Browse Source

openssl: update to 1.0.1e

v0.9.11-release
Fedor Indutny 12 years ago
parent
commit
f317f5aee9
  1. 4
      deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s
  2. 4
      deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s
  3. 4
      deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm
  4. 2
      deps/openssl/asm/x86-elf-gas/aes/aes-586.s
  5. 2
      deps/openssl/asm/x86-macosx-gas/aes/aes-586.s
  6. 2
      deps/openssl/asm/x86-win32-masm/aes/aes-586.asm
  7. 2
      deps/openssl/asm/x86-win32-masm/bf/bf-686.asm
  8. 2
      deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm
  9. 2
      deps/openssl/asm/x86-win32-masm/bn/x86.asm
  10. 2
      deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm
  11. 2
      deps/openssl/asm/x86-win32-masm/cast/cast-586.asm
  12. 2
      deps/openssl/asm/x86-win32-masm/des/crypt586.asm
  13. 2
      deps/openssl/asm/x86-win32-masm/des/des-586.asm
  14. 2
      deps/openssl/asm/x86-win32-masm/md5/md5-586.asm
  15. 2
      deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm
  16. 2
      deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm
  17. 2
      deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm
  18. 2
      deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm
  19. 2
      deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm
  20. 2
      deps/openssl/asm/x86-win32-masm/x86cpuid.asm
  21. 2
      deps/openssl/openssl.gyp
  22. 47
      deps/openssl/openssl/CHANGES
  23. 18
      deps/openssl/openssl/Configure
  24. 4
      deps/openssl/openssl/FAQ
  25. 4
      deps/openssl/openssl/INSTALL.W32
  26. 6
      deps/openssl/openssl/Makefile
  27. 4
      deps/openssl/openssl/Makefile.org
  28. 12
      deps/openssl/openssl/NEWS
  29. 14
      deps/openssl/openssl/PROBLEMS
  30. 4
      deps/openssl/openssl/README
  31. 5
      deps/openssl/openssl/apps/apps.c
  32. 1
      deps/openssl/openssl/apps/ca.c
  33. 4
      deps/openssl/openssl/apps/cms.c
  34. 4
      deps/openssl/openssl/apps/dgst.c
  35. 1
      deps/openssl/openssl/apps/dhparam.c
  36. 9
      deps/openssl/openssl/apps/dsaparam.c
  37. 2
      deps/openssl/openssl/apps/genrsa.c
  38. 128
      deps/openssl/openssl/apps/md4.c
  39. 2
      deps/openssl/openssl/apps/ocsp.c
  40. 6
      deps/openssl/openssl/apps/s_cb.c
  41. 33
      deps/openssl/openssl/apps/s_client.c
  42. 63
      deps/openssl/openssl/apps/s_server.c
  43. 4
      deps/openssl/openssl/apps/speed.c
  44. 30
      deps/openssl/openssl/apps/srp.c
  45. 27
      deps/openssl/openssl/apps/verify.c
  46. 4
      deps/openssl/openssl/apps/x509.c
  47. 4
      deps/openssl/openssl/crypto/aes/asm/aes-586.pl
  48. 20
      deps/openssl/openssl/crypto/aes/asm/aes-mips.pl
  49. 95
      deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl
  50. 7
      deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl
  51. 3
      deps/openssl/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl
  52. 3
      deps/openssl/openssl/crypto/aes/asm/aesni-x86_64.pl
  53. 3
      deps/openssl/openssl/crypto/aes/asm/bsaes-x86_64.pl
  54. 3
      deps/openssl/openssl/crypto/aes/asm/vpaes-x86_64.pl
  55. 2
      deps/openssl/openssl/crypto/asn1/a_strex.c
  56. 6
      deps/openssl/openssl/crypto/asn1/a_verify.c
  57. 5
      deps/openssl/openssl/crypto/asn1/x_pubkey.c
  58. 85
      deps/openssl/openssl/crypto/bio/bss_dgram.c
  59. 2
      deps/openssl/openssl/crypto/bn/asm/mips.pl
  60. 3
      deps/openssl/openssl/crypto/bn/asm/modexp512-x86_64.pl
  61. 2
      deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl
  62. 3
      deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl
  63. 3
      deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl
  64. 2
      deps/openssl/openssl/crypto/bn/bn_div.c
  65. 1
      deps/openssl/openssl/crypto/bn/bn_gcd.c
  66. 11
      deps/openssl/openssl/crypto/bn/bn_lcl.h
  67. 25
      deps/openssl/openssl/crypto/bn/bn_word.c
  68. 3
      deps/openssl/openssl/crypto/camellia/asm/cmll-x86_64.pl
  69. 2
      deps/openssl/openssl/crypto/cms/cms_cd.c
  70. 2
      deps/openssl/openssl/crypto/cms/cms_enc.c
  71. 2
      deps/openssl/openssl/crypto/cms/cms_lib.c
  72. 1
      deps/openssl/openssl/crypto/conf/conf_mall.c
  73. 16
      deps/openssl/openssl/crypto/cryptlib.c
  74. 2
      deps/openssl/openssl/crypto/cryptlib.h
  75. 2
      deps/openssl/openssl/crypto/crypto-lib.com
  76. 11
      deps/openssl/openssl/crypto/crypto.h
  77. 3
      deps/openssl/openssl/crypto/des/set_key.c
  78. 2
      deps/openssl/openssl/crypto/des/str2key.c
  79. 28
      deps/openssl/openssl/crypto/ec/ec.h
  80. 13
      deps/openssl/openssl/crypto/ec/ec_key.c
  81. 2
      deps/openssl/openssl/crypto/ec/ec_pmeth.c
  82. 1
      deps/openssl/openssl/crypto/ec/ecp_mont.c
  83. 2
      deps/openssl/openssl/crypto/ec/ectest.c
  84. 17
      deps/openssl/openssl/crypto/ecdh/Makefile
  85. 3
      deps/openssl/openssl/crypto/ecdh/ech_key.c
  86. 11
      deps/openssl/openssl/crypto/ecdh/ech_lib.c
  87. 11
      deps/openssl/openssl/crypto/ecdsa/ecs_lib.c
  88. 19
      deps/openssl/openssl/crypto/err/err_all.c
  89. 55
      deps/openssl/openssl/crypto/evp/Makefile
  90. 1
      deps/openssl/openssl/crypto/evp/digest.c
  91. 5
      deps/openssl/openssl/crypto/evp/e_aes.c
  92. 216
      deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c
  93. 15
      deps/openssl/openssl/crypto/evp/evp.h
  94. 125
      deps/openssl/openssl/crypto/evp/evp_cnf.c
  95. 6
      deps/openssl/openssl/crypto/evp/evp_err.c
  96. 2
      deps/openssl/openssl/crypto/evp/m_dss.c
  97. 2
      deps/openssl/openssl/crypto/evp/m_dss1.c
  98. 2
      deps/openssl/openssl/crypto/evp/m_sha1.c
  99. 2
      deps/openssl/openssl/crypto/evp/p_sign.c
  100. 2
      deps/openssl/openssl/crypto/evp/p_verify.c

4
deps/openssl/asm/x64-elf-gas/aes/aes-x86_64.s

@ -1335,8 +1335,8 @@ AES_cbc_encrypt:
jb .Lcbc_slow_prologue jb .Lcbc_slow_prologue
testq $15,%rdx testq $15,%rdx
jnz .Lcbc_slow_prologue jnz .Lcbc_slow_prologue
btl $28,%r10d
jc .Lcbc_slow_prologue
leaq -88-248(%rsp),%r15 leaq -88-248(%rsp),%r15

4
deps/openssl/asm/x64-macosx-gas/aes/aes-x86_64.s

@ -1335,8 +1335,8 @@ L$cbc_picked_te:
jb L$cbc_slow_prologue jb L$cbc_slow_prologue
testq $15,%rdx testq $15,%rdx
jnz L$cbc_slow_prologue jnz L$cbc_slow_prologue
btl $28,%r10d
jc L$cbc_slow_prologue
leaq -88-248(%rsp),%r15 leaq -88-248(%rsp),%r15

4
deps/openssl/asm/x64-win32-masm/aes/aes-x86_64.asm

@ -1395,8 +1395,8 @@ $L$cbc_picked_te::
jb $L$cbc_slow_prologue jb $L$cbc_slow_prologue
test rdx,15 test rdx,15
jnz $L$cbc_slow_prologue jnz $L$cbc_slow_prologue
bt r10d,28
jc $L$cbc_slow_prologue
lea r15,QWORD PTR[((-88-248))+rsp] lea r15,QWORD PTR[((-88-248))+rsp]

2
deps/openssl/asm/x86-elf-gas/aes/aes-586.s

@ -2252,6 +2252,8 @@ AES_cbc_encrypt:
jb .L015slow_way jb .L015slow_way
testl $15,%ecx testl $15,%ecx
jnz .L015slow_way jnz .L015slow_way
btl $28,(%eax)
jc .L015slow_way
leal -324(%esp),%esi leal -324(%esp),%esi
andl $-64,%esi andl $-64,%esi
movl %ebp,%eax movl %ebp,%eax

2
deps/openssl/asm/x86-macosx-gas/aes/aes-586.s

@ -2219,6 +2219,8 @@ L014picked_te:
jb L015slow_way jb L015slow_way
testl $15,%ecx testl $15,%ecx
jnz L015slow_way jnz L015slow_way
btl $28,(%eax)
jc L015slow_way
leal -324(%esp),%esi leal -324(%esp),%esi
andl $-64,%esi andl $-64,%esi
movl %ebp,%eax movl %ebp,%eax

2
deps/openssl/asm/x86-win32-masm/aes/aes-586.asm

@ -2241,6 +2241,8 @@ $L014picked_te:
jb $L015slow_way jb $L015slow_way
test ecx,15 test ecx,15
jnz $L015slow_way jnz $L015slow_way
bt DWORD PTR [eax],28
jc $L015slow_way
lea esi,DWORD PTR [esp-324] lea esi,DWORD PTR [esp-324]
and esi,-64 and esi,-64
mov eax,ebp mov eax,ebp

2
deps/openssl/asm/x86-win32-masm/bf/bf-686.asm

@ -2,7 +2,7 @@ TITLE bf-686.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/bn/x86-mont.asm

@ -2,7 +2,7 @@ TITLE ../openssl/crypto/bn/asm/x86-mont.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/bn/x86.asm

@ -2,7 +2,7 @@ TITLE ../openssl/crypto/bn/asm/x86.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/camellia/cmll-x86.asm

@ -2,7 +2,7 @@ TITLE cmll-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/cast/cast-586.asm

@ -2,7 +2,7 @@ TITLE cast-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/des/crypt586.asm

@ -2,7 +2,7 @@ TITLE crypt586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/des/des-586.asm

@ -2,7 +2,7 @@ TITLE des-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/md5/md5-586.asm

@ -2,7 +2,7 @@ TITLE ../openssl/crypto/md5/asm/md5-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/rc5/rc5-586.asm

@ -2,7 +2,7 @@ TITLE rc5-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/ripemd/rmd-586.asm

@ -2,7 +2,7 @@ TITLE ../openssl/crypto/ripemd/asm/rmd-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/sha/sha1-586.asm

@ -2,7 +2,7 @@ TITLE sha1-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/sha/sha256-586.asm

@ -2,7 +2,7 @@ TITLE sha512-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/sha/sha512-586.asm

@ -2,7 +2,7 @@ TITLE sha512-586.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/asm/x86-win32-masm/x86cpuid.asm

@ -2,7 +2,7 @@ TITLE x86cpuid.asm
IF @Version LT 800 IF @Version LT 800
ECHO MASM version 8.00 or later is strongly recommended. ECHO MASM version 8.00 or later is strongly recommended.
ENDIF ENDIF
.686 .486
.MODEL FLAT .MODEL FLAT
OPTION DOTNAME OPTION DOTNAME
IF @Version LT 800 IF @Version LT 800

2
deps/openssl/openssl.gyp

@ -47,6 +47,7 @@
'openssl/ssl/s3_meth.c', 'openssl/ssl/s3_meth.c',
'openssl/ssl/s3_pkt.c', 'openssl/ssl/s3_pkt.c',
'openssl/ssl/s3_srvr.c', 'openssl/ssl/s3_srvr.c',
'openssl/ssl/s3_cbc.c',
'openssl/ssl/ssl_algs.c', 'openssl/ssl/ssl_algs.c',
'openssl/ssl/ssl_asn1.c', 'openssl/ssl/ssl_asn1.c',
'openssl/ssl/ssl_cert.c', 'openssl/ssl/ssl_cert.c',
@ -386,6 +387,7 @@
'openssl/crypto/evp/e_xcbc_d.c', 'openssl/crypto/evp/e_xcbc_d.c',
'openssl/crypto/evp/encode.c', 'openssl/crypto/evp/encode.c',
'openssl/crypto/evp/evp_acnf.c', 'openssl/crypto/evp/evp_acnf.c',
'openssl/crypto/evp/evp_cnf.c',
'openssl/crypto/evp/evp_enc.c', 'openssl/crypto/evp/evp_enc.c',
'openssl/crypto/evp/evp_err.c', 'openssl/crypto/evp/evp_err.c',
'openssl/crypto/evp/evp_fips.c', 'openssl/crypto/evp/evp_fips.c',

47
deps/openssl/openssl/CHANGES

@ -2,6 +2,53 @@
OpenSSL CHANGES OpenSSL CHANGES
_______________ _______________
Changes between 1.0.1d and 1.0.1e [11 Feb 2013]
*)
Changes between 1.0.1c and 1.0.1d [5 Feb 2013]
*) Make the decoding of SSLv3, TLS and DTLS CBC records constant time.
This addresses the flaw in CBC record processing discovered by
Nadhem Alfardan and Kenny Paterson. Details of this attack can be found
at: http://www.isg.rhul.ac.uk/tls/
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
Security Group at Royal Holloway, University of London
(www.isg.rhul.ac.uk) for discovering this flaw and Adam Langley and
Emilia Käsper for the initial patch.
(CVE-2013-0169)
[Emilia Käsper, Adam Langley, Ben Laurie, Andy Polyakov, Steve Henson]
*) Fix flaw in AESNI handling of TLS 1.2 and 1.1 records for CBC mode
ciphersuites which can be exploited in a denial of service attack.
Thanks go to and to Adam Langley <agl@chromium.org> for discovering
and detecting this bug and to Wolfgang Ettlinger
<wolfgang.ettlinger@gmail.com> for independently discovering this issue.
(CVE-2012-2686)
[Adam Langley]
*) Return an error when checking OCSP signatures when key is NULL.
This fixes a DoS attack. (CVE-2013-0166)
[Steve Henson]
*) Make openssl verify return errors.
[Chris Palmer <palmer@google.com> and Ben Laurie]
*) Call OCSP Stapling callback after ciphersuite has been chosen, so
the right response is stapled. Also change SSL_get_certificate()
so it returns the certificate actually sent.
See http://rt.openssl.org/Ticket/Display.html?id=2836.
[Rob Stradling <rob.stradling@comodo.com>]
*) Fix possible deadlock when decoding public keys.
[Steve Henson]
*) Don't use TLS 1.0 record version number in initial client hello
if renegotiating.
[Steve Henson]
Changes between 1.0.1b and 1.0.1c [10 May 2012] Changes between 1.0.1b and 1.0.1c [10 May 2012]
*) Sanity check record length before skipping explicit IV in TLS *) Sanity check record length before skipping explicit IV in TLS

18
deps/openssl/openssl/Configure

@ -171,20 +171,22 @@ my %table=(
"debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", "debug-ben-openbsd","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::", "debug-ben-openbsd-debug","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DPEDANTIC -DDEBUG_SAFESTACK -DOPENSSL_OPENBSD_DEV_CRYPTO -DOPENSSL_NO_ASM -g3 -O2 -pedantic -Wall -Wshadow -Werror -pipe::(unknown)::::",
"debug-ben-debug", "gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::", "debug-ben-debug", "gcc44:$gcc_devteam_warn -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O2 -pipe::(unknown)::::::",
"debug-ben-debug-64", "gcc:$gcc_devteam_warn -Wno-error=overlength-strings -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -g3 -O3 -pipe::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-ben-macos", "cc:$gcc_devteam_warn -arch i386 -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::-Wl,-search_paths_first::::", "debug-ben-macos", "cc:$gcc_devteam_warn -arch i386 -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::-Wl,-search_paths_first::::",
"debug-ben-macos-gcc46", "gcc-mp-4.6:$gcc_devteam_warn -Wconversion -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::", "debug-ben-macos-gcc46", "gcc-mp-4.6:$gcc_devteam_warn -Wconversion -DBN_DEBUG -DCONF_DEBUG -DDEBUG_SAFESTACK -DDEBUG_UNUSED -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -O3 -DL_ENDIAN -g3 -pipe::(unknown)::::::",
"debug-ben-darwin64","cc:$gcc_devteam_warn -Wno-language-extension-token -Wno-extended-offsetof -arch x86_64 -O3 -DL_ENDIAN -Wall::-D_REENTRANT:MACOSX:-Wl,-search_paths_first%:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL:".eval{my $asm=$x86_64_asm;$asm=~s/rc4\-[^:]+//;$asm}.":macosx:dlfcn:darwin-shared:-fPIC -fno-common:-arch x86_64 -dynamiclib:.\$(SHLIB_MAJOR).\$(SHLIB_MINOR).dylib",
"debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::", "debug-ben-no-opt", "gcc: -Wall -Wmissing-prototypes -Wstrict-prototypes -Wmissing-declarations -DDEBUG_SAFESTACK -DCRYPTO_MDEBUG -Werror -DL_ENDIAN -DTERMIOS -Wall -g3::(unknown)::::::",
"debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::", "debug-ben-strict", "gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DCONST_STRICT -O2 -Wall -Wshadow -Werror -Wpointer-arith -Wcast-qual -Wwrite-strings -pipe::(unknown)::::::",
"debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}", "debug-rse","cc:-DTERMIOS -DL_ENDIAN -pipe -O -g -ggdb3 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}",
"debug-bodo", "gcc:$gcc_devteam_warn -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64", "debug-bodo", "gcc:$gcc_devteam_warn -DBN_DEBUG -DBN_DEBUG_RAND -DCONF_DEBUG -DBIO_PAIR_DEBUG -m64 -DL_ENDIAN -DTERMIO -g -DMD32_REG_T=int::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::64",
"debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll", "debug-ulf", "gcc:-DTERMIOS -DL_ENDIAN -march=i486 -Wall -DBN_DEBUG -DBN_DEBUG_RAND -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations:::CYGWIN32:::${no_asm}:win32:cygwin-shared:::.dll",
"debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-steve64", "gcc:$gcc_devteam_warn -m64 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -Wno-overlength-strings -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-steve32", "gcc:$gcc_devteam_warn -m32 -DL_ENDIAN -DCONF_DEBUG -DDEBUG_SAFESTACK -g -pipe::-D_REENTRANT::-rdynamic -ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC:-m32:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-steve-opt", "gcc:$gcc_devteam_warn -m64 -O3 -DL_ENDIAN -DTERMIO -DCONF_DEBUG -DDEBUG_SAFESTACK -g::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_UNROLL:${x86_64_asm}:elf:dlfcn:linux-shared:-fPIC:-m64:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-levitte-linux-elf","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-levitte-linux-noasm","gcc:-DLEVITTE_DEBUG -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DCRYPTO_MDEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -ggdb -g3 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-levitte-linux-elf-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -D_POSIX_SOURCE -DPEDANTIC -ggdb -g3 -mcpu=i486 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-levitte-linux-noasm-extreme","gcc:-DLEVITTE_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_DEBUG -DBN_DEBUG_RAND -DCRYPTO_MDEBUG -DENGINE_CONF_DEBUG -DOPENSSL_NO_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -ggdb -g3 -pedantic -ansi -Wall -W -Wundef -Wshadow -Wcast-align -Wstrict-prototypes -Wmissing-prototypes -Wno-long-long -Wundef -Wconversion -pipe::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-geoff32","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:BN_LLONG:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-geoff64","gcc:-DBN_DEBUG -DBN_DEBUG_RAND -DBN_STRICT -DPURIFY -DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_ASM -DOPENSSL_NO_INLINE_ASM -DL_ENDIAN -DTERMIO -DPEDANTIC -O1 -ggdb2 -Wall -Werror -Wundef -pedantic -Wshadow -Wpointer-arith -Wbad-function-cast -Wcast-align -Wsign-compare -Wmissing-prototypes -Wmissing-declarations -Wno-long-long::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn", "debug-linux-pentium","gcc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn",
@ -243,7 +245,7 @@ my %table=(
"solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris-sparcv7-cc","cc:-xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${no_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris-sparcv8-cc","cc:-xarch=v8 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "solaris-sparcv9-cc","cc:-xtarget=ultra -xarch=v8plus -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):/usr/ccs/bin/ar rs::/64", "solaris64-sparcv9-cc","cc:-xtarget=ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-xarch=v9 -G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR):::/64",
#### ####
"debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-solaris-sparcv8-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xarch=v8 -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT::-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv8_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
"debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", "debug-solaris-sparcv9-cc","cc:-DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG_ALL -xtarget=ultra -xarch=v8plus -g -O -xstrconst -Xa -DB_ENDIAN -DBN_DIV2W::-D_REENTRANT:ULTRASPARC:-lsocket -lnsl -ldl:BN_LLONG RC4_CHAR RC4_CHUNK_LL DES_PTR DES_RISC1 DES_UNROLL BF_PTR:${sparcv9_asm}:dlfcn:solaris-shared:-KPIC:-G -dy -z text:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
@ -464,8 +466,8 @@ my %table=(
"aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64", "aix64-gcc","gcc:-maix64 -O -DB_ENDIAN::-pthread:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-maix64 -shared -Wl,-G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X64",
# Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE # Below targets assume AIX 5. Idea is to effectively disregard $OBJECT_MODE
# at build time. $OBJECT_MODE is respected at ./config stage! # at build time. $OBJECT_MODE is respected at ./config stage!
"aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32", "aix-cc", "cc:-q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::BN_LLONG RC4_CHAR:${ppc32_asm}:aix32:dlfcn:aix-shared::-q32 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 32",
"aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64", "aix64-cc", "cc:-q64 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroconst::-qthreaded -D_THREAD_SAFE:AIX::SIXTY_FOUR_BIT_LONG RC4_CHAR:${ppc64_asm}:aix64:dlfcn:aix-shared::-q64 -G:.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)::-X 64",
# #
# Cray T90 and similar (SDSC) # Cray T90 and similar (SDSC)

4
deps/openssl/openssl/FAQ

@ -83,11 +83,11 @@ OpenSSL - Frequently Asked Questions
* Which is the current version of OpenSSL? * Which is the current version of OpenSSL?
The current version is available from <URL: http://www.openssl.org>. The current version is available from <URL: http://www.openssl.org>.
OpenSSL 1.0.1c was released on May 10th, 2012. OpenSSL 1.0.1e was released on Feb 11th, 2013.
In addition to the current stable release, you can also access daily In addition to the current stable release, you can also access daily
snapshots of the OpenSSL development version at <URL: snapshots of the OpenSSL development version at <URL:
ftp://ftp.openssl.org/snapshot/>, or get it by anonymous CVS access. ftp://ftp.openssl.org/snapshot/>, or get it by anonymous Git access.
* Where is the documentation? * Where is the documentation?

4
deps/openssl/openssl/INSTALL.W32

@ -29,7 +29,7 @@
is required if you intend to utilize assembler modules. Note that NASM is required if you intend to utilize assembler modules. Note that NASM
is now the only supported assembler. is now the only supported assembler.
If you are compiling from a tarball or a CVS snapshot then the Win32 files If you are compiling from a tarball or a Git snapshot then the Win32 files
may well be not up to date. This may mean that some "tweaking" is required to may well be not up to date. This may mean that some "tweaking" is required to
get it all to work. See the trouble shooting section later on for if (when?) get it all to work. See the trouble shooting section later on for if (when?)
it goes wrong. it goes wrong.
@ -257,7 +257,7 @@
then ms\do_XXX should not give a warning any more. However the numbers that then ms\do_XXX should not give a warning any more. However the numbers that
get assigned by this technique may not match those that eventually get get assigned by this technique may not match those that eventually get
assigned in the CVS tree: so anything linked against this version of the assigned in the Git tree: so anything linked against this version of the
library may need to be recompiled. library may need to be recompiled.
If you get errors about unresolved symbols there are several possible If you get errors about unresolved symbols there are several possible

6
deps/openssl/openssl/Makefile

@ -4,7 +4,7 @@
## Makefile for OpenSSL ## Makefile for OpenSSL
## ##
VERSION=1.0.1c VERSION=1.0.1e
MAJOR=1 MAJOR=1
MINOR=0.1 MINOR=0.1
SHLIB_VERSION_NUMBER=1.0.0 SHLIB_VERSION_NUMBER=1.0.0
@ -71,7 +71,7 @@ RANLIB= /usr/bin/ranlib
NM= nm NM= nm
PERL= /usr/bin/perl PERL= /usr/bin/perl
TAR= tar TAR= tar
TARFLAGS= --no-recursion TARFLAGS= --no-recursion --record-size=10240
MAKEDEPPROG=makedepend MAKEDEPPROG=makedepend
LIBDIR=lib LIBDIR=lib
@ -446,7 +446,7 @@ rehash.time: certs apps
[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \ OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \ export OPENSSL OPENSSL_DEBUG_MEMORY; \
$(PERL) tools/c_rehash certs) && \ $(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \ touch rehash.time; \
else :; fi else :; fi

4
deps/openssl/openssl/Makefile.org

@ -69,7 +69,7 @@ RANLIB= ranlib
NM= nm NM= nm
PERL= perl PERL= perl
TAR= tar TAR= tar
TARFLAGS= --no-recursion TARFLAGS= --no-recursion --record-size=10240
MAKEDEPPROG=makedepend MAKEDEPPROG=makedepend
LIBDIR=lib LIBDIR=lib
@ -444,7 +444,7 @@ rehash.time: certs apps
[ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \ [ -x "apps/openssl.exe" ] && OPENSSL="apps/openssl.exe" || :; \
OPENSSL_DEBUG_MEMORY=on; \ OPENSSL_DEBUG_MEMORY=on; \
export OPENSSL OPENSSL_DEBUG_MEMORY; \ export OPENSSL OPENSSL_DEBUG_MEMORY; \
$(PERL) tools/c_rehash certs) && \ $(PERL) tools/c_rehash certs/demo) && \
touch rehash.time; \ touch rehash.time; \
else :; fi else :; fi

12
deps/openssl/openssl/NEWS

@ -5,6 +5,18 @@
This file gives a brief overview of the major changes between each OpenSSL This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file. release. For more details please read the CHANGES file.
Major changes between OpenSSL 1.0.1d and OpenSSL 1.0.1e:
o Corrected fix for CVE-2013-0169
Major changes between OpenSSL 1.0.1c and OpenSSL 1.0.1d:
o Fix renegotiation in TLS 1.1, 1.2 by using the correct TLS version.
o Include the fips configuration module.
o Fix OCSP bad key DoS attack CVE-2013-0166
o Fix for SSL/TLS/DTLS CBC plaintext recovery attack CVE-2013-0169
o Fix for TLS AESNI record handling flaw CVE-2012-2686
Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c: Major changes between OpenSSL 1.0.1b and OpenSSL 1.0.1c:
o Fix TLS/DTLS record length checking bug CVE-2012-2333 o Fix TLS/DTLS record length checking bug CVE-2012-2333

14
deps/openssl/openssl/PROBLEMS

@ -197,3 +197,17 @@ reconfigure with additional no-sse2 [or 386] option passed to ./config.
We don't have framework to associate -ldl with no-dso, therefore the only We don't have framework to associate -ldl with no-dso, therefore the only
way is to edit Makefile right after ./config no-dso and remove -ldl from way is to edit Makefile right after ./config no-dso and remove -ldl from
EX_LIBS line. EX_LIBS line.
* hpux-parisc2-cc no-asm build fails with SEGV in ECDSA/DH.
Compiler bug, presumably at particular patch level. Remaining
hpux*-parisc*-cc configurations can be affected too. Drop optimization
level to +O2 when compiling bn_nist.o.
* solaris64-sparcv9-cc link failure
Solaris 8 ar can fail to maintain symbol table in .a, which results in
link failures. Apply 109147-09 or later or modify Makefile generated
by ./Configure solaris64-sparcv9-cc and replace RANLIB assignment with
RANLIB= /usr/ccs/bin/ar rs

4
deps/openssl/openssl/README

@ -1,5 +1,5 @@
OpenSSL 1.0.1c 10 May 2012 OpenSSL 1.0.1e 11 Feb 2013
Copyright (c) 1998-2011 The OpenSSL Project Copyright (c) 1998-2011 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
@ -190,7 +190,7 @@
reason as to why that feature isn't implemented. reason as to why that feature isn't implemented.
Patches should be as up to date as possible, preferably relative to the Patches should be as up to date as possible, preferably relative to the
current CVS or the last snapshot. They should follow the coding style of current Git or the last snapshot. They should follow the coding style of
OpenSSL and compile without warnings. Some of the core team developer targets OpenSSL and compile without warnings. Some of the core team developer targets
can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL can be used for testing purposes, (debug-steve64, debug-geoff etc). OpenSSL
compiles on many varied platforms: try to ensure you only use portable compiles on many varied platforms: try to ensure you only use portable

5
deps/openssl/openssl/apps/apps.c

@ -2132,7 +2132,7 @@ X509_NAME *parse_name(char *subject, long chtype, int multirdn)
X509_NAME *n = NULL; X509_NAME *n = NULL;
int nid; int nid;
if (!buf || !ne_types || !ne_values) if (!buf || !ne_types || !ne_values || !mval)
{ {
BIO_printf(bio_err, "malloc error\n"); BIO_printf(bio_err, "malloc error\n");
goto error; goto error;
@ -2236,6 +2236,7 @@ X509_NAME *parse_name(char *subject, long chtype, int multirdn)
OPENSSL_free(ne_values); OPENSSL_free(ne_values);
OPENSSL_free(ne_types); OPENSSL_free(ne_types);
OPENSSL_free(buf); OPENSSL_free(buf);
OPENSSL_free(mval);
return n; return n;
error: error:
@ -2244,6 +2245,8 @@ error:
OPENSSL_free(ne_values); OPENSSL_free(ne_values);
if (ne_types) if (ne_types)
OPENSSL_free(ne_types); OPENSSL_free(ne_types);
if (mval)
OPENSSL_free(mval);
if (buf) if (buf)
OPENSSL_free(buf); OPENSSL_free(buf);
return NULL; return NULL;

1
deps/openssl/openssl/apps/ca.c

@ -1408,6 +1408,7 @@ bad:
if (!NCONF_get_number(conf,section, if (!NCONF_get_number(conf,section,
ENV_DEFAULT_CRL_HOURS, &crlhours)) ENV_DEFAULT_CRL_HOURS, &crlhours))
crlhours = 0; crlhours = 0;
ERR_clear_error();
} }
if ((crldays == 0) && (crlhours == 0) && (crlsec == 0)) if ((crldays == 0) && (crlhours == 0) && (crlsec == 0))
{ {

4
deps/openssl/openssl/apps/cms.c

@ -233,6 +233,8 @@ int MAIN(int argc, char **argv)
else if (!strcmp(*args,"-camellia256")) else if (!strcmp(*args,"-camellia256"))
cipher = EVP_camellia_256_cbc(); cipher = EVP_camellia_256_cbc();
#endif #endif
else if (!strcmp (*args, "-debug_decrypt"))
flags |= CMS_DEBUG_DECRYPT;
else if (!strcmp (*args, "-text")) else if (!strcmp (*args, "-text"))
flags |= CMS_TEXT; flags |= CMS_TEXT;
else if (!strcmp (*args, "-nointern")) else if (!strcmp (*args, "-nointern"))
@ -1039,6 +1041,8 @@ int MAIN(int argc, char **argv)
ret = 4; ret = 4;
if (operation == SMIME_DECRYPT) if (operation == SMIME_DECRYPT)
{ {
if (flags & CMS_DEBUG_DECRYPT)
CMS_decrypt(cms, NULL, NULL, NULL, NULL, flags);
if (secret_key) if (secret_key)
{ {

4
deps/openssl/openssl/apps/dgst.c

@ -216,10 +216,10 @@ int MAIN(int argc, char **argv)
out_bin = 1; out_bin = 1;
else if (strcmp(*argv,"-d") == 0) else if (strcmp(*argv,"-d") == 0)
debug=1; debug=1;
else if (strcmp(*argv,"-non-fips-allow") == 0)
non_fips_allow=1;
else if (!strcmp(*argv,"-fips-fingerprint")) else if (!strcmp(*argv,"-fips-fingerprint"))
hmac_key = "etaonrishdlcupfm"; hmac_key = "etaonrishdlcupfm";
else if (strcmp(*argv,"-non-fips-allow") == 0)
non_fips_allow=1;
else if (!strcmp(*argv,"-hmac")) else if (!strcmp(*argv,"-hmac"))
{ {
if (--argc < 1) if (--argc < 1)

1
deps/openssl/openssl/apps/dhparam.c

@ -332,7 +332,6 @@ bad:
BIO_printf(bio_err,"This is going to take a long time\n"); BIO_printf(bio_err,"This is going to take a long time\n");
if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb)) if(!dh || !DH_generate_parameters_ex(dh, num, g, &cb))
{ {
if(dh) DH_free(dh);
ERR_print_errors(bio_err); ERR_print_errors(bio_err);
goto end; goto end;
} }

9
deps/openssl/openssl/apps/dsaparam.c

@ -326,6 +326,7 @@ bad:
goto end; goto end;
} }
#endif #endif
ERR_print_errors(bio_err);
BIO_printf(bio_err,"Error, DSA key generation failed\n"); BIO_printf(bio_err,"Error, DSA key generation failed\n");
goto end; goto end;
} }
@ -429,13 +430,19 @@ bad:
assert(need_rand); assert(need_rand);
if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end; if ((dsakey=DSAparams_dup(dsa)) == NULL) goto end;
if (!DSA_generate_key(dsakey)) goto end; if (!DSA_generate_key(dsakey))
{
ERR_print_errors(bio_err);
DSA_free(dsakey);
goto end;
}
if (outformat == FORMAT_ASN1) if (outformat == FORMAT_ASN1)
i=i2d_DSAPrivateKey_bio(out,dsakey); i=i2d_DSAPrivateKey_bio(out,dsakey);
else if (outformat == FORMAT_PEM) else if (outformat == FORMAT_PEM)
i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL); i=PEM_write_bio_DSAPrivateKey(out,dsakey,NULL,NULL,0,NULL,NULL);
else { else {
BIO_printf(bio_err,"bad output format specified for outfile\n"); BIO_printf(bio_err,"bad output format specified for outfile\n");
DSA_free(dsakey);
goto end; goto end;
} }
DSA_free(dsakey); DSA_free(dsakey);

2
deps/openssl/openssl/apps/genrsa.c

@ -78,7 +78,7 @@
#include <openssl/pem.h> #include <openssl/pem.h>
#include <openssl/rand.h> #include <openssl/rand.h>
#define DEFBITS 512 #define DEFBITS 1024
#undef PROG #undef PROG
#define PROG genrsa_main #define PROG genrsa_main

128
deps/openssl/openssl/apps/md4.c

@ -1 +1,127 @@
#include "../crypto/md4/md4.c" /* crypto/md4/md4.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
* This package is an SSL implementation written
* by Eric Young (eay@cryptsoft.com).
* The implementation was written so as to conform with Netscapes SSL.
*
* This library is free for commercial and non-commercial use as long as
* the following conditions are aheared to. The following conditions
* apply to all code found in this distribution, be it the RC4, RSA,
* lhash, DES, etc., code; not just the SSL code. The SSL documentation
* included with this distribution is covered by the same copyright terms
* except that the holder is Tim Hudson (tjh@cryptsoft.com).
*
* Copyright remains Eric Young's, and as such any Copyright notices in
* the code are not to be removed.
* If this package is used in a product, Eric Young should be given attribution
* as the author of the parts of the library used.
* This can be in the form of a textual message at program startup or
* in documentation (online or textual) provided with the package.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* "This product includes cryptographic software written by
* Eric Young (eay@cryptsoft.com)"
* The word 'cryptographic' can be left out if the rouines from the library
* being used are not cryptographic related :-).
* 4. If you include any Windows specific code (or a derivative thereof) from
* the apps directory (application code) you must include an acknowledgement:
* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
*
* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* The licence and distribution terms for any publically available version or
* derivative of this code cannot be changed. i.e. this code cannot simply be
* copied and put under another distribution licence
* [including the GNU Public Licence.]
*/
#include <stdio.h>
#include <stdlib.h>
#include <openssl/md4.h>
#define BUFSIZE 1024*16
void do_fp(FILE *f);
void pt(unsigned char *md);
#if !defined(_OSD_POSIX) && !defined(__DJGPP__)
int read(int, void *, unsigned int);
#endif
int main(int argc, char **argv)
{
int i,err=0;
FILE *IN;
if (argc == 1)
{
do_fp(stdin);
}
else
{
for (i=1; i<argc; i++)
{
IN=fopen(argv[i],"r");
if (IN == NULL)
{
perror(argv[i]);
err++;
continue;
}
printf("MD4(%s)= ",argv[i]);
do_fp(IN);
fclose(IN);
}
}
exit(err);
}
void do_fp(FILE *f)
{
MD4_CTX c;
unsigned char md[MD4_DIGEST_LENGTH];
int fd;
int i;
static unsigned char buf[BUFSIZE];
fd=fileno(f);
MD4_Init(&c);
for (;;)
{
i=read(fd,buf,sizeof buf);
if (i <= 0) break;
MD4_Update(&c,buf,(unsigned long)i);
}
MD4_Final(&(md[0]),&c);
pt(md);
}
void pt(unsigned char *md)
{
int i;
for (i=0; i<MD4_DIGEST_LENGTH; i++)
printf("%02x",md[i]);
printf("\n");
}

2
deps/openssl/openssl/apps/ocsp.c

@ -617,7 +617,7 @@ int MAIN(int argc, char **argv)
BIO_printf (bio_err, "-ndays n number of days before next update\n"); BIO_printf (bio_err, "-ndays n number of days before next update\n");
BIO_printf (bio_err, "-resp_key_id identify reponse by signing certificate key ID\n"); BIO_printf (bio_err, "-resp_key_id identify reponse by signing certificate key ID\n");
BIO_printf (bio_err, "-nrequest n number of requests to accept (default unlimited)\n"); BIO_printf (bio_err, "-nrequest n number of requests to accept (default unlimited)\n");
BIO_printf (bio_err, "-<dgst alg> use specified digest in the request"); BIO_printf (bio_err, "-<dgst alg> use specified digest in the request\n");
goto end; goto end;
} }

6
deps/openssl/openssl/apps/s_cb.c

@ -237,8 +237,8 @@ int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file)
/* If we are using DSA, we can copy the parameters from /* If we are using DSA, we can copy the parameters from
* the private key */ * the private key */
/* Now we know that a key and cert have been set against /* Now we know that a key and cert have been set against
* the SSL context */ * the SSL context */
if (!SSL_CTX_check_private_key(ctx)) if (!SSL_CTX_check_private_key(ctx))
@ -436,6 +436,8 @@ void MS_CALLBACK msg_cb(int write_p, int version, int content_type, const void *
if (version == SSL3_VERSION || if (version == SSL3_VERSION ||
version == TLS1_VERSION || version == TLS1_VERSION ||
version == TLS1_1_VERSION ||
version == TLS1_2_VERSION ||
version == DTLS1_VERSION || version == DTLS1_VERSION ||
version == DTLS1_BAD_VER) version == DTLS1_BAD_VER)
{ {

33
deps/openssl/openssl/apps/s_client.c

@ -357,13 +357,14 @@ static void sc_usage(void)
BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n"); BIO_printf(bio_err," -tlsextdebug - hex dump of all TLS extensions received\n");
BIO_printf(bio_err," -status - request certificate status from server\n"); BIO_printf(bio_err," -status - request certificate status from server\n");
BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n"); BIO_printf(bio_err," -no_ticket - disable use of RFC4507bis session tickets\n");
# if !defined(OPENSSL_NO_NEXTPROTONEG) # ifndef OPENSSL_NO_NEXTPROTONEG
BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n"); BIO_printf(bio_err," -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)\n");
# endif # endif
BIO_printf(bio_err," -cutthrough - enable 1-RTT full-handshake for strong ciphers\n");
#endif #endif
BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n"); BIO_printf(bio_err," -legacy_renegotiation - enable use of legacy renegotiation (dangerous)\n");
#ifndef OPENSSL_NO_SRTP
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
#endif
BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
} }
@ -503,7 +504,9 @@ static char * MS_CALLBACK ssl_give_srp_client_pwd_cb(SSL *s, void *arg)
} }
#endif #endif
#ifndef OPENSSL_NO_SRTP
char *srtp_profiles = NULL; char *srtp_profiles = NULL;
#endif
# ifndef OPENSSL_NO_NEXTPROTONEG # ifndef OPENSSL_NO_NEXTPROTONEG
/* This the context that we pass to next_proto_cb */ /* This the context that we pass to next_proto_cb */
@ -537,7 +540,7 @@ static int next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, con
ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len); ctx->status = SSL_select_next_proto(out, outlen, in, inlen, ctx->data, ctx->len);
return SSL_TLSEXT_ERR_OK; return SSL_TLSEXT_ERR_OK;
} }
# endif # endif /* ndef OPENSSL_NO_NEXTPROTONEG */
#endif #endif
enum enum
@ -574,7 +577,6 @@ int MAIN(int argc, char **argv)
EVP_PKEY *key = NULL; EVP_PKEY *key = NULL;
char *CApath=NULL,*CAfile=NULL,*cipher=NULL; char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0; int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
int cutthrough=0;
int crlf=0; int crlf=0;
int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending; int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
SSL_CTX *ctx=NULL; SSL_CTX *ctx=NULL;
@ -881,8 +883,6 @@ int MAIN(int argc, char **argv)
} }
# endif # endif
#endif #endif
else if (strcmp(*argv,"-cutthrough") == 0)
cutthrough=1;
else if (strcmp(*argv,"-serverpref") == 0) else if (strcmp(*argv,"-serverpref") == 0)
off|=SSL_OP_CIPHER_SERVER_PREFERENCE; off|=SSL_OP_CIPHER_SERVER_PREFERENCE;
else if (strcmp(*argv,"-legacy_renegotiation") == 0) else if (strcmp(*argv,"-legacy_renegotiation") == 0)
@ -949,11 +949,13 @@ int MAIN(int argc, char **argv)
jpake_secret = *++argv; jpake_secret = *++argv;
} }
#endif #endif
#ifndef OPENSSL_NO_SRTP
else if (strcmp(*argv,"-use_srtp") == 0) else if (strcmp(*argv,"-use_srtp") == 0)
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
srtp_profiles = *(++argv); srtp_profiles = *(++argv);
} }
#endif
else if (strcmp(*argv,"-keymatexport") == 0) else if (strcmp(*argv,"-keymatexport") == 0)
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
@ -1134,6 +1136,8 @@ bad:
BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n"); BIO_printf(bio_c_out, "PSK key given or JPAKE in use, setting client callback\n");
SSL_CTX_set_psk_client_callback(ctx, psk_client_cb); SSL_CTX_set_psk_client_callback(ctx, psk_client_cb);
} }
#endif
#ifndef OPENSSL_NO_SRTP
if (srtp_profiles != NULL) if (srtp_profiles != NULL)
SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
#endif #endif
@ -1149,15 +1153,6 @@ bad:
*/ */
if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1); if (socket_type == SOCK_DGRAM) SSL_CTX_set_read_ahead(ctx, 1);
/* Enable handshake cutthrough for client connections using
* strong ciphers. */
if (cutthrough)
{
int ssl_mode = SSL_CTX_get_mode(ctx);
ssl_mode |= SSL_MODE_HANDSHAKE_CUTTHROUGH;
SSL_CTX_set_mode(ctx, ssl_mode);
}
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
if (next_proto.data) if (next_proto.data)
SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto); SSL_CTX_set_next_proto_select_cb(ctx, next_proto_cb, &next_proto);
@ -1903,6 +1898,10 @@ end:
print_stuff(bio_c_out,con,1); print_stuff(bio_c_out,con,1);
SSL_free(con); SSL_free(con);
} }
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
if (next_proto.data)
OPENSSL_free(next_proto.data);
#endif
if (ctx != NULL) SSL_CTX_free(ctx); if (ctx != NULL) SSL_CTX_free(ctx);
if (cert) if (cert)
X509_free(cert); X509_free(cert);
@ -1910,6 +1909,8 @@ end:
EVP_PKEY_free(key); EVP_PKEY_free(key);
if (pass) if (pass)
OPENSSL_free(pass); OPENSSL_free(pass);
if (vpm)
X509_VERIFY_PARAM_free(vpm);
if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); }
if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); }
if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); }
@ -2074,6 +2075,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
} }
#endif #endif
#ifndef OPENSSL_NO_SRTP
{ {
SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s); SRTP_PROTECTION_PROFILE *srtp_profile=SSL_get_selected_srtp_profile(s);
@ -2081,6 +2083,7 @@ static void print_stuff(BIO *bio, SSL *s, int full)
BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n", BIO_printf(bio,"SRTP Extension negotiated, profile=%s\n",
srtp_profile->name); srtp_profile->name);
} }
#endif
SSL_SESSION_print(bio,SSL_get_session(s)); SSL_SESSION_print(bio,SSL_get_session(s));
if (keymatexportlabel != NULL) if (keymatexportlabel != NULL)

63
deps/openssl/openssl/apps/s_server.c

@ -556,7 +556,9 @@ static void sv_usage(void)
# ifndef OPENSSL_NO_NEXTPROTONEG # ifndef OPENSSL_NO_NEXTPROTONEG
BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n"); BIO_printf(bio_err," -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)\n");
# endif # endif
# ifndef OPENSSL_NO_SRTP
BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n"); BIO_printf(bio_err," -use_srtp profiles - Offer SRTP key management with a colon-separated profile list\n");
# endif
#endif #endif
BIO_printf(bio_err," -keymatexport label - Export keying material using label\n"); BIO_printf(bio_err," -keymatexport label - Export keying material using label\n");
BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n"); BIO_printf(bio_err," -keymatexportlen len - Export len bytes of keying material (default 20)\n");
@ -923,7 +925,9 @@ static char *jpake_secret = NULL;
#ifndef OPENSSL_NO_SRP #ifndef OPENSSL_NO_SRP
static srpsrvparm srp_callback_parm; static srpsrvparm srp_callback_parm;
#endif #endif
#ifndef OPENSSL_NO_SRTP
static char *srtp_profiles = NULL; static char *srtp_profiles = NULL;
#endif
int MAIN(int argc, char *argv[]) int MAIN(int argc, char *argv[])
{ {
@ -1206,13 +1210,13 @@ int MAIN(int argc, char *argv[])
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
srp_verifier_file = *(++argv); srp_verifier_file = *(++argv);
meth=TLSv1_server_method(); meth = TLSv1_server_method();
} }
else if (strcmp(*argv, "-srpuserseed") == 0) else if (strcmp(*argv, "-srpuserseed") == 0)
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
srpuserseed = *(++argv); srpuserseed = *(++argv);
meth=TLSv1_server_method(); meth = TLSv1_server_method();
} }
#endif #endif
else if (strcmp(*argv,"-www") == 0) else if (strcmp(*argv,"-www") == 0)
@ -1319,11 +1323,13 @@ int MAIN(int argc, char *argv[])
jpake_secret = *(++argv); jpake_secret = *(++argv);
} }
#endif #endif
#ifndef OPENSSL_NO_SRTP
else if (strcmp(*argv,"-use_srtp") == 0) else if (strcmp(*argv,"-use_srtp") == 0)
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
srtp_profiles = *(++argv); srtp_profiles = *(++argv);
} }
#endif
else if (strcmp(*argv,"-keymatexport") == 0) else if (strcmp(*argv,"-keymatexport") == 0)
{ {
if (--argc < 1) goto bad; if (--argc < 1) goto bad;
@ -1431,25 +1437,24 @@ bad:
goto end; goto end;
} }
} }
# ifndef OPENSSL_NO_NEXTPROTONEG
if (next_proto_neg_in)
{
unsigned short len;
next_proto.data = next_protos_parse(&len,
next_proto_neg_in);
if (next_proto.data == NULL)
goto end;
next_proto.len = len;
}
else
{
next_proto.data = NULL;
}
# endif
#endif #endif
} }
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
if (next_proto_neg_in)
{
unsigned short len;
next_proto.data = next_protos_parse(&len, next_proto_neg_in);
if (next_proto.data == NULL)
goto end;
next_proto.len = len;
}
else
{
next_proto.data = NULL;
}
#endif
if (s_dcert_file) if (s_dcert_file)
{ {
@ -1550,8 +1555,10 @@ bad:
else else
SSL_CTX_sess_set_cache_size(ctx,128); SSL_CTX_sess_set_cache_size(ctx,128);
#ifndef OPENSSL_NO_SRTP
if (srtp_profiles != NULL) if (srtp_profiles != NULL)
SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles); SSL_CTX_set_tlsext_use_srtp(ctx, srtp_profiles);
#endif
#if 0 #if 0
if (cipher == NULL) cipher=getenv("SSL_CIPHER"); if (cipher == NULL) cipher=getenv("SSL_CIPHER");
@ -1730,7 +1737,7 @@ bad:
} }
#endif #endif
if (!set_cert_key_stuff(ctx,s_cert,s_key)) if (!set_cert_key_stuff(ctx, s_cert, s_key))
goto end; goto end;
#ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_TLSEXT
if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2)) if (ctx2 && !set_cert_key_stuff(ctx2,s_cert2,s_key2))
@ -1738,7 +1745,7 @@ bad:
#endif #endif
if (s_dcert != NULL) if (s_dcert != NULL)
{ {
if (!set_cert_key_stuff(ctx,s_dcert,s_dkey)) if (!set_cert_key_stuff(ctx, s_dcert, s_dkey))
goto end; goto end;
} }
@ -1893,7 +1900,15 @@ end:
OPENSSL_free(pass); OPENSSL_free(pass);
if (dpass) if (dpass)
OPENSSL_free(dpass); OPENSSL_free(dpass);
if (vpm)
X509_VERIFY_PARAM_free(vpm);
#ifndef OPENSSL_NO_TLSEXT #ifndef OPENSSL_NO_TLSEXT
if (tlscstatp.host)
OPENSSL_free(tlscstatp.host);
if (tlscstatp.port)
OPENSSL_free(tlscstatp.port);
if (tlscstatp.path)
OPENSSL_free(tlscstatp.path);
if (ctx2 != NULL) SSL_CTX_free(ctx2); if (ctx2 != NULL) SSL_CTX_free(ctx2);
if (s_cert2) if (s_cert2)
X509_free(s_cert2); X509_free(s_cert2);
@ -2433,6 +2448,7 @@ static int init_ssl_connection(SSL *con)
BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf); BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
str=SSL_CIPHER_get_name(SSL_get_current_cipher(con)); str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)"); BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
#if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG) #if !defined(OPENSSL_NO_TLSEXT) && !defined(OPENSSL_NO_NEXTPROTONEG)
SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len); SSL_get0_next_proto_negotiated(con, &next_proto_neg, &next_proto_neg_len);
if (next_proto_neg) if (next_proto_neg)
@ -2442,6 +2458,7 @@ static int init_ssl_connection(SSL *con)
BIO_printf(bio_s_out, "\n"); BIO_printf(bio_s_out, "\n");
} }
#endif #endif
#ifndef OPENSSL_NO_SRTP
{ {
SRTP_PROTECTION_PROFILE *srtp_profile SRTP_PROTECTION_PROFILE *srtp_profile
= SSL_get_selected_srtp_profile(con); = SSL_get_selected_srtp_profile(con);
@ -2450,6 +2467,7 @@ static int init_ssl_connection(SSL *con)
BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n", BIO_printf(bio_s_out,"SRTP Extension negotiated, profile=%s\n",
srtp_profile->name); srtp_profile->name);
} }
#endif
if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n"); if (SSL_cache_hit(con)) BIO_printf(bio_s_out,"Reused session-id\n");
if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) & if (SSL_ctrl(con,SSL_CTRL_GET_FLAGS,0,NULL) &
TLS1_FLAGS_TLS_PADDING_BUG) TLS1_FLAGS_TLS_PADDING_BUG)
@ -2701,6 +2719,11 @@ static int www_body(char *hostname, int s, unsigned char *context)
} }
BIO_puts(io,"\n"); BIO_puts(io,"\n");
BIO_printf(io,
"Secure Renegotiation IS%s supported\n",
SSL_get_secure_renegotiation_support(con) ?
"" : " NOT");
/* The following is evil and should not really /* The following is evil and should not really
* be done */ * be done */
BIO_printf(io,"Ciphers supported in s_server binary\n"); BIO_printf(io,"Ciphers supported in s_server binary\n");

4
deps/openssl/openssl/apps/speed.c

@ -254,7 +254,7 @@ static const char *names[ALGOR_NUM]={
"aes-128 cbc","aes-192 cbc","aes-256 cbc", "aes-128 cbc","aes-192 cbc","aes-256 cbc",
"camellia-128 cbc","camellia-192 cbc","camellia-256 cbc", "camellia-128 cbc","camellia-192 cbc","camellia-256 cbc",
"evp","sha256","sha512","whirlpool", "evp","sha256","sha512","whirlpool",
"aes-128 ige","aes-192 ige","aes-256 ige","ghash"}; "aes-128 ige","aes-192 ige","aes-256 ige","ghash" };
static double results[ALGOR_NUM][SIZE_NUM]; static double results[ALGOR_NUM][SIZE_NUM];
static int lengths[SIZE_NUM]={16,64,256,1024,8*1024}; static int lengths[SIZE_NUM]={16,64,256,1024,8*1024};
#ifndef OPENSSL_NO_RSA #ifndef OPENSSL_NO_RSA
@ -299,7 +299,7 @@ static SIGRETTYPE sig_done(int sig)
#if defined(_WIN32) #if defined(_WIN32)
#if !defined(SIGALRM) #if !defined(SIGALRM)
#define SIGALRM # define SIGALRM
#endif #endif
static unsigned int lapse,schlock; static unsigned int lapse,schlock;
static void alarm_win32(unsigned int secs) { lapse = secs*1000; } static void alarm_win32(unsigned int secs) { lapse = secs*1000; }

30
deps/openssl/openssl/apps/srp.c

@ -125,13 +125,13 @@ static int get_index(CA_DB *db, char* id, char type)
if (type == DB_SRP_INDEX) if (type == DB_SRP_INDEX)
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{ {
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i); pp = sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id, pp[DB_srpid])) if (pp[DB_srptype][0] == DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
return i; return i;
} }
else for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) else for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{ {
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i); pp = sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] != DB_SRP_INDEX && !strcmp(id,pp[DB_srpid])) if (pp[DB_srptype][0] != DB_SRP_INDEX && !strcmp(id,pp[DB_srpid]))
return i; return i;
@ -145,7 +145,7 @@ static void print_entry(CA_DB *db, BIO *bio, int indx, int verbose, char *s)
if (indx >= 0 && verbose) if (indx >= 0 && verbose)
{ {
int j; int j;
char **pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, indx); char **pp = sk_OPENSSL_PSTRING_value(db->db->data, indx);
BIO_printf(bio, "%s \"%s\"\n", s, pp[DB_srpid]); BIO_printf(bio, "%s \"%s\"\n", s, pp[DB_srpid]);
for (j = 0; j < DB_NUMBER; j++) for (j = 0; j < DB_NUMBER; j++)
{ {
@ -163,7 +163,7 @@ static void print_user(CA_DB *db, BIO *bio, int userindex, int verbose)
{ {
if (verbose > 0) if (verbose > 0)
{ {
char **pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex); char **pp = sk_OPENSSL_PSTRING_value(db->db->data,userindex);
if (pp[DB_srptype][0] != 'I') if (pp[DB_srptype][0] != 'I')
{ {
@ -517,7 +517,7 @@ bad:
/* Lets check some fields */ /* Lets check some fields */
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{ {
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i); pp = sk_OPENSSL_PSTRING_value(db->db->data, i);
if (pp[DB_srptype][0] == DB_SRP_INDEX) if (pp[DB_srptype][0] == DB_SRP_INDEX)
{ {
@ -533,8 +533,8 @@ bad:
if (gNindex >= 0) if (gNindex >= 0)
{ {
gNrow = (char **)sk_OPENSSL_PSTRING_value(db->db->data, gNindex); gNrow = sk_OPENSSL_PSTRING_value(db->db->data,gNindex);
print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N") ; print_entry(db, bio_err, gNindex, verbose > 1, "Default g and N");
} }
else if (maxgN > 0 && !SRP_get_default_gN(gN)) else if (maxgN > 0 && !SRP_get_default_gN(gN))
{ {
@ -587,7 +587,7 @@ bad:
if (userindex >= 0) if (userindex >= 0)
{ {
/* reactivation of a new user */ /* reactivation of a new user */
char **row = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex); char **row = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
BIO_printf(bio_err, "user \"%s\" reactivated.\n", user); BIO_printf(bio_err, "user \"%s\" reactivated.\n", user);
row[DB_srptype][0] = 'V'; row[DB_srptype][0] = 'V';
@ -634,7 +634,7 @@ bad:
else else
{ {
char **row = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex); char **row = sk_OPENSSL_PSTRING_value(db->db->data, userindex);
char type = row[DB_srptype][0]; char type = row[DB_srptype][0];
if (type == 'v') if (type == 'v')
{ {
@ -664,9 +664,9 @@ bad:
if (!(gNid=srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:NULL, gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose))) if (!(gNid=srp_create_user(user,&(row[DB_srpverifier]), &(row[DB_srpsalt]),gNrow?gNrow[DB_srpsalt]:NULL, gNrow?gNrow[DB_srpverifier]:NULL, passout, bio_err,verbose)))
{ {
BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned.\n", user); BIO_printf(bio_err, "Cannot create srp verifier for user \"%s\", operation abandoned.\n", user);
errors++; errors++;
goto err; goto err;
} }
row[DB_srptype][0] = 'v'; row[DB_srptype][0] = 'v';
@ -689,7 +689,7 @@ bad:
} }
else else
{ {
char **xpp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, userindex); char **xpp = sk_OPENSSL_PSTRING_value(db->db->data,userindex);
BIO_printf(bio_err, "user \"%s\" revoked. t\n", user); BIO_printf(bio_err, "user \"%s\" revoked. t\n", user);
xpp[DB_srptype][0] = 'R'; xpp[DB_srptype][0] = 'R';
@ -714,7 +714,7 @@ bad:
/* Lets check some fields */ /* Lets check some fields */
for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++) for (i = 0; i < sk_OPENSSL_PSTRING_num(db->db->data); i++)
{ {
pp = (char **)sk_OPENSSL_PSTRING_value(db->db->data, i); pp = sk_OPENSSL_PSTRING_value(db->db->data,i);
if (pp[DB_srptype][0] == 'v') if (pp[DB_srptype][0] == 'v')
{ {

27
deps/openssl/openssl/apps/verify.c

@ -222,11 +222,19 @@ int MAIN(int argc, char **argv)
goto end; goto end;
} }
if (argc < 1) check(cert_ctx, NULL, untrusted, trusted, crls, e); ret = 0;
if (argc < 1)
{
if (1 != check(cert_ctx, NULL, untrusted, trusted, crls, e))
ret = -1;
}
else else
{
for (i=0; i<argc; i++) for (i=0; i<argc; i++)
check(cert_ctx,argv[i], untrusted, trusted, crls, e); if (1 != check(cert_ctx,argv[i], untrusted, trusted, crls, e))
ret=0; ret = -1;
}
end: end:
if (ret == 1) { if (ret == 1) {
BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]"); BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] [-purpose purpose] [-crl_check]");
@ -235,13 +243,16 @@ end:
BIO_printf(bio_err," [-engine e]"); BIO_printf(bio_err," [-engine e]");
#endif #endif
BIO_printf(bio_err," cert1 cert2 ...\n"); BIO_printf(bio_err," cert1 cert2 ...\n");
BIO_printf(bio_err,"recognized usages:\n"); BIO_printf(bio_err,"recognized usages:\n");
for(i = 0; i < X509_PURPOSE_get_count(); i++) { for(i = 0; i < X509_PURPOSE_get_count(); i++)
{
X509_PURPOSE *ptmp; X509_PURPOSE *ptmp;
ptmp = X509_PURPOSE_get0(i); ptmp = X509_PURPOSE_get0(i);
BIO_printf(bio_err, "\t%-10s\t%s\n", X509_PURPOSE_get0_sname(ptmp), BIO_printf(bio_err, "\t%-10s\t%s\n",
X509_PURPOSE_get0_name(ptmp)); X509_PURPOSE_get0_sname(ptmp),
} X509_PURPOSE_get0_name(ptmp));
}
} }
if (vpm) X509_VERIFY_PARAM_free(vpm); if (vpm) X509_VERIFY_PARAM_free(vpm);
if (cert_ctx != NULL) X509_STORE_free(cert_ctx); if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
@ -249,7 +260,7 @@ end:
sk_X509_pop_free(trusted, X509_free); sk_X509_pop_free(trusted, X509_free);
sk_X509_CRL_pop_free(crls, X509_CRL_free); sk_X509_CRL_pop_free(crls, X509_CRL_free);
apps_shutdown(); apps_shutdown();
OPENSSL_EXIT(ret); OPENSSL_EXIT(ret < 0 ? 2 : ret);
} }
static int check(X509_STORE *ctx, char *file, static int check(X509_STORE *ctx, char *file,

4
deps/openssl/openssl/apps/x509.c

@ -288,7 +288,7 @@ int MAIN(int argc, char **argv)
days=atoi(*(++argv)); days=atoi(*(++argv));
if (days == 0) if (days == 0)
{ {
BIO_printf(STDout,"bad number of days\n"); BIO_printf(bio_err,"bad number of days\n");
goto bad; goto bad;
} }
} }
@ -912,7 +912,7 @@ bad:
} }
else if (text == i) else if (text == i)
{ {
X509_print_ex(out,x,nmflag, certflag); X509_print_ex(STDout,x,nmflag, certflag);
} }
else if (startdate == i) else if (startdate == i)
{ {

4
deps/openssl/openssl/crypto/aes/asm/aes-586.pl

@ -2054,8 +2054,8 @@ my $mark=&DWP(76+240,"esp"); # copy of aes_key->rounds
&test ($s2,15); &test ($s2,15);
&jnz (&label("slow_way")); &jnz (&label("slow_way"));
if (!$x86only) { if (!$x86only) {
#&bt (&DWP(0,$s0),28); # check for hyper-threading bit &bt (&DWP(0,$s0),28); # check for hyper-threading bit
#&jc (&label("slow_way")); &jc (&label("slow_way"));
} }
# pre-allocate aligned stack frame... # pre-allocate aligned stack frame...
&lea ($acc,&DWP(-80-244,"esp")); &lea ($acc,&DWP(-80-244,"esp"));

20
deps/openssl/openssl/crypto/aes/asm/aes-mips.pl

@ -1036,9 +1036,9 @@ _mips_AES_set_encrypt_key:
nop nop
.end _mips_AES_set_encrypt_key .end _mips_AES_set_encrypt_key
.globl AES_set_encrypt_key .globl private_AES_set_encrypt_key
.ent AES_set_encrypt_key .ent private_AES_set_encrypt_key
AES_set_encrypt_key: private_AES_set_encrypt_key:
.frame $sp,$FRAMESIZE,$ra .frame $sp,$FRAMESIZE,$ra
.mask $SAVED_REGS_MASK,-$SZREG .mask $SAVED_REGS_MASK,-$SZREG
.set noreorder .set noreorder
@ -1060,7 +1060,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
___ ___
$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
.cplocal $Tbl .cplocal $Tbl
.cpsetup $pf,$zero,AES_set_encrypt_key .cpsetup $pf,$zero,private_AES_set_encrypt_key
___ ___
$code.=<<___; $code.=<<___;
.set reorder .set reorder
@ -1083,7 +1083,7 @@ ___
$code.=<<___; $code.=<<___;
jr $ra jr $ra
$PTR_ADD $sp,$FRAMESIZE $PTR_ADD $sp,$FRAMESIZE
.end AES_set_encrypt_key .end private_AES_set_encrypt_key
___ ___
my ($head,$tail)=($inp,$bits); my ($head,$tail)=($inp,$bits);
@ -1091,9 +1091,9 @@ my ($tp1,$tp2,$tp4,$tp8,$tp9,$tpb,$tpd,$tpe)=($a4,$a5,$a6,$a7,$s0,$s1,$s2,$s3);
my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2); my ($m,$x80808080,$x7f7f7f7f,$x1b1b1b1b)=($at,$t0,$t1,$t2);
$code.=<<___; $code.=<<___;
.align 5 .align 5
.globl AES_set_decrypt_key .globl private_AES_set_decrypt_key
.ent AES_set_decrypt_key .ent private_AES_set_decrypt_key
AES_set_decrypt_key: private_AES_set_decrypt_key:
.frame $sp,$FRAMESIZE,$ra .frame $sp,$FRAMESIZE,$ra
.mask $SAVED_REGS_MASK,-$SZREG .mask $SAVED_REGS_MASK,-$SZREG
.set noreorder .set noreorder
@ -1115,7 +1115,7 @@ $code.=<<___ if ($flavour =~ /nubi/i); # optimize non-nubi prologue
___ ___
$code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification $code.=<<___ if ($flavour !~ /o32/i); # non-o32 PIC-ification
.cplocal $Tbl .cplocal $Tbl
.cpsetup $pf,$zero,AES_set_decrypt_key .cpsetup $pf,$zero,private_AES_set_decrypt_key
___ ___
$code.=<<___; $code.=<<___;
.set reorder .set reorder
@ -1226,7 +1226,7 @@ ___
$code.=<<___; $code.=<<___;
jr $ra jr $ra
$PTR_ADD $sp,$FRAMESIZE $PTR_ADD $sp,$FRAMESIZE
.end AES_set_decrypt_key .end private_AES_set_decrypt_key
___ ___
}}} }}}

95
deps/openssl/openssl/crypto/aes/asm/aes-s390x.pl

@ -1598,11 +1598,11 @@ $code.=<<___ if(1);
lghi $s1,0x7f lghi $s1,0x7f
nr $s1,%r0 nr $s1,%r0
lghi %r0,0 # query capability vector lghi %r0,0 # query capability vector
la %r1,2*$SIZE_T($sp) la %r1,$tweak-16($sp)
.long 0xb92e0042 # km %r4,%r2 .long 0xb92e0042 # km %r4,%r2
llihh %r1,0x8000 llihh %r1,0x8000
srlg %r1,%r1,32($s1) # check for 32+function code srlg %r1,%r1,32($s1) # check for 32+function code
ng %r1,2*$SIZE_T($sp) ng %r1,$tweak-16($sp)
lgr %r0,$s0 # restore the function code lgr %r0,$s0 # restore the function code
la %r1,0($key1) # restore $key1 la %r1,0($key1) # restore $key1
jz .Lxts_km_vanilla jz .Lxts_km_vanilla
@ -1628,7 +1628,7 @@ $code.=<<___ if(1);
lrvg $s0,$tweak+0($sp) # load the last tweak lrvg $s0,$tweak+0($sp) # load the last tweak
lrvg $s1,$tweak+8($sp) lrvg $s1,$tweak+8($sp)
stmg %r0,%r3,$tweak-32(%r1) # wipe copy of the key stmg %r0,%r3,$tweak-32($sp) # wipe copy of the key
nill %r0,0xffdf # switch back to original function code nill %r0,0xffdf # switch back to original function code
la %r1,0($key1) # restore pointer to $key1 la %r1,0($key1) # restore pointer to $key1
@ -1684,11 +1684,9 @@ $code.=<<___;
lghi $i1,0x87 lghi $i1,0x87
srag $i2,$s1,63 # broadcast upper bit srag $i2,$s1,63 # broadcast upper bit
ngr $i1,$i2 # rem ngr $i1,$i2 # rem
srlg $i2,$s0,63 # carry bit from lower half algr $s0,$s0
sllg $s0,$s0,1 alcgr $s1,$s1
sllg $s1,$s1,1
xgr $s0,$i1 xgr $s0,$i1
ogr $s1,$i2
.Lxts_km_start: .Lxts_km_start:
lrvgr $i1,$s0 # flip byte order lrvgr $i1,$s0 # flip byte order
lrvgr $i2,$s1 lrvgr $i2,$s1
@ -1745,11 +1743,9 @@ $code.=<<___;
lghi $i1,0x87 lghi $i1,0x87
srag $i2,$s1,63 # broadcast upper bit srag $i2,$s1,63 # broadcast upper bit
ngr $i1,$i2 # rem ngr $i1,$i2 # rem
srlg $i2,$s0,63 # carry bit from lower half algr $s0,$s0
sllg $s0,$s0,1 alcgr $s1,$s1
sllg $s1,$s1,1
xgr $s0,$i1 xgr $s0,$i1
ogr $s1,$i2
ltr $len,$len # clear zero flag ltr $len,$len # clear zero flag
br $ra br $ra
@ -1781,8 +1777,8 @@ $code.=<<___ if (!$softonly);
clr %r0,%r1 clr %r0,%r1
jl .Lxts_enc_software jl .Lxts_enc_software
st${g} $ra,5*$SIZE_T($sp)
stm${g} %r6,$s3,6*$SIZE_T($sp) stm${g} %r6,$s3,6*$SIZE_T($sp)
st${g} $ra,14*$SIZE_T($sp)
sllg $len,$len,4 # $len&=~15 sllg $len,$len,4 # $len&=~15
slgr $out,$inp slgr $out,$inp
@ -1830,9 +1826,9 @@ $code.=<<___ if (!$softonly);
stg $i2,8($i3) stg $i2,8($i3)
.Lxts_enc_km_done: .Lxts_enc_km_done:
l${g} $ra,14*$SIZE_T($sp) stg $sp,$tweak+0($sp) # wipe tweak
st${g} $sp,$tweak($sp) # wipe tweak stg $sp,$tweak+8($sp)
st${g} $sp,$tweak($sp) l${g} $ra,5*$SIZE_T($sp)
lm${g} %r6,$s3,6*$SIZE_T($sp) lm${g} %r6,$s3,6*$SIZE_T($sp)
br $ra br $ra
.align 16 .align 16
@ -1843,12 +1839,11 @@ $code.=<<___;
slgr $out,$inp slgr $out,$inp
xgr $s0,$s0 # clear upper half l${g} $s3,$stdframe($sp) # ivp
xgr $s1,$s1 llgf $s0,0($s3) # load iv
lrv $s0,$stdframe+4($sp) # load secno llgf $s1,4($s3)
lrv $s1,$stdframe+0($sp) llgf $s2,8($s3)
xgr $s2,$s2 llgf $s3,12($s3)
xgr $s3,$s3
stm${g} %r2,%r5,2*$SIZE_T($sp) stm${g} %r2,%r5,2*$SIZE_T($sp)
la $key,0($key2) la $key,0($key2)
larl $tbl,AES_Te larl $tbl,AES_Te
@ -1864,11 +1859,9 @@ $code.=<<___;
lghi %r1,0x87 lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half algr $s1,$s1
sllg $s1,$s1,1 alcgr $s3,$s3
sllg $s3,$s3,1
xgr $s1,%r1 xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3 lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits srlg $s0,$s1,32 # smash the tweak to 4x32-bits
@ -1917,11 +1910,9 @@ $code.=<<___;
lghi %r1,0x87 lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half algr $s1,$s1
sllg $s1,$s1,1 alcgr $s3,$s3
sllg $s3,$s3,1
xgr $s1,%r1 xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3 lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits srlg $s0,$s1,32 # smash the tweak to 4x32-bits
@ -1956,7 +1947,8 @@ $code.=<<___;
.size AES_xts_encrypt,.-AES_xts_encrypt .size AES_xts_encrypt,.-AES_xts_encrypt
___ ___
# void AES_xts_decrypt(const char *inp,char *out,size_t len, # void AES_xts_decrypt(const char *inp,char *out,size_t len,
# const AES_KEY *key1, const AES_KEY *key2,u64 secno); # const AES_KEY *key1, const AES_KEY *key2,
# const unsigned char iv[16]);
# #
$code.=<<___; $code.=<<___;
.globl AES_xts_decrypt .globl AES_xts_decrypt
@ -1988,8 +1980,8 @@ $code.=<<___ if (!$softonly);
clr %r0,%r1 clr %r0,%r1
jl .Lxts_dec_software jl .Lxts_dec_software
st${g} $ra,5*$SIZE_T($sp)
stm${g} %r6,$s3,6*$SIZE_T($sp) stm${g} %r6,$s3,6*$SIZE_T($sp)
st${g} $ra,14*$SIZE_T($sp)
nill $len,0xfff0 # $len&=~15 nill $len,0xfff0 # $len&=~15
slgr $out,$inp slgr $out,$inp
@ -2028,11 +2020,9 @@ $code.=<<___ if (!$softonly);
lghi $i1,0x87 lghi $i1,0x87
srag $i2,$s1,63 # broadcast upper bit srag $i2,$s1,63 # broadcast upper bit
ngr $i1,$i2 # rem ngr $i1,$i2 # rem
srlg $i2,$s0,63 # carry bit from lower half algr $s0,$s0
sllg $s0,$s0,1 alcgr $s1,$s1
sllg $s1,$s1,1
xgr $s0,$i1 xgr $s0,$i1
ogr $s1,$i2
lrvgr $i1,$s0 # flip byte order lrvgr $i1,$s0 # flip byte order
lrvgr $i2,$s1 lrvgr $i2,$s1
@ -2075,9 +2065,9 @@ $code.=<<___ if (!$softonly);
stg $s2,0($i3) stg $s2,0($i3)
stg $s3,8($i3) stg $s3,8($i3)
.Lxts_dec_km_done: .Lxts_dec_km_done:
l${g} $ra,14*$SIZE_T($sp) stg $sp,$tweak+0($sp) # wipe tweak
st${g} $sp,$tweak($sp) # wipe tweak stg $sp,$tweak+8($sp)
st${g} $sp,$tweak($sp) l${g} $ra,5*$SIZE_T($sp)
lm${g} %r6,$s3,6*$SIZE_T($sp) lm${g} %r6,$s3,6*$SIZE_T($sp)
br $ra br $ra
.align 16 .align 16
@ -2089,12 +2079,11 @@ $code.=<<___;
srlg $len,$len,4 srlg $len,$len,4
slgr $out,$inp slgr $out,$inp
xgr $s0,$s0 # clear upper half l${g} $s3,$stdframe($sp) # ivp
xgr $s1,$s1 llgf $s0,0($s3) # load iv
lrv $s0,$stdframe+4($sp) # load secno llgf $s1,4($s3)
lrv $s1,$stdframe+0($sp) llgf $s2,8($s3)
xgr $s2,$s2 llgf $s3,12($s3)
xgr $s3,$s3
stm${g} %r2,%r5,2*$SIZE_T($sp) stm${g} %r2,%r5,2*$SIZE_T($sp)
la $key,0($key2) la $key,0($key2)
larl $tbl,AES_Te larl $tbl,AES_Te
@ -2113,11 +2102,9 @@ $code.=<<___;
lghi %r1,0x87 lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half algr $s1,$s1
sllg $s1,$s1,1 alcgr $s3,$s3
sllg $s3,$s3,1
xgr $s1,%r1 xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3 lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits srlg $s0,$s1,32 # smash the tweak to 4x32-bits
@ -2156,11 +2143,9 @@ $code.=<<___;
lghi %r1,0x87 lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half algr $s1,$s1
sllg $s1,$s1,1 alcgr $s3,$s3
sllg $s3,$s3,1
xgr $s1,%r1 xgr $s1,%r1
ogr $s3,%r0
lrvgr $i2,$s1 # flip byte order lrvgr $i2,$s1 # flip byte order
lrvgr $i3,$s3 lrvgr $i3,$s3
stmg $i2,$i3,$tweak($sp) # save the 1st tweak stmg $i2,$i3,$tweak($sp) # save the 1st tweak
@ -2176,11 +2161,9 @@ $code.=<<___;
lghi %r1,0x87 lghi %r1,0x87
srag %r0,$s3,63 # broadcast upper bit srag %r0,$s3,63 # broadcast upper bit
ngr %r1,%r0 # rem ngr %r1,%r0 # rem
srlg %r0,$s1,63 # carry bit from lower half algr $s1,$s1
sllg $s1,$s1,1 alcgr $s3,$s3
sllg $s3,$s3,1
xgr $s1,%r1 xgr $s1,%r1
ogr $s3,%r0
lrvgr $s1,$s1 # flip byte order lrvgr $s1,$s1 # flip byte order
lrvgr $s3,$s3 lrvgr $s3,$s3
srlg $s0,$s1,32 # smash the tweak to 4x32-bits srlg $s0,$s1,32 # smash the tweak to 4x32-bits

7
deps/openssl/openssl/crypto/aes/asm/aes-x86_64.pl

@ -36,7 +36,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$verticalspin=1; # unlike 32-bit version $verticalspin performs $verticalspin=1; # unlike 32-bit version $verticalspin performs
# ~15% better on both AMD and Intel cores # ~15% better on both AMD and Intel cores
@ -1683,8 +1684,8 @@ AES_cbc_encrypt:
jb .Lcbc_slow_prologue jb .Lcbc_slow_prologue
test \$15,%rdx test \$15,%rdx
jnz .Lcbc_slow_prologue jnz .Lcbc_slow_prologue
#bt \$28,%r10d bt \$28,%r10d
#jc .Lcbc_slow_prologue jc .Lcbc_slow_prologue
# allocate aligned stack frame... # allocate aligned stack frame...
lea -88-248(%rsp),$key lea -88-248(%rsp),$key

3
deps/openssl/openssl/crypto/aes/asm/aesni-sha1-x86_64.pl

@ -69,7 +69,8 @@ $avx=1 if (!$avx && $win64 && ($flavour =~ /masm/ || $ENV{ASM} =~ /ml64/) &&
`ml64 2>&1` =~ /Version ([0-9]+)\./ && `ml64 2>&1` =~ /Version ([0-9]+)\./ &&
$1>=10); $1>=10);
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
# void aesni_cbc_sha1_enc(const void *inp, # void aesni_cbc_sha1_enc(const void *inp,
# void *out, # void *out,

3
deps/openssl/openssl/crypto/aes/asm/aesni-x86_64.pl

@ -172,7 +172,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$movkey = $PREFIX eq "aesni" ? "movups" : "movups"; $movkey = $PREFIX eq "aesni" ? "movups" : "movups";
@_4args=$win64? ("%rcx","%rdx","%r8", "%r9") : # Win64 order @_4args=$win64? ("%rcx","%rdx","%r8", "%r9") : # Win64 order

3
deps/openssl/openssl/crypto/aes/asm/bsaes-x86_64.pl

@ -105,7 +105,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx"); my ($inp,$out,$len,$key,$ivp)=("%rdi","%rsi","%rdx","%rcx");
my @XMM=map("%xmm$_",(15,0..14)); # best on Atom, +10% over (0..15) my @XMM=map("%xmm$_",(15,0..14)); # best on Atom, +10% over (0..15)

3
deps/openssl/openssl/crypto/aes/asm/vpaes-x86_64.pl

@ -56,7 +56,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
$PREFIX="vpaes"; $PREFIX="vpaes";

2
deps/openssl/openssl/crypto/asn1/a_strex.c

@ -566,8 +566,8 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
mbflag = tag2nbyte[type]; mbflag = tag2nbyte[type];
if(mbflag == -1) return -1; if(mbflag == -1) return -1;
mbflag |= MBSTRING_FLAG; mbflag |= MBSTRING_FLAG;
memset(&stmp, 0, sizeof(stmp));
stmp.data = NULL; stmp.data = NULL;
stmp.length = 0;
ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
if(ret < 0) return ret; if(ret < 0) return ret;
*out = stmp.data; *out = stmp.data;

6
deps/openssl/openssl/crypto/asn1/a_verify.c

@ -140,6 +140,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
int mdnid, pknid; int mdnid, pknid;
if (!pkey)
{
ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
return -1;
}
EVP_MD_CTX_init(&ctx); EVP_MD_CTX_init(&ctx);
/* Convert signature OID into digest and public key OIDs */ /* Convert signature OID into digest and public key OIDs */

5
deps/openssl/openssl/crypto/asn1/x_pubkey.c

@ -175,12 +175,15 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
if (key->pkey) if (key->pkey)
{ {
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
EVP_PKEY_free(ret); EVP_PKEY_free(ret);
ret = key->pkey; ret = key->pkey;
} }
else else
{
key->pkey = ret; key->pkey = ret;
CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
}
CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY); CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
return ret; return ret;

85
deps/openssl/openssl/crypto/bio/bss_dgram.c

@ -77,10 +77,20 @@
#define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0 #define OPENSSL_SCTP_FORWARD_CUM_TSN_CHUNK_TYPE 0xc0
#endif #endif
#ifdef OPENSSL_SYS_LINUX #if defined(OPENSSL_SYS_LINUX) && !defined(IP_MTU)
#define IP_MTU 14 /* linux is lame */ #define IP_MTU 14 /* linux is lame */
#endif #endif
#if defined(__FreeBSD__) && defined(IN6_IS_ADDR_V4MAPPED)
/* Standard definition causes type-punning problems. */
#undef IN6_IS_ADDR_V4MAPPED
#define s6_addr32 __u6_addr.__u6_addr32
#define IN6_IS_ADDR_V4MAPPED(a) \
(((a)->s6_addr32[0] == 0) && \
((a)->s6_addr32[1] == 0) && \
((a)->s6_addr32[2] == htonl(0x0000ffff)))
#endif
#ifdef WATT32 #ifdef WATT32
#define sock_write SockWrite /* Watt-32 uses same names */ #define sock_write SockWrite /* Watt-32 uses same names */
#define sock_read SockRead #define sock_read SockRead
@ -255,7 +265,7 @@ static void dgram_adjust_rcv_timeout(BIO *b)
{ {
#if defined(SO_RCVTIMEO) #if defined(SO_RCVTIMEO)
bio_dgram_data *data = (bio_dgram_data *)b->ptr; bio_dgram_data *data = (bio_dgram_data *)b->ptr;
int sz = sizeof(int); union { size_t s; int i; } sz = {0};
/* Is a timer active? */ /* Is a timer active? */
if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0) if (data->next_timeout.tv_sec > 0 || data->next_timeout.tv_usec > 0)
@ -265,8 +275,10 @@ static void dgram_adjust_rcv_timeout(BIO *b)
/* Read current socket timeout */ /* Read current socket timeout */
#ifdef OPENSSL_SYS_WINDOWS #ifdef OPENSSL_SYS_WINDOWS
int timeout; int timeout;
sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
(void*)&timeout, &sz) < 0) (void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); } { perror("getsockopt"); }
else else
{ {
@ -274,9 +286,12 @@ static void dgram_adjust_rcv_timeout(BIO *b)
data->socket_timeout.tv_usec = (timeout % 1000) * 1000; data->socket_timeout.tv_usec = (timeout % 1000) * 1000;
} }
#else #else
sz.i = sizeof(data->socket_timeout);
if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
&(data->socket_timeout), (void *)&sz) < 0) &(data->socket_timeout), (void *)&sz) < 0)
{ perror("getsockopt"); } { perror("getsockopt"); }
else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
OPENSSL_assert(sz.s<=sizeof(data->socket_timeout));
#endif #endif
/* Get current time */ /* Get current time */
@ -445,11 +460,10 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
int *ip; int *ip;
struct sockaddr *to = NULL; struct sockaddr *to = NULL;
bio_dgram_data *data = NULL; bio_dgram_data *data = NULL;
#if defined(IP_MTU_DISCOVER) || defined(IP_MTU) #if defined(OPENSSL_SYS_LINUX) && (defined(IP_MTU_DISCOVER) || defined(IP_MTU))
long sockopt_val = 0; int sockopt_val = 0;
unsigned int sockopt_len = 0; socklen_t sockopt_len; /* assume that system supporting IP_MTU is
#endif * modern enough to define socklen_t */
#ifdef OPENSSL_SYS_LINUX
socklen_t addr_len; socklen_t addr_len;
union { union {
struct sockaddr sa; struct sockaddr sa;
@ -531,7 +545,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
break; break;
/* (Linux)kernel sets DF bit on outgoing IP packets */ /* (Linux)kernel sets DF bit on outgoing IP packets */
case BIO_CTRL_DGRAM_MTU_DISCOVER: case BIO_CTRL_DGRAM_MTU_DISCOVER:
#ifdef OPENSSL_SYS_LINUX #if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU_DISCOVER) && defined(IP_PMTUDISC_DO)
addr_len = (socklen_t)sizeof(addr); addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr)); memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0) if (getsockname(b->num, &addr.sa, &addr_len) < 0)
@ -539,7 +553,6 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
ret = 0; ret = 0;
break; break;
} }
sockopt_len = sizeof(sockopt_val);
switch (addr.sa.sa_family) switch (addr.sa.sa_family)
{ {
case AF_INET: case AF_INET:
@ -548,7 +561,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
&sockopt_val, sizeof(sockopt_val))) < 0) &sockopt_val, sizeof(sockopt_val))) < 0)
perror("setsockopt"); perror("setsockopt");
break; break;
#if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) #if OPENSSL_USE_IPV6 && defined(IPV6_MTU_DISCOVER) && defined(IPV6_PMTUDISC_DO)
case AF_INET6: case AF_INET6:
sockopt_val = IPV6_PMTUDISC_DO; sockopt_val = IPV6_PMTUDISC_DO;
if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER, if ((ret = setsockopt(b->num, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
@ -565,7 +578,7 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
break; break;
#endif #endif
case BIO_CTRL_DGRAM_QUERY_MTU: case BIO_CTRL_DGRAM_QUERY_MTU:
#ifdef OPENSSL_SYS_LINUX #if defined(OPENSSL_SYS_LINUX) && defined(IP_MTU)
addr_len = (socklen_t)sizeof(addr); addr_len = (socklen_t)sizeof(addr);
memset((void *)&addr, 0, sizeof(addr)); memset((void *)&addr, 0, sizeof(addr));
if (getsockname(b->num, &addr.sa, &addr_len) < 0) if (getsockname(b->num, &addr.sa, &addr_len) < 0)
@ -727,12 +740,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif #endif
break; break;
case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT: case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
#ifdef OPENSSL_SYS_WINDOWS
{ {
int timeout, sz = sizeof(timeout); union { size_t s; int i; } sz = {0};
#ifdef OPENSSL_SYS_WINDOWS
int timeout;
struct timeval *tv = (struct timeval *)ptr; struct timeval *tv = (struct timeval *)ptr;
sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, if (getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
(void*)&timeout, &sz) < 0) (void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); ret = -1; } { perror("getsockopt"); ret = -1; }
else else
{ {
@ -740,12 +756,20 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
tv->tv_usec = (timeout % 1000) * 1000; tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv); ret = sizeof(*tv);
} }
}
#else #else
sz.i = sizeof(struct timeval);
if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO, if ( getsockopt(b->num, SOL_SOCKET, SO_RCVTIMEO,
ptr, (void *)&ret) < 0) ptr, (void *)&sz) < 0)
{ perror("getsockopt"); ret = -1; } { perror("getsockopt"); ret = -1; }
else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
{
OPENSSL_assert(sz.s<=sizeof(struct timeval));
ret = (int)sz.s;
}
else
ret = sz.i;
#endif #endif
}
break; break;
#endif #endif
#if defined(SO_SNDTIMEO) #if defined(SO_SNDTIMEO)
@ -765,12 +789,15 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
#endif #endif
break; break;
case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT: case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
#ifdef OPENSSL_SYS_WINDOWS
{ {
int timeout, sz = sizeof(timeout); union { size_t s; int i; } sz = {0};
#ifdef OPENSSL_SYS_WINDOWS
int timeout;
struct timeval *tv = (struct timeval *)ptr; struct timeval *tv = (struct timeval *)ptr;
sz.i = sizeof(timeout);
if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, if (getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
(void*)&timeout, &sz) < 0) (void*)&timeout, &sz.i) < 0)
{ perror("getsockopt"); ret = -1; } { perror("getsockopt"); ret = -1; }
else else
{ {
@ -778,12 +805,20 @@ static long dgram_ctrl(BIO *b, int cmd, long num, void *ptr)
tv->tv_usec = (timeout % 1000) * 1000; tv->tv_usec = (timeout % 1000) * 1000;
ret = sizeof(*tv); ret = sizeof(*tv);
} }
}
#else #else
sz.i = sizeof(struct timeval);
if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO, if ( getsockopt(b->num, SOL_SOCKET, SO_SNDTIMEO,
ptr, (void *)&ret) < 0) ptr, (void *)&sz) < 0)
{ perror("getsockopt"); ret = -1; } { perror("getsockopt"); ret = -1; }
else if (sizeof(sz.s)!=sizeof(sz.i) && sz.i==0)
{
OPENSSL_assert(sz.s<=sizeof(struct timeval));
ret = (int)sz.s;
}
else
ret = sz.i;
#endif #endif
}
break; break;
#endif #endif
case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP: case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
@ -955,7 +990,6 @@ static int dgram_sctp_free(BIO *a)
#ifdef SCTP_AUTHENTICATION_EVENT #ifdef SCTP_AUTHENTICATION_EVENT
void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp) void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp)
{ {
unsigned int sockopt_len = 0;
int ret; int ret;
struct sctp_authkey_event* authkeyevent = &snp->sn_auth_event; struct sctp_authkey_event* authkeyevent = &snp->sn_auth_event;
@ -965,9 +999,8 @@ void dgram_sctp_handle_auth_free_key_event(BIO *b, union sctp_notification *snp)
/* delete key */ /* delete key */
authkeyid.scact_keynumber = authkeyevent->auth_keynumber; authkeyid.scact_keynumber = authkeyevent->auth_keynumber;
sockopt_len = sizeof(struct sctp_authkeyid);
ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY, ret = setsockopt(b->num, IPPROTO_SCTP, SCTP_AUTH_DELETE_KEY,
&authkeyid, sockopt_len); &authkeyid, sizeof(struct sctp_authkeyid));
} }
} }
#endif #endif
@ -1298,7 +1331,7 @@ static long dgram_sctp_ctrl(BIO *b, int cmd, long num, void *ptr)
{ {
long ret=1; long ret=1;
bio_dgram_sctp_data *data = NULL; bio_dgram_sctp_data *data = NULL;
unsigned int sockopt_len = 0; socklen_t sockopt_len = 0;
struct sctp_authkeyid authkeyid; struct sctp_authkeyid authkeyid;
struct sctp_authkey *authkey; struct sctp_authkey *authkey;

2
deps/openssl/openssl/crypto/bn/asm/mips.pl

@ -819,7 +819,7 @@ ___
$code.=<<___; $code.=<<___;
.set reorder .set reorder
move $ta3,$ra move $ta3,$ra
bal bn_div_words bal bn_div_words_internal
move $ra,$ta3 move $ra,$ta3
$MULTU $ta2,$v0 $MULTU $ta2,$v0
$LD $t2,-2*$BNSZ($a3) $LD $t2,-2*$BNSZ($a3)

3
deps/openssl/openssl/crypto/bn/asm/modexp512-x86_64.pl

@ -68,7 +68,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
use strict; use strict;
my $code=".text\n\n"; my $code=".text\n\n";

2
deps/openssl/openssl/crypto/bn/asm/x86_64-gf2m.pl

@ -31,7 +31,7 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open STDOUT,"| \"$^X\" $xlate $flavour $output";
($lo,$hi)=("%rax","%rdx"); $a=$lo; ($lo,$hi)=("%rax","%rdx"); $a=$lo;
($i0,$i1)=("%rsi","%rdi"); ($i0,$i1)=("%rsi","%rdi");

3
deps/openssl/openssl/crypto/bn/asm/x86_64-mont.pl

@ -40,7 +40,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
# int bn_mul_mont( # int bn_mul_mont(
$rp="%rdi"; # BN_ULONG *rp, $rp="%rdi"; # BN_ULONG *rp,

3
deps/openssl/openssl/crypto/bn/asm/x86_64-mont5.pl

@ -28,7 +28,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
# int bn_mul_mont_gather5( # int bn_mul_mont_gather5(
$rp="%rdi"; # BN_ULONG *rp, $rp="%rdi"; # BN_ULONG *rp,

2
deps/openssl/openssl/crypto/bn/bn_div.c

@ -141,6 +141,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
* *
* <appro@fy.chalmers.se> * <appro@fy.chalmers.se>
*/ */
#undef bn_div_words
# define bn_div_words(n0,n1,d0) \ # define bn_div_words(n0,n1,d0) \
({ asm volatile ( \ ({ asm volatile ( \
"divl %4" \ "divl %4" \
@ -155,6 +156,7 @@ int BN_div(BIGNUM *dv, BIGNUM *rem, const BIGNUM *m, const BIGNUM *d,
* Same story here, but it's 128-bit by 64-bit division. Wow! * Same story here, but it's 128-bit by 64-bit division. Wow!
* <appro@fy.chalmers.se> * <appro@fy.chalmers.se>
*/ */
# undef bn_div_words
# define bn_div_words(n0,n1,d0) \ # define bn_div_words(n0,n1,d0) \
({ asm volatile ( \ ({ asm volatile ( \
"divq %4" \ "divq %4" \

1
deps/openssl/openssl/crypto/bn/bn_gcd.c

@ -205,6 +205,7 @@ err:
/* solves ax == 1 (mod n) */ /* solves ax == 1 (mod n) */
static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in, static BIGNUM *BN_mod_inverse_no_branch(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx); const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx);
BIGNUM *BN_mod_inverse(BIGNUM *in, BIGNUM *BN_mod_inverse(BIGNUM *in,
const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx) const BIGNUM *a, const BIGNUM *n, BN_CTX *ctx)
{ {

11
deps/openssl/openssl/crypto/bn/bn_lcl.h

@ -282,16 +282,23 @@ extern "C" {
# endif # endif
# elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)) # elif defined(__mips) && (defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG))
# if defined(__GNUC__) && __GNUC__>=2 # if defined(__GNUC__) && __GNUC__>=2
# define BN_UMULT_HIGH(a,b) ({ \ # if __GNUC__>=4 && __GNUC_MINOR__>=4 /* "h" constraint is no more since 4.4 */
# define BN_UMULT_HIGH(a,b) (((__uint128_t)(a)*(b))>>64)
# define BN_UMULT_LOHI(low,high,a,b) ({ \
__uint128_t ret=(__uint128_t)(a)*(b); \
(high)=ret>>64; (low)=ret; })
# else
# define BN_UMULT_HIGH(a,b) ({ \
register BN_ULONG ret; \ register BN_ULONG ret; \
asm ("dmultu %1,%2" \ asm ("dmultu %1,%2" \
: "=h"(ret) \ : "=h"(ret) \
: "r"(a), "r"(b) : "l"); \ : "r"(a), "r"(b) : "l"); \
ret; }) ret; })
# define BN_UMULT_LOHI(low,high,a,b) \ # define BN_UMULT_LOHI(low,high,a,b)\
asm ("dmultu %2,%3" \ asm ("dmultu %2,%3" \
: "=l"(low),"=h"(high) \ : "=l"(low),"=h"(high) \
: "r"(a), "r"(b)); : "r"(a), "r"(b));
# endif
# endif # endif
# endif /* cpu */ # endif /* cpu */
#endif /* OPENSSL_NO_ASM */ #endif /* OPENSSL_NO_ASM */

25
deps/openssl/openssl/crypto/bn/bn_word.c

@ -144,26 +144,17 @@ int BN_add_word(BIGNUM *a, BN_ULONG w)
a->neg=!(a->neg); a->neg=!(a->neg);
return(i); return(i);
} }
/* Only expand (and risk failing) if it's possibly necessary */ for (i=0;w!=0 && i<a->top;i++)
if (((BN_ULONG)(a->d[a->top - 1] + 1) == 0) &&
(bn_wexpand(a,a->top+1) == NULL))
return(0);
i=0;
for (;;)
{ {
if (i >= a->top) a->d[i] = l = (a->d[i]+w)&BN_MASK2;
l=w; w = (w>l)?1:0;
else
l=(a->d[i]+w)&BN_MASK2;
a->d[i]=l;
if (w > l)
w=1;
else
break;
i++;
} }
if (i >= a->top) if (w && i==a->top)
{
if (bn_wexpand(a,a->top+1) == NULL) return 0;
a->top++; a->top++;
a->d[i]=w;
}
bn_check_top(a); bn_check_top(a);
return(1); return(1);
} }

3
deps/openssl/openssl/crypto/camellia/asm/cmll-x86_64.pl

@ -40,7 +40,8 @@ $0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1;
( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or ( $xlate="${dir}../../perlasm/x86_64-xlate.pl" and -f $xlate) or
die "can't locate x86_64-xlate.pl"; die "can't locate x86_64-xlate.pl";
open STDOUT,"| $^X $xlate $flavour $output"; open OUT,"| \"$^X\" $xlate $flavour $output";
*STDOUT=*OUT;
sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/; $r; } sub hi() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1h/; $r; }
sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/; sub lo() { my $r=shift; $r =~ s/%[er]([a-d])x/%\1l/;

2
deps/openssl/openssl/crypto/cms/cms_cd.c

@ -58,7 +58,9 @@
#include <openssl/err.h> #include <openssl/err.h>
#include <openssl/cms.h> #include <openssl/cms.h>
#include <openssl/bio.h> #include <openssl/bio.h>
#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h> #include <openssl/comp.h>
#endif
#include "cms_lcl.h" #include "cms_lcl.h"
DECLARE_ASN1_ITEM(CMS_CompressedData) DECLARE_ASN1_ITEM(CMS_CompressedData)

2
deps/openssl/openssl/crypto/cms/cms_enc.c

@ -74,7 +74,7 @@ BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec)
X509_ALGOR *calg = ec->contentEncryptionAlgorithm; X509_ALGOR *calg = ec->contentEncryptionAlgorithm;
unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL; unsigned char iv[EVP_MAX_IV_LENGTH], *piv = NULL;
unsigned char *tkey = NULL; unsigned char *tkey = NULL;
size_t tkeylen; size_t tkeylen = 0;
int ok = 0; int ok = 0;

2
deps/openssl/openssl/crypto/cms/cms_lib.c

@ -411,9 +411,7 @@ int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
* algorithm OID instead of digest. * algorithm OID instead of digest.
*/ */
|| EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid) || EVP_MD_pkey_type(EVP_MD_CTX_md(mtmp)) == nid)
{
return EVP_MD_CTX_copy_ex(mctx, mtmp); return EVP_MD_CTX_copy_ex(mctx, mtmp);
}
chain = BIO_next(chain); chain = BIO_next(chain);
} }
} }

1
deps/openssl/openssl/crypto/conf/conf_mall.c

@ -76,5 +76,6 @@ void OPENSSL_load_builtin_modules(void)
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
ENGINE_add_conf_module(); ENGINE_add_conf_module();
#endif #endif
EVP_add_alg_module();
} }

16
deps/openssl/openssl/crypto/cryptlib.c

@ -504,7 +504,7 @@ void CRYPTO_THREADID_current(CRYPTO_THREADID *id)
CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL)); CRYPTO_THREADID_set_numeric(id, (unsigned long)find_thread(NULL));
#else #else
/* For everything else, default to using the address of 'errno' */ /* For everything else, default to using the address of 'errno' */
CRYPTO_THREADID_set_pointer(id, &errno); CRYPTO_THREADID_set_pointer(id, (void*)&errno);
#endif #endif
} }
@ -704,6 +704,7 @@ void OPENSSL_cpuid_setup(void)
} }
else else
vec = OPENSSL_ia32_cpuid(); vec = OPENSSL_ia32_cpuid();
/* /*
* |(1<<10) sets a reserved bit to signal that variable * |(1<<10) sets a reserved bit to signal that variable
* was initialized already... This is to avoid interference * was initialized already... This is to avoid interference
@ -924,3 +925,16 @@ void OpenSSLDie(const char *file,int line,const char *assertion)
} }
void *OPENSSL_stderr(void) { return stderr; } void *OPENSSL_stderr(void) { return stderr; }
int CRYPTO_memcmp(const void *in_a, const void *in_b, size_t len)
{
size_t i;
const unsigned char *a = in_a;
const unsigned char *b = in_b;
unsigned char x = 0;
for (i = 0; i < len; i++)
x |= a[i] ^ b[i];
return x;
}

2
deps/openssl/openssl/crypto/cryptlib.h

@ -100,7 +100,7 @@ extern "C" {
void OPENSSL_cpuid_setup(void); void OPENSSL_cpuid_setup(void);
extern unsigned int OPENSSL_ia32cap_P[]; extern unsigned int OPENSSL_ia32cap_P[];
void OPENSSL_showfatal(const char *,...); void OPENSSL_showfatal(const char *fmta,...);
void *OPENSSL_stderr(void); void *OPENSSL_stderr(void);
extern int OPENSSL_NONPIC_relocated; extern int OPENSSL_NONPIC_relocated;

2
deps/openssl/openssl/crypto/crypto-lib.com

@ -282,7 +282,7 @@ $ LIB_RAND = "md_rand,randfile,rand_lib,rand_err,rand_egd,"+ -
"rand_vms" "rand_vms"
$ LIB_ERR = "err,err_all,err_prn" $ LIB_ERR = "err,err_all,err_prn"
$ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref" $ LIB_OBJECTS = "o_names,obj_dat,obj_lib,obj_err,obj_xref"
$ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,"+ - $ LIB_EVP = "encode,digest,evp_enc,evp_key,evp_acnf,evp_cnf,"+ -
"e_des,e_bf,e_idea,e_des3,e_camellia,"+ - "e_des,e_bf,e_idea,e_des3,e_camellia,"+ -
"e_rc4,e_aes,names,e_seed,"+ - "e_rc4,e_aes,names,e_seed,"+ -
"e_xcbc_d,e_rc2,e_cast,e_rc5" "e_xcbc_d,e_rc2,e_cast,e_rc5"

11
deps/openssl/openssl/crypto/crypto.h

@ -488,10 +488,10 @@ void CRYPTO_get_mem_debug_functions(void (**m)(void *,int,const char *,int,int),
long (**go)(void)); long (**go)(void));
void *CRYPTO_malloc_locked(int num, const char *file, int line); void *CRYPTO_malloc_locked(int num, const char *file, int line);
void CRYPTO_free_locked(void *); void CRYPTO_free_locked(void *ptr);
void *CRYPTO_malloc(int num, const char *file, int line); void *CRYPTO_malloc(int num, const char *file, int line);
char *CRYPTO_strdup(const char *str, const char *file, int line); char *CRYPTO_strdup(const char *str, const char *file, int line);
void CRYPTO_free(void *); void CRYPTO_free(void *ptr);
void *CRYPTO_realloc(void *addr,int num, const char *file, int line); void *CRYPTO_realloc(void *addr,int num, const char *file, int line);
void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file, void *CRYPTO_realloc_clean(void *addr,int old_num,int num,const char *file,
int line); int line);
@ -574,6 +574,13 @@ void OPENSSL_init(void);
#define fips_cipher_abort(alg) while(0) #define fips_cipher_abort(alg) while(0)
#endif #endif
/* CRYPTO_memcmp returns zero iff the |len| bytes at |a| and |b| are equal. It
* takes an amount of time dependent on |len|, but independent of the contents
* of |a| and |b|. Unlike memcmp, it cannot be used to put elements into a
* defined order as the return value when a != b is undefined, other than to be
* non-zero. */
int CRYPTO_memcmp(const void *a, const void *b, size_t len);
/* BEGIN ERROR CODES */ /* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes /* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run. * made after this point may be overwritten when the script is next run.

3
deps/openssl/openssl/crypto/des/set_key.c

@ -63,9 +63,8 @@
* 1.1 added norm_expand_bits * 1.1 added norm_expand_bits
* 1.0 First working version * 1.0 First working version
*/ */
#include "des_locl.h"
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include "des_locl.h"
OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key,0) /* defaults to false */ OPENSSL_IMPLEMENT_GLOBAL(int,DES_check_key,0) /* defaults to false */

2
deps/openssl/openssl/crypto/des/str2key.c

@ -56,8 +56,8 @@
* [including the GNU Public Licence.] * [including the GNU Public Licence.]
*/ */
#include "des_locl.h"
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include "des_locl.h"
void DES_string_to_key(const char *str, DES_cblock *key) void DES_string_to_key(const char *str, DES_cblock *key)
{ {

28
deps/openssl/openssl/crypto/ec/ec.h

@ -274,10 +274,10 @@ int EC_GROUP_get_curve_name(const EC_GROUP *group);
void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag); void EC_GROUP_set_asn1_flag(EC_GROUP *group, int flag);
int EC_GROUP_get_asn1_flag(const EC_GROUP *group); int EC_GROUP_get_asn1_flag(const EC_GROUP *group);
void EC_GROUP_set_point_conversion_form(EC_GROUP *, point_conversion_form_t); void EC_GROUP_set_point_conversion_form(EC_GROUP *group, point_conversion_form_t form);
point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *); point_conversion_form_t EC_GROUP_get_point_conversion_form(const EC_GROUP *);
unsigned char *EC_GROUP_get0_seed(const EC_GROUP *); unsigned char *EC_GROUP_get0_seed(const EC_GROUP *x);
size_t EC_GROUP_get_seed_len(const EC_GROUP *); size_t EC_GROUP_get_seed_len(const EC_GROUP *);
size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len); size_t EC_GROUP_set_seed(EC_GROUP *, const unsigned char *, size_t len);
@ -626,8 +626,8 @@ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *c
*/ */
int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx); int EC_POINT_cmp(const EC_GROUP *group, const EC_POINT *a, const EC_POINT *b, BN_CTX *ctx);
int EC_POINT_make_affine(const EC_GROUP *, EC_POINT *, BN_CTX *); int EC_POINT_make_affine(const EC_GROUP *group, EC_POINT *point, BN_CTX *ctx);
int EC_POINTs_make_affine(const EC_GROUP *, size_t num, EC_POINT *[], BN_CTX *); int EC_POINTs_make_affine(const EC_GROUP *group, size_t num, EC_POINT *points[], BN_CTX *ctx);
/** Computes r = generator * n sum_{i=0}^num p[i] * m[i] /** Computes r = generator * n sum_{i=0}^num p[i] * m[i]
* \param group underlying EC_GROUP object * \param group underlying EC_GROUP object
@ -800,16 +800,24 @@ const EC_POINT *EC_KEY_get0_public_key(const EC_KEY *key);
int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub); int EC_KEY_set_public_key(EC_KEY *key, const EC_POINT *pub);
unsigned EC_KEY_get_enc_flags(const EC_KEY *key); unsigned EC_KEY_get_enc_flags(const EC_KEY *key);
void EC_KEY_set_enc_flags(EC_KEY *, unsigned int); void EC_KEY_set_enc_flags(EC_KEY *eckey, unsigned int flags);
point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *); point_conversion_form_t EC_KEY_get_conv_form(const EC_KEY *key);
void EC_KEY_set_conv_form(EC_KEY *, point_conversion_form_t); void EC_KEY_set_conv_form(EC_KEY *eckey, point_conversion_form_t cform);
/* functions to set/get method specific data */ /* functions to set/get method specific data */
void *EC_KEY_get_key_method_data(EC_KEY *, void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
void EC_KEY_insert_key_method_data(EC_KEY *, void *data, /** Sets the key method data of an EC_KEY object, if none has yet been set.
* \param key EC_KEY object
* \param data opaque data to install.
* \param dup_func a function that duplicates |data|.
* \param free_func a function that frees |data|.
* \param clear_free_func a function that wipes and frees |data|.
* \return the previously set data pointer, or NULL if |data| was inserted.
*/
void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)); void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *));
/* wrapper functions for the underlying EC_GROUP object */ /* wrapper functions for the underlying EC_GROUP object */
void EC_KEY_set_asn1_flag(EC_KEY *, int); void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
/** Creates a table of pre-computed multiples of the generator to /** Creates a table of pre-computed multiples of the generator to
* accelerate further EC_KEY operations. * accelerate further EC_KEY operations.

13
deps/openssl/openssl/crypto/ec/ec_key.c

@ -520,18 +520,27 @@ void EC_KEY_set_conv_form(EC_KEY *key, point_conversion_form_t cform)
void *EC_KEY_get_key_method_data(EC_KEY *key, void *EC_KEY_get_key_method_data(EC_KEY *key,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
{ {
return EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func); void *ret;
CRYPTO_r_lock(CRYPTO_LOCK_EC);
ret = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
CRYPTO_r_unlock(CRYPTO_LOCK_EC);
return ret;
} }
void EC_KEY_insert_key_method_data(EC_KEY *key, void *data, void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *)) void *(*dup_func)(void *), void (*free_func)(void *), void (*clear_free_func)(void *))
{ {
EC_EXTRA_DATA *ex_data; EC_EXTRA_DATA *ex_data;
CRYPTO_w_lock(CRYPTO_LOCK_EC); CRYPTO_w_lock(CRYPTO_LOCK_EC);
ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func); ex_data = EC_EX_DATA_get_data(key->method_data, dup_func, free_func, clear_free_func);
if (ex_data == NULL) if (ex_data == NULL)
EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func); EC_EX_DATA_set_data(&key->method_data, data, dup_func, free_func, clear_free_func);
CRYPTO_w_unlock(CRYPTO_LOCK_EC); CRYPTO_w_unlock(CRYPTO_LOCK_EC);
return ex_data;
} }
void EC_KEY_set_asn1_flag(EC_KEY *key, int flag) void EC_KEY_set_asn1_flag(EC_KEY *key, int flag)

2
deps/openssl/openssl/crypto/ec/ec_pmeth.c

@ -188,7 +188,7 @@ static int pkey_ec_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec); pubkey = EC_KEY_get0_public_key(ctx->peerkey->pkey.ec);
/* NB: unlike PKS#3 DH, if *outlen is less than maximum size this is /* NB: unlike PKCS#3 DH, if *outlen is less than maximum size this is
* not an error, the result is truncated. * not an error, the result is truncated.
*/ */

1
deps/openssl/openssl/crypto/ec/ecp_mont.c

@ -114,7 +114,6 @@ const EC_METHOD *EC_GFp_mont_method(void)
ec_GFp_mont_field_decode, ec_GFp_mont_field_decode,
ec_GFp_mont_field_set_to_one }; ec_GFp_mont_field_set_to_one };
return &ret; return &ret;
#endif #endif
} }

2
deps/openssl/openssl/crypto/ec/ectest.c

@ -236,7 +236,7 @@ static void group_order_tests(EC_GROUP *group)
} }
static void prime_field_tests(void) static void prime_field_tests(void)
{ {
BN_CTX *ctx = NULL; BN_CTX *ctx = NULL;
BIGNUM *p, *a, *b; BIGNUM *p, *a, *b;
EC_GROUP *group; EC_GROUP *group;

17
deps/openssl/openssl/crypto/ecdh/Makefile

@ -84,17 +84,12 @@ ech_err.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h ech_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ech_err.o: ech_err.c ech_err.o: ech_err.c
ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ech_key.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ech_key.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ech_key.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
ech_key.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h ech_key.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
ech_key.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h ech_key.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
ech_key.o: ../../include/openssl/engine.h ../../include/openssl/evp.h ech_key.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h
ech_key.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h ech_key.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
ech_key.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h ech_key.o: ech_key.c ech_locl.h
ech_key.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
ech_key.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
ech_key.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
ech_key.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
ech_key.o: ../../include/openssl/x509_vfy.h ech_key.c ech_locl.h
ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h ech_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h ech_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h ech_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h

3
deps/openssl/openssl/crypto/ecdh/ech_key.c

@ -68,9 +68,6 @@
*/ */
#include "ech_locl.h" #include "ech_locl.h"
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key, int ECDH_compute_key(void *out, size_t outlen, const EC_POINT *pub_key,
EC_KEY *eckey, EC_KEY *eckey,

11
deps/openssl/openssl/crypto/ecdh/ech_lib.c

@ -222,8 +222,15 @@ ECDH_DATA *ecdh_check(EC_KEY *key)
ecdh_data = (ECDH_DATA *)ecdh_data_new(); ecdh_data = (ECDH_DATA *)ecdh_data_new();
if (ecdh_data == NULL) if (ecdh_data == NULL)
return NULL; return NULL;
EC_KEY_insert_key_method_data(key, (void *)ecdh_data, data = EC_KEY_insert_key_method_data(key, (void *)ecdh_data,
ecdh_data_dup, ecdh_data_free, ecdh_data_free); ecdh_data_dup, ecdh_data_free, ecdh_data_free);
if (data != NULL)
{
/* Another thread raced us to install the key_method
* data and won. */
ecdh_data_free(ecdh_data);
ecdh_data = (ECDH_DATA *)data;
}
} }
else else
ecdh_data = (ECDH_DATA *)data; ecdh_data = (ECDH_DATA *)data;

11
deps/openssl/openssl/crypto/ecdsa/ecs_lib.c

@ -200,8 +200,15 @@ ECDSA_DATA *ecdsa_check(EC_KEY *key)
ecdsa_data = (ECDSA_DATA *)ecdsa_data_new(); ecdsa_data = (ECDSA_DATA *)ecdsa_data_new();
if (ecdsa_data == NULL) if (ecdsa_data == NULL)
return NULL; return NULL;
EC_KEY_insert_key_method_data(key, (void *)ecdsa_data, data = EC_KEY_insert_key_method_data(key, (void *)ecdsa_data,
ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free); ecdsa_data_dup, ecdsa_data_free, ecdsa_data_free);
if (data != NULL)
{
/* Another thread raced us to install the key_method
* data and won. */
ecdsa_data_free(ecdsa_data);
ecdsa_data = (ECDSA_DATA *)data;
}
} }
else else
ecdsa_data = (ECDSA_DATA *)data; ecdsa_data = (ECDSA_DATA *)data;

19
deps/openssl/openssl/crypto/err/err_all.c

@ -64,7 +64,9 @@
#endif #endif
#include <openssl/buffer.h> #include <openssl/buffer.h>
#include <openssl/bio.h> #include <openssl/bio.h>
#ifndef OPENSSL_NO_COMP
#include <openssl/comp.h> #include <openssl/comp.h>
#endif
#ifndef OPENSSL_NO_RSA #ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h> #include <openssl/rsa.h>
#endif #endif
@ -95,6 +97,9 @@
#include <openssl/ui.h> #include <openssl/ui.h>
#include <openssl/ocsp.h> #include <openssl/ocsp.h>
#include <openssl/err.h> #include <openssl/err.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
#include <openssl/ts.h> #include <openssl/ts.h>
#ifndef OPENSSL_NO_CMS #ifndef OPENSSL_NO_CMS
#include <openssl/cms.h> #include <openssl/cms.h>
@ -102,11 +107,6 @@
#ifndef OPENSSL_NO_JPAKE #ifndef OPENSSL_NO_JPAKE
#include <openssl/jpake.h> #include <openssl/jpake.h>
#endif #endif
#include <openssl/comp.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
void ERR_load_crypto_strings(void) void ERR_load_crypto_strings(void)
{ {
@ -130,7 +130,9 @@ void ERR_load_crypto_strings(void)
ERR_load_ASN1_strings(); ERR_load_ASN1_strings();
ERR_load_CONF_strings(); ERR_load_CONF_strings();
ERR_load_CRYPTO_strings(); ERR_load_CRYPTO_strings();
#ifndef OPENSSL_NO_COMP
ERR_load_COMP_strings(); ERR_load_COMP_strings();
#endif
#ifndef OPENSSL_NO_EC #ifndef OPENSSL_NO_EC
ERR_load_EC_strings(); ERR_load_EC_strings();
#endif #endif
@ -153,15 +155,14 @@ void ERR_load_crypto_strings(void)
#endif #endif
ERR_load_OCSP_strings(); ERR_load_OCSP_strings();
ERR_load_UI_strings(); ERR_load_UI_strings();
#ifdef OPENSSL_FIPS
ERR_load_FIPS_strings();
#endif
#ifndef OPENSSL_NO_CMS #ifndef OPENSSL_NO_CMS
ERR_load_CMS_strings(); ERR_load_CMS_strings();
#endif #endif
#ifndef OPENSSL_NO_JPAKE #ifndef OPENSSL_NO_JPAKE
ERR_load_JPAKE_strings(); ERR_load_JPAKE_strings();
#endif #endif
ERR_load_COMP_strings();
#endif
#ifdef OPENSSL_FIPS
ERR_load_FIPS_strings();
#endif #endif
} }

55
deps/openssl/openssl/crypto/evp/Makefile

@ -18,7 +18,7 @@ TESTDATA=evptests.txt
APPS= APPS=
LIB=$(TOP)/libcrypto.a LIB=$(TOP)/libcrypto.a
LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c evp_cnf.c \
e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\ e_des.c e_bf.c e_idea.c e_des3.c e_camellia.c\
e_rc4.c e_aes.c names.c e_seed.c \ e_rc4.c e_aes.c names.c e_seed.c \
e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \ e_xcbc_d.c e_rc2.c e_cast.c e_rc5.c \
@ -31,7 +31,7 @@ LIBSRC= encode.c digest.c evp_enc.c evp_key.c evp_acnf.c \
e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \ e_old.c pmeth_lib.c pmeth_fn.c pmeth_gn.c m_sigver.c evp_fips.c \
e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c e_aes_cbc_hmac_sha1.c e_rc4_hmac_md5.c
LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o \ LIBOBJ= encode.o digest.o evp_enc.o evp_key.o evp_acnf.o evp_cnf.o \
e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\ e_des.o e_bf.o e_idea.o e_des3.o e_camellia.o\
e_rc4.o e_aes.o names.o e_seed.o \ e_rc4.o e_aes.o names.o e_seed.o \
e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \ e_xcbc_d.o e_rc2.o e_cast.o e_rc5.o \
@ -67,7 +67,7 @@ files:
links: links:
@$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
@$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
cp $(TESTDATA) ../../test [ ! -f $(TESTDATA) ] || cp $(TESTDATA) ../../test
@$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
install: install:
@ -356,6 +356,20 @@ evp_acnf.o: ../../include/openssl/opensslconf.h
evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h evp_acnf.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h evp_acnf.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c evp_acnf.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_acnf.c
evp_cnf.o: ../../e_os.h ../../include/openssl/asn1.h
evp_cnf.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_cnf.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
evp_cnf.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h
evp_cnf.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
evp_cnf.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
evp_cnf.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
evp_cnf.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
evp_cnf.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
evp_cnf.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
evp_cnf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
evp_cnf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
evp_cnf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
evp_cnf.o: ../../include/openssl/x509v3.h ../cryptlib.h evp_cnf.c
evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h evp_enc.o: ../../e_os.h ../../include/openssl/asn1.h
evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h evp_enc.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h evp_enc.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
@ -437,28 +451,22 @@ evp_pkey.o: ../asn1/asn1_locl.h ../cryptlib.h evp_pkey.c
m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_dss.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h m_dss.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
m_dss.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h m_dss.o: ../../include/openssl/err.h ../../include/openssl/evp.h
m_dss.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h m_dss.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_dss.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h m_dss.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_dss.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_dss.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_dss.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
m_dss.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_dss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h m_dss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_dss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_dss.o: ../cryptlib.h m_dss.c m_dss.o: ../cryptlib.h m_dss.c
m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_dss1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_dss1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h m_dss1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
m_dss1.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h m_dss1.o: ../../include/openssl/err.h ../../include/openssl/evp.h
m_dss1.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h m_dss1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
m_dss1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h m_dss1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
m_dss1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h m_dss1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_dss1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
m_dss1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_dss1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h m_dss1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_dss1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_dss1.o: ../cryptlib.h m_dss1.c m_dss1.o: ../cryptlib.h m_dss1.c
m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h m_ecdsa.o: ../../e_os.h ../../include/openssl/asn1.h
m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h m_ecdsa.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
@ -563,16 +571,13 @@ m_sha.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_sha.o: ../cryptlib.h evp_locl.h m_sha.c m_sha.o: ../cryptlib.h evp_locl.h m_sha.c
m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h m_sha1.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h m_sha1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h m_sha1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
m_sha1.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h m_sha1.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
m_sha1.o: ../../include/openssl/err.h ../../include/openssl/evp.h m_sha1.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
m_sha1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h m_sha1.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
m_sha1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h m_sha1.o: ../../include/openssl/ossl_typ.h ../../include/openssl/rsa.h
m_sha1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
m_sha1.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h
m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h m_sha1.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h m_sha1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
m_sha1.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
m_sha1.o: ../cryptlib.h m_sha1.c m_sha1.o: ../cryptlib.h m_sha1.c
m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h m_sigver.o: ../../e_os.h ../../include/openssl/asn1.h
m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h m_sigver.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h

1
deps/openssl/openssl/crypto/evp/digest.c

@ -267,6 +267,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *size)
return FIPS_digestfinal(ctx, md, size); return FIPS_digestfinal(ctx, md, size);
#else #else
int ret; int ret;
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE); OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
ret=ctx->digest->final(ctx,md); ret=ctx->digest->final(ctx,md);
if (size != NULL) if (size != NULL)

5
deps/openssl/openssl/crypto/evp/e_aes.c

@ -969,8 +969,6 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
if (!gctx->iv_set) if (!gctx->iv_set)
return -1; return -1;
if (!ctx->encrypt && gctx->taglen < 0)
return -1;
if (in) if (in)
{ {
if (out == NULL) if (out == NULL)
@ -1012,6 +1010,8 @@ static int aes_gcm_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
{ {
if (!ctx->encrypt) if (!ctx->encrypt)
{ {
if (gctx->taglen < 0)
return -1;
if (CRYPTO_gcm128_finish(&gctx->gcm, if (CRYPTO_gcm128_finish(&gctx->gcm,
ctx->buf, gctx->taglen) != 0) ctx->buf, gctx->taglen) != 0)
return -1; return -1;
@ -1217,6 +1217,7 @@ static int aes_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks); vpaes_set_encrypt_key(key, ctx->key_len*8, &cctx->ks);
CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L, CRYPTO_ccm128_init(&cctx->ccm, cctx->M, cctx->L,
&cctx->ks, (block128_f)vpaes_encrypt); &cctx->ks, (block128_f)vpaes_encrypt);
cctx->str = NULL;
cctx->key_set = 1; cctx->key_set = 1;
break; break;
} }

216
deps/openssl/openssl/crypto/evp/e_aes_cbc_hmac_sha1.c

@ -1,5 +1,5 @@
/* ==================================================================== /* ====================================================================
* Copyright (c) 2011 The OpenSSL Project. All rights reserved. * Copyright (c) 2011-2013 The OpenSSL Project. All rights reserved.
* *
* Redistribution and use in source and binary forms, with or without * Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions * modification, are permitted provided that the following conditions
@ -90,6 +90,10 @@ typedef struct
defined(_M_AMD64) || defined(_M_X64) || \ defined(_M_AMD64) || defined(_M_X64) || \
defined(__INTEL__) ) defined(__INTEL__) )
#if defined(__GNUC__) && __GNUC__>=2 && !defined(PEDANTIC)
# define BSWAP(x) ({ unsigned int r=(x); asm ("bswapl %0":"=r"(r):"0"(r)); r; })
#endif
extern unsigned int OPENSSL_ia32cap_P[2]; extern unsigned int OPENSSL_ia32cap_P[2];
#define AESNI_CAPABLE (1<<(57-32)) #define AESNI_CAPABLE (1<<(57-32))
@ -167,6 +171,9 @@ static void sha1_update(SHA_CTX *c,const void *data,size_t len)
SHA1_Update(c,ptr,res); SHA1_Update(c,ptr,res);
} }
#ifdef SHA1_Update
#undef SHA1_Update
#endif
#define SHA1_Update sha1_update #define SHA1_Update sha1_update
static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
@ -184,6 +191,8 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
sha_off = SHA_CBLOCK-key->md.num; sha_off = SHA_CBLOCK-key->md.num;
#endif #endif
key->payload_length = NO_PAYLOAD_LENGTH;
if (len%AES_BLOCK_SIZE) return 0; if (len%AES_BLOCK_SIZE) return 0;
if (ctx->encrypt) { if (ctx->encrypt) {
@ -234,47 +243,210 @@ static int aesni_cbc_hmac_sha1_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
&key->ks,ctx->iv,1); &key->ks,ctx->iv,1);
} }
} else { } else {
unsigned char mac[SHA_DIGEST_LENGTH]; union { unsigned int u[SHA_DIGEST_LENGTH/sizeof(unsigned int)];
unsigned char c[32+SHA_DIGEST_LENGTH]; } mac, *pmac;
/* arrange cache line alignment */
pmac = (void *)(((size_t)mac.c+31)&((size_t)0-32));
/* decrypt HMAC|padding at once */ /* decrypt HMAC|padding at once */
aesni_cbc_encrypt(in,out,len, aesni_cbc_encrypt(in,out,len,
&key->ks,ctx->iv,0); &key->ks,ctx->iv,0);
if (plen) { /* "TLS" mode of operation */ if (plen) { /* "TLS" mode of operation */
/* figure out payload length */ size_t inp_len, mask, j, i;
if (len<(size_t)(out[len-1]+1+SHA_DIGEST_LENGTH)) unsigned int res, maxpad, pad, bitlen;
return 0; int ret = 1;
union { unsigned int u[SHA_LBLOCK];
len -= (out[len-1]+1+SHA_DIGEST_LENGTH); unsigned char c[SHA_CBLOCK]; }
*data = (void *)key->md.data;
if ((key->aux.tls_aad[plen-4]<<8|key->aux.tls_aad[plen-3]) if ((key->aux.tls_aad[plen-4]<<8|key->aux.tls_aad[plen-3])
>= TLS1_1_VERSION) { >= TLS1_1_VERSION)
len -= AES_BLOCK_SIZE;
iv = AES_BLOCK_SIZE; iv = AES_BLOCK_SIZE;
}
key->aux.tls_aad[plen-2] = len>>8; if (len<(iv+SHA_DIGEST_LENGTH+1))
key->aux.tls_aad[plen-1] = len; return 0;
/* omit explicit iv */
out += iv;
len -= iv;
/* figure out payload length */
pad = out[len-1];
maxpad = len-(SHA_DIGEST_LENGTH+1);
maxpad |= (255-maxpad)>>(sizeof(maxpad)*8-8);
maxpad &= 255;
inp_len = len - (SHA_DIGEST_LENGTH+pad+1);
mask = (0-((inp_len-len)>>(sizeof(inp_len)*8-1)));
inp_len &= mask;
ret &= (int)mask;
key->aux.tls_aad[plen-2] = inp_len>>8;
key->aux.tls_aad[plen-1] = inp_len;
/* calculate HMAC and verify it */ /* calculate HMAC */
key->md = key->head; key->md = key->head;
SHA1_Update(&key->md,key->aux.tls_aad,plen); SHA1_Update(&key->md,key->aux.tls_aad,plen);
SHA1_Update(&key->md,out+iv,len);
SHA1_Final(mac,&key->md);
#if 1
len -= SHA_DIGEST_LENGTH; /* amend mac */
if (len>=(256+SHA_CBLOCK)) {
j = (len-(256+SHA_CBLOCK))&(0-SHA_CBLOCK);
j += SHA_CBLOCK-key->md.num;
SHA1_Update(&key->md,out,j);
out += j;
len -= j;
inp_len -= j;
}
/* but pretend as if we hashed padded payload */
bitlen = key->md.Nl+(inp_len<<3); /* at most 18 bits */
#ifdef BSWAP
bitlen = BSWAP(bitlen);
#else
mac.c[0] = 0;
mac.c[1] = (unsigned char)(bitlen>>16);
mac.c[2] = (unsigned char)(bitlen>>8);
mac.c[3] = (unsigned char)bitlen;
bitlen = mac.u[0];
#endif
pmac->u[0]=0;
pmac->u[1]=0;
pmac->u[2]=0;
pmac->u[3]=0;
pmac->u[4]=0;
for (res=key->md.num, j=0;j<len;j++) {
size_t c = out[j];
mask = (j-inp_len)>>(sizeof(j)*8-8);
c &= mask;
c |= 0x80&~mask&~((inp_len-j)>>(sizeof(j)*8-8));
data->c[res++]=(unsigned char)c;
if (res!=SHA_CBLOCK) continue;
mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
data->u[SHA_LBLOCK-1] |= bitlen&mask;
sha1_block_data_order(&key->md,data,1);
mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
pmac->u[3] |= key->md.h3 & mask;
pmac->u[4] |= key->md.h4 & mask;
res=0;
}
for(i=res;i<SHA_CBLOCK;i++,j++) data->c[i]=0;
if (res>SHA_CBLOCK-8) {
mask = 0-((inp_len+8-j)>>(sizeof(j)*8-1));
data->u[SHA_LBLOCK-1] |= bitlen&mask;
sha1_block_data_order(&key->md,data,1);
mask &= 0-((j-inp_len-73)>>(sizeof(j)*8-1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
pmac->u[3] |= key->md.h3 & mask;
pmac->u[4] |= key->md.h4 & mask;
memset(data,0,SHA_CBLOCK);
j+=64;
}
data->u[SHA_LBLOCK-1] = bitlen;
sha1_block_data_order(&key->md,data,1);
mask = 0-((j-inp_len-73)>>(sizeof(j)*8-1));
pmac->u[0] |= key->md.h0 & mask;
pmac->u[1] |= key->md.h1 & mask;
pmac->u[2] |= key->md.h2 & mask;
pmac->u[3] |= key->md.h3 & mask;
pmac->u[4] |= key->md.h4 & mask;
#ifdef BSWAP
pmac->u[0] = BSWAP(pmac->u[0]);
pmac->u[1] = BSWAP(pmac->u[1]);
pmac->u[2] = BSWAP(pmac->u[2]);
pmac->u[3] = BSWAP(pmac->u[3]);
pmac->u[4] = BSWAP(pmac->u[4]);
#else
for (i=0;i<5;i++) {
res = pmac->u[i];
pmac->c[4*i+0]=(unsigned char)(res>>24);
pmac->c[4*i+1]=(unsigned char)(res>>16);
pmac->c[4*i+2]=(unsigned char)(res>>8);
pmac->c[4*i+3]=(unsigned char)res;
}
#endif
len += SHA_DIGEST_LENGTH;
#else
SHA1_Update(&key->md,out,inp_len);
res = key->md.num;
SHA1_Final(pmac->c,&key->md);
{
unsigned int inp_blocks, pad_blocks;
/* but pretend as if we hashed padded payload */
inp_blocks = 1+((SHA_CBLOCK-9-res)>>(sizeof(res)*8-1));
res += (unsigned int)(len-inp_len);
pad_blocks = res / SHA_CBLOCK;
res %= SHA_CBLOCK;
pad_blocks += 1+((SHA_CBLOCK-9-res)>>(sizeof(res)*8-1));
for (;inp_blocks<pad_blocks;inp_blocks++)
sha1_block_data_order(&key->md,data,1);
}
#endif
key->md = key->tail; key->md = key->tail;
SHA1_Update(&key->md,mac,SHA_DIGEST_LENGTH); SHA1_Update(&key->md,pmac->c,SHA_DIGEST_LENGTH);
SHA1_Final(mac,&key->md); SHA1_Final(pmac->c,&key->md);
if (memcmp(out+iv+len,mac,SHA_DIGEST_LENGTH)) /* verify HMAC */
return 0; out += inp_len;
len -= inp_len;
#if 1
{
unsigned char *p = out+len-1-maxpad-SHA_DIGEST_LENGTH;
size_t off = out-p;
unsigned int c, cmask;
maxpad += SHA_DIGEST_LENGTH;
for (res=0,i=0,j=0;j<maxpad;j++) {
c = p[j];
cmask = ((int)(j-off-SHA_DIGEST_LENGTH))>>(sizeof(int)*8-1);
res |= (c^pad)&~cmask; /* ... and padding */
cmask &= ((int)(off-1-j))>>(sizeof(int)*8-1);
res |= (c^pmac->c[i])&cmask;
i += 1&cmask;
}
maxpad -= SHA_DIGEST_LENGTH;
res = 0-((0-res)>>(sizeof(res)*8-1));
ret &= (int)~res;
}
#else
for (res=0,i=0;i<SHA_DIGEST_LENGTH;i++)
res |= out[i]^pmac->c[i];
res = 0-((0-res)>>(sizeof(res)*8-1));
ret &= (int)~res;
/* verify padding */
pad = (pad&~res) | (maxpad&res);
out = out+len-1-pad;
for (res=0,i=0;i<pad;i++)
res |= out[i]^pad;
res = (0-res)>>(sizeof(res)*8-1);
ret &= (int)~res;
#endif
return ret;
} else { } else {
SHA1_Update(&key->md,out,len); SHA1_Update(&key->md,out,len);
} }
} }
key->payload_length = NO_PAYLOAD_LENGTH;
return 1; return 1;
} }
@ -309,6 +481,8 @@ static int aesni_cbc_hmac_sha1_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void
SHA1_Init(&key->tail); SHA1_Init(&key->tail);
SHA1_Update(&key->tail,hmac_key,sizeof(hmac_key)); SHA1_Update(&key->tail,hmac_key,sizeof(hmac_key));
OPENSSL_cleanse(hmac_key,sizeof(hmac_key));
return 1; return 1;
} }
case EVP_CTRL_AEAD_TLS1_AAD: case EVP_CTRL_AEAD_TLS1_AAD:

15
deps/openssl/openssl/crypto/evp/evp.h

@ -402,7 +402,6 @@ struct evp_cipher_st
/* Length of tag for TLS */ /* Length of tag for TLS */
#define EVP_GCM_TLS_TAG_LEN 16 #define EVP_GCM_TLS_TAG_LEN 16
typedef struct evp_cipher_info_st typedef struct evp_cipher_info_st
{ {
const EVP_CIPHER *cipher; const EVP_CIPHER *cipher;
@ -789,8 +788,8 @@ const EVP_CIPHER *EVP_aes_128_cfb128(void);
# define EVP_aes_128_cfb EVP_aes_128_cfb128 # define EVP_aes_128_cfb EVP_aes_128_cfb128
const EVP_CIPHER *EVP_aes_128_ofb(void); const EVP_CIPHER *EVP_aes_128_ofb(void);
const EVP_CIPHER *EVP_aes_128_ctr(void); const EVP_CIPHER *EVP_aes_128_ctr(void);
const EVP_CIPHER *EVP_aes_128_gcm(void);
const EVP_CIPHER *EVP_aes_128_ccm(void); const EVP_CIPHER *EVP_aes_128_ccm(void);
const EVP_CIPHER *EVP_aes_128_gcm(void);
const EVP_CIPHER *EVP_aes_128_xts(void); const EVP_CIPHER *EVP_aes_128_xts(void);
const EVP_CIPHER *EVP_aes_192_ecb(void); const EVP_CIPHER *EVP_aes_192_ecb(void);
const EVP_CIPHER *EVP_aes_192_cbc(void); const EVP_CIPHER *EVP_aes_192_cbc(void);
@ -800,8 +799,8 @@ const EVP_CIPHER *EVP_aes_192_cfb128(void);
# define EVP_aes_192_cfb EVP_aes_192_cfb128 # define EVP_aes_192_cfb EVP_aes_192_cfb128
const EVP_CIPHER *EVP_aes_192_ofb(void); const EVP_CIPHER *EVP_aes_192_ofb(void);
const EVP_CIPHER *EVP_aes_192_ctr(void); const EVP_CIPHER *EVP_aes_192_ctr(void);
const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_192_ccm(void); const EVP_CIPHER *EVP_aes_192_ccm(void);
const EVP_CIPHER *EVP_aes_192_gcm(void);
const EVP_CIPHER *EVP_aes_256_ecb(void); const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void); const EVP_CIPHER *EVP_aes_256_cbc(void);
const EVP_CIPHER *EVP_aes_256_cfb1(void); const EVP_CIPHER *EVP_aes_256_cfb1(void);
@ -810,8 +809,8 @@ const EVP_CIPHER *EVP_aes_256_cfb128(void);
# define EVP_aes_256_cfb EVP_aes_256_cfb128 # define EVP_aes_256_cfb EVP_aes_256_cfb128
const EVP_CIPHER *EVP_aes_256_ofb(void); const EVP_CIPHER *EVP_aes_256_ofb(void);
const EVP_CIPHER *EVP_aes_256_ctr(void); const EVP_CIPHER *EVP_aes_256_ctr(void);
const EVP_CIPHER *EVP_aes_256_gcm(void);
const EVP_CIPHER *EVP_aes_256_ccm(void); const EVP_CIPHER *EVP_aes_256_ccm(void);
const EVP_CIPHER *EVP_aes_256_gcm(void);
const EVP_CIPHER *EVP_aes_256_xts(void); const EVP_CIPHER *EVP_aes_256_xts(void);
#if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1) #if !defined(OPENSSL_NO_SHA) && !defined(OPENSSL_NO_SHA1)
const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void); const EVP_CIPHER *EVP_aes_128_cbc_hmac_sha1(void);
@ -1243,6 +1242,8 @@ void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl_str)(EVP_PKEY_CTX *ctx, int (*ctrl_str)(EVP_PKEY_CTX *ctx,
const char *type, const char *value)); const char *type, const char *value));
void EVP_add_alg_module(void);
/* BEGIN ERROR CODES */ /* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes /* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run. * made after this point may be overwritten when the script is next run.
@ -1257,6 +1258,7 @@ void ERR_load_EVP_strings(void);
#define EVP_F_AES_INIT_KEY 133 #define EVP_F_AES_INIT_KEY 133
#define EVP_F_AES_XTS 172 #define EVP_F_AES_XTS 172
#define EVP_F_AES_XTS_CIPHER 175 #define EVP_F_AES_XTS_CIPHER 175
#define EVP_F_ALG_MODULE_INIT 177
#define EVP_F_CAMELLIA_INIT_KEY 159 #define EVP_F_CAMELLIA_INIT_KEY 159
#define EVP_F_CMAC_INIT 173 #define EVP_F_CMAC_INIT 173
#define EVP_F_D2I_PKEY 100 #define EVP_F_D2I_PKEY 100
@ -1350,15 +1352,19 @@ void ERR_load_EVP_strings(void);
#define EVP_R_DIFFERENT_PARAMETERS 153 #define EVP_R_DIFFERENT_PARAMETERS 153
#define EVP_R_DISABLED_FOR_FIPS 163 #define EVP_R_DISABLED_FOR_FIPS 163
#define EVP_R_ENCODE_ERROR 115 #define EVP_R_ENCODE_ERROR 115
#define EVP_R_ERROR_LOADING_SECTION 165
#define EVP_R_ERROR_SETTING_FIPS_MODE 166
#define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119 #define EVP_R_EVP_PBE_CIPHERINIT_ERROR 119
#define EVP_R_EXPECTING_AN_RSA_KEY 127 #define EVP_R_EXPECTING_AN_RSA_KEY 127
#define EVP_R_EXPECTING_A_DH_KEY 128 #define EVP_R_EXPECTING_A_DH_KEY 128
#define EVP_R_EXPECTING_A_DSA_KEY 129 #define EVP_R_EXPECTING_A_DSA_KEY 129
#define EVP_R_EXPECTING_A_ECDSA_KEY 141 #define EVP_R_EXPECTING_A_ECDSA_KEY 141
#define EVP_R_EXPECTING_A_EC_KEY 142 #define EVP_R_EXPECTING_A_EC_KEY 142
#define EVP_R_FIPS_MODE_NOT_SUPPORTED 167
#define EVP_R_INITIALIZATION_ERROR 134 #define EVP_R_INITIALIZATION_ERROR 134
#define EVP_R_INPUT_NOT_INITIALIZED 111 #define EVP_R_INPUT_NOT_INITIALIZED 111
#define EVP_R_INVALID_DIGEST 152 #define EVP_R_INVALID_DIGEST 152
#define EVP_R_INVALID_FIPS_MODE 168
#define EVP_R_INVALID_KEY_LENGTH 130 #define EVP_R_INVALID_KEY_LENGTH 130
#define EVP_R_INVALID_OPERATION 148 #define EVP_R_INVALID_OPERATION 148
#define EVP_R_IV_TOO_LARGE 102 #define EVP_R_IV_TOO_LARGE 102
@ -1383,6 +1389,7 @@ void ERR_load_EVP_strings(void);
#define EVP_R_TOO_LARGE 164 #define EVP_R_TOO_LARGE 164
#define EVP_R_UNKNOWN_CIPHER 160 #define EVP_R_UNKNOWN_CIPHER 160
#define EVP_R_UNKNOWN_DIGEST 161 #define EVP_R_UNKNOWN_DIGEST 161
#define EVP_R_UNKNOWN_OPTION 169
#define EVP_R_UNKNOWN_PBE_ALGORITHM 121 #define EVP_R_UNKNOWN_PBE_ALGORITHM 121
#define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135 #define EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS 135
#define EVP_R_UNSUPPORTED_ALGORITHM 156 #define EVP_R_UNSUPPORTED_ALGORITHM 156

125
deps/openssl/openssl/crypto/evp/evp_cnf.c

@ -0,0 +1,125 @@
/* evp_cnf.c */
/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
* project 2007.
*/
/* ====================================================================
* Copyright (c) 2007 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* 3. All advertising materials mentioning features or use of this
* software must display the following acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
*
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
* endorse or promote products derived from this software without
* prior written permission. For written permission, please contact
* licensing@OpenSSL.org.
*
* 5. Products derived from this software may not be called "OpenSSL"
* nor may "OpenSSL" appear in their names without prior written
* permission of the OpenSSL Project.
*
* 6. Redistributions of any form whatsoever must retain the following
* acknowledgment:
* "This product includes software developed by the OpenSSL Project
* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
*
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
* ====================================================================
*
* This product includes cryptographic software written by Eric Young
* (eay@cryptsoft.com). This product includes software written by Tim
* Hudson (tjh@cryptsoft.com).
*
*/
#include <stdio.h>
#include <ctype.h>
#include <openssl/crypto.h>
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/dso.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#ifdef OPENSSL_FIPS
#include <openssl/fips.h>
#endif
/* Algorithm configuration module. */
static int alg_module_init(CONF_IMODULE *md, const CONF *cnf)
{
int i;
const char *oid_section;
STACK_OF(CONF_VALUE) *sktmp;
CONF_VALUE *oval;
oid_section = CONF_imodule_get_value(md);
if(!(sktmp = NCONF_get_section(cnf, oid_section)))
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_LOADING_SECTION);
return 0;
}
for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++)
{
oval = sk_CONF_VALUE_value(sktmp, i);
if (!strcmp(oval->name, "fips_mode"))
{
int m;
if (!X509V3_get_value_bool(oval, &m))
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_INVALID_FIPS_MODE);
return 0;
}
if (m > 0)
{
#ifdef OPENSSL_FIPS
if (!FIPS_mode() && !FIPS_mode_set(1))
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_ERROR_SETTING_FIPS_MODE);
return 0;
}
#else
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_FIPS_MODE_NOT_SUPPORTED);
return 0;
#endif
}
}
else
{
EVPerr(EVP_F_ALG_MODULE_INIT, EVP_R_UNKNOWN_OPTION);
ERR_add_error_data(4, "name=", oval->name,
", value=", oval->value);
}
}
return 1;
}
void EVP_add_alg_module(void)
{
CONF_module_add("alg_section", alg_module_init, 0);
}

6
deps/openssl/openssl/crypto/evp/evp_err.c

@ -75,6 +75,7 @@ static ERR_STRING_DATA EVP_str_functs[]=
{ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"}, {ERR_FUNC(EVP_F_AES_INIT_KEY), "AES_INIT_KEY"},
{ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"}, {ERR_FUNC(EVP_F_AES_XTS), "AES_XTS"},
{ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"}, {ERR_FUNC(EVP_F_AES_XTS_CIPHER), "AES_XTS_CIPHER"},
{ERR_FUNC(EVP_F_ALG_MODULE_INIT), "ALG_MODULE_INIT"},
{ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"}, {ERR_FUNC(EVP_F_CAMELLIA_INIT_KEY), "CAMELLIA_INIT_KEY"},
{ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"}, {ERR_FUNC(EVP_F_CMAC_INIT), "CMAC_INIT"},
{ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"}, {ERR_FUNC(EVP_F_D2I_PKEY), "D2I_PKEY"},
@ -171,15 +172,19 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"}, {ERR_REASON(EVP_R_DIFFERENT_PARAMETERS) ,"different parameters"},
{ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"}, {ERR_REASON(EVP_R_DISABLED_FOR_FIPS) ,"disabled for fips"},
{ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"}, {ERR_REASON(EVP_R_ENCODE_ERROR) ,"encode error"},
{ERR_REASON(EVP_R_ERROR_LOADING_SECTION) ,"error loading section"},
{ERR_REASON(EVP_R_ERROR_SETTING_FIPS_MODE),"error setting fips mode"},
{ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"}, {ERR_REASON(EVP_R_EVP_PBE_CIPHERINIT_ERROR),"evp pbe cipherinit error"},
{ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"}, {ERR_REASON(EVP_R_EXPECTING_AN_RSA_KEY) ,"expecting an rsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"}, {ERR_REASON(EVP_R_EXPECTING_A_DH_KEY) ,"expecting a dh key"},
{ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_DSA_KEY) ,"expecting a dsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"}, {ERR_REASON(EVP_R_EXPECTING_A_ECDSA_KEY) ,"expecting a ecdsa key"},
{ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"}, {ERR_REASON(EVP_R_EXPECTING_A_EC_KEY) ,"expecting a ec key"},
{ERR_REASON(EVP_R_FIPS_MODE_NOT_SUPPORTED),"fips mode not supported"},
{ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"}, {ERR_REASON(EVP_R_INITIALIZATION_ERROR) ,"initialization error"},
{ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"}, {ERR_REASON(EVP_R_INPUT_NOT_INITIALIZED) ,"input not initialized"},
{ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"}, {ERR_REASON(EVP_R_INVALID_DIGEST) ,"invalid digest"},
{ERR_REASON(EVP_R_INVALID_FIPS_MODE) ,"invalid fips mode"},
{ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"}, {ERR_REASON(EVP_R_INVALID_KEY_LENGTH) ,"invalid key length"},
{ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"}, {ERR_REASON(EVP_R_INVALID_OPERATION) ,"invalid operation"},
{ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"}, {ERR_REASON(EVP_R_IV_TOO_LARGE) ,"iv too large"},
@ -204,6 +209,7 @@ static ERR_STRING_DATA EVP_str_reasons[]=
{ERR_REASON(EVP_R_TOO_LARGE) ,"too large"}, {ERR_REASON(EVP_R_TOO_LARGE) ,"too large"},
{ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"}, {ERR_REASON(EVP_R_UNKNOWN_CIPHER) ,"unknown cipher"},
{ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"}, {ERR_REASON(EVP_R_UNKNOWN_DIGEST) ,"unknown digest"},
{ERR_REASON(EVP_R_UNKNOWN_OPTION) ,"unknown option"},
{ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"}, {ERR_REASON(EVP_R_UNKNOWN_PBE_ALGORITHM) ,"unknown pbe algorithm"},
{ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"}, {ERR_REASON(EVP_R_UNSUPORTED_NUMBER_OF_ROUNDS),"unsuported number of rounds"},
{ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"}, {ERR_REASON(EVP_R_UNSUPPORTED_ALGORITHM) ,"unsupported algorithm"},

2
deps/openssl/openssl/crypto/evp/m_dss.c

@ -60,7 +60,7 @@
#include "cryptlib.h" #include "cryptlib.h"
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/x509.h> #include <openssl/sha.h>
#ifndef OPENSSL_NO_DSA #ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h> #include <openssl/dsa.h>
#endif #endif

2
deps/openssl/openssl/crypto/evp/m_dss1.c

@ -63,7 +63,7 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/x509.h> #include <openssl/sha.h>
#ifndef OPENSSL_NO_DSA #ifndef OPENSSL_NO_DSA
#include <openssl/dsa.h> #include <openssl/dsa.h>
#endif #endif

2
deps/openssl/openssl/crypto/evp/m_sha1.c

@ -65,7 +65,7 @@
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/objects.h> #include <openssl/objects.h>
#include <openssl/x509.h> #include <openssl/sha.h>
#ifndef OPENSSL_NO_RSA #ifndef OPENSSL_NO_RSA
#include <openssl/rsa.h> #include <openssl/rsa.h>
#endif #endif

2
deps/openssl/openssl/crypto/evp/p_sign.c

@ -80,7 +80,7 @@ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
{ {
unsigned char m[EVP_MAX_MD_SIZE]; unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len; unsigned int m_len;
int i=0,ok=0,v; int i = 0,ok = 0,v;
EVP_MD_CTX tmp_ctx; EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL; EVP_PKEY_CTX *pkctx = NULL;

2
deps/openssl/openssl/crypto/evp/p_verify.c

@ -67,7 +67,7 @@ int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
{ {
unsigned char m[EVP_MAX_MD_SIZE]; unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len; unsigned int m_len;
int i=-1,ok=0,v; int i = 0,ok = 0,v;
EVP_MD_CTX tmp_ctx; EVP_MD_CTX tmp_ctx;
EVP_PKEY_CTX *pkctx = NULL; EVP_PKEY_CTX *pkctx = NULL;

Some files were not shown because too many files changed in this diff

Loading…
Cancel
Save