl/openssl.old/ssl/ssltest.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/ssltest.c 2016-05-03 15:44:42.000000000 +0200
@@ -217,6 +217,9 @@
# define TEST_CLIENT_CERT "../apps/client.pem"
#endif
+static SSL_CTX *s_ctx = NULL;
+static SSL_CTX *s_ctx2 = NULL;
+
/*
* There is really no standard for this, so let's assign some tentative
* numbers. In any case, these numbers are only for this test
@@ -300,9 +303,51 @@ static BIO *bio_err = NULL;
static BIO *bio_stdout = NULL;
static const char *alpn_client;
-static const char *alpn_server;
+static char *alpn_server;
+static char *alpn_server2;
static const char *alpn_expected;
static unsigned char *alpn_selected;
+static const char *sn_client;
+static const char *sn_server1;
+static const char *sn_server2;
+static int sn_expect = 0;
+
+static int servername_cb(SSL *s, int *ad, void *arg)
+{
+ const char *servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
+ if (sn_server2 == NULL) {
+ BIO_printf(bio_stdout, "Servername 2 is NULL\n");
+ return SSL_TLSEXT_ERR_NOACK;
+ }
+
+ if (servername != NULL) {
+ if (s_ctx2 != NULL && sn_server2 != NULL &&
+ !strcasecmp(servername, sn_server2)) {
+ BIO_printf(bio_stdout, "Switching server context.\n");
+ SSL_set_SSL_CTX(s, s_ctx2);
+ }
+ }
+ return SSL_TLSEXT_ERR_OK;
+}
+static int verify_servername(SSL *client, SSL *server)
+{
+ /* just need to see if sn_context is what we expect */
+ SSL_CTX* ctx = SSL_get_SSL_CTX(server);
+ if (sn_expect == 0)
+ return 0;
+ if (sn_expect == 1 && ctx == s_ctx)
+ return 0;
+ if (sn_expect == 2 && ctx == s_ctx2)
+ return 0;
+ BIO_printf(bio_stdout, "Servername: expected context %d\n", sn_expect);
+ if (ctx == s_ctx2)
+ BIO_printf(bio_stdout, "Servername: context is 2\n");
+ else if (ctx == s_ctx)
+ BIO_printf(bio_stdout, "Servername: context is 1\n");
+ else
+ BIO_printf(bio_stdout, "Servername: context is unknown\n");
+ return -1;
+}
/*-
* next_protos_parse parses a comma separated list of strings into a string
@@ -350,11 +395,12 @@ static int cb_server_alpn(SSL *s, const
{
unsigned char *protos;
unsigned short protos_len;
+ char* alpn_str = arg;
- protos = next_protos_parse(&protos_len, alpn_server);
+ protos = next_protos_parse(&protos_len, alpn_str);
if (protos == NULL) {
fprintf(stderr, "failed to parser ALPN server protocol string: %s\n",
- alpn_server);
+ alpn_str);
abort();
}
@@ -417,8 +463,17 @@ static int verify_alpn(SSL *client, SSL
BIO_printf(bio_stdout, "', server: '");
BIO_write(bio_stdout, server_proto, server_proto_len);
BIO_printf(bio_stdout, "'\n");
- BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: '%s'\n",
- alpn_client, alpn_server);
+ BIO_printf(bio_stdout, "ALPN configured: client: '%s', server: ",
+ alpn_client);
+ if (SSL_get_SSL_CTX(server) == s_ctx2) {
+ BIO_printf(bio_stdout, "'%s'\n",
+ alpn_server2);
+ } else if (SSL_get_SSL_CTX(server) == s_ctx){
+ BIO_printf(bio_stdout, "'%s'\n",
+ alpn_server);
+ } else {
+ BIO_printf(bio_stdout, "unknown\n");
+ }
return -1;
}
@@ -756,8 +811,15 @@ static void sv_usage(void)
" -custom_ext - try various custom extension callbacks\n");
fprintf(stderr, " -alpn_client <string> - have client side offer ALPN\n");
fprintf(stderr, " -alpn_server <string> - have server side offer ALPN\n");
+ fprintf(stderr, " -alpn_server1 <string> - alias for -alpn_server\n");
+ fprintf(stderr, " -alpn_server2 <string> - have server side context 2 offer ALPN\n");
fprintf(stderr,
" -alpn_expected <string> - the ALPN protocol that should be negotiated\n");
+ fprintf(stderr, " -sn_client <string> - have client request this servername\n");
+ fprintf(stderr, " -sn_server1 <string> - have server context 1 respond to this servername\n");
+ fprintf(stderr, " -sn_server2 <string> - have server context 2 respond to this servername\n");
+ fprintf(stderr, " -sn_expect1 - expected server 1\n");
+ fprintf(stderr, " -sn_expect2 - expected server 2\n");
}
static void print_details(SSL *c_ssl, const char *prefix)
@@ -896,7 +958,6 @@ int main(int argc, char *argv[])
#ifndef OPENSSL_NO_ECDH
char *named_curve = NULL;
#endif
- SSL_CTX *s_ctx = NULL;
SSL_CTX *c_ctx = NULL;
const SSL_METHOD *meth = NULL;
SSL *c_ssl, *s_ssl;
@@ -1151,14 +1212,35 @@ int main(int argc, char *argv[])
if (--argc < 1)
goto bad;
alpn_client = *(++argv);
- } else if (strcmp(*argv, "-alpn_server") == 0) {
+ } else if (strcmp(*argv, "-alpn_server") == 0 ||
+ strcmp(*argv, "-alpn_server1") == 0) {
if (--argc < 1)
goto bad;
alpn_server = *(++argv);
+ } else if (strcmp(*argv, "-alpn_server2") == 0) {
+ if (--argc < 1)
+ goto bad;
+ alpn_server2 = *(++argv);
} else if (strcmp(*argv, "-alpn_expected") == 0) {
if (--argc < 1)
goto bad;
alpn_expected = *(++argv);
+ } else if (strcmp(*argv, "-sn_client") == 0) {
+ if (--argc < 1)
+ goto bad;
+ sn_client = *(++argv);
+ } else if (strcmp(*argv, "-sn_server1") == 0) {
+ if (--argc < 1)
+ goto bad;
+ sn_server1 = *(++argv);
+ } else if (strcmp(*argv, "-sn_server2") == 0) {
+ if (--argc < 1)
+ goto bad;
+ sn_server2 = *(++argv);
+ } else if (strcmp(*argv, "-sn_expect1") == 0) {
+ sn_expect = 1;
+ } else if (strcmp(*argv, "-sn_expect2") == 0) {
+ sn_expect = 2;
} else {
fprintf(stderr, "unknown option %s\n", *argv);
badop = 1;
@@ -1304,7 +1386,8 @@ int main(int argc, char *argv[])
c_ctx = SSL_CTX_new(meth);
s_ctx = SSL_CTX_new(meth);
- if ((c_ctx == NULL) || (s_ctx == NULL)) {
+ s_ctx2 = SSL_CTX_new(meth); /* no SSL_CTX_dup! */
+ if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
ERR_print_errors(bio_err);
goto end;
}
@@ -1312,7 +1395,9 @@ int main(int argc, char *argv[])
if (cipher != NULL) {
SSL_CTX_set_cipher_list(c_ctx, cipher);
SSL_CTX_set_cipher_list(s_ctx, cipher);
+ SSL_CTX_set_cipher_list(s_ctx2, cipher);
}
+
#ifndef OPENSSL_NO_DH
if (!no_dhe) {
if (dhe1024dsa) {
@@ -1320,12 +1405,14 @@ int main(int argc, char *argv[])
* use SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks
*/
SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_DH_USE);
+ SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_DH_USE);
dh = get_dh1024dsa();
} else if (dhe512)
dh = get_dh512();
else
dh = get_dh1024();
SSL_CTX_set_tmp_dh(s_ctx, dh);
+ SSL_CTX_set_tmp_dh(s_ctx2, dh);
DH_free(dh);
}
#else
@@ -1353,7 +1440,9 @@ int main(int argc, char *argv[])
}
SSL_CTX_set_tmp_ecdh(s_ctx, ecdh);
+ SSL_CTX_set_tmp_ecdh(s_ctx2, ecdh);
SSL_CTX_set_options(s_ctx, SSL_OP_SINGLE_ECDH_USE);
+ SSL_CTX_set_options(s_ctx2, SSL_OP_SINGLE_ECDH_USE);
EC_KEY_free(ecdh);
}
#else
@@ -1362,15 +1451,18 @@ int main(int argc, char *argv[])
#ifndef OPENSSL_NO_RSA
SSL_CTX_set_tmp_rsa_callback(s_ctx, tmp_rsa_cb);
+ SSL_CTX_set_tmp_rsa_callback(s_ctx2, tmp_rsa_cb);
#endif
#ifdef TLSEXT_TYPE_opaque_prf_input
SSL_CTX_set_tlsext_opaque_prf_input_callback(c_ctx, opaque_prf_input_cb);
SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx, opaque_prf_input_cb);
+ SSL_CTX_set_tlsext_opaque_prf_input_callback(s_ctx2, opaque_prf_input_cb);
/* or &co2 or NULL */
SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(c_ctx, &co1);
/* or &so2 or NULL */
SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx, &so1);
+ SSL_CTX_set_tlsext_opaque_prf_input_callback_arg(s_ctx2, &so1);
#endif
if (!SSL_CTX_use_certificate_file(s_ctx, server_cert, SSL_FILETYPE_PEM)) {
@@ -1383,6 +1475,16 @@ int main(int argc, char *argv[])
goto end;
}
+ if (!SSL_CTX_use_certificate_file(s_ctx2, server_cert, SSL_FILETYPE_PEM)) {
+ ERR_print_errors(bio_err);
+ } else if (!SSL_CTX_use_PrivateKey_file(s_ctx2,
+ (server_key ? server_key :
+ server_cert),
+ SSL_FILETYPE_PEM)) {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
if (client_auth) {
SSL_CTX_use_certificate_file(c_ctx, client_cert, SSL_FILETYPE_PEM);
SSL_CTX_use_PrivateKey_file(c_ctx,
@@ -1392,6 +1494,8 @@ int main(int argc, char *argv[])
if ((!SSL_CTX_load_verify_locations(s_ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(s_ctx2, CAfile, CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx2)) ||
(!SSL_CTX_load_verify_locations(c_ctx, CAfile, CApath)) ||
(!SSL_CTX_set_default_verify_paths(c_ctx))) {
/* fprintf(stderr,"SSL_load_verify_locations\n"); */
@@ -1406,6 +1510,11 @@ int main(int argc, char *argv[])
verify_callback);
SSL_CTX_set_cert_verify_callback(s_ctx, app_verify_callback,
&app_verify_arg);
+ SSL_CTX_set_verify(s_ctx2,
+ SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ SSL_CTX_set_cert_verify_callback(s_ctx2, app_verify_callback,
+ &app_verify_arg);
}
if (server_auth) {
BIO_printf(bio_err, "server authentication\n");
@@ -1418,6 +1527,8 @@ int main(int argc, char *argv[])
int session_id_context = 0;
SSL_CTX_set_session_id_context(s_ctx, (void *)&session_id_context,
sizeof session_id_context);
+ SSL_CTX_set_session_id_context(s_ctx2, (void *)&session_id_context,
+ sizeof session_id_context);
}
/* Use PSK only if PSK key is given */
@@ -1436,6 +1547,7 @@ int main(int argc, char *argv[])
#ifndef OPENSSL_NO_PSK
SSL_CTX_set_psk_client_callback(c_ctx, psk_client_callback);
SSL_CTX_set_psk_server_callback(s_ctx, psk_server_callback);
+ SSL_CTX_set_psk_server_callback(s_ctx2, psk_server_callback);
if (debug)
BIO_printf(bio_err, "setting PSK identity hint to s_ctx\n");
if (!SSL_CTX_use_psk_identity_hint(s_ctx, "ctx server identity_hint")) {
@@ -1443,6 +1555,11 @@ int main(int argc, char *argv[])
ERR_print_errors(bio_err);
goto end;
}
+ if (!SSL_CTX_use_psk_identity_hint(s_ctx2, "ctx server identity_hint")) {
+ BIO_printf(bio_err, "error setting PSK identity hint to s_ctx2\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
#endif
}
#ifndef OPENSSL_NO_SRP
@@ -1461,8 +1578,11 @@ int main(int argc, char *argv[])
if (srp_server_arg.expected_user != NULL) {
SSL_CTX_set_verify(s_ctx, SSL_VERIFY_NONE, verify_callback);
+ SSL_CTX_set_verify(s_ctx2, SSL_VERIFY_NONE, verify_callback);
SSL_CTX_set_srp_cb_arg(s_ctx, &srp_server_arg);
+ SSL_CTX_set_srp_cb_arg(s_ctx2, &srp_server_arg);
SSL_CTX_set_srp_username_callback(s_ctx, ssl_srp_server_param_cb);
+ SSL_CTX_set_srp_username_callback(s_ctx2, ssl_srp_server_param_cb);
}
#endif
@@ -1475,11 +1595,16 @@ int main(int argc, char *argv[])
NULL, NULL, NULL,
serverinfo_cli_parse_cb, NULL);
- if (serverinfo_file)
+ if (serverinfo_file) {
if (!SSL_CTX_use_serverinfo_file(s_ctx, serverinfo_file)) {
BIO_printf(bio_err, "missing serverinfo file\n");
goto end;
}
+ if (!SSL_CTX_use_serverinfo_file(s_ctx2, serverinfo_file)) {
+ BIO_printf(bio_err, "missing serverinfo file\n");
+ goto end;
+ }
+ }
if (custom_ext) {
SSL_CTX_add_client_custom_ext(c_ctx, CUSTOM_EXT_TYPE_0,
@@ -1515,10 +1640,29 @@ int main(int argc, char *argv[])
custom_ext_3_srv_add_cb,
NULL, NULL,
custom_ext_3_srv_parse_cb, NULL);
+
+ SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_0,
+ custom_ext_0_srv_add_cb,
+ NULL, NULL,
+ custom_ext_0_srv_parse_cb, NULL);
+ SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_1,
+ custom_ext_1_srv_add_cb,
+ NULL, NULL,
+ custom_ext_1_srv_parse_cb, NULL);
+ SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_2,
+ custom_ext_2_srv_add_cb,
+ NULL, NULL,
+ custom_ext_2_srv_parse_cb, NULL);
+ SSL_CTX_add_server_custom_ext(s_ctx2, CUSTOM_EXT_TYPE_3,
+ custom_ext_3_srv_add_cb,
+ NULL, NULL,
+ custom_ext_3_srv_parse_cb, NULL);
}
if (alpn_server)
- SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, NULL);
+ SSL_CTX_set_alpn_select_cb(s_ctx, cb_server_alpn, alpn_server);
+ if (alpn_server2)
+ SSL_CTX_set_alpn_select_cb(s_ctx2, cb_server_alpn, alpn_server2);
if (alpn_client) {
unsigned short alpn_len;
@@ -1532,9 +1676,15 @@ int main(int argc, char *argv[])
OPENSSL_free(alpn);
}
+ if (sn_server1 || sn_server2)
+ SSL_CTX_set_tlsext_servername_callback(s_ctx, servername_cb);
+
c_ssl = SSL_new(c_ctx);
s_ssl = SSL_new(s_ctx);
+ if (sn_client)
+ SSL_set_tlsext_host_name(c_ssl, sn_client);
+
#ifndef OPENSSL_NO_KRB5
if (c_ssl && c_ssl->kssl_ctx) {
char localhost[MAXHOSTNAMELEN + 2];
@@ -1588,12 +1738,19 @@ int main(int argc, char *argv[])
#endif
}
+ if (verify_alpn(c_ssl, s_ssl) < 0)
+ ret = 1;
+ if (verify_servername(c_ssl, s_ssl) < 0)
+ ret = 1;
+
SSL_free(s_ssl);
SSL_free(c_ssl);
end:
if (s_ctx != NULL)
SSL_CTX_free(s_ctx);
+ if (s_ctx2 != NULL)
+ SSL_CTX_free(s_ctx2);
if (c_ctx != NULL)
SSL_CTX_free(c_ctx);
@@ -1961,10 +2118,6 @@ int doit_biopair(SSL *s_ssl, SSL *c_ssl,
ret = 1;
goto err;
}
- if (verify_alpn(c_ssl, s_ssl) < 0) {
- ret = 1;
- goto err;
- }
if (custom_ext_error) {
ret = 1;
diff -upr deps/openssl/openssl.old/ssl/t1_lib.c deps/openssl/openssl/ssl/t1_lib.c
--- deps/openssl/openssl.old/ssl/t1_lib.c 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/ssl/t1_lib.c 2016-05-03 15:44:42.000000000 +0200
@@ -1539,6 +1539,7 @@ unsigned char *ssl_add_clienthello_tlsex
s2n(s->alpn_client_proto_list_len, ret);
memcpy(ret, s->alpn_client_proto_list, s->alpn_client_proto_list_len);
ret += s->alpn_client_proto_list_len;
+ s->cert->alpn_sent = 1;
}
# ifndef OPENSSL_NO_SRTP
if (SSL_IS_DTLS(s) && SSL_get_srtp_profiles(s)) {
@@ -1906,7 +1907,7 @@ static void ssl_check_for_safari(SSL *s,
# endif /* !OPENSSL_NO_EC */
/*
- * tls1_alpn_handle_client_hello is called to process the ALPN extension in a
+ * tls1_alpn_handle_client_hello is called to save the ALPN extension in a
* ClientHello. data: the contents of the extension, not including the type
* and length. data_len: the number of bytes in |data| al: a pointer to the
* alert value to send in the event of a non-zero return. returns: 0 on
@@ -1917,12 +1918,6 @@ static int tls1_alpn_handle_client_hello
{
unsigned i;
unsigned proto_len;
- const unsigned char *selected;
- unsigned char selected_len;
- int r;
-
- if (s->ctx->alpn_select_cb == NULL)
- return 0;
if (data_len < 2)
goto parse_error;
@@ -1953,19 +1948,15 @@ static int tls1_alpn_handle_client_hello
i += proto_len;
}
- r = s->ctx->alpn_select_cb(s, &selected, &selected_len, data, data_len,
- s->ctx->alpn_select_cb_arg);
- if (r == SSL_TLSEXT_ERR_OK) {
- if (s->s3->alpn_selected)
- OPENSSL_free(s->s3->alpn_selected);
- s->s3->alpn_selected = OPENSSL_malloc(selected_len);
- if (!s->s3->alpn_selected) {
- *al = SSL_AD_INTERNAL_ERROR;
- return -1;
- }
- memcpy(s->s3->alpn_selected, selected, selected_len);
- s->s3->alpn_selected_len = selected_len;
+ if (s->cert->alpn_proposed != NULL)
+ OPENSSL_free(s->cert->alpn_proposed);
+ s->cert->alpn_proposed = OPENSSL_malloc(data_len);
+ if (s->cert->alpn_proposed == NULL) {
+ *al = SSL_AD_INTERNAL_ERROR;
+ return -1;
}
+ memcpy(s->cert->alpn_proposed, data, data_len);
+ s->cert->alpn_proposed_len = data_len;
return 0;
parse_error:
@@ -1973,6 +1964,43 @@ static int tls1_alpn_handle_client_hello
return -1;
}
+/*
+ * Process the ALPN extension in a ClientHello.
+ * ret: a pointer to the TLSEXT return value: SSL_TLSEXT_ERR_*
+ * al: a pointer to the alert value to send in the event of a failure.
+ * returns 1 on success, 0 on failure: al/ret set only on failure
+ */
+static int tls1_alpn_handle_client_hello_late(SSL *s, int *ret, int *al)
+{
+ const unsigned char *selected = NULL;
+ unsigned char selected_len = 0;
+
+ if (s->ctx->alpn_select_cb != NULL && s->cert->alpn_proposed != NULL) {
+ int r = s->ctx->alpn_select_cb(s, &selected, &selected_len,
+ s->cert->alpn_proposed,
+ s->cert->alpn_proposed_len,
+ s->ctx->alpn_select_cb_arg);
+
+ if (r == SSL_TLSEXT_ERR_OK) {
+ OPENSSL_free(s->s3->alpn_selected);
+ s->s3->alpn_selected = OPENSSL_malloc(selected_len);
+ if (s->s3->alpn_selected == NULL) {
+ *al = SSL_AD_INTERNAL_ERROR;
+ *ret = SSL_TLSEXT_ERR_ALERT_FATAL;
+ return 0;
+ }
+ memcpy(s->s3->alpn_selected, selected, selected_len);
+ s->s3->alpn_selected_len = selected_len;
+# ifndef OPENSSL_NO_NEXTPROTONEG
+ /* ALPN takes precedence over NPN. */
+ s->s3->next_proto_neg_seen = 0;
+# endif
+ }
+ }
+
+ return 1;
+}
+
static int ssl_scan_clienthello_tlsext(SSL *s, unsigned char **p,
unsigned char *limit, int *al)
{
@@ -1992,6 +2020,12 @@ static int ssl_scan_clienthello_tlsext(S
OPENSSL_free(s->s3->alpn_selected);
s->s3->alpn_selected = NULL;
}
+ s->s3->alpn_selected_len = 0;
+ if (s->cert->alpn_proposed) {
+ OPENSSL_free(s->cert->alpn_proposed);
+ s->cert->alpn_proposed = NULL;
+ }
+ s->cert->alpn_proposed_len = 0;
# ifndef OPENSSL_NO_HEARTBEATS
s->tlsext_heartbeat &= ~(SSL_TLSEXT_HB_ENABLED |
SSL_TLSEXT_HB_DONT_SEND_REQUESTS);
@@ -2359,8 +2393,7 @@ static int ssl_scan_clienthello_tlsext(S
# endif
# ifndef OPENSSL_NO_NEXTPROTONEG
else if (type == TLSEXT_TYPE_next_proto_neg &&
- s->s3->tmp.finish_md_len == 0 &&
- s->s3->alpn_selected == NULL) {
+ s->s3->tmp.finish_md_len == 0) {
/*-
* We shouldn't accept this extension on a
* renegotiation.
@@ -2383,13 +2416,9 @@ static int ssl_scan_clienthello_tlsext(S
# endif
else if (type == TLSEXT_TYPE_application_layer_protocol_negotiation &&
- s->ctx->alpn_select_cb && s->s3->tmp.finish_md_len == 0) {
+ s->s3->tmp.finish_md_len == 0) {
if (tls1_alpn_handle_client_hello(s, data, size, al) != 0)
return 0;
-# ifndef OPENSSL_NO_NEXTPROTONEG
- /* ALPN takes precedence over NPN. */
- s->s3->next_proto_neg_seen = 0;
-# endif
}
/* session ticket processed earlier */
@@ -2698,7 +2727,7 @@ static int ssl_scan_serverhello_tlsext(S
unsigned len;
/* We must have requested it. */
- if (s->alpn_client_proto_list == NULL) {
+ if (!s->cert->alpn_sent) {
*al = TLS1_AD_UNSUPPORTED_EXTENSION;
return 0;
}
@@ -2863,6 +2892,7 @@ int ssl_prepare_clienthello_tlsext(SSL *
}
# endif
+ s->cert->alpn_sent = 0;
return 1;
}
@@ -3066,6 +3096,10 @@ int ssl_check_clienthello_tlsext_late(SS
} else
s->tlsext_status_expected = 0;
+ if (!tls1_alpn_handle_client_hello_late(s, &ret, &al)) {
+ goto err;
+ }
+
err:
switch (ret) {
case SSL_TLSEXT_ERR_ALERT_FATAL:
@@ -3415,8 +3449,10 @@ static int tls_decrypt_ticket(SSL *s, co
p = etick + 16 + EVP_CIPHER_CTX_iv_length(&ctx);
eticklen -= 16 + EVP_CIPHER_CTX_iv_length(&ctx);
sdec = OPENSSL_malloc(eticklen);
- if (!sdec || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) {
+ if (sdec == NULL
+ || EVP_DecryptUpdate(&ctx, sdec, &slen, p, eticklen) <= 0) {
EVP_CIPHER_CTX_cleanup(&ctx);
+ OPENSSL_free(sdec);
return -1;
}
if (EVP_DecryptFinal(&ctx, sdec + slen, &mlen) <= 0) {
@@ -3856,6 +3892,8 @@ int tls1_process_heartbeat(SSL *s)
* plus 2 bytes payload length, plus payload, plus padding
*/
buffer = OPENSSL_malloc(1 + 2 + payload + padding);
+ if (buffer == NULL)
+ return -1;
bp = buffer;
/* Enter response type, length and copy payload */
Only in deps/openssl/openssl: test
Only in deps/openssl/openssl/tools: c_rehash
diff -upr deps/openssl/openssl.old/util/libeay.num deps/openssl/openssl/util/libeay.num
--- deps/openssl/openssl.old/util/libeay.num 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/util/libeay.num 2016-05-03 15:46:28.000000000 +0200
@@ -1065,8 +1065,8 @@ d2i_ASN1_BMPSTRING
i2d_ASN1_BMPSTRING 1093 EXIST::FUNCTION:
BIO_f_ber 1094 NOEXIST::FUNCTION:
BN_init 1095 EXIST::FUNCTION:
-COMP_CTX_new 1096 EXIST::FUNCTION:
-COMP_CTX_free 1097 EXIST::FUNCTION:
+COMP_CTX_new 1096 EXIST::FUNCTION:COMP
+COMP_CTX_free 1097 EXIST::FUNCTION:COMP
COMP_CTX_compress_block 1098 NOEXIST::FUNCTION:
COMP_CTX_expand_block 1099 NOEXIST::FUNCTION:
X509_STORE_CTX_get_ex_new_index 1100 EXIST::FUNCTION:
@@ -1113,10 +1113,10 @@ PKCS7_digest_from_attributes
PKCS7_get_attribute 1141 EXIST::FUNCTION:
PKCS7_get_issuer_and_serial 1142 EXIST::FUNCTION:
PKCS7_get_signed_attribute 1143 EXIST::FUNCTION:
-COMP_compress_block 1144 EXIST::FUNCTION:
-COMP_expand_block 1145 EXIST::FUNCTION:
-COMP_rle 1146 EXIST::FUNCTION:
-COMP_zlib 1147 EXIST::FUNCTION:
+COMP_compress_block 1144 EXIST::FUNCTION:COMP
+COMP_expand_block 1145 EXIST::FUNCTION:COMP
+COMP_rle 1146 EXIST::FUNCTION:COMP
+COMP_zlib 1147 EXIST::FUNCTION:COMP
ms_time_diff 1148 NOEXIST::FUNCTION:
ms_time_new 1149 NOEXIST::FUNCTION:
ms_time_free 1150 NOEXIST::FUNCTION:
@@ -1945,7 +1945,7 @@ ENGINE_get_ctrl_function
ENGINE_set_ctrl_function 2522 EXIST::FUNCTION:ENGINE
BN_pseudo_rand_range 2523 EXIST::FUNCTION:
X509_STORE_CTX_set_verify_cb 2524 EXIST::FUNCTION:
-ERR_load_COMP_strings 2525 EXIST::FUNCTION:
+ERR_load_COMP_strings 2525 EXIST::FUNCTION:COMP
PKCS12_item_decrypt_d2i 2526 EXIST::FUNCTION:
ASN1_UTF8STRING_it 2527 EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
ASN1_UTF8STRING_it 2527 EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
@@ -3545,8 +3545,8 @@ X509at_get0_data_by_OBJ
ASN1_TYPE_set1 3932 EXIST::FUNCTION:
ASN1_STRING_set0 3933 EXIST::FUNCTION:
i2d_X509_ALGORS 3934 EXIST::FUNCTION:
-BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION:
-COMP_zlib_cleanup 3936 EXIST::FUNCTION:
+BIO_f_zlib 3935 EXIST:ZLIB:FUNCTION:COMP
+COMP_zlib_cleanup 3936 EXIST::FUNCTION:COMP
d2i_X509_ALGORS 3937 EXIST::FUNCTION:
CMS_ReceiptRequest_free 3938 EXIST::FUNCTION:CMS
PEM_write_CMS 3939 EXIST:!WIN16:FUNCTION:CMS
diff -upr deps/openssl/openssl.old/util/mk1mf.pl deps/openssl/openssl/util/mk1mf.pl
--- deps/openssl/openssl.old/util/mk1mf.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/util/mk1mf.pl 2016-05-03 15:44:42.000000000 +0200
@@ -291,8 +291,9 @@ $cflags.=" -DOPENSSL_FIPS" if $fips;
$cflags.=" -DOPENSSL_NO_JPAKE" if $no_jpake;
$cflags.=" -DOPENSSL_NO_EC2M" if $no_ec2m;
$cflags.=" -DOPENSSL_NO_WEAK_SSL_CIPHERS" if $no_weak_ssl;
-$cflags.= " -DZLIB" if $zlib_opt;
-$cflags.= " -DZLIB_SHARED" if $zlib_opt == 2;
+$cflags.=" -DZLIB" if $zlib_opt;
+$cflags.=" -DZLIB_SHARED" if $zlib_opt == 2;
+$cflags.=" -DOPENSSL_NO_COMP" if $no_comp;
if ($no_static_engine)
{
@@ -850,6 +851,7 @@ sub var_add
return("") if $no_gost && $dir =~ /\/ccgost/;
return("") if $no_cms && $dir =~ /\/cms/;
return("") if $no_jpake && $dir =~ /\/jpake/;
+ return("") if $no_comp && $dir =~ /\/comp/;
if ($no_des && $dir =~ /\/des/)
{
if ($val =~ /read_pwd/)
@@ -1198,6 +1200,7 @@ sub read_options
"nw-mwasm" => \$nw_mwasm,
"gaswin" => \$gaswin,
"no-ssl2" => \$no_ssl2,
+ "no-ssl2-method" => 0,
"no-ssl3" => \$no_ssl3,
"no-ssl3-method" => 0,
"no-tlsext" => \$no_tlsext,
@@ -1242,6 +1245,7 @@ sub read_options
"no-unit-test" => 0,
"no-libunbound" => 0,
"no-multiblock" => 0,
+ "no-comp" => \$no_comp,
"fips" => \$fips
);
@@ -1259,7 +1263,6 @@ sub read_options
}
}
}
- elsif (/^no-comp$/) { $xcflags = "-DOPENSSL_NO_COMP $xcflags"; }
elsif (/^enable-zlib$/) { $zlib_opt = 1 if $zlib_opt == 0 }
elsif (/^enable-zlib-dynamic$/)
{
diff -upr deps/openssl/openssl.old/util/mkdef.pl deps/openssl/openssl/util/mkdef.pl
--- deps/openssl/openssl.old/util/mkdef.pl 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/util/mkdef.pl 2016-05-03 15:44:42.000000000 +0200
@@ -107,6 +107,8 @@ my @known_algorithms = ( "RC2", "RC4", "
"CAPIENG",
# SSL v2
"SSL2",
+ # SSL v2 method
+ "SSL2_METHOD",
# SSL v3 method
"SSL3_METHOD",
# JPAKE
@@ -145,7 +147,7 @@ my $no_fp_api; my $no_static_engine=1; m
my $no_rfc3779; my $no_psk; my $no_tlsext; my $no_cms; my $no_capieng;
my $no_jpake; my $no_srp; my $no_ssl2; my $no_ec2m; my $no_nistp_gcc;
my $no_nextprotoneg; my $no_sctp; my $no_srtp; my $no_ssl_trace;
-my $no_unit_test; my $no_ssl3_method;
+my $no_unit_test; my $no_ssl3_method; my $no_ssl2_method;
my $fips;
@@ -240,6 +242,7 @@ foreach (@ARGV, split(/ /, $options))
elsif (/^no-ec_nistp_64_gcc_128$/) { $no_nistp_gcc=1; }
elsif (/^no-nextprotoneg$/) { $no_nextprotoneg=1; }
elsif (/^no-ssl2$/) { $no_ssl2=1; }
+ elsif (/^no-ssl2-method$/) { $no_ssl2_method=1; }
elsif (/^no-ssl3-method$/) { $no_ssl3_method=1; }
elsif (/^no-ssl-trace$/) { $no_ssl_trace=1; }
elsif (/^no-capieng$/) { $no_capieng=1; }
@@ -1215,6 +1218,7 @@ sub is_valid
if ($keyword eq "EC_NISTP_64_GCC_128" && $no_nistp_gcc)
{ return 0; }
if ($keyword eq "SSL2" && $no_ssl2) { return 0; }
+ if ($keyword eq "SSL2_METHOD" && $no_ssl2_method) { return 0; }
if ($keyword eq "SSL3_METHOD" && $no_ssl3_method) { return 0; }
if ($keyword eq "SSL_TRACE" && $no_ssl_trace) { return 0; }
if ($keyword eq "CAPIENG" && $no_capieng) { return 0; }
diff -upr deps/openssl/openssl.old/util/shlib_wrap.sh deps/openssl/openssl/util/shlib_wrap.sh
--- deps/openssl/openssl.old/util/shlib_wrap.sh 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/util/shlib_wrap.sh 2016-05-03 15:44:42.000000000 +0200
@@ -27,6 +27,15 @@ SunOS|IRIX*)
LD_PRELOAD_64="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_64
preload_var=LD_PRELOAD_64
;;
+ *ELF\ 32*SPARC*|*ELF\ 32*80386*)
+ # We only need to change LD_PRELOAD_32 and LD_LIBRARY_PATH_32
+ # on a multi-arch system. Otherwise, trust the fallbacks.
+ if [ -f /lib/64/ld.so.1 ]; then
+ [ -n "$LD_LIBRARY_PATH_32" ] && rld_var=LD_LIBRARY_PATH_32
+ LD_PRELOAD_32="$LIBCRYPTOSO $LIBSSLSO"; export LD_PRELOAD_32
+ preload_var=LD_PRELOAD_32
+ fi
+ ;;
# Why are newly built .so's preloaded anyway? Because run-time
# .so lookup path embedded into application takes precedence
# over LD_LIBRARY_PATH and as result application ends up linking
diff -upr deps/openssl/openssl.old/util/ssleay.num deps/openssl/openssl/util/ssleay.num
--- deps/openssl/openssl.old/util/ssleay.num 2016-04-26 21:50:10.000000000 +0200
+++ deps/openssl/openssl/util/ssleay.num 2016-05-03 15:46:29.000000000 +0200
@@ -98,9 +98,9 @@ SSLeay_add_ssl_algorithms
SSLv23_client_method 110 EXIST::FUNCTION:RSA
SSLv23_method 111 EXIST::FUNCTION:RSA
SSLv23_server_method 112 EXIST::FUNCTION:RSA
-SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2
-SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2
-SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2
+SSLv2_client_method 113 EXIST::FUNCTION:RSA,SSL2_METHOD
+SSLv2_method 114 EXIST::FUNCTION:RSA,SSL2_METHOD
+SSLv2_server_method 115 EXIST::FUNCTION:RSA,SSL2_METHOD
SSLv3_client_method 116 EXIST::FUNCTION:SSL3_METHOD
SSLv3_method 117 EXIST::FUNCTION:SSL3_METHOD
SSLv3_server_method 118 EXIST::FUNCTION:SSL3_METHOD
View git blame Copy permalink