Skip to content

Commit

Permalink
deps: upgrade openssl sources to 1.0.2l
Browse files Browse the repository at this point in the history
This replaces all sources of openssl-1.0.2l.tar.gz into
deps/openssl/openssl

Fixes: #13161
Backport-PR-URL: #13696
PR-URL: #13233
Reviewed-By: Shigeki Ohtsu <[email protected]>
Reviewed-By: Sam Roberts <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
  • Loading branch information
danbev authored and MylesBorins committed Oct 25, 2017
1 parent 9bfada8 commit 8507f0f
Show file tree
Hide file tree
Showing 215 changed files with 1,770 additions and 39,189 deletions.
6 changes: 6 additions & 0 deletions deps/openssl/openssl/CHANGES
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,12 @@
OpenSSL CHANGES
_______________

Changes between 1.0.2k and 1.0.2l [25 May 2017]

*) Have 'config' recognise 64-bit mingw and choose 'mingw64' as the target
platform rather than 'mingw'.
[Richard Levitte]

Changes between 1.0.2j and 1.0.2k [26 Jan 2017]

*) Truncated packet could crash via OOB read
Expand Down
19 changes: 10 additions & 9 deletions deps/openssl/openssl/Configure
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ my $usage="Usage: Configure [no-<cipher> ...] [enable-<cipher> ...] [experimenta
# Minimum warning options... any contributions to OpenSSL should at least get
# past these.

my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";
my $gcc_devteam_warn = "-Wall -pedantic -DPEDANTIC -Wno-long-long -Wsign-compare -Wmissing-prototypes -Wshadow -Wformat -Wundef -Werror -DCRYPTO_MDEBUG_ALL -DCRYPTO_MDEBUG_ABORT -DREF_CHECK -DOPENSSL_NO_DEPRECATED";

# TODO(openssl-team): fix problems and investigate if (at least) the following
# warnings can also be enabled:
Expand Down Expand Up @@ -2041,12 +2041,13 @@ EOF
close(OUT);
} else {
my $make_command = "$make PERL=\'$perl\'";
my $make_targets = "";
$make_targets .= " links" if $symlink;
$make_targets .= " depend" if $depflags ne $default_depflags && $make_depend;
$make_targets .= " gentests" if $symlink;
(system $make_command.$make_targets) == 0 or exit $?
if $make_targets ne "";
my @make_targets = ();
push @make_targets, "links" if $symlink;
push @make_targets, "depend" if $depflags ne $default_depflags && $make_depend;
push @make_targets, "gentests" if $symlink;
foreach my $make_target (@make_targets) {
(system "$make_command $make_target") == 0 or exit $?;
}
if ( $perl =~ m@^/@) {
&dofile("tools/c_rehash",$perl,'^#!/', '#!%s','^my \$dir;$', 'my $dir = "' . $openssldir . '";', '^my \$prefix;$', 'my $prefix = "' . $prefix . '";');
&dofile("apps/CA.pl",$perl,'^#!/', '#!%s');
Expand All @@ -2056,8 +2057,8 @@ EOF
&dofile("apps/CA.pl",'/usr/local/bin/perl','^#!/', '#!%s');
}
if ($depflags ne $default_depflags && !$make_depend) {
$warn_make_depend++;
}
$warn_make_depend++;
}
}

# create the ms/version32.rc file if needed
Expand Down
4 changes: 2 additions & 2 deletions deps/openssl/openssl/LICENSE
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
LICENSE ISSUES
==============

The OpenSSL toolkit stays under a dual license, i.e. both the conditions of
The OpenSSL toolkit stays under a double license, i.e. both the conditions of
the OpenSSL License and the original SSLeay license apply to the toolkit.
See below for the actual license texts. Actually both licenses are BSD-style
Open Source licenses. In case of any license issues related to OpenSSL
Expand All @@ -12,7 +12,7 @@
---------------

/* ====================================================================
* Copyright (c) 1998-2016 The OpenSSL Project. All rights reserved.
* Copyright (c) 1998-2017 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
Expand Down
10 changes: 9 additions & 1 deletion deps/openssl/openssl/Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.2k
VERSION=1.0.2l
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Expand Down Expand Up @@ -426,6 +426,14 @@ clean: libclean
rm -fr $$i/*; \
done

distclean: clean
-$(RM) `find . -name .git -prune -o -type l -print`
$(RM) apps/CA.pl
$(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
$(RM) tools/c_rehash
$(RM) crypto/opensslconf.h
$(RM) Makefile Makefile.bak

makefile.one: files
$(PERL) util/mk1mf.pl >makefile.one; \
sh util/do_ms.sh
Expand Down
10 changes: 9 additions & 1 deletion deps/openssl/openssl/Makefile.bak
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
## Makefile for OpenSSL
##

VERSION=1.0.2k
VERSION=1.0.2l
MAJOR=1
MINOR=0.2
SHLIB_VERSION_NUMBER=1.0.0
Expand Down Expand Up @@ -426,6 +426,14 @@ clean: libclean
rm -fr $$i/*; \
done

distclean: clean
-$(RM) `find . -name .git -prune -o -type l -print`
$(RM) apps/CA.pl
$(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
$(RM) tools/c_rehash
$(RM) crypto/opensslconf.h
$(RM) Makefile Makefile.bak

makefile.one: files
$(PERL) util/mk1mf.pl >makefile.one; \
sh util/do_ms.sh
Expand Down
8 changes: 8 additions & 0 deletions deps/openssl/openssl/Makefile.org
Original file line number Diff line number Diff line change
Expand Up @@ -424,6 +424,14 @@ clean: libclean
rm -fr $$i/*; \
done

distclean: clean
-$(RM) `find . -name .git -prune -o -type l -print`
$(RM) apps/CA.pl
$(RM) test/evptests.txt test/newkey.pem test/testkey.pem test/testreq.pem
$(RM) tools/c_rehash
$(RM) crypto/opensslconf.h
$(RM) Makefile Makefile.bak

makefile.one: files
$(PERL) util/mk1mf.pl >makefile.one; \
sh util/do_ms.sh
Expand Down
4 changes: 4 additions & 0 deletions deps/openssl/openssl/NEWS
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.

Major changes between OpenSSL 1.0.2k and OpenSSL 1.0.2l [25 May 2017]

o config now recognises 64-bit mingw and chooses mingw64 instead of mingw

Major changes between OpenSSL 1.0.2j and OpenSSL 1.0.2k [26 Jan 2017]

o Truncated packet could crash via OOB read (CVE-2017-3731)
Expand Down
2 changes: 1 addition & 1 deletion deps/openssl/openssl/README
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@

OpenSSL 1.0.2k 26 Jan 2017
OpenSSL 1.0.2l 25 May 2017

Copyright (c) 1998-2015 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
Expand Down
11 changes: 1 addition & 10 deletions deps/openssl/openssl/apps/app_rand.c
Original file line number Diff line number Diff line change
Expand Up @@ -124,16 +124,7 @@ int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn)
char buffer[200];

#ifdef OPENSSL_SYS_WINDOWS
/*
* allocate 2 to dont_warn not to use RAND_screen() via
* -no_rand_screen option in s_client
*/
if (dont_warn != 2) {
BIO_printf(bio_e, "Loading 'screen' into random state -");
BIO_flush(bio_e);
RAND_screen();
BIO_printf(bio_e, " done\n");
}
RAND_screen();
#endif

if (file == NULL)
Expand Down
19 changes: 11 additions & 8 deletions deps/openssl/openssl/apps/ca.c
Original file line number Diff line number Diff line change
Expand Up @@ -2126,22 +2126,23 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
goto err;
}

for (i = 0; i < DB_NUMBER; i++) {
for (i = 0; i < DB_NUMBER; i++)
irow[i] = row[i];
row[i] = NULL;
}
irow[DB_NUMBER] = NULL;

if (!TXT_DB_insert(db->db, irow)) {
BIO_printf(bio_err, "failed to update database\n");
BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
goto err;
}
irow = NULL;
ok = 1;
err:
for (i = 0; i < DB_NUMBER; i++)
if (row[i] != NULL)
if (irow != NULL) {
for (i = 0; i < DB_NUMBER; i++)
OPENSSL_free(row[i]);
OPENSSL_free(irow);
}

if (CAname != NULL)
X509_NAME_free(CAname);
Expand Down Expand Up @@ -2396,18 +2397,20 @@ static int do_revoke(X509 *x509, CA_DB *db, int type, char *value)
goto err;
}

for (i = 0; i < DB_NUMBER; i++) {
for (i = 0; i < DB_NUMBER; i++)
irow[i] = row[i];
row[i] = NULL;
}
irow[DB_NUMBER] = NULL;

if (!TXT_DB_insert(db->db, irow)) {
BIO_printf(bio_err, "failed to update database\n");
BIO_printf(bio_err, "TXT_DB error number %ld\n", db->db->error);
OPENSSL_free(irow);
goto err;
}

for (i = 0; i < DB_NUMBER; i++)
row[i] = NULL;

/* Revoke Certificate */
if (type == -1)
ok = 1;
Expand Down
24 changes: 18 additions & 6 deletions deps/openssl/openssl/apps/dhparam.c
Original file line number Diff line number Diff line change
Expand Up @@ -381,10 +381,19 @@ int MAIN(int argc, char **argv)
} else
# endif
{
if (informat == FORMAT_ASN1)
if (informat == FORMAT_ASN1) {
/*
* We have no PEM header to determine what type of DH params it
* is. We'll just try both.
*/
dh = d2i_DHparams_bio(in, NULL);
else /* informat == FORMAT_PEM */
/* BIO_reset() returns 0 for success for file BIOs only!!! */
if (dh == NULL && BIO_reset(in) == 0)
dh = d2i_DHxparams_bio(in, NULL);
} else {
/* informat == FORMAT_PEM */
dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL);
}

if (dh == NULL) {
BIO_printf(bio_err, "unable to load DH parameters\n");
Expand Down Expand Up @@ -484,10 +493,13 @@ int MAIN(int argc, char **argv)
}

if (!noout) {
if (outformat == FORMAT_ASN1)
i = i2d_DHparams_bio(out, dh);
else if (outformat == FORMAT_PEM) {
if (dh->q)
if (outformat == FORMAT_ASN1) {
if (dh->q != NULL)
i = i2d_DHxparams_bio(out, dh);
else
i = i2d_DHparams_bio(out, dh);
} else if (outformat == FORMAT_PEM) {
if (dh->q != NULL)
i = PEM_write_bio_DHxparams(out, dh);
else
i = PEM_write_bio_DHparams(out, dh);
Expand Down
33 changes: 24 additions & 9 deletions deps/openssl/openssl/apps/enc.c
Original file line number Diff line number Diff line change
Expand Up @@ -81,20 +81,32 @@ int set_hex(char *in, unsigned char *out, int size);
#define BSIZE (8*1024)
#define PROG enc_main

static void show_ciphers(const OBJ_NAME *name, void *bio_)
struct doall_enc_ciphers {
BIO *bio;
int n;
};

static void show_ciphers(const OBJ_NAME *name, void *arg)
{
BIO *bio = bio_;
static int n;
struct doall_enc_ciphers *dec = (struct doall_enc_ciphers *)arg;
const EVP_CIPHER *cipher;

if (!islower((unsigned char)*name->name))
return;

BIO_printf(bio, "-%-25s", name->name);
if (++n == 3) {
BIO_printf(bio, "\n");
n = 0;
/* Filter out ciphers that we cannot use */
cipher = EVP_get_cipherbyname(name->name);
if (cipher == NULL ||
(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) != 0 ||
EVP_CIPHER_mode(cipher) == EVP_CIPH_XTS_MODE)
return;

BIO_printf(dec->bio, "-%-25s", name->name);
if (++dec->n == 3) {
BIO_printf(dec->bio, "\n");
dec->n = 0;
} else
BIO_printf(bio, " ");
BIO_printf(dec->bio, " ");
}

int MAIN(int, char **);
Expand Down Expand Up @@ -130,6 +142,7 @@ int MAIN(int argc, char **argv)
ENGINE *e = NULL;
const EVP_MD *dgst = NULL;
int non_fips_allow = 0;
struct doall_enc_ciphers dec;

apps_startup();

Expand Down Expand Up @@ -311,8 +324,10 @@ int MAIN(int argc, char **argv)
#endif

BIO_printf(bio_err, "Cipher Types\n");
dec.n = 0;
dec.bio = bio_err;
OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
show_ciphers, bio_err);
show_ciphers, &dec);
BIO_printf(bio_err, "\n");

goto end;
Expand Down
9 changes: 6 additions & 3 deletions deps/openssl/openssl/apps/engine.c
Original file line number Diff line number Diff line change
Expand Up @@ -108,13 +108,16 @@ static int append_buf(char **buf, const char *s, int *size, int step)
}

if (strlen(*buf) + strlen(s) >= (unsigned int)*size) {
char *p = *buf;

*size += step;
*buf = OPENSSL_realloc(*buf, *size);
if (*buf == NULL) {
OPENSSL_free(p);
return 0;
}
}

if (*buf == NULL)
return 0;

if (**buf != '\0')
BUF_strlcat(*buf, ", ", *size);
BUF_strlcat(*buf, s, *size);
Expand Down
4 changes: 3 additions & 1 deletion deps/openssl/openssl/apps/pkeyutl.c
Original file line number Diff line number Diff line change
Expand Up @@ -322,8 +322,10 @@ int MAIN(int argc, char **argv)
buf_in, (size_t)buf_inlen);
if (rv == 0)
BIO_puts(out, "Signature Verification Failure\n");
else if (rv == 1)
else if (rv == 1) {
BIO_puts(out, "Signature Verified Successfully\n");
ret = 0;
}
if (rv >= 0)
goto end;
} else {
Expand Down
3 changes: 3 additions & 0 deletions deps/openssl/openssl/apps/prime.c
Original file line number Diff line number Diff line change
Expand Up @@ -155,5 +155,8 @@ int MAIN(int argc, char **argv)
BIO_printf(bio_err, "options are\n");
BIO_printf(bio_err, "%-14s hex\n", "-hex");
BIO_printf(bio_err, "%-14s number of checks\n", "-checks <n>");
BIO_printf(bio_err, "%-14s generate prime\n", "-generate");
BIO_printf(bio_err, "%-14s number of bits\n", "-bits <n>");
BIO_printf(bio_err, "%-14s safe prime\n", "-safe");
return 1;
}
2 changes: 1 addition & 1 deletion deps/openssl/openssl/apps/progs.h
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ extern int srp_main(int argc, char *argv[]);
typedef struct {
int type;
const char *name;
int (*func) (int argc, char *argv[]);
int (*func)(int argc, char *argv[]);
} FUNCTION;
DECLARE_LHASH_OF(FUNCTION);

Expand Down
Loading

0 comments on commit 8507f0f

Please sign in to comment.