Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/crypto/external/bsd/openssl resolve conflicts
details: https://anonhg.NetBSD.org/src/rev/895d9ce91079
branches: trunk
changeset: 848274:895d9ce91079
user: christos <christos%NetBSD.org@localhost>
date: Thu Jan 23 02:54:53 2020 +0000
description:
resolve conflicts
diffstat:
crypto/external/bsd/openssl/dist/CHANGES | 111 +-
crypto/external/bsd/openssl/dist/Configure | 5 +-
crypto/external/bsd/openssl/dist/NEWS | 19 +-
crypto/external/bsd/openssl/dist/README | 2 +-
crypto/external/bsd/openssl/dist/apps/ca.c | 4 +-
crypto/external/bsd/openssl/dist/apps/ocsp.c | 6 +-
crypto/external/bsd/openssl/dist/apps/openssl.c | 3 +-
crypto/external/bsd/openssl/dist/apps/req.c | 16 +-
crypto/external/bsd/openssl/dist/apps/s_client.c | 2 +-
crypto/external/bsd/openssl/dist/apps/speed.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-586.pl | 3000 ---------
crypto/external/bsd/openssl/dist/crypto/aes/asm/aes-x86_64.pl | 2916 ---------
crypto/external/bsd/openssl/dist/crypto/aes/asm/bsaes-x86_64.pl | 3239 ----------
crypto/external/bsd/openssl/dist/crypto/asn1/a_type.c | 10 +-
crypto/external/bsd/openssl/dist/crypto/bio/bss_file.c | 61 +-
crypto/external/bsd/openssl/dist/crypto/bn/asm/mips.pl | 2 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_lcl.h | 4 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_lib.c | 101 +-
crypto/external/bsd/openssl/dist/crypto/bn/bn_rand.c | 7 +-
crypto/external/bsd/openssl/dist/crypto/dh/dh_lib.c | 6 +-
crypto/external/bsd/openssl/dist/crypto/dsa/dsa_ameth.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/dso/dso_dlfcn.c | 5 +-
crypto/external/bsd/openssl/dist/crypto/ec/ec_asn1.c | 73 +-
crypto/external/bsd/openssl/dist/crypto/ec/ec_lcl.h | 4 +-
crypto/external/bsd/openssl/dist/crypto/ec/ec_lib.c | 103 +-
crypto/external/bsd/openssl/dist/crypto/engine/eng_devcrypto.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/evp/e_aes.c | 91 +-
crypto/external/bsd/openssl/dist/crypto/lhash/lhash.c | 8 +-
crypto/external/bsd/openssl/dist/crypto/pkcs7/pk7_doit.c | 14 +-
crypto/external/bsd/openssl/dist/crypto/rand/rand_unix.c | 185 +-
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_err.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_gen.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/rsa/rsa_lib.c | 17 +-
crypto/external/bsd/openssl/dist/crypto/threads_pthread.c | 12 +-
crypto/external/bsd/openssl/dist/crypto/ui/ui_lib.c | 4 +-
crypto/external/bsd/openssl/dist/crypto/ui/ui_openssl.c | 2 +-
crypto/external/bsd/openssl/dist/crypto/uid.c | 18 +-
crypto/external/bsd/openssl/dist/crypto/x509/x509_vfy.c | 12 +-
crypto/external/bsd/openssl/dist/e_os.h | 30 +-
crypto/external/bsd/openssl/dist/include/internal/refcount.h | 2 +-
crypto/external/bsd/openssl/dist/include/internal/tsan_assist.h | 2 +-
crypto/external/bsd/openssl/dist/ssl/s3_lib.c | 14 +-
crypto/external/bsd/openssl/dist/ssl/ssl_ciph.c | 13 +-
crypto/external/bsd/openssl/dist/ssl/ssl_lib.c | 20 +-
crypto/external/bsd/openssl/dist/ssl/ssl_locl.h | 37 +-
crypto/external/bsd/openssl/dist/ssl/ssl_sess.c | 39 +-
crypto/external/bsd/openssl/dist/ssl/t1_lib.c | 275 +-
crypto/external/bsd/openssl/dist/test/bntest.c | 47 +-
crypto/external/bsd/openssl/dist/test/dhtest.c | 77 +-
crypto/external/bsd/openssl/dist/test/ectest.c | 444 +-
crypto/external/bsd/openssl/dist/test/enginetest.c | 19 +-
crypto/external/bsd/openssl/dist/test/evp_extra_test.c | 2 +-
crypto/external/bsd/openssl/dist/test/evp_test.c | 34 +-
crypto/external/bsd/openssl/dist/test/testutil/driver.c | 26 +-
crypto/external/bsd/openssl/dist/util/mkdef.pl | 4 +-
crypto/external/bsd/openssl/lib/libcrypto/crypto.map | 23 +-
crypto/external/bsd/openssl/lib/libssl/ssl.map | 7 +-
57 files changed, 1618 insertions(+), 9573 deletions(-)
diffs (truncated from 12847 to 300 lines):
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/CHANGES
--- a/crypto/external/bsd/openssl/dist/CHANGES Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/CHANGES Thu Jan 23 02:54:53 2020 +0000
@@ -7,6 +7,101 @@
https://github.com/openssl/openssl/commits/ and pick the appropriate
release branch.
+ Changes between 1.1.1c and 1.1.1d [10 Sep 2019]
+
+ *) Fixed a fork protection issue. OpenSSL 1.1.1 introduced a rewritten random
+ number generator (RNG). This was intended to include protection in the
+ event of a fork() system call in order to ensure that the parent and child
+ processes did not share the same RNG state. However this protection was not
+ being used in the default case.
+
+ A partial mitigation for this issue is that the output from a high
+ precision timer is mixed into the RNG state so the likelihood of a parent
+ and child process sharing state is significantly reduced.
+
+ If an application already calls OPENSSL_init_crypto() explicitly using
+ OPENSSL_INIT_ATFORK then this problem does not occur at all.
+ (CVE-2019-1549)
+ [Matthias St. Pierre]
+
+ *) For built-in EC curves, ensure an EC_GROUP built from the curve name is
+ used even when parsing explicit parameters, when loading a serialized key
+ or calling `EC_GROUP_new_from_ecpkparameters()`/
+ `EC_GROUP_new_from_ecparameters()`.
+ This prevents bypass of security hardening and performance gains,
+ especially for curves with specialized EC_METHODs.
+ By default, if a key encoded with explicit parameters is loaded and later
+ serialized, the output is still encoded with explicit parameters, even if
+ internally a "named" EC_GROUP is used for computation.
+ [Nicola Tuveri]
+
+ *) Compute ECC cofactors if not provided during EC_GROUP construction. Before
+ this change, EC_GROUP_set_generator would accept order and/or cofactor as
+ NULL. After this change, only the cofactor parameter can be NULL. It also
+ does some minimal sanity checks on the passed order.
+ (CVE-2019-1547)
+ [Billy Bob Brumley]
+
+ *) Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey.
+ An attack is simple, if the first CMS_recipientInfo is valid but the
+ second CMS_recipientInfo is chosen ciphertext. If the second
+ recipientInfo decodes to PKCS #1 v1.5 form plaintext, the correct
+ encryption key will be replaced by garbage, and the message cannot be
+ decoded, but if the RSA decryption fails, the correct encryption key is
+ used and the recipient will not notice the attack.
+ As a work around for this potential attack the length of the decrypted
+ key must be equal to the cipher default key length, in case the
+ certifiate is not given and all recipientInfo are tried out.
+ The old behaviour can be re-enabled in the CMS code by setting the
+ CMS_DEBUG_DECRYPT flag.
+ (CVE-2019-1563)
+ [Bernd Edlinger]
+
+ *) Early start up entropy quality from the DEVRANDOM seed source has been
+ improved for older Linux systems. The RAND subsystem will wait for
+ /dev/random to be producing output before seeding from /dev/urandom.
+ The seeded state is stored for future library initialisations using
+ a system global shared memory segment. The shared memory identifier
+ can be configured by defining OPENSSL_RAND_SEED_DEVRANDOM_SHM_ID to
+ the desired value. The default identifier is 114.
+ [Paul Dale]
+
+ *) Correct the extended master secret constant on EBCDIC systems. Without this
+ fix TLS connections between an EBCDIC system and a non-EBCDIC system that
+ negotiate EMS will fail. Unfortunately this also means that TLS connections
+ between EBCDIC systems with this fix, and EBCDIC systems without this
+ fix will fail if they negotiate EMS.
+ [Matt Caswell]
+
+ *) Use Windows installation paths in the mingw builds
+
+ Mingw isn't a POSIX environment per se, which means that Windows
+ paths should be used for installation.
+ (CVE-2019-1552)
+ [Richard Levitte]
+
+ *) Changed DH_check to accept parameters with order q and 2q subgroups.
+ With order 2q subgroups the bit 0 of the private key is not secret
+ but DH_generate_key works around that by clearing bit 0 of the
+ private key for those. This avoids leaking bit 0 of the private key.
+ [Bernd Edlinger]
+
+ *) Significantly reduce secure memory usage by the randomness pools.
+ [Paul Dale]
+
+ *) Revert the DEVRANDOM_WAIT feature for Linux systems
+
+ The DEVRANDOM_WAIT feature added a select() call to wait for the
+ /dev/random device to become readable before reading from the
+ /dev/urandom device.
+
+ It turned out that this change had negative side effects on
+ performance which were not acceptable. After some discussion it
+ was decided to revert this feature and leave it up to the OS
+ resp. the platform maintainer to ensure a proper initialization
+ during early boot time.
+ [Matthias St. Pierre]
+
Changes between 1.1.1b and 1.1.1c [28 May 2019]
*) Add build tests for C++. These are generated files that only do one
@@ -75,6 +170,16 @@
(CVE-2019-1543)
[Matt Caswell]
+ *) Add DEVRANDOM_WAIT feature for Linux systems
+
+ On older Linux systems where the getrandom() system call is not available,
+ OpenSSL normally uses the /dev/urandom device for seeding its CSPRNG.
+ Contrary to getrandom(), the /dev/urandom device will not block during
+ early boot when the kernel CSPRNG has not been seeded yet.
+
+ To mitigate this known weakness, use select() to wait for /dev/random to
+ become readable before reading from /dev/urandom.
+
*) Ensure that SM2 only uses SM3 as digest algorithm
[Paul Yang]
@@ -322,7 +427,7 @@
SSL_set_ciphersuites()
[Matt Caswell]
- *) Memory allocation failures consistenly add an error to the error
+ *) Memory allocation failures consistently add an error to the error
stack.
[Rich Salz]
@@ -6860,7 +6965,7 @@
reason texts, thereby removing some of the footprint that may not
be interesting if those errors aren't displayed anyway.
- NOTE: it's still possible for any application or module to have it's
+ NOTE: it's still possible for any application or module to have its
own set of error texts inserted. The routines are there, just not
used by default when no-err is given.
[Richard Levitte]
@@ -8826,7 +8931,7 @@
Changes between 0.9.6g and 0.9.6h [5 Dec 2002]
*) New function OPENSSL_cleanse(), which is used to cleanse a section of
- memory from it's contents. This is done with a counter that will
+ memory from its contents. This is done with a counter that will
place alternating values in each byte. This can be used to solve
two issues: 1) the removal of calls to memset() by highly optimizing
compilers, and 2) cleansing with other values than 0, since those can
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/Configure
--- a/crypto/external/bsd/openssl/dist/Configure Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/Configure Thu Jan 23 02:54:53 2020 +0000
@@ -87,9 +87,6 @@
# linked openssl executable has rather debugging value than
# production quality.
#
-# DEBUG_SAFESTACK use type-safe stacks to enforce type-safety on stack items
-# provided to stack calls. Generates unique stack functions for
-# each possible stack type.
# BN_LLONG use the type 'long long' in crypto/bn/bn.h
# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
# Following are set automatically by this script
@@ -145,13 +142,13 @@
# -Wunused-macros -- no, too tricky for BN and _XOPEN_SOURCE etc
# -Wextended-offsetof -- no, needed in CMS ASN1 code
my @clang_devteam_warn = qw(
+ -Wno-unknown-warning-option
-Wswitch-default
-Wno-parentheses-equality
-Wno-language-extension-token
-Wno-extended-offsetof
-Wconditional-uninitialized
-Wincompatible-pointer-types-discards-qualifiers
- -Wno-unknown-warning-option
-Wmissing-variable-declarations
);
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/NEWS
--- a/crypto/external/bsd/openssl/dist/NEWS Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/NEWS Thu Jan 23 02:54:53 2020 +0000
@@ -5,6 +5,23 @@
This file gives a brief overview of the major changes between each OpenSSL
release. For more details please read the CHANGES file.
+ Major changes between OpenSSL 1.1.1c and OpenSSL 1.1.1d [10 Sep 2019]
+
+ o Fixed a fork protection issue (CVE-2019-1549)
+ o Fixed a padding oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey
+ (CVE-2019-1563)
+ o For built-in EC curves, ensure an EC_GROUP built from the curve name is
+ used even when parsing explicit parameters
+ o Compute ECC cofactors if not provided during EC_GROUP construction
+ (CVE-2019-1547)
+ o Early start up entropy quality from the DEVRANDOM seed source has been
+ improved for older Linux systems
+ o Correct the extended master secret constant on EBCDIC systems
+ o Use Windows installation paths in the mingw builds (CVE-2019-1552)
+ o Changed DH_check to accept parameters with order q and 2q subgroups
+ o Significantly reduce secure memory usage by the randomness pools
+ o Revert the DEVRANDOM_WAIT feature for Linux systems
+
Major changes between OpenSSL 1.1.1b and OpenSSL 1.1.1c [28 May 2019]
o Prevent over long nonces in ChaCha20-Poly1305 (CVE-2019-1543)
@@ -601,7 +618,7 @@
Major changes between OpenSSL 0.9.7h and OpenSSL 0.9.7i [14 Oct 2005]:
- o Give EVP_MAX_MD_SIZE it's old value, except for a FIPS build.
+ o Give EVP_MAX_MD_SIZE its old value, except for a FIPS build.
Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.7h [11 Oct 2005]:
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/README
--- a/crypto/external/bsd/openssl/dist/README Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/README Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
- OpenSSL 1.1.1c 28 May 2019
+ OpenSSL 1.1.1d 10 Sep 2019
Copyright (c) 1998-2019 The OpenSSL Project
Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/apps/ca.c
--- a/crypto/external/bsd/openssl/dist/apps/ca.c Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/ca.c Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -722,7 +722,7 @@
/*****************************************************************/
if (req || gencrl) {
- if (spkac_file != NULL) {
+ if (spkac_file != NULL && outfile != NULL) {
output_der = 1;
batch = 1;
}
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/apps/ocsp.c
--- a/crypto/external/bsd/openssl/dist/apps/ocsp.c Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/ocsp.c Thu Jan 23 02:54:53 2020 +0000
@@ -1416,9 +1416,11 @@
*q = '\0';
/*
- * Skip "GET / HTTP..." requests often used by load-balancers
+ * Skip "GET / HTTP..." requests often used by load-balancers. Note:
+ * 'p' was incremented above to point to the first byte *after* the
+ * leading slash, so with 'GET / ' it is now an empty string.
*/
- if (p[1] == '\0')
+ if (p[0] == '\0')
goto out;
len = urldecode(p);
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/apps/openssl.c
--- a/crypto/external/bsd/openssl/dist/apps/openssl.c Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/openssl.c Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -22,7 +22,6 @@
# include <openssl/engine.h>
#endif
#include <openssl/err.h>
-#include "s_apps.h"
/* Needed to get the other O_xxx flags. */
#ifdef OPENSSL_SYS_VMS
# include <unixio.h>
diff -r 9d336b6e9481 -r 895d9ce91079 crypto/external/bsd/openssl/dist/apps/req.c
--- a/crypto/external/bsd/openssl/dist/apps/req.c Thu Jan 23 02:47:58 2020 +0000
+++ b/crypto/external/bsd/openssl/dist/apps/req.c Thu Jan 23 02:54:53 2020 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
@@ -881,9 +881,19 @@
if (text) {
if (x509)
- X509_print_ex(out, x509ss, get_nameopt(), reqflag);
+ ret = X509_print_ex(out, x509ss, get_nameopt(), reqflag);
else
- X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
+ ret = X509_REQ_print_ex(out, req, get_nameopt(), reqflag);
+
+ if (ret == 0) {
+ if (x509)
+ BIO_printf(bio_err, "Error printing certificate\n");
Home |
Main Index |
Thread Index |
Old Index