From owner-svn-src-stable-8@FreeBSD.ORG Thu Jun 11 19:39:39 2015 Return-Path: Delivered-To: svn-src-stable-8@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 89812BE5; Thu, 11 Jun 2015 19:39:39 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 728031E5A; Thu, 11 Jun 2015 19:39:39 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t5BJddxm057317; Thu, 11 Jun 2015 19:39:39 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t5BJdSnG057208; Thu, 11 Jun 2015 19:39:28 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201506111939.t5BJdSnG057208@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Thu, 11 Jun 2015 19:39:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org Subject: svn commit: r284286 - in stable: 8/crypto/openssl 8/crypto/openssl/crypto 8/crypto/openssl/crypto/asn1 8/crypto/openssl/crypto/bn 8/crypto/openssl/crypto/cms 8/crypto/openssl/crypto/dsa 8/crypto/op... X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Jun 2015 19:39:39 -0000 Author: jkim Date: Thu Jun 11 19:39:27 2015 New Revision: 284286 URL: https://svnweb.freebsd.org/changeset/base/284286 Log: Merge OpenSSL 0.9.8zg. Modified: stable/8/crypto/openssl/CHANGES stable/8/crypto/openssl/Makefile stable/8/crypto/openssl/NEWS stable/8/crypto/openssl/README stable/8/crypto/openssl/crypto/asn1/a_int.c stable/8/crypto/openssl/crypto/asn1/tasn_new.c stable/8/crypto/openssl/crypto/asn1/x_x509.c stable/8/crypto/openssl/crypto/bn/bn.h stable/8/crypto/openssl/crypto/bn/bn_err.c stable/8/crypto/openssl/crypto/bn/bn_print.c stable/8/crypto/openssl/crypto/bn/bn_rand.c stable/8/crypto/openssl/crypto/bn/bn_shift.c stable/8/crypto/openssl/crypto/cms/cms_smime.c stable/8/crypto/openssl/crypto/dsa/dsa_ossl.c stable/8/crypto/openssl/crypto/dso/dso_lib.c stable/8/crypto/openssl/crypto/ec/ec2_smpl.c stable/8/crypto/openssl/crypto/ec/ec_check.c stable/8/crypto/openssl/crypto/ec/ec_key.c stable/8/crypto/openssl/crypto/ec/ec_lib.c stable/8/crypto/openssl/crypto/ec/ecp_smpl.c stable/8/crypto/openssl/crypto/ec/ectest.c stable/8/crypto/openssl/crypto/objects/obj_dat.c stable/8/crypto/openssl/crypto/ocsp/ocsp_vfy.c stable/8/crypto/openssl/crypto/opensslv.h stable/8/crypto/openssl/crypto/pem/pem_pk8.c stable/8/crypto/openssl/crypto/pkcs7/pk7_doit.c stable/8/crypto/openssl/crypto/x509/x509_lu.c stable/8/crypto/openssl/crypto/x509/x509_vfy.c stable/8/crypto/openssl/doc/crypto/BN_rand.pod stable/8/crypto/openssl/doc/crypto/BN_set_bit.pod stable/8/crypto/openssl/doc/crypto/pem.pod stable/8/crypto/openssl/e_os2.h stable/8/crypto/openssl/fips/rsa/fips_rsa_eay.c stable/8/crypto/openssl/openssl.spec stable/8/crypto/openssl/ssl/d1_lib.c stable/8/crypto/openssl/ssl/s3_clnt.c stable/8/crypto/openssl/ssl/s3_srvr.c stable/8/crypto/openssl/ssl/ssl.h stable/8/crypto/openssl/ssl/ssl_err.c stable/8/crypto/openssl/ssl/ssl_locl.h stable/8/crypto/openssl/ssl/ssl_sess.c stable/8/crypto/openssl/util/mkerr.pl stable/8/secure/lib/libcrypto/Makefile.inc stable/8/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 stable/8/secure/lib/libcrypto/man/ASN1_STRING_length.3 stable/8/secure/lib/libcrypto/man/ASN1_STRING_new.3 stable/8/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 stable/8/secure/lib/libcrypto/man/ASN1_generate_nconf.3 stable/8/secure/lib/libcrypto/man/BIO_ctrl.3 stable/8/secure/lib/libcrypto/man/BIO_f_base64.3 stable/8/secure/lib/libcrypto/man/BIO_f_buffer.3 stable/8/secure/lib/libcrypto/man/BIO_f_cipher.3 stable/8/secure/lib/libcrypto/man/BIO_f_md.3 stable/8/secure/lib/libcrypto/man/BIO_f_null.3 stable/8/secure/lib/libcrypto/man/BIO_f_ssl.3 stable/8/secure/lib/libcrypto/man/BIO_find_type.3 stable/8/secure/lib/libcrypto/man/BIO_new.3 stable/8/secure/lib/libcrypto/man/BIO_push.3 stable/8/secure/lib/libcrypto/man/BIO_read.3 stable/8/secure/lib/libcrypto/man/BIO_s_accept.3 stable/8/secure/lib/libcrypto/man/BIO_s_bio.3 stable/8/secure/lib/libcrypto/man/BIO_s_connect.3 stable/8/secure/lib/libcrypto/man/BIO_s_fd.3 stable/8/secure/lib/libcrypto/man/BIO_s_file.3 stable/8/secure/lib/libcrypto/man/BIO_s_mem.3 stable/8/secure/lib/libcrypto/man/BIO_s_null.3 stable/8/secure/lib/libcrypto/man/BIO_s_socket.3 stable/8/secure/lib/libcrypto/man/BIO_set_callback.3 stable/8/secure/lib/libcrypto/man/BIO_should_retry.3 stable/8/secure/lib/libcrypto/man/BN_BLINDING_new.3 stable/8/secure/lib/libcrypto/man/BN_CTX_new.3 stable/8/secure/lib/libcrypto/man/BN_CTX_start.3 stable/8/secure/lib/libcrypto/man/BN_add.3 stable/8/secure/lib/libcrypto/man/BN_add_word.3 stable/8/secure/lib/libcrypto/man/BN_bn2bin.3 stable/8/secure/lib/libcrypto/man/BN_cmp.3 stable/8/secure/lib/libcrypto/man/BN_copy.3 stable/8/secure/lib/libcrypto/man/BN_generate_prime.3 stable/8/secure/lib/libcrypto/man/BN_mod_inverse.3 stable/8/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 stable/8/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 stable/8/secure/lib/libcrypto/man/BN_new.3 stable/8/secure/lib/libcrypto/man/BN_num_bytes.3 stable/8/secure/lib/libcrypto/man/BN_rand.3 stable/8/secure/lib/libcrypto/man/BN_set_bit.3 stable/8/secure/lib/libcrypto/man/BN_swap.3 stable/8/secure/lib/libcrypto/man/BN_zero.3 stable/8/secure/lib/libcrypto/man/CONF_modules_free.3 stable/8/secure/lib/libcrypto/man/CONF_modules_load_file.3 stable/8/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 stable/8/secure/lib/libcrypto/man/DH_generate_key.3 stable/8/secure/lib/libcrypto/man/DH_generate_parameters.3 stable/8/secure/lib/libcrypto/man/DH_get_ex_new_index.3 stable/8/secure/lib/libcrypto/man/DH_new.3 stable/8/secure/lib/libcrypto/man/DH_set_method.3 stable/8/secure/lib/libcrypto/man/DH_size.3 stable/8/secure/lib/libcrypto/man/DSA_SIG_new.3 stable/8/secure/lib/libcrypto/man/DSA_do_sign.3 stable/8/secure/lib/libcrypto/man/DSA_dup_DH.3 stable/8/secure/lib/libcrypto/man/DSA_generate_key.3 stable/8/secure/lib/libcrypto/man/DSA_generate_parameters.3 stable/8/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 stable/8/secure/lib/libcrypto/man/DSA_new.3 stable/8/secure/lib/libcrypto/man/DSA_set_method.3 stable/8/secure/lib/libcrypto/man/DSA_sign.3 stable/8/secure/lib/libcrypto/man/DSA_size.3 stable/8/secure/lib/libcrypto/man/ERR_GET_LIB.3 stable/8/secure/lib/libcrypto/man/ERR_clear_error.3 stable/8/secure/lib/libcrypto/man/ERR_error_string.3 stable/8/secure/lib/libcrypto/man/ERR_get_error.3 stable/8/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 stable/8/secure/lib/libcrypto/man/ERR_load_strings.3 stable/8/secure/lib/libcrypto/man/ERR_print_errors.3 stable/8/secure/lib/libcrypto/man/ERR_put_error.3 stable/8/secure/lib/libcrypto/man/ERR_remove_state.3 stable/8/secure/lib/libcrypto/man/ERR_set_mark.3 stable/8/secure/lib/libcrypto/man/EVP_BytesToKey.3 stable/8/secure/lib/libcrypto/man/EVP_DigestInit.3 stable/8/secure/lib/libcrypto/man/EVP_EncryptInit.3 stable/8/secure/lib/libcrypto/man/EVP_OpenInit.3 stable/8/secure/lib/libcrypto/man/EVP_PKEY_new.3 stable/8/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 stable/8/secure/lib/libcrypto/man/EVP_SealInit.3 stable/8/secure/lib/libcrypto/man/EVP_SignInit.3 stable/8/secure/lib/libcrypto/man/EVP_VerifyInit.3 stable/8/secure/lib/libcrypto/man/OBJ_nid2obj.3 stable/8/secure/lib/libcrypto/man/OPENSSL_Applink.3 stable/8/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 stable/8/secure/lib/libcrypto/man/OPENSSL_config.3 stable/8/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 stable/8/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 stable/8/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 stable/8/secure/lib/libcrypto/man/PKCS12_create.3 stable/8/secure/lib/libcrypto/man/PKCS12_parse.3 stable/8/secure/lib/libcrypto/man/PKCS7_decrypt.3 stable/8/secure/lib/libcrypto/man/PKCS7_encrypt.3 stable/8/secure/lib/libcrypto/man/PKCS7_sign.3 stable/8/secure/lib/libcrypto/man/PKCS7_verify.3 stable/8/secure/lib/libcrypto/man/RAND_add.3 stable/8/secure/lib/libcrypto/man/RAND_bytes.3 stable/8/secure/lib/libcrypto/man/RAND_cleanup.3 stable/8/secure/lib/libcrypto/man/RAND_egd.3 stable/8/secure/lib/libcrypto/man/RAND_load_file.3 stable/8/secure/lib/libcrypto/man/RAND_set_rand_method.3 stable/8/secure/lib/libcrypto/man/RSA_blinding_on.3 stable/8/secure/lib/libcrypto/man/RSA_check_key.3 stable/8/secure/lib/libcrypto/man/RSA_generate_key.3 stable/8/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 stable/8/secure/lib/libcrypto/man/RSA_new.3 stable/8/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 stable/8/secure/lib/libcrypto/man/RSA_print.3 stable/8/secure/lib/libcrypto/man/RSA_private_encrypt.3 stable/8/secure/lib/libcrypto/man/RSA_public_encrypt.3 stable/8/secure/lib/libcrypto/man/RSA_set_method.3 stable/8/secure/lib/libcrypto/man/RSA_sign.3 stable/8/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 stable/8/secure/lib/libcrypto/man/RSA_size.3 stable/8/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 stable/8/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 stable/8/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 stable/8/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 stable/8/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 stable/8/secure/lib/libcrypto/man/X509_NAME_print_ex.3 stable/8/secure/lib/libcrypto/man/X509_new.3 stable/8/secure/lib/libcrypto/man/bio.3 stable/8/secure/lib/libcrypto/man/blowfish.3 stable/8/secure/lib/libcrypto/man/bn.3 stable/8/secure/lib/libcrypto/man/bn_internal.3 stable/8/secure/lib/libcrypto/man/buffer.3 stable/8/secure/lib/libcrypto/man/crypto.3 stable/8/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 stable/8/secure/lib/libcrypto/man/d2i_DHparams.3 stable/8/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 stable/8/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 stable/8/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 stable/8/secure/lib/libcrypto/man/d2i_X509.3 stable/8/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 stable/8/secure/lib/libcrypto/man/d2i_X509_CRL.3 stable/8/secure/lib/libcrypto/man/d2i_X509_NAME.3 stable/8/secure/lib/libcrypto/man/d2i_X509_REQ.3 stable/8/secure/lib/libcrypto/man/d2i_X509_SIG.3 stable/8/secure/lib/libcrypto/man/des.3 stable/8/secure/lib/libcrypto/man/dh.3 stable/8/secure/lib/libcrypto/man/dsa.3 stable/8/secure/lib/libcrypto/man/ecdsa.3 stable/8/secure/lib/libcrypto/man/engine.3 stable/8/secure/lib/libcrypto/man/err.3 stable/8/secure/lib/libcrypto/man/evp.3 stable/8/secure/lib/libcrypto/man/hmac.3 stable/8/secure/lib/libcrypto/man/lh_stats.3 stable/8/secure/lib/libcrypto/man/lhash.3 stable/8/secure/lib/libcrypto/man/md5.3 stable/8/secure/lib/libcrypto/man/mdc2.3 stable/8/secure/lib/libcrypto/man/pem.3 stable/8/secure/lib/libcrypto/man/rand.3 stable/8/secure/lib/libcrypto/man/rc4.3 stable/8/secure/lib/libcrypto/man/ripemd.3 stable/8/secure/lib/libcrypto/man/rsa.3 stable/8/secure/lib/libcrypto/man/sha.3 stable/8/secure/lib/libcrypto/man/threads.3 stable/8/secure/lib/libcrypto/man/ui.3 stable/8/secure/lib/libcrypto/man/ui_compat.3 stable/8/secure/lib/libcrypto/man/x509.3 stable/8/secure/lib/libssl/man/SSL_CIPHER_get_name.3 stable/8/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 stable/8/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 stable/8/secure/lib/libssl/man/SSL_CTX_add_session.3 stable/8/secure/lib/libssl/man/SSL_CTX_ctrl.3 stable/8/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 stable/8/secure/lib/libssl/man/SSL_CTX_free.3 stable/8/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 stable/8/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 stable/8/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 stable/8/secure/lib/libssl/man/SSL_CTX_new.3 stable/8/secure/lib/libssl/man/SSL_CTX_sess_number.3 stable/8/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 stable/8/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_sessions.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_mode.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_options.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_timeout.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 stable/8/secure/lib/libssl/man/SSL_CTX_set_verify.3 stable/8/secure/lib/libssl/man/SSL_CTX_use_certificate.3 stable/8/secure/lib/libssl/man/SSL_SESSION_free.3 stable/8/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 stable/8/secure/lib/libssl/man/SSL_SESSION_get_time.3 stable/8/secure/lib/libssl/man/SSL_accept.3 stable/8/secure/lib/libssl/man/SSL_alert_type_string.3 stable/8/secure/lib/libssl/man/SSL_clear.3 stable/8/secure/lib/libssl/man/SSL_connect.3 stable/8/secure/lib/libssl/man/SSL_do_handshake.3 stable/8/secure/lib/libssl/man/SSL_free.3 stable/8/secure/lib/libssl/man/SSL_get_SSL_CTX.3 stable/8/secure/lib/libssl/man/SSL_get_ciphers.3 stable/8/secure/lib/libssl/man/SSL_get_client_CA_list.3 stable/8/secure/lib/libssl/man/SSL_get_current_cipher.3 stable/8/secure/lib/libssl/man/SSL_get_default_timeout.3 stable/8/secure/lib/libssl/man/SSL_get_error.3 stable/8/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 stable/8/secure/lib/libssl/man/SSL_get_ex_new_index.3 stable/8/secure/lib/libssl/man/SSL_get_fd.3 stable/8/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 stable/8/secure/lib/libssl/man/SSL_get_peer_certificate.3 stable/8/secure/lib/libssl/man/SSL_get_rbio.3 stable/8/secure/lib/libssl/man/SSL_get_session.3 stable/8/secure/lib/libssl/man/SSL_get_verify_result.3 stable/8/secure/lib/libssl/man/SSL_get_version.3 stable/8/secure/lib/libssl/man/SSL_library_init.3 stable/8/secure/lib/libssl/man/SSL_load_client_CA_file.3 stable/8/secure/lib/libssl/man/SSL_new.3 stable/8/secure/lib/libssl/man/SSL_pending.3 stable/8/secure/lib/libssl/man/SSL_read.3 stable/8/secure/lib/libssl/man/SSL_rstate_string.3 stable/8/secure/lib/libssl/man/SSL_session_reused.3 stable/8/secure/lib/libssl/man/SSL_set_bio.3 stable/8/secure/lib/libssl/man/SSL_set_connect_state.3 stable/8/secure/lib/libssl/man/SSL_set_fd.3 stable/8/secure/lib/libssl/man/SSL_set_session.3 stable/8/secure/lib/libssl/man/SSL_set_shutdown.3 stable/8/secure/lib/libssl/man/SSL_set_verify_result.3 stable/8/secure/lib/libssl/man/SSL_shutdown.3 stable/8/secure/lib/libssl/man/SSL_state_string.3 stable/8/secure/lib/libssl/man/SSL_want.3 stable/8/secure/lib/libssl/man/SSL_write.3 stable/8/secure/lib/libssl/man/d2i_SSL_SESSION.3 stable/8/secure/lib/libssl/man/ssl.3 stable/8/secure/usr.bin/openssl/man/CA.pl.1 stable/8/secure/usr.bin/openssl/man/asn1parse.1 stable/8/secure/usr.bin/openssl/man/ca.1 stable/8/secure/usr.bin/openssl/man/ciphers.1 stable/8/secure/usr.bin/openssl/man/crl.1 stable/8/secure/usr.bin/openssl/man/crl2pkcs7.1 stable/8/secure/usr.bin/openssl/man/dgst.1 stable/8/secure/usr.bin/openssl/man/dhparam.1 stable/8/secure/usr.bin/openssl/man/dsa.1 stable/8/secure/usr.bin/openssl/man/dsaparam.1 stable/8/secure/usr.bin/openssl/man/ec.1 stable/8/secure/usr.bin/openssl/man/ecparam.1 stable/8/secure/usr.bin/openssl/man/enc.1 stable/8/secure/usr.bin/openssl/man/errstr.1 stable/8/secure/usr.bin/openssl/man/gendsa.1 stable/8/secure/usr.bin/openssl/man/genrsa.1 stable/8/secure/usr.bin/openssl/man/nseq.1 stable/8/secure/usr.bin/openssl/man/ocsp.1 stable/8/secure/usr.bin/openssl/man/openssl.1 stable/8/secure/usr.bin/openssl/man/passwd.1 stable/8/secure/usr.bin/openssl/man/pkcs12.1 stable/8/secure/usr.bin/openssl/man/pkcs7.1 stable/8/secure/usr.bin/openssl/man/pkcs8.1 stable/8/secure/usr.bin/openssl/man/rand.1 stable/8/secure/usr.bin/openssl/man/req.1 stable/8/secure/usr.bin/openssl/man/rsa.1 stable/8/secure/usr.bin/openssl/man/rsautl.1 stable/8/secure/usr.bin/openssl/man/s_client.1 stable/8/secure/usr.bin/openssl/man/s_server.1 stable/8/secure/usr.bin/openssl/man/s_time.1 stable/8/secure/usr.bin/openssl/man/sess_id.1 stable/8/secure/usr.bin/openssl/man/smime.1 stable/8/secure/usr.bin/openssl/man/speed.1 stable/8/secure/usr.bin/openssl/man/spkac.1 stable/8/secure/usr.bin/openssl/man/verify.1 stable/8/secure/usr.bin/openssl/man/version.1 stable/8/secure/usr.bin/openssl/man/x509.1 stable/8/secure/usr.bin/openssl/man/x509v3_config.1 Directory Properties: stable/8/crypto/openssl/ (props changed) Changes in other areas also in this revision: Modified: stable/9/crypto/openssl/CHANGES stable/9/crypto/openssl/Makefile stable/9/crypto/openssl/NEWS stable/9/crypto/openssl/README stable/9/crypto/openssl/crypto/asn1/a_int.c stable/9/crypto/openssl/crypto/asn1/tasn_new.c stable/9/crypto/openssl/crypto/asn1/x_x509.c stable/9/crypto/openssl/crypto/bn/bn.h stable/9/crypto/openssl/crypto/bn/bn_err.c stable/9/crypto/openssl/crypto/bn/bn_print.c stable/9/crypto/openssl/crypto/bn/bn_rand.c stable/9/crypto/openssl/crypto/bn/bn_shift.c stable/9/crypto/openssl/crypto/cms/cms_smime.c stable/9/crypto/openssl/crypto/dsa/dsa_ossl.c stable/9/crypto/openssl/crypto/dso/dso_lib.c stable/9/crypto/openssl/crypto/ec/ec2_smpl.c stable/9/crypto/openssl/crypto/ec/ec_check.c stable/9/crypto/openssl/crypto/ec/ec_key.c stable/9/crypto/openssl/crypto/ec/ec_lib.c stable/9/crypto/openssl/crypto/ec/ecp_smpl.c stable/9/crypto/openssl/crypto/ec/ectest.c stable/9/crypto/openssl/crypto/objects/obj_dat.c stable/9/crypto/openssl/crypto/ocsp/ocsp_vfy.c stable/9/crypto/openssl/crypto/opensslv.h stable/9/crypto/openssl/crypto/pem/pem_pk8.c stable/9/crypto/openssl/crypto/pkcs7/pk7_doit.c stable/9/crypto/openssl/crypto/x509/x509_lu.c stable/9/crypto/openssl/crypto/x509/x509_vfy.c stable/9/crypto/openssl/doc/crypto/BN_rand.pod stable/9/crypto/openssl/doc/crypto/BN_set_bit.pod stable/9/crypto/openssl/doc/crypto/pem.pod stable/9/crypto/openssl/e_os2.h stable/9/crypto/openssl/fips/rsa/fips_rsa_eay.c stable/9/crypto/openssl/openssl.spec stable/9/crypto/openssl/ssl/d1_lib.c stable/9/crypto/openssl/ssl/s3_clnt.c stable/9/crypto/openssl/ssl/s3_srvr.c stable/9/crypto/openssl/ssl/ssl.h stable/9/crypto/openssl/ssl/ssl_err.c stable/9/crypto/openssl/ssl/ssl_locl.h stable/9/crypto/openssl/ssl/ssl_sess.c stable/9/crypto/openssl/util/mkerr.pl stable/9/secure/lib/libcrypto/Makefile.inc stable/9/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 stable/9/secure/lib/libcrypto/man/ASN1_STRING_length.3 stable/9/secure/lib/libcrypto/man/ASN1_STRING_new.3 stable/9/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 stable/9/secure/lib/libcrypto/man/ASN1_generate_nconf.3 stable/9/secure/lib/libcrypto/man/BIO_ctrl.3 stable/9/secure/lib/libcrypto/man/BIO_f_base64.3 stable/9/secure/lib/libcrypto/man/BIO_f_buffer.3 stable/9/secure/lib/libcrypto/man/BIO_f_cipher.3 stable/9/secure/lib/libcrypto/man/BIO_f_md.3 stable/9/secure/lib/libcrypto/man/BIO_f_null.3 stable/9/secure/lib/libcrypto/man/BIO_f_ssl.3 stable/9/secure/lib/libcrypto/man/BIO_find_type.3 stable/9/secure/lib/libcrypto/man/BIO_new.3 stable/9/secure/lib/libcrypto/man/BIO_push.3 stable/9/secure/lib/libcrypto/man/BIO_read.3 stable/9/secure/lib/libcrypto/man/BIO_s_accept.3 stable/9/secure/lib/libcrypto/man/BIO_s_bio.3 stable/9/secure/lib/libcrypto/man/BIO_s_connect.3 stable/9/secure/lib/libcrypto/man/BIO_s_fd.3 stable/9/secure/lib/libcrypto/man/BIO_s_file.3 stable/9/secure/lib/libcrypto/man/BIO_s_mem.3 stable/9/secure/lib/libcrypto/man/BIO_s_null.3 stable/9/secure/lib/libcrypto/man/BIO_s_socket.3 stable/9/secure/lib/libcrypto/man/BIO_set_callback.3 stable/9/secure/lib/libcrypto/man/BIO_should_retry.3 stable/9/secure/lib/libcrypto/man/BN_BLINDING_new.3 stable/9/secure/lib/libcrypto/man/BN_CTX_new.3 stable/9/secure/lib/libcrypto/man/BN_CTX_start.3 stable/9/secure/lib/libcrypto/man/BN_add.3 stable/9/secure/lib/libcrypto/man/BN_add_word.3 stable/9/secure/lib/libcrypto/man/BN_bn2bin.3 stable/9/secure/lib/libcrypto/man/BN_cmp.3 stable/9/secure/lib/libcrypto/man/BN_copy.3 stable/9/secure/lib/libcrypto/man/BN_generate_prime.3 stable/9/secure/lib/libcrypto/man/BN_mod_inverse.3 stable/9/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 stable/9/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 stable/9/secure/lib/libcrypto/man/BN_new.3 stable/9/secure/lib/libcrypto/man/BN_num_bytes.3 stable/9/secure/lib/libcrypto/man/BN_rand.3 stable/9/secure/lib/libcrypto/man/BN_set_bit.3 stable/9/secure/lib/libcrypto/man/BN_swap.3 stable/9/secure/lib/libcrypto/man/BN_zero.3 stable/9/secure/lib/libcrypto/man/CONF_modules_free.3 stable/9/secure/lib/libcrypto/man/CONF_modules_load_file.3 stable/9/secure/lib/libcrypto/man/CRYPTO_set_ex_data.3 stable/9/secure/lib/libcrypto/man/DH_generate_key.3 stable/9/secure/lib/libcrypto/man/DH_generate_parameters.3 stable/9/secure/lib/libcrypto/man/DH_get_ex_new_index.3 stable/9/secure/lib/libcrypto/man/DH_new.3 stable/9/secure/lib/libcrypto/man/DH_set_method.3 stable/9/secure/lib/libcrypto/man/DH_size.3 stable/9/secure/lib/libcrypto/man/DSA_SIG_new.3 stable/9/secure/lib/libcrypto/man/DSA_do_sign.3 stable/9/secure/lib/libcrypto/man/DSA_dup_DH.3 stable/9/secure/lib/libcrypto/man/DSA_generate_key.3 stable/9/secure/lib/libcrypto/man/DSA_generate_parameters.3 stable/9/secure/lib/libcrypto/man/DSA_get_ex_new_index.3 stable/9/secure/lib/libcrypto/man/DSA_new.3 stable/9/secure/lib/libcrypto/man/DSA_set_method.3 stable/9/secure/lib/libcrypto/man/DSA_sign.3 stable/9/secure/lib/libcrypto/man/DSA_size.3 stable/9/secure/lib/libcrypto/man/ERR_GET_LIB.3 stable/9/secure/lib/libcrypto/man/ERR_clear_error.3 stable/9/secure/lib/libcrypto/man/ERR_error_string.3 stable/9/secure/lib/libcrypto/man/ERR_get_error.3 stable/9/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 stable/9/secure/lib/libcrypto/man/ERR_load_strings.3 stable/9/secure/lib/libcrypto/man/ERR_print_errors.3 stable/9/secure/lib/libcrypto/man/ERR_put_error.3 stable/9/secure/lib/libcrypto/man/ERR_remove_state.3 stable/9/secure/lib/libcrypto/man/ERR_set_mark.3 stable/9/secure/lib/libcrypto/man/EVP_BytesToKey.3 stable/9/secure/lib/libcrypto/man/EVP_DigestInit.3 stable/9/secure/lib/libcrypto/man/EVP_EncryptInit.3 stable/9/secure/lib/libcrypto/man/EVP_OpenInit.3 stable/9/secure/lib/libcrypto/man/EVP_PKEY_new.3 stable/9/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 stable/9/secure/lib/libcrypto/man/EVP_SealInit.3 stable/9/secure/lib/libcrypto/man/EVP_SignInit.3 stable/9/secure/lib/libcrypto/man/EVP_VerifyInit.3 stable/9/secure/lib/libcrypto/man/OBJ_nid2obj.3 stable/9/secure/lib/libcrypto/man/OPENSSL_Applink.3 stable/9/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 stable/9/secure/lib/libcrypto/man/OPENSSL_config.3 stable/9/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 stable/9/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 stable/9/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 stable/9/secure/lib/libcrypto/man/PKCS12_create.3 stable/9/secure/lib/libcrypto/man/PKCS12_parse.3 stable/9/secure/lib/libcrypto/man/PKCS7_decrypt.3 stable/9/secure/lib/libcrypto/man/PKCS7_encrypt.3 stable/9/secure/lib/libcrypto/man/PKCS7_sign.3 stable/9/secure/lib/libcrypto/man/PKCS7_verify.3 stable/9/secure/lib/libcrypto/man/RAND_add.3 stable/9/secure/lib/libcrypto/man/RAND_bytes.3 stable/9/secure/lib/libcrypto/man/RAND_cleanup.3 stable/9/secure/lib/libcrypto/man/RAND_egd.3 stable/9/secure/lib/libcrypto/man/RAND_load_file.3 stable/9/secure/lib/libcrypto/man/RAND_set_rand_method.3 stable/9/secure/lib/libcrypto/man/RSA_blinding_on.3 stable/9/secure/lib/libcrypto/man/RSA_check_key.3 stable/9/secure/lib/libcrypto/man/RSA_generate_key.3 stable/9/secure/lib/libcrypto/man/RSA_get_ex_new_index.3 stable/9/secure/lib/libcrypto/man/RSA_new.3 stable/9/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 stable/9/secure/lib/libcrypto/man/RSA_print.3 stable/9/secure/lib/libcrypto/man/RSA_private_encrypt.3 stable/9/secure/lib/libcrypto/man/RSA_public_encrypt.3 stable/9/secure/lib/libcrypto/man/RSA_set_method.3 stable/9/secure/lib/libcrypto/man/RSA_sign.3 stable/9/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 stable/9/secure/lib/libcrypto/man/RSA_size.3 stable/9/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 stable/9/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 stable/9/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 stable/9/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 stable/9/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 stable/9/secure/lib/libcrypto/man/X509_NAME_print_ex.3 stable/9/secure/lib/libcrypto/man/X509_new.3 stable/9/secure/lib/libcrypto/man/bio.3 stable/9/secure/lib/libcrypto/man/blowfish.3 stable/9/secure/lib/libcrypto/man/bn.3 stable/9/secure/lib/libcrypto/man/bn_internal.3 stable/9/secure/lib/libcrypto/man/buffer.3 stable/9/secure/lib/libcrypto/man/crypto.3 stable/9/secure/lib/libcrypto/man/d2i_ASN1_OBJECT.3 stable/9/secure/lib/libcrypto/man/d2i_DHparams.3 stable/9/secure/lib/libcrypto/man/d2i_DSAPublicKey.3 stable/9/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey.3 stable/9/secure/lib/libcrypto/man/d2i_RSAPublicKey.3 stable/9/secure/lib/libcrypto/man/d2i_X509.3 stable/9/secure/lib/libcrypto/man/d2i_X509_ALGOR.3 stable/9/secure/lib/libcrypto/man/d2i_X509_CRL.3 stable/9/secure/lib/libcrypto/man/d2i_X509_NAME.3 stable/9/secure/lib/libcrypto/man/d2i_X509_REQ.3 stable/9/secure/lib/libcrypto/man/d2i_X509_SIG.3 stable/9/secure/lib/libcrypto/man/des.3 stable/9/secure/lib/libcrypto/man/dh.3 stable/9/secure/lib/libcrypto/man/dsa.3 stable/9/secure/lib/libcrypto/man/ecdsa.3 stable/9/secure/lib/libcrypto/man/engine.3 stable/9/secure/lib/libcrypto/man/err.3 stable/9/secure/lib/libcrypto/man/evp.3 stable/9/secure/lib/libcrypto/man/hmac.3 stable/9/secure/lib/libcrypto/man/lh_stats.3 stable/9/secure/lib/libcrypto/man/lhash.3 stable/9/secure/lib/libcrypto/man/md5.3 stable/9/secure/lib/libcrypto/man/mdc2.3 stable/9/secure/lib/libcrypto/man/pem.3 stable/9/secure/lib/libcrypto/man/rand.3 stable/9/secure/lib/libcrypto/man/rc4.3 stable/9/secure/lib/libcrypto/man/ripemd.3 stable/9/secure/lib/libcrypto/man/rsa.3 stable/9/secure/lib/libcrypto/man/sha.3 stable/9/secure/lib/libcrypto/man/threads.3 stable/9/secure/lib/libcrypto/man/ui.3 stable/9/secure/lib/libcrypto/man/ui_compat.3 stable/9/secure/lib/libcrypto/man/x509.3 stable/9/secure/lib/libssl/man/SSL_CIPHER_get_name.3 stable/9/secure/lib/libssl/man/SSL_COMP_add_compression_method.3 stable/9/secure/lib/libssl/man/SSL_CTX_add_extra_chain_cert.3 stable/9/secure/lib/libssl/man/SSL_CTX_add_session.3 stable/9/secure/lib/libssl/man/SSL_CTX_ctrl.3 stable/9/secure/lib/libssl/man/SSL_CTX_flush_sessions.3 stable/9/secure/lib/libssl/man/SSL_CTX_free.3 stable/9/secure/lib/libssl/man/SSL_CTX_get_ex_new_index.3 stable/9/secure/lib/libssl/man/SSL_CTX_get_verify_mode.3 stable/9/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 stable/9/secure/lib/libssl/man/SSL_CTX_new.3 stable/9/secure/lib/libssl/man/SSL_CTX_sess_number.3 stable/9/secure/lib/libssl/man/SSL_CTX_sess_set_cache_size.3 stable/9/secure/lib/libssl/man/SSL_CTX_sess_set_get_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_sessions.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_cert_store.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_cert_verify_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_cipher_list.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_client_CA_list.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_client_cert_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_default_passwd_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_generate_session_id.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_info_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_max_cert_list.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_mode.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_msg_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_options.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_quiet_shutdown.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_session_cache_mode.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_session_id_context.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_ssl_version.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_timeout.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_tlsext_ticket_key_cb.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_tmp_dh_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_tmp_rsa_callback.3 stable/9/secure/lib/libssl/man/SSL_CTX_set_verify.3 stable/9/secure/lib/libssl/man/SSL_CTX_use_certificate.3 stable/9/secure/lib/libssl/man/SSL_SESSION_free.3 stable/9/secure/lib/libssl/man/SSL_SESSION_get_ex_new_index.3 stable/9/secure/lib/libssl/man/SSL_SESSION_get_time.3 stable/9/secure/lib/libssl/man/SSL_accept.3 stable/9/secure/lib/libssl/man/SSL_alert_type_string.3 stable/9/secure/lib/libssl/man/SSL_clear.3 stable/9/secure/lib/libssl/man/SSL_connect.3 stable/9/secure/lib/libssl/man/SSL_do_handshake.3 stable/9/secure/lib/libssl/man/SSL_free.3 stable/9/secure/lib/libssl/man/SSL_get_SSL_CTX.3 stable/9/secure/lib/libssl/man/SSL_get_ciphers.3 stable/9/secure/lib/libssl/man/SSL_get_client_CA_list.3 stable/9/secure/lib/libssl/man/SSL_get_current_cipher.3 stable/9/secure/lib/libssl/man/SSL_get_default_timeout.3 stable/9/secure/lib/libssl/man/SSL_get_error.3 stable/9/secure/lib/libssl/man/SSL_get_ex_data_X509_STORE_CTX_idx.3 stable/9/secure/lib/libssl/man/SSL_get_ex_new_index.3 stable/9/secure/lib/libssl/man/SSL_get_fd.3 stable/9/secure/lib/libssl/man/SSL_get_peer_cert_chain.3 stable/9/secure/lib/libssl/man/SSL_get_peer_certificate.3 stable/9/secure/lib/libssl/man/SSL_get_rbio.3 stable/9/secure/lib/libssl/man/SSL_get_session.3 stable/9/secure/lib/libssl/man/SSL_get_verify_result.3 stable/9/secure/lib/libssl/man/SSL_get_version.3 stable/9/secure/lib/libssl/man/SSL_library_init.3 stable/9/secure/lib/libssl/man/SSL_load_client_CA_file.3 stable/9/secure/lib/libssl/man/SSL_new.3 stable/9/secure/lib/libssl/man/SSL_pending.3 stable/9/secure/lib/libssl/man/SSL_read.3 stable/9/secure/lib/libssl/man/SSL_rstate_string.3 stable/9/secure/lib/libssl/man/SSL_session_reused.3 stable/9/secure/lib/libssl/man/SSL_set_bio.3 stable/9/secure/lib/libssl/man/SSL_set_connect_state.3 stable/9/secure/lib/libssl/man/SSL_set_fd.3 stable/9/secure/lib/libssl/man/SSL_set_session.3 stable/9/secure/lib/libssl/man/SSL_set_shutdown.3 stable/9/secure/lib/libssl/man/SSL_set_verify_result.3 stable/9/secure/lib/libssl/man/SSL_shutdown.3 stable/9/secure/lib/libssl/man/SSL_state_string.3 stable/9/secure/lib/libssl/man/SSL_want.3 stable/9/secure/lib/libssl/man/SSL_write.3 stable/9/secure/lib/libssl/man/d2i_SSL_SESSION.3 stable/9/secure/lib/libssl/man/ssl.3 stable/9/secure/usr.bin/openssl/man/CA.pl.1 stable/9/secure/usr.bin/openssl/man/asn1parse.1 stable/9/secure/usr.bin/openssl/man/ca.1 stable/9/secure/usr.bin/openssl/man/ciphers.1 stable/9/secure/usr.bin/openssl/man/crl.1 stable/9/secure/usr.bin/openssl/man/crl2pkcs7.1 stable/9/secure/usr.bin/openssl/man/dgst.1 stable/9/secure/usr.bin/openssl/man/dhparam.1 stable/9/secure/usr.bin/openssl/man/dsa.1 stable/9/secure/usr.bin/openssl/man/dsaparam.1 stable/9/secure/usr.bin/openssl/man/ec.1 stable/9/secure/usr.bin/openssl/man/ecparam.1 stable/9/secure/usr.bin/openssl/man/enc.1 stable/9/secure/usr.bin/openssl/man/errstr.1 stable/9/secure/usr.bin/openssl/man/gendsa.1 stable/9/secure/usr.bin/openssl/man/genrsa.1 stable/9/secure/usr.bin/openssl/man/nseq.1 stable/9/secure/usr.bin/openssl/man/ocsp.1 stable/9/secure/usr.bin/openssl/man/openssl.1 stable/9/secure/usr.bin/openssl/man/passwd.1 stable/9/secure/usr.bin/openssl/man/pkcs12.1 stable/9/secure/usr.bin/openssl/man/pkcs7.1 stable/9/secure/usr.bin/openssl/man/pkcs8.1 stable/9/secure/usr.bin/openssl/man/rand.1 stable/9/secure/usr.bin/openssl/man/req.1 stable/9/secure/usr.bin/openssl/man/rsa.1 stable/9/secure/usr.bin/openssl/man/rsautl.1 stable/9/secure/usr.bin/openssl/man/s_client.1 stable/9/secure/usr.bin/openssl/man/s_server.1 stable/9/secure/usr.bin/openssl/man/s_time.1 stable/9/secure/usr.bin/openssl/man/sess_id.1 stable/9/secure/usr.bin/openssl/man/smime.1 stable/9/secure/usr.bin/openssl/man/speed.1 stable/9/secure/usr.bin/openssl/man/spkac.1 stable/9/secure/usr.bin/openssl/man/verify.1 stable/9/secure/usr.bin/openssl/man/version.1 stable/9/secure/usr.bin/openssl/man/x509.1 stable/9/secure/usr.bin/openssl/man/x509v3_config.1 Directory Properties: stable/9/crypto/openssl/ (props changed) Modified: stable/8/crypto/openssl/CHANGES ============================================================================== --- stable/8/crypto/openssl/CHANGES Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/CHANGES Thu Jun 11 19:39:27 2015 (r284286) @@ -2,6 +2,74 @@ OpenSSL CHANGES _______________ + Changes between 0.9.8zf and 0.9.8zg [11 Jun 2015] + + *) Malformed ECParameters causes infinite loop + + When processing an ECParameters structure OpenSSL enters an infinite loop + if the curve specified is over a specially malformed binary polynomial + field. + + This can be used to perform denial of service against any + system which processes public keys, certificate requests or + certificates. This includes TLS clients and TLS servers with + client authentication enabled. + + This issue was reported to OpenSSL by Joseph Barr-Pixton. + (CVE-2015-1788) + [Andy Polyakov] + + *) Exploitable out-of-bounds read in X509_cmp_time + + X509_cmp_time does not properly check the length of the ASN1_TIME + string and can read a few bytes out of bounds. In addition, + X509_cmp_time accepts an arbitrary number of fractional seconds in the + time string. + + An attacker can use this to craft malformed certificates and CRLs of + various sizes and potentially cause a segmentation fault, resulting in + a DoS on applications that verify certificates or CRLs. TLS clients + that verify CRLs are affected. TLS clients and servers with client + authentication enabled may be affected if they use custom verification + callbacks. + + This issue was reported to OpenSSL by Robert Swiecki (Google), and + independently by Hanno Böck. + (CVE-2015-1789) + [Emilia Käsper] + + *) PKCS7 crash with missing EnvelopedContent + + The PKCS#7 parsing code does not handle missing inner EncryptedContent + correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs + with missing content and trigger a NULL pointer dereference on parsing. + + Applications that decrypt PKCS#7 data or otherwise parse PKCS#7 + structures from untrusted sources are affected. OpenSSL clients and + servers are not affected. + + This issue was reported to OpenSSL by Michal Zalewski (Google). + (CVE-2015-1790) + [Emilia Käsper] + + *) CMS verify infinite loop with unknown hash function + + When verifying a signedData message the CMS code can enter an infinite loop + if presented with an unknown hash function OID. This can be used to perform + denial of service against any system which verifies signedData messages using + the CMS code. + This issue was reported to OpenSSL by Johannes Bauer. + (CVE-2015-1792) + [Stephen Henson] + + *) Race condition handling NewSessionTicket + + If a NewSessionTicket is received by a multi-threaded client when attempting to + reuse a previous ticket then a race condition can occur potentially leading to + a double free of the ticket data. + (CVE-2015-1791) + [Matt Caswell] + Changes between 0.9.8ze and 0.9.8zf [19 Mar 2015] *) Segmentation fault in ASN1_TYPE_cmp fix Modified: stable/8/crypto/openssl/Makefile ============================================================================== --- stable/8/crypto/openssl/Makefile Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/Makefile Thu Jun 11 19:39:27 2015 (r284286) @@ -4,7 +4,7 @@ ## Makefile for OpenSSL ## -VERSION=0.9.8zf +VERSION=0.9.8zg MAJOR=0 MINOR=9.8 SHLIB_VERSION_NUMBER=0.9.8 Modified: stable/8/crypto/openssl/NEWS ============================================================================== --- stable/8/crypto/openssl/NEWS Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/NEWS Thu Jun 11 19:39:27 2015 (r284286) @@ -5,6 +5,14 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 0.9.8zf and OpenSSL 0.9.8zg [11 Jun 2015] + + o Malformed ECParameters causes infinite loop (CVE-2015-1788) + o Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789) + o PKCS7 crash with missing EnvelopedContent (CVE-2015-1790) + o CMS verify infinite loop with unknown hash function (CVE-2015-1792) + o Race condition handling NewSessionTicket (CVE-2015-1791) + Major changes between OpenSSL 0.9.8ze and OpenSSL 0.9.8zf [19 Mar 2015] o Segmentation fault in ASN1_TYPE_cmp fix (CVE-2015-0286) Modified: stable/8/crypto/openssl/README ============================================================================== --- stable/8/crypto/openssl/README Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/README Thu Jun 11 19:39:27 2015 (r284286) @@ -1,5 +1,5 @@ - OpenSSL 0.9.8zf 19 Mar 2015 + OpenSSL 0.9.8zg 11 Jun 2015 Copyright (c) 1998-2011 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: stable/8/crypto/openssl/crypto/asn1/a_int.c ============================================================================== --- stable/8/crypto/openssl/crypto/asn1/a_int.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/asn1/a_int.c Thu Jun 11 19:39:27 2015 (r284286) @@ -124,6 +124,8 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, un else { ret = a->length; i = a->data[0]; + if (ret == 1 && i == 0) + neg = 0; if (!neg && (i > 127)) { pad = 1; pb = 0; @@ -162,7 +164,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, un p += a->length - 1; i = a->length; /* Copy zeros to destination as long as source is zero */ - while (!*n) { + while (!*n && i > 1) { *(p--) = 0; n--; i--; @@ -419,7 +421,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR); goto err; } - if (BN_is_negative(bn)) + if (BN_is_negative(bn) && !BN_is_zero(bn)) ret->type = V_ASN1_NEG_INTEGER; else ret->type = V_ASN1_INTEGER; Modified: stable/8/crypto/openssl/crypto/asn1/tasn_new.c ============================================================================== --- stable/8/crypto/openssl/crypto/asn1/tasn_new.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/asn1/tasn_new.c Thu Jun 11 19:39:27 2015 (r284286) @@ -100,9 +100,6 @@ static int asn1_item_ex_combine_new(ASN1 else asn1_cb = 0; - if (!combine) - *pval = NULL; - #ifdef CRYPTO_MDEBUG if (it->sname) CRYPTO_push_info(it->sname); Modified: stable/8/crypto/openssl/crypto/asn1/x_x509.c ============================================================================== --- stable/8/crypto/openssl/crypto/asn1/x_x509.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/asn1/x_x509.c Thu Jun 11 19:39:27 2015 (r284286) @@ -184,7 +184,7 @@ X509 *d2i_X509_AUX(X509 **a, const unsig /* Save start position */ q = *pp; - if(!a || *a == NULL) { + if (!a || *a == NULL) { freeret = 1; } ret = d2i_X509(a, pp, length); @@ -199,7 +199,7 @@ X509 *d2i_X509_AUX(X509 **a, const unsig goto err; return ret; err: - if(freeret) { + if (freeret) { X509_free(ret); if (a) *a = NULL; Modified: stable/8/crypto/openssl/crypto/bn/bn.h ============================================================================== --- stable/8/crypto/openssl/crypto/bn/bn.h Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/bn/bn.h Thu Jun 11 19:39:27 2015 (r284286) @@ -871,6 +871,7 @@ void ERR_load_BN_strings(void); # define BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR 135 # define BN_F_BN_GF2M_MOD_SQR 136 # define BN_F_BN_GF2M_MOD_SQRT 137 +# define BN_F_BN_LSHIFT 145 # define BN_F_BN_MOD_EXP2_MONT 118 # define BN_F_BN_MOD_EXP_MONT 109 # define BN_F_BN_MOD_EXP_MONT_CONSTTIME 124 @@ -886,12 +887,14 @@ void ERR_load_BN_strings(void); # define BN_F_BN_NEW 113 # define BN_F_BN_RAND 114 # define BN_F_BN_RAND_RANGE 122 +# define BN_F_BN_RSHIFT 146 # define BN_F_BN_USUB 115 /* Reason codes. */ # define BN_R_ARG2_LT_ARG3 100 # define BN_R_BAD_RECIPROCAL 101 # define BN_R_BIGNUM_TOO_LONG 114 +# define BN_R_BITS_TOO_SMALL 118 # define BN_R_CALLED_WITH_EVEN_MODULUS 102 # define BN_R_DIV_BY_ZERO 103 # define BN_R_ENCODING_ERROR 104 @@ -899,6 +902,7 @@ void ERR_load_BN_strings(void); # define BN_R_INPUT_NOT_REDUCED 110 # define BN_R_INVALID_LENGTH 106 # define BN_R_INVALID_RANGE 115 +# define BN_R_INVALID_SHIFT 119 # define BN_R_NOT_A_SQUARE 111 # define BN_R_NOT_INITIALIZED 107 # define BN_R_NO_INVERSE 108 Modified: stable/8/crypto/openssl/crypto/bn/bn_err.c ============================================================================== --- stable/8/crypto/openssl/crypto/bn/bn_err.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/bn/bn_err.c Thu Jun 11 19:39:27 2015 (r284286) @@ -1,6 +1,6 @@ /* crypto/bn/bn_err.c */ /* ==================================================================== - * Copyright (c) 1999-2007 The OpenSSL Project. All rights reserved. + * Copyright (c) 1999-2015 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -94,6 +94,7 @@ static ERR_STRING_DATA BN_str_functs[] = {ERR_FUNC(BN_F_BN_GF2M_MOD_SOLVE_QUAD_ARR), "BN_GF2m_mod_solve_quad_arr"}, {ERR_FUNC(BN_F_BN_GF2M_MOD_SQR), "BN_GF2m_mod_sqr"}, {ERR_FUNC(BN_F_BN_GF2M_MOD_SQRT), "BN_GF2m_mod_sqrt"}, + {ERR_FUNC(BN_F_BN_LSHIFT), "BN_lshift"}, {ERR_FUNC(BN_F_BN_MOD_EXP2_MONT), "BN_mod_exp2_mont"}, {ERR_FUNC(BN_F_BN_MOD_EXP_MONT), "BN_mod_exp_mont"}, {ERR_FUNC(BN_F_BN_MOD_EXP_MONT_CONSTTIME), "BN_mod_exp_mont_consttime"}, @@ -109,6 +110,7 @@ static ERR_STRING_DATA BN_str_functs[] = {ERR_FUNC(BN_F_BN_NEW), "BN_new"}, {ERR_FUNC(BN_F_BN_RAND), "BN_rand"}, {ERR_FUNC(BN_F_BN_RAND_RANGE), "BN_rand_range"}, + {ERR_FUNC(BN_F_BN_RSHIFT), "BN_rshift"}, {ERR_FUNC(BN_F_BN_USUB), "BN_usub"}, {0, NULL} }; @@ -117,6 +119,7 @@ static ERR_STRING_DATA BN_str_reasons[] {ERR_REASON(BN_R_ARG2_LT_ARG3), "arg2 lt arg3"}, {ERR_REASON(BN_R_BAD_RECIPROCAL), "bad reciprocal"}, {ERR_REASON(BN_R_BIGNUM_TOO_LONG), "bignum too long"}, + {ERR_REASON(BN_R_BITS_TOO_SMALL), "bits too small"}, {ERR_REASON(BN_R_CALLED_WITH_EVEN_MODULUS), "called with even modulus"}, {ERR_REASON(BN_R_DIV_BY_ZERO), "div by zero"}, {ERR_REASON(BN_R_ENCODING_ERROR), "encoding error"}, @@ -125,6 +128,7 @@ static ERR_STRING_DATA BN_str_reasons[] {ERR_REASON(BN_R_INPUT_NOT_REDUCED), "input not reduced"}, {ERR_REASON(BN_R_INVALID_LENGTH), "invalid length"}, {ERR_REASON(BN_R_INVALID_RANGE), "invalid range"}, + {ERR_REASON(BN_R_INVALID_SHIFT), "invalid shift"}, {ERR_REASON(BN_R_NOT_A_SQUARE), "not a square"}, {ERR_REASON(BN_R_NOT_INITIALIZED), "not initialized"}, {ERR_REASON(BN_R_NO_INVERSE), "no inverse"}, Modified: stable/8/crypto/openssl/crypto/bn/bn_print.c ============================================================================== --- stable/8/crypto/openssl/crypto/bn/bn_print.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/bn/bn_print.c Thu Jun 11 19:39:27 2015 (r284286) @@ -71,7 +71,12 @@ char *BN_bn2hex(const BIGNUM *a) char *buf; char *p; - buf = (char *)OPENSSL_malloc(a->top * BN_BYTES * 2 + 2); + if (a->neg && BN_is_zero(a)) { + /* "-0" == 3 bytes including NULL terminator */ + buf = OPENSSL_malloc(3); + } else { + buf = OPENSSL_malloc(a->top * BN_BYTES * 2 + 2); + } if (buf == NULL) { BNerr(BN_F_BN_BN2HEX, ERR_R_MALLOC_FAILURE); goto err; Modified: stable/8/crypto/openssl/crypto/bn/bn_rand.c ============================================================================== --- stable/8/crypto/openssl/crypto/bn/bn_rand.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/bn/bn_rand.c Thu Jun 11 19:39:27 2015 (r284286) @@ -121,6 +121,11 @@ static int bnrand(int pseudorand, BIGNUM int ret = 0, bit, bytes, mask; time_t tim; + if (bits < 0 || (bits == 1 && top > 0)) { + BNerr(BN_F_BNRAND, BN_R_BITS_TOO_SMALL); + return 0; + } + if (bits == 0) { BN_zero(rnd); return 1; @@ -168,7 +173,7 @@ static int bnrand(int pseudorand, BIGNUM } #endif - if (top != -1) { + if (top >= 0) { if (top) { if (bit == 0) { buf[0] = 1; Modified: stable/8/crypto/openssl/crypto/bn/bn_shift.c ============================================================================== --- stable/8/crypto/openssl/crypto/bn/bn_shift.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/bn/bn_shift.c Thu Jun 11 19:39:27 2015 (r284286) @@ -133,6 +133,11 @@ int BN_lshift(BIGNUM *r, const BIGNUM *a bn_check_top(r); bn_check_top(a); + if (n < 0) { + BNerr(BN_F_BN_LSHIFT, BN_R_INVALID_SHIFT); + return 0; + } + r->neg = a->neg; nw = n / BN_BITS2; if (bn_wexpand(r, a->top + nw + 1) == NULL) @@ -170,6 +175,11 @@ int BN_rshift(BIGNUM *r, const BIGNUM *a bn_check_top(r); bn_check_top(a); + if (n < 0) { + BNerr(BN_F_BN_RSHIFT, BN_R_INVALID_SHIFT); + return 0; + } + nw = n / BN_BITS2; rb = n % BN_BITS2; lb = BN_BITS2 - rb; Modified: stable/8/crypto/openssl/crypto/cms/cms_smime.c ============================================================================== --- stable/8/crypto/openssl/crypto/cms/cms_smime.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/cms/cms_smime.c Thu Jun 11 19:39:27 2015 (r284286) @@ -131,7 +131,7 @@ static void do_free_upto(BIO *f, BIO *up BIO_free(f); f = tbio; } - while (f != upto); + while (f && f != upto); } else BIO_free_all(f); } Modified: stable/8/crypto/openssl/crypto/dsa/dsa_ossl.c ============================================================================== --- stable/8/crypto/openssl/crypto/dsa/dsa_ossl.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/dsa/dsa_ossl.c Thu Jun 11 19:39:27 2015 (r284286) @@ -107,23 +107,23 @@ static DSA_METHOD openssl_dsa_meth = { # define DSA_MOD_EXP(err_instr,dsa,rr,a1,p1,a2,p2,m,ctx,in_mont) \ do { \ int _tmp_res53; \ - if((dsa)->meth->dsa_mod_exp) \ + if ((dsa)->meth->dsa_mod_exp) \ _tmp_res53 = (dsa)->meth->dsa_mod_exp((dsa), (rr), (a1), (p1), \ (a2), (p2), (m), (ctx), (in_mont)); \ else \ _tmp_res53 = BN_mod_exp2_mont((rr), (a1), (p1), (a2), (p2), \ (m), (ctx), (in_mont)); \ - if(!_tmp_res53) err_instr; \ + if (!_tmp_res53) err_instr; \ } while(0) # define DSA_BN_MOD_EXP(err_instr,dsa,r,a,p,m,ctx,m_ctx) \ do { \ int _tmp_res53; \ - if((dsa)->meth->bn_mod_exp) \ + if ((dsa)->meth->bn_mod_exp) \ _tmp_res53 = (dsa)->meth->bn_mod_exp((dsa), (r), (a), (p), \ (m), (ctx), (m_ctx)); \ else \ _tmp_res53 = BN_mod_exp_mont((r), (a), (p), (m), (ctx), (m_ctx)); \ - if(!_tmp_res53) err_instr; \ + if (!_tmp_res53) err_instr; \ } while(0) const DSA_METHOD *DSA_OpenSSL(void) Modified: stable/8/crypto/openssl/crypto/dso/dso_lib.c ============================================================================== --- stable/8/crypto/openssl/crypto/dso/dso_lib.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/dso/dso_lib.c Thu Jun 11 19:39:27 2015 (r284286) @@ -285,7 +285,7 @@ DSO_FUNC_TYPE DSO_bind_func(DSO *dso, co * honest. For one thing, I think I have to return a negative value for any * error because possible DSO_ctrl() commands may return values such as * "size"s that can legitimately be zero (making the standard - * "if(DSO_cmd(...))" form that works almost everywhere else fail at odd + * "if (DSO_cmd(...))" form that works almost everywhere else fail at odd * times. I'd prefer "output" values to be passed by reference and the return * value as success/failure like usual ... but we conform when we must... :-) */ Modified: stable/8/crypto/openssl/crypto/ec/ec2_smpl.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ec2_smpl.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/ec/ec2_smpl.c Thu Jun 11 19:39:27 2015 (r284286) @@ -677,7 +677,7 @@ int ec_GF2m_simple_oct2point(const EC_GR } /* test required by X9.62 */ - if (!EC_POINT_is_on_curve(group, point, ctx)) { + if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { ECerr(EC_F_EC_GF2M_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } Modified: stable/8/crypto/openssl/crypto/ec/ec_check.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ec_check.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/ec/ec_check.c Thu Jun 11 19:39:27 2015 (r284286) @@ -85,7 +85,7 @@ int EC_GROUP_check(const EC_GROUP *group ECerr(EC_F_EC_GROUP_CHECK, EC_R_UNDEFINED_GENERATOR); goto err; } - if (!EC_POINT_is_on_curve(group, group->generator, ctx)) { + if (EC_POINT_is_on_curve(group, group->generator, ctx) <= 0) { ECerr(EC_F_EC_GROUP_CHECK, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } Modified: stable/8/crypto/openssl/crypto/ec/ec_key.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ec_key.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/ec/ec_key.c Thu Jun 11 19:39:27 2015 (r284286) @@ -304,7 +304,7 @@ int EC_KEY_check_key(const EC_KEY *eckey goto err; /* testing whether the pub_key is on the elliptic curve */ - if (!EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx)) { + if (EC_POINT_is_on_curve(eckey->group, eckey->pub_key, ctx) <= 0) { ECerr(EC_F_EC_KEY_CHECK_KEY, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } Modified: stable/8/crypto/openssl/crypto/ec/ec_lib.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ec_lib.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/ec/ec_lib.c Thu Jun 11 19:39:27 2015 (r284286) @@ -993,6 +993,13 @@ int EC_POINT_is_at_infinity(const EC_GRO return group->meth->is_at_infinity(group, point); } +/* + * Check whether an EC_POINT is on the curve or not. Note that the return + * value for this function should NOT be treated as a boolean. Return values: + * 1: The point is on the curve + * 0: The point is not on the curve + * -1: An error occurred + */ int EC_POINT_is_on_curve(const EC_GROUP *group, const EC_POINT *point, BN_CTX *ctx) { Modified: stable/8/crypto/openssl/crypto/ec/ecp_smpl.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ecp_smpl.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/ec/ecp_smpl.c Thu Jun 11 19:39:27 2015 (r284286) @@ -985,7 +985,7 @@ int ec_GFp_simple_oct2point(const EC_GRO } /* test required by X9.62 */ - if (!EC_POINT_is_on_curve(group, point, ctx)) { + if (EC_POINT_is_on_curve(group, point, ctx) <= 0) { ECerr(EC_F_EC_GFP_SIMPLE_OCT2POINT, EC_R_POINT_IS_NOT_ON_CURVE); goto err; } Modified: stable/8/crypto/openssl/crypto/ec/ectest.c ============================================================================== --- stable/8/crypto/openssl/crypto/ec/ectest.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/ec/ectest.c Thu Jun 11 19:39:27 2015 (r284286) @@ -303,7 +303,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, Q, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, Q, ctx)) { + if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) { if (!EC_POINT_get_affine_coordinates_GFp(group, Q, x, y, ctx)) ABORT; fprintf(stderr, "Point is not on curve: x = 0x"); @@ -436,7 +436,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_set_affine_coordinates_GFp(group, P, x, y, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "0100000000000000000001F4C8F927AED3CA752257")) ABORT; @@ -501,7 +501,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831")) ABORT; @@ -572,7 +572,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn (&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D")) @@ -649,7 +649,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E" "84F3B9CAC2FC632551")) @@ -723,7 +723,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 1, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973")) @@ -800,7 +800,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_set_compressed_coordinates_GFp(group, P, x, 0, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!BN_hex2bn(&z, "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" "FFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5" @@ -862,7 +862,7 @@ void prime_field_tests() ABORT; if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ @@ -1004,7 +1004,7 @@ void prime_field_tests() # define CHAR2_CURVE_TEST_INTERNAL(_name, _p, _a, _b, _x, _y, _y_bit, _order, _cof, _degree, _variable) \ if (!BN_hex2bn(&x, _x)) ABORT; \ if (!EC_POINT_set_compressed_coordinates_GF2m(group, P, x, _y_bit, ctx)) ABORT; \ - if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ if (!BN_hex2bn(&z, _order)) ABORT; \ if (!BN_hex2bn(&cof, _cof)) ABORT; \ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ @@ -1022,7 +1022,7 @@ void prime_field_tests() if (!BN_hex2bn(&x, _x)) ABORT; \ if (!BN_hex2bn(&y, _y)) ABORT; \ if (!EC_POINT_set_affine_coordinates_GF2m(group, P, x, y, ctx)) ABORT; \ - if (!EC_POINT_is_on_curve(group, P, ctx)) ABORT; \ + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; \ if (!BN_hex2bn(&z, _order)) ABORT; \ if (!BN_hex2bn(&cof, _cof)) ABORT; \ if (!EC_GROUP_set_generator(group, P, z, cof)) ABORT; \ @@ -1161,7 +1161,7 @@ void char2_field_tests() if (!EC_POINT_set_affine_coordinates_GF2m(group, Q, x, y, ctx)) ABORT; # endif - if (!EC_POINT_is_on_curve(group, Q, ctx)) { + if (EC_POINT_is_on_curve(group, Q, ctx) <= 0) { /* Change test based on whether binary point compression is enabled or not. */ # ifdef OPENSSL_EC_BIN_PT_COMP if (!EC_POINT_get_affine_coordinates_GF2m(group, Q, x, y, ctx)) @@ -1382,7 +1382,7 @@ void char2_field_tests() ABORT; if (!EC_POINT_dbl(group, P, P, ctx)) ABORT; - if (!EC_POINT_is_on_curve(group, P, ctx)) + if (EC_POINT_is_on_curve(group, P, ctx) <= 0) ABORT; if (!EC_POINT_invert(group, Q, ctx)) ABORT; /* P = -2Q */ Modified: stable/8/crypto/openssl/crypto/objects/obj_dat.c ============================================================================== --- stable/8/crypto/openssl/crypto/objects/obj_dat.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/objects/obj_dat.c Thu Jun 11 19:39:27 2015 (r284286) @@ -382,6 +382,9 @@ int OBJ_obj2nid(const ASN1_OBJECT *a) if (a->nid != 0) return (a->nid); + if (a->length == 0) + return NID_undef; + if (added != NULL) { ad.type = ADDED_DATA; ad.obj = (ASN1_OBJECT *)a; /* XXX: ugly but harmless */ Modified: stable/8/crypto/openssl/crypto/ocsp/ocsp_vfy.c ============================================================================== --- stable/8/crypto/openssl/crypto/ocsp/ocsp_vfy.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/ocsp/ocsp_vfy.c Thu Jun 11 19:39:27 2015 (r284286) @@ -83,6 +83,7 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs { X509 *signer, *x; STACK_OF(X509) *chain = NULL; + STACK_OF(X509) *untrusted = NULL; X509_STORE_CTX ctx; int i, ret = 0; ret = ocsp_find_signer(&signer, bs, certs, st, flags); @@ -107,10 +108,20 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs } if (!(flags & OCSP_NOVERIFY)) { int init_res; - if (flags & OCSP_NOCHAIN) - init_res = X509_STORE_CTX_init(&ctx, st, signer, NULL); - else - init_res = X509_STORE_CTX_init(&ctx, st, signer, bs->certs); + if (flags & OCSP_NOCHAIN) { + untrusted = NULL; + } else if (bs->certs && certs) { + untrusted = sk_X509_dup(bs->certs); + for (i = 0; i < sk_X509_num(certs); i++) { + if (!sk_X509_push(untrusted, sk_X509_value(certs, i))) { + OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_MALLOC_FAILURE); + goto end; + } + } + } else { + untrusted = bs->certs; + } + init_res = X509_STORE_CTX_init(&ctx, st, signer, untrusted); if (!init_res) { ret = -1; OCSPerr(OCSP_F_OCSP_BASIC_VERIFY, ERR_R_X509_LIB); @@ -161,6 +172,8 @@ int OCSP_basic_verify(OCSP_BASICRESP *bs end: if (chain) sk_X509_pop_free(chain, X509_free); + if (bs->certs && certs) + sk_X509_free(untrusted); return ret; } Modified: stable/8/crypto/openssl/crypto/opensslv.h ============================================================================== --- stable/8/crypto/openssl/crypto/opensslv.h Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/opensslv.h Thu Jun 11 19:39:27 2015 (r284286) @@ -26,11 +26,11 @@ * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for * major minor fix final patch/beta) */ -# define OPENSSL_VERSION_NUMBER 0x009081ffL +# define OPENSSL_VERSION_NUMBER 0x0090820fL # ifdef OPENSSL_FIPS -# define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zf-fips 19 Mar 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zg-fips 11 Jun 2015" # else -# define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zf-freebsd 19 Mar 2015" +# define OPENSSL_VERSION_TEXT "OpenSSL 0.9.8zg-freebsd 11 Jun 2015" # endif # define OPENSSL_VERSION_PTEXT " part of " OPENSSL_VERSION_TEXT Modified: stable/8/crypto/openssl/crypto/pem/pem_pk8.c ============================================================================== --- stable/8/crypto/openssl/crypto/pem/pem_pk8.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/pem/pem_pk8.c Thu Jun 11 19:39:27 2015 (r284286) @@ -138,6 +138,8 @@ static int do_pk8pkey(BIO *bp, EVP_PKEY if (kstr == buf) OPENSSL_cleanse(buf, klen); PKCS8_PRIV_KEY_INFO_free(p8inf); + if (p8 == NULL) + return 0; if (isder) ret = i2d_PKCS8_bio(bp, p8); else Modified: stable/8/crypto/openssl/crypto/pkcs7/pk7_doit.c ============================================================================== --- stable/8/crypto/openssl/crypto/pkcs7/pk7_doit.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/pkcs7/pk7_doit.c Thu Jun 11 19:39:27 2015 (r284286) @@ -359,12 +359,19 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE switch (i) { case NID_pkcs7_signed: + /* + * p7->d.sign->contents is a PKCS7 structure consisting of a contentType + * field and optional content. + * data_body is NULL if that structure has no (=detached) content + * or if the contentType is wrong (i.e., not "data"). + */ data_body = PKCS7_get_octet_string(p7->d.sign->contents); md_sk = p7->d.sign->md_algs; break; case NID_pkcs7_signedAndEnveloped: rsk = p7->d.signed_and_enveloped->recipientinfo; md_sk = p7->d.signed_and_enveloped->md_algs; + /* data_body is NULL if the optional EncryptedContent is missing. */ data_body = p7->d.signed_and_enveloped->enc_data->enc_data; enc_alg = p7->d.signed_and_enveloped->enc_data->algorithm; evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm); @@ -377,6 +384,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE case NID_pkcs7_enveloped: rsk = p7->d.enveloped->recipientinfo; enc_alg = p7->d.enveloped->enc_data->algorithm; + /* data_body is NULL if the optional EncryptedContent is missing. */ data_body = p7->d.enveloped->enc_data->enc_data; evp_cipher = EVP_get_cipherbyobj(enc_alg->algorithm); if (evp_cipher == NULL) { @@ -390,6 +398,12 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE goto err; } + /* Detached content must be supplied via in_bio instead. */ + if (data_body == NULL && in_bio == NULL) { + PKCS7err(PKCS7_F_PKCS7_DATADECODE, PKCS7_R_NO_CONTENT); + goto err; + } + /* We will be checking the signature */ if (md_sk != NULL) { for (i = 0; i < sk_X509_ALGOR_num(md_sk); i++) { @@ -557,7 +571,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKE etmp = NULL; } #if 1 - if (PKCS7_is_detached(p7) || (in_bio != NULL)) { + if (in_bio != NULL) { bio = in_bio; } else { # if 0 Modified: stable/8/crypto/openssl/crypto/x509/x509_lu.c ============================================================================== --- stable/8/crypto/openssl/crypto/x509/x509_lu.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/x509/x509_lu.c Thu Jun 11 19:39:27 2015 (r284286) @@ -214,6 +214,8 @@ X509_STORE *X509_STORE_new(void) static void cleanup(X509_OBJECT *a) { + if (!a) + return; if (a->type == X509_LU_X509) { X509_free(a->data.x509); } else if (a->type == X509_LU_CRL) { Modified: stable/8/crypto/openssl/crypto/x509/x509_vfy.c ============================================================================== --- stable/8/crypto/openssl/crypto/x509/x509_vfy.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/crypto/x509/x509_vfy.c Thu Jun 11 19:39:27 2015 (r284286) @@ -1007,47 +1007,84 @@ int X509_cmp_time(ASN1_TIME *ctm, time_t ASN1_TIME atm; long offset; char buff1[24], buff2[24], *p; - int i, j; + int i, j, remaining; p = buff1; - i = ctm->length; + remaining = ctm->length; str = (char *)ctm->data; + /* + * Note that the following (historical) code allows much more slack in the + * time format than RFC5280. In RFC5280, the representation is fixed: + * UTCTime: YYMMDDHHMMSSZ + * GeneralizedTime: YYYYMMDDHHMMSSZ + */ if (ctm->type == V_ASN1_UTCTIME) { - if ((i < 11) || (i > 17)) + /* YYMMDDHHMM[SS]Z or YYMMDDHHMM[SS](+-)hhmm */ + int min_length = sizeof("YYMMDDHHMMZ") - 1; + int max_length = sizeof("YYMMDDHHMMSS+hhmm") - 1; + if (remaining < min_length || remaining > max_length) return 0; memcpy(p, str, 10); p += 10; str += 10; + remaining -= 10; } else { - if (i < 13) + /* YYYYMMDDHHMM[SS[.fff]]Z or YYYYMMDDHHMM[SS[.f[f[f]]]](+-)hhmm */ + int min_length = sizeof("YYYYMMDDHHMMZ") - 1; + int max_length = sizeof("YYYYMMDDHHMMSS.fff+hhmm") - 1; + if (remaining < min_length || remaining > max_length) return 0; memcpy(p, str, 12); p += 12; str += 12; + remaining -= 12; } if ((*str == 'Z') || (*str == '-') || (*str == '+')) { *(p++) = '0'; *(p++) = '0'; } else { + /* SS (seconds) */ + if (remaining < 2) + return 0; *(p++) = *(str++); *(p++) = *(str++); - /* Skip any fractional seconds... */ - if (*str == '.') { + remaining -= 2; + /* + * Skip any (up to three) fractional seconds... + * TODO(emilia): in RFC5280, fractional seconds are forbidden. + * Can we just kill them altogether? + */ + if (remaining && *str == '.') { str++; - while ((*str >= '0') && (*str <= '9')) - str++; + remaining--; + for (i = 0; i < 3 && remaining; i++, str++, remaining--) { + if (*str < '0' || *str > '9') + break; + } } } *(p++) = 'Z'; *(p++) = '\0'; - if (*str == 'Z') + /* We now need either a terminating 'Z' or an offset. */ + if (!remaining) + return 0; + if (*str == 'Z') { + if (remaining != 1) + return 0; offset = 0; - else { + } else { + /* (+-)HHMM */ if ((*str != '+') && (*str != '-')) return 0; + /* Historical behaviour: the (+-)hhmm offset is forbidden in RFC5280. */ + if (remaining != 5) + return 0; + if (str[1] < '0' || str[1] > '9' || str[2] < '0' || str[2] > '9' || + str[3] < '0' || str[3] > '9' || str[4] < '0' || str[4] > '9') + return 0; offset = ((str[1] - '0') * 10 + (str[2] - '0')) * 60; offset += (str[3] - '0') * 10 + (str[4] - '0'); if (*str == '-') @@ -1304,6 +1341,8 @@ X509_STORE_CTX *X509_STORE_CTX_new(void) void X509_STORE_CTX_free(X509_STORE_CTX *ctx) { + if (!ctx) + return; X509_STORE_CTX_cleanup(ctx); OPENSSL_free(ctx); } Modified: stable/8/crypto/openssl/doc/crypto/BN_rand.pod ============================================================================== --- stable/8/crypto/openssl/doc/crypto/BN_rand.pod Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/doc/crypto/BN_rand.pod Thu Jun 11 19:39:27 2015 (r284286) @@ -24,7 +24,8 @@ most significant bit of the random numbe it is set to 1, and if B is 1, the two most significant bits of the number will be set to 1, so that the product of two such random numbers will always have 2*B length. If B is true, the -number will be odd. +number will be odd. The value of B must be zero or greater. If B is +1 then B cannot also be 1. BN_pseudo_rand() does the same, but pseudo-random numbers generated by this function are not necessarily unpredictable. They can be used for Modified: stable/8/crypto/openssl/doc/crypto/BN_set_bit.pod ============================================================================== --- stable/8/crypto/openssl/doc/crypto/BN_set_bit.pod Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/doc/crypto/BN_set_bit.pod Thu Jun 11 19:39:27 2015 (r284286) @@ -37,12 +37,12 @@ BN_mask_bits() truncates B to an B shorter than B bits. BN_lshift() shifts B left by B bits and places the result in -B (C). BN_lshift1() shifts B left by one and places -the result in B (C). +B (C). Note that B must be non-negative. BN_lshift1() shifts +B left by one and places the result in B (C). BN_rshift() shifts B right by B bits and places the result in -B (C). BN_rshift1() shifts B right by one and places -the result in B (C). +B (C). Note that B must be non-negative. BN_rshift1() shifts +B right by one and places the result in B (C). For the shift functions, B and B may be the same variable. Modified: stable/8/crypto/openssl/doc/crypto/pem.pod ============================================================================== --- stable/8/crypto/openssl/doc/crypto/pem.pod Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/doc/crypto/pem.pod Thu Jun 11 19:39:27 2015 (r284286) @@ -2,7 +2,29 @@ =head1 NAME -PEM, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, PEM_write_bio_PKCS7, PEM_write_PKCS7, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, PEM_write_NETSCAPE_CERT_SEQUENCE - PEM routines +PEM, PEM_read_bio_PrivateKey, PEM_read_PrivateKey, PEM_write_bio_PrivateKey, +PEM_write_PrivateKey, PEM_write_bio_PKCS8PrivateKey, PEM_write_PKCS8PrivateKey, +PEM_write_bio_PKCS8PrivateKey_nid, PEM_write_PKCS8PrivateKey_nid, +PEM_read_bio_PUBKEY, PEM_read_PUBKEY, PEM_write_bio_PUBKEY, PEM_write_PUBKEY, +PEM_read_bio_RSAPrivateKey, PEM_read_RSAPrivateKey, +PEM_write_bio_RSAPrivateKey, PEM_write_RSAPrivateKey, +PEM_read_bio_RSAPublicKey, PEM_read_RSAPublicKey, PEM_write_bio_RSAPublicKey, +PEM_write_RSAPublicKey, PEM_read_bio_RSA_PUBKEY, PEM_read_RSA_PUBKEY, +PEM_write_bio_RSA_PUBKEY, PEM_write_RSA_PUBKEY, PEM_read_bio_DSAPrivateKey, +PEM_read_DSAPrivateKey, PEM_write_bio_DSAPrivateKey, PEM_write_DSAPrivateKey, +PEM_read_bio_DSA_PUBKEY, PEM_read_DSA_PUBKEY, PEM_write_bio_DSA_PUBKEY, +PEM_write_DSA_PUBKEY, PEM_read_bio_DSAparams, PEM_read_DSAparams, +PEM_write_bio_DSAparams, PEM_write_DSAparams, PEM_read_bio_DHparams, +PEM_read_DHparams, PEM_write_bio_DHparams, PEM_write_DHparams, +PEM_read_bio_X509, PEM_read_X509, PEM_write_bio_X509, PEM_write_X509, +PEM_read_bio_X509_AUX, PEM_read_X509_AUX, PEM_write_bio_X509_AUX, +PEM_write_X509_AUX, PEM_read_bio_X509_REQ, PEM_read_X509_REQ, +PEM_write_bio_X509_REQ, PEM_write_X509_REQ, PEM_write_bio_X509_REQ_NEW, +PEM_write_X509_REQ_NEW, PEM_read_bio_X509_CRL, PEM_read_X509_CRL, +PEM_write_bio_X509_CRL, PEM_write_X509_CRL, PEM_read_bio_PKCS7, PEM_read_PKCS7, +PEM_write_bio_PKCS7, PEM_write_PKCS7, PEM_read_bio_NETSCAPE_CERT_SEQUENCE, +PEM_read_NETSCAPE_CERT_SEQUENCE, PEM_write_bio_NETSCAPE_CERT_SEQUENCE, +PEM_write_NETSCAPE_CERT_SEQUENCE - PEM routines =head1 SYNOPSIS @@ -239,7 +261,8 @@ SubjectPublicKeyInfo structure and an er key is not DSA. The B functions process DSA parameters using a DSA -structure. The parameters are encoded using a foobar structure. +structure. The parameters are encoded using a Dss-Parms structure +as defined in RFC2459. The B functions process DH parameters using a DH structure. The parameters are encoded using a PKCS#3 DHparameter Modified: stable/8/crypto/openssl/e_os2.h ============================================================================== --- stable/8/crypto/openssl/e_os2.h Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/e_os2.h Thu Jun 11 19:39:27 2015 (r284286) @@ -109,6 +109,12 @@ extern "C" { # undef OPENSSL_SYS_UNIX # define OPENSSL_SYS_WIN32 # endif +# if defined(_WIN64) || defined(OPENSSL_SYSNAME_WIN64) +# undef OPENSSL_SYS_UNIX +# if !defined(OPENSSL_SYS_WIN64) +# define OPENSSL_SYS_WIN64 +# endif +# endif # if defined(OPENSSL_SYSNAME_WINNT) # undef OPENSSL_SYS_UNIX # define OPENSSL_SYS_WINNT @@ -121,7 +127,7 @@ extern "C" { # endif /* Anything that tries to look like Microsoft is "Windows" */ -# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) +# if defined(OPENSSL_SYS_WIN32) || defined(OPENSSL_SYS_WIN64) || defined(OPENSSL_SYS_WINNT) || defined(OPENSSL_SYS_WINCE) # undef OPENSSL_SYS_UNIX # define OPENSSL_SYS_WINDOWS # ifndef OPENSSL_SYS_MSDOS Modified: stable/8/crypto/openssl/fips/rsa/fips_rsa_eay.c ============================================================================== --- stable/8/crypto/openssl/fips/rsa/fips_rsa_eay.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/fips/rsa/fips_rsa_eay.c Thu Jun 11 19:39:27 2015 (r284286) @@ -158,7 +158,7 @@ const RSA_METHOD *RSA_PKCS1_SSLeay(void) * RSA_FLAG_CACHE_PRIVATE, goto err); */ # define MONT_HELPER(rsa, ctx, m, pre_cond, err_instr) \ - if((pre_cond) && ((rsa)->_method_mod_##m == NULL) && \ + if ((pre_cond) && ((rsa)->_method_mod_##m == NULL) && \ !BN_MONT_CTX_set_locked(&((rsa)->_method_mod_##m), \ CRYPTO_LOCK_RSA, \ (rsa)->m, (ctx))) \ Modified: stable/8/crypto/openssl/openssl.spec ============================================================================== --- stable/8/crypto/openssl/openssl.spec Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/openssl.spec Thu Jun 11 19:39:27 2015 (r284286) @@ -6,7 +6,7 @@ Release: 1 Summary: Secure Sockets Layer and cryptography libraries and tools Name: openssl -Version: 0.9.8zf +Version: 0.9.8zg Source0: ftp://ftp.openssl.org/source/%{name}-%{version}.tar.gz License: OpenSSL Group: System Environment/Libraries Modified: stable/8/crypto/openssl/ssl/d1_lib.c ============================================================================== --- stable/8/crypto/openssl/ssl/d1_lib.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/ssl/d1_lib.c Thu Jun 11 19:39:27 2015 (r284286) @@ -496,6 +496,9 @@ int dtls1_listen(SSL *s, struct sockaddr { int ret; + /* Ensure there is no state left over from a previous invocation */ + SSL_clear(s); + SSL_set_options(s, SSL_OP_COOKIE_EXCHANGE); s->d1->listen = 1; Modified: stable/8/crypto/openssl/ssl/s3_clnt.c ============================================================================== --- stable/8/crypto/openssl/ssl/s3_clnt.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/ssl/s3_clnt.c Thu Jun 11 19:39:27 2015 (r284286) @@ -1722,6 +1722,38 @@ int ssl3_get_new_session_ticket(SSL *s) } p = d = (unsigned char *)s->init_msg; + + if (s->session->session_id_length > 0) { + int i = s->session_ctx->session_cache_mode; + SSL_SESSION *new_sess; + /* + * We reused an existing session, so we need to replace it with a new + * one + */ + if (i & SSL_SESS_CACHE_CLIENT) { + /* + * Remove the old session from the cache + */ + if (i & SSL_SESS_CACHE_NO_INTERNAL_STORE) { + if (s->session_ctx->remove_session_cb != NULL) + s->session_ctx->remove_session_cb(s->session_ctx, + s->session); + } else { + /* We carry on if this fails */ + SSL_CTX_remove_session(s->session_ctx, s->session); + } + } + + if ((new_sess = ssl_session_dup(s->session, 0)) == 0) { + al = SSL_AD_INTERNAL_ERROR; + SSLerr(SSL_F_SSL3_GET_NEW_SESSION_TICKET, ERR_R_MALLOC_FAILURE); + goto f_err; + } + + SSL_SESSION_free(s->session); + s->session = new_sess; + } + n2l(p, s->session->tlsext_tick_lifetime_hint); n2s(p, ticklen); /* ticket_lifetime_hint + ticket_length + ticket */ Modified: stable/8/crypto/openssl/ssl/s3_srvr.c ============================================================================== --- stable/8/crypto/openssl/ssl/s3_srvr.c Thu Jun 11 19:07:45 2015 (r284285) +++ stable/8/crypto/openssl/ssl/s3_srvr.c Thu Jun 11 19:39:27 2015 (r284286) @@ -779,6 +779,16 @@ int ssl3_get_client_hello(SSL *s) d = p = (unsigned char *)s->init_msg; /* + * 2 bytes for client version, SSL3_RANDOM_SIZE bytes for random, 1 byte + * for session id length + */ + if (n < 2 + SSL3_RANDOM_SIZE + 1) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } + + /* * use version from inside client hello, not from record header (may * differ: see RFC 2246, Appendix E, second paragraph) */ @@ -808,6 +818,12 @@ int ssl3_get_client_hello(SSL *s) unsigned int session_length, cookie_length; session_length = *(p + SSL3_RANDOM_SIZE); + + if (p + SSL3_RANDOM_SIZE + session_length + 1 >= d + n) { + al = SSL_AD_DECODE_ERROR; + SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO, SSL_R_LENGTH_TOO_SHORT); + goto f_err; + } cookie_length = *(p + SSL3_RANDOM_SIZE + session_length + 1); if (cookie_length == 0) @@ -821,6 +837,12 @@ int ssl3_get_client_hello(SSL *s) /* get the session-id */ j = *(p++); + if (p + j > d + n) { *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***